diff options
author | Colin Watson <cjwatson@debian.org> | 2016-08-06 10:49:59 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-08-07 12:18:58 +0100 |
commit | 477bb7636238c106f8cd7c868a8c0c5eabcfb3db (patch) | |
tree | 601176af2ecf358c36b766776a86845ad7a3cd6f | |
parent | 747fac2de0d889183f67f6900194c0462c558544 (diff) | |
parent | 4c914ccd85bbf391c4dc61b85e3c178fef465e3f (diff) |
New upstream release (7.3p1).
204 files changed, 6785 insertions, 3859 deletions
diff --git a/.cvsignore b/.cvsignore deleted file mode 100644 index 9baaa3b4e..000000000 --- a/.cvsignore +++ /dev/null | |||
@@ -1,28 +0,0 @@ | |||
1 | *.0 | ||
2 | *.out | ||
3 | Makefile | ||
4 | autom4te.cache | ||
5 | buildit.sh | ||
6 | buildpkg.sh | ||
7 | config.cache | ||
8 | config.h | ||
9 | config.h.in | ||
10 | config.log | ||
11 | config.status | ||
12 | configure | ||
13 | openssh.xml | ||
14 | opensshd.init | ||
15 | scp | ||
16 | sftp | ||
17 | sftp-server | ||
18 | ssh | ||
19 | ssh-add | ||
20 | ssh-agent | ||
21 | ssh-keygen | ||
22 | ssh-keyscan | ||
23 | ssh-keysign | ||
24 | ssh-pkcs11-helper | ||
25 | sshd | ||
26 | stamp-h.in | ||
27 | survey | ||
28 | survey.sh | ||
diff --git a/.skipped-commit-ids b/.skipped-commit-ids new file mode 100644 index 000000000..02088ce56 --- /dev/null +++ b/.skipped-commit-ids | |||
@@ -0,0 +1,11 @@ | |||
1 | 321065a95a7ccebdd5fd08482a1e19afbf524e35 Update DH groups | ||
2 | d4f699a421504df35254cf1c6f1a7c304fb907ca Remove 1k bit groups | ||
3 | aafe246655b53b52bc32c8a24002bc262f4230f7 Remove intermediate moduli | ||
4 | 8fa9cd1dee3c3339ae329cf20fb591db6d605120 put back SSH1 for 6.9 | ||
5 | f31327a48dd4103333cc53315ec53fe65ed8a17a Generate new moduli | ||
6 | edbfde98c40007b7752a4ac106095e060c25c1ef Regen moduli | ||
7 | 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 Switch to tame-based sandbox | ||
8 | 7cf73737f357492776223da1c09179fa6ba74660 Remove moduli <2k | ||
9 | 180d84674be1344e45a63990d60349988187c1ae Update moduli | ||
10 | f6ae971186ba68d066cd102e57d5b0b2c211a5ee systrace is dead. | ||
11 | 96c5054e3e1f170c6276902d5bc65bb3b87a2603 remove DEBUGLIBS from Makefile | ||
@@ -1,16 +1,1847 @@ | |||
1 | commit 5c35450a0c901d9375fb23343a8dc82397da5f75 | 1 | commit 99522ba7ec6963a05c04a156bf20e3ba3605987c |
2 | Author: Damien Miller <djm@mindrot.org> | 2 | Author: Damien Miller <djm@mindrot.org> |
3 | Date: Thu Mar 10 05:04:48 2016 +1100 | 3 | Date: Thu Jul 28 08:54:27 2016 +1000 |
4 | 4 | ||
5 | update versions for release | 5 | define _OPENBSD_SOURCE for reallocarray on NetBSD |
6 | |||
7 | Report by and debugged with Hisashi T Fujinaka, dtucker nailed | ||
8 | the problem (lack of prototype causing return type confusion). | ||
9 | |||
10 | commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 | ||
11 | Author: Damien Miller <djm@mindrot.org> | ||
12 | Date: Wed Jul 27 08:25:42 2016 +1000 | ||
13 | |||
14 | KNF | ||
15 | |||
16 | commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 | ||
17 | Author: Damien Miller <djm@mindrot.org> | ||
18 | Date: Wed Jul 27 08:25:23 2016 +1000 | ||
19 | |||
20 | Linux auditing also needs packet.h | ||
21 | |||
22 | commit 393bd381a45884b589baa9aed4394f1d250255ca | ||
23 | Author: Damien Miller <djm@mindrot.org> | ||
24 | Date: Wed Jul 27 08:18:05 2016 +1000 | ||
25 | |||
26 | fix auditing on Linux | ||
27 | |||
28 | get_remote_ipaddr() was replaced with ssh_remote_ipaddr() | ||
29 | |||
30 | commit 80e766fb089de4f3c92b1600eb99e9495e37c992 | ||
31 | Author: Damien Miller <djm@mindrot.org> | ||
32 | Date: Sun Jul 24 21:50:13 2016 +1000 | ||
33 | |||
34 | crank version numbers | ||
35 | |||
36 | commit b1a478792d458f2e938a302e64bab2b520edc1b3 | ||
37 | Author: djm@openbsd.org <djm@openbsd.org> | ||
38 | Date: Sun Jul 24 11:45:36 2016 +0000 | ||
39 | |||
40 | upstream commit | ||
41 | |||
42 | openssh-7.3 | ||
43 | |||
44 | Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 | ||
45 | |||
46 | commit 353766e0881f069aeca30275ab706cd60a1a8fdd | ||
47 | Author: Darren Tucker <dtucker@zip.com.au> | ||
48 | Date: Sat Jul 23 16:14:42 2016 +1000 | ||
49 | |||
50 | Move Cygwin IPPORT_RESERVED overrride to defines.h | ||
51 | |||
52 | Patch from vinschen at redhat.com. | ||
53 | |||
54 | commit 368dd977ae07afb93f4ecea23615128c95ab2b32 | ||
55 | Author: djm@openbsd.org <djm@openbsd.org> | ||
56 | Date: Sat Jul 23 02:54:08 2016 +0000 | ||
57 | |||
58 | upstream commit | ||
59 | |||
60 | fix pledge violation with ssh -f; reported by Valentin | ||
61 | Kozamernik ok dtucker@ | ||
62 | |||
63 | Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa | ||
64 | |||
65 | commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e | ||
66 | Author: djm@openbsd.org <djm@openbsd.org> | ||
67 | Date: Fri Jul 22 07:00:46 2016 +0000 | ||
68 | |||
69 | upstream commit | ||
70 | |||
71 | improve wording; suggested by jmc@ | ||
72 | |||
73 | Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 | ||
74 | |||
75 | commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 | ||
76 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
77 | Date: Fri Jul 22 05:46:11 2016 +0000 | ||
78 | |||
79 | upstream commit | ||
80 | |||
81 | Lower loglevel for "Authenticated with partial success" | ||
82 | message similar to other similar level. bz#2599, patch from cgallek at | ||
83 | gmail.com, ok markus@ | ||
84 | |||
85 | Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd | ||
86 | |||
87 | commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 | ||
88 | Author: Damien Miller <djm@mindrot.org> | ||
89 | Date: Fri Jul 22 14:06:36 2016 +1000 | ||
90 | |||
91 | retry waitpid on EINTR failure | ||
92 | |||
93 | patch from Jakub Jelen on bz#2581; ok dtucker@ | ||
94 | |||
95 | commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 | ||
96 | Author: djm@openbsd.org <djm@openbsd.org> | ||
97 | Date: Fri Jul 22 03:47:36 2016 +0000 | ||
98 | |||
99 | upstream commit | ||
100 | |||
101 | constify a few functions' arguments; patch from Jakub | ||
102 | Jelen bz#2581 | ||
103 | |||
104 | Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d | ||
105 | |||
106 | commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf | ||
107 | Author: djm@openbsd.org <djm@openbsd.org> | ||
108 | Date: Fri Jul 22 03:39:13 2016 +0000 | ||
109 | |||
110 | upstream commit | ||
111 | |||
112 | move debug("%p", key) to before key is free'd; probable | ||
113 | undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 | ||
114 | |||
115 | Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a | ||
116 | |||
117 | commit 286f5a77c3bfec1e8892ca268087ac885ac871bf | ||
118 | Author: djm@openbsd.org <djm@openbsd.org> | ||
119 | Date: Fri Jul 22 03:35:11 2016 +0000 | ||
120 | |||
121 | upstream commit | ||
122 | |||
123 | reverse the order in which -J/JumpHost proxies are visited to | ||
124 | be more intuitive and document | ||
125 | |||
126 | reported by and manpage bits naddy@ | ||
127 | |||
128 | Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a | ||
129 | |||
130 | commit fcd135c9df440bcd2d5870405ad3311743d78d97 | ||
131 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
132 | Date: Thu Jul 21 01:39:35 2016 +0000 | ||
133 | |||
134 | upstream commit | ||
135 | |||
136 | Skip passwords longer than 1k in length so clients can't | ||
137 | easily DoS sshd by sending very long passwords, causing it to spend CPU | ||
138 | hashing them. feedback djm@, ok markus@. | ||
139 | |||
140 | Brought to our attention by tomas.kuthan at oracle.com, shilei-c at | ||
141 | 360.cn and coredump at autistici.org | ||
142 | |||
143 | Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 | ||
144 | |||
145 | commit 324583e8fb3935690be58790425793df619c6d4d | ||
146 | Author: naddy@openbsd.org <naddy@openbsd.org> | ||
147 | Date: Wed Jul 20 10:45:27 2016 +0000 | ||
148 | |||
149 | upstream commit | ||
150 | |||
151 | Do not clobber the global jump_host variables when | ||
152 | parsing an inactive configuration. ok djm@ | ||
153 | |||
154 | Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 | ||
155 | |||
156 | commit 32d921c323b989d28405e78d0a8923d12913d737 | ||
157 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
158 | Date: Tue Jul 19 12:59:16 2016 +0000 | ||
159 | |||
160 | upstream commit | ||
161 | |||
162 | tweak previous; | ||
163 | |||
164 | Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 | ||
165 | |||
166 | commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 | ||
167 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
168 | Date: Tue Jul 19 11:38:53 2016 +0000 | ||
169 | |||
170 | upstream commit | ||
171 | |||
172 | Allow wildcard for PermitOpen hosts as well as ports. | ||
173 | bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok | ||
174 | markus@ | ||
175 | |||
176 | Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 | ||
177 | |||
178 | commit b98a2a8348e907b3d71caafd80f0be8fdd075943 | ||
179 | Author: markus@openbsd.org <markus@openbsd.org> | ||
180 | Date: Mon Jul 18 11:35:33 2016 +0000 | ||
181 | |||
182 | upstream commit | ||
183 | |||
184 | Reduce timing attack against obsolete CBC modes by always | ||
185 | computing the MAC over a fixed size of data. Reported by Jean Paul | ||
186 | Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ | ||
187 | |||
188 | Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 | ||
189 | |||
190 | commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc | ||
191 | Author: Darren Tucker <dtucker@zip.com.au> | ||
192 | Date: Thu Jul 21 14:17:31 2016 +1000 | ||
193 | |||
194 | Search users for one with a valid salt. | ||
195 | |||
196 | If the root account is locked (eg password "!!" or "*LK*") keep looking | ||
197 | until we find a user with a valid salt to use for crypting passwords of | ||
198 | invalid users. ok djm@ | ||
199 | |||
200 | commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 | ||
201 | Author: Darren Tucker <dtucker@zip.com.au> | ||
202 | Date: Mon Jul 18 17:22:49 2016 +1000 | ||
203 | |||
204 | Explicitly specify source files for regress tools. | ||
205 | |||
206 | Since adding $(REGRESSLIBS), $? is wrong because it includes only the | ||
207 | changed source files. $< seems like it'd be right however it doesn't | ||
208 | seem to work on some non-GNU makes, so do what works everywhere. | ||
209 | |||
210 | commit eac1bbd06872c273f16ac0f9976b0aef026b701b | ||
211 | Author: Darren Tucker <dtucker@zip.com.au> | ||
212 | Date: Mon Jul 18 17:12:22 2016 +1000 | ||
213 | |||
214 | Conditionally include err.h. | ||
215 | |||
216 | commit 0a454147568746c503f669e1ba861f76a2e7a585 | ||
217 | Author: Darren Tucker <dtucker@zip.com.au> | ||
218 | Date: Mon Jul 18 16:26:26 2016 +1000 | ||
219 | |||
220 | Remove local implementation of err, errx. | ||
221 | |||
222 | We now have a shared implementation in libopenbsd-compat. | ||
223 | |||
224 | commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 | ||
225 | Author: djm@openbsd.org <djm@openbsd.org> | ||
226 | Date: Mon Jul 18 06:08:01 2016 +0000 | ||
227 | |||
228 | upstream commit | ||
229 | |||
230 | Add some unsigned overflow checks for extra_pad. None of | ||
231 | these are reachable with the amount of padding that we use internally. | ||
232 | bz#2566, pointed out by Torben Hansen. ok markus@ | ||
233 | |||
234 | Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 | ||
235 | |||
236 | commit c71ba790c304545464bb494de974cdf0f4b5cf1e | ||
237 | Author: Darren Tucker <dtucker@zip.com.au> | ||
238 | Date: Mon Jul 18 15:43:25 2016 +1000 | ||
239 | |||
240 | Add dependency on libs for unit tests. | ||
241 | |||
242 | Makes "./configure && make tests" work again. ok djm@ | ||
243 | |||
244 | commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 | ||
245 | Author: Darren Tucker <dtucker@zip.com.au> | ||
246 | Date: Mon Jul 18 13:47:39 2016 +1000 | ||
247 | |||
248 | Correct location for kexfuzz in clean target. | ||
249 | |||
250 | commit 01558b7b07af43da774d3a11a5c51fa9c310849d | ||
251 | Author: Darren Tucker <dtucker@zip.com.au> | ||
252 | Date: Mon Jul 18 09:33:25 2016 +1000 | ||
253 | |||
254 | Handle PAM_MAXTRIES from modules. | ||
255 | |||
256 | bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer | ||
257 | password and keyboard-interative authentication methods. Should prevent | ||
258 | "sshd ignoring max retries" warnings in the log. ok djm@ | ||
259 | |||
260 | It probably won't trigger with keyboard-interactive in the default | ||
261 | configuration because the retry counter is stored in module-private | ||
262 | storage which goes away with the sshd PAM process (see bz#688). On the | ||
263 | other hand, those cases probably won't log a warning either. | ||
264 | |||
265 | commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc | ||
266 | Author: djm@openbsd.org <djm@openbsd.org> | ||
267 | Date: Sun Jul 17 04:20:16 2016 +0000 | ||
268 | |||
269 | upstream commit | ||
270 | |||
271 | support UTF-8 characters in ssh(1) banners using | ||
272 | schwarze@'s safe fmprintf printer; bz#2058 | ||
273 | |||
274 | feedback schwarze@ ok dtucker@ | ||
275 | |||
276 | Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 | ||
277 | |||
278 | commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 | ||
279 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
280 | Date: Sat Jul 16 06:57:55 2016 +0000 | ||
281 | |||
282 | upstream commit | ||
283 | |||
284 | - add proxyjump to the options list - formatting fixes - | ||
285 | update usage() | ||
286 | |||
287 | ok djm | ||
288 | |||
289 | Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 | ||
290 | |||
291 | commit af1f084857621f14bd9391aba8033d35886c2455 | ||
292 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
293 | Date: Fri Jul 15 05:01:58 2016 +0000 | ||
294 | |||
295 | upstream commit | ||
296 | |||
297 | Reduce the syslog level of some relatively common protocol | ||
298 | events from LOG_CRIT by replacing fatal() calls with logdie(). Part of | ||
299 | bz#2585, ok djm@ | ||
300 | |||
301 | Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 | ||
302 | |||
303 | commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f | ||
304 | Author: Damien Miller <djm@mindrot.org> | ||
305 | Date: Fri Jul 15 19:14:48 2016 +1000 | ||
306 | |||
307 | missing openssl/dh.h | ||
308 | |||
309 | commit 4a984fd342effe5f0aad874a0d538c4322d973c0 | ||
310 | Author: Damien Miller <djm@mindrot.org> | ||
311 | Date: Fri Jul 15 18:47:07 2016 +1000 | ||
312 | |||
313 | cast to avoid type warning in error message | ||
314 | |||
315 | commit 5abfb15ced985c340359ae7fb65a625ed3692b3e | ||
316 | Author: Darren Tucker <dtucker@zip.com.au> | ||
317 | Date: Fri Jul 15 14:48:30 2016 +1000 | ||
318 | |||
319 | Move VA_COPY macro into compat header. | ||
320 | |||
321 | Some AIX compilers unconditionally undefine va_copy but don't set it back | ||
322 | to an internal function, causing link errors. In some compat code we | ||
323 | already use VA_COPY instead so move the two existing instances into the | ||
324 | shared header and use for sshbuf-getput-basic.c too. Should fix building | ||
325 | with at lease some versions of AIX's compiler. bz#2589, ok djm@ | ||
326 | |||
327 | commit 832b7443b7a8e181c95898bc5d73497b7190decd | ||
328 | Author: Damien Miller <djm@mindrot.org> | ||
329 | Date: Fri Jul 15 14:45:34 2016 +1000 | ||
330 | |||
331 | disable ciphers not supported by OpenSSL | ||
332 | |||
333 | bz#2466 ok dtucker@ | ||
334 | |||
335 | commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 | ||
336 | Author: Damien Miller <djm@mindrot.org> | ||
337 | Date: Fri Jul 15 13:54:31 2016 +1000 | ||
338 | |||
339 | add a --disable-pkcs11 knob | ||
340 | |||
341 | commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 | ||
342 | Author: Damien Miller <djm@mindrot.org> | ||
343 | Date: Fri Jul 15 13:44:38 2016 +1000 | ||
344 | |||
345 | fix newline escaping for unsupported_algorithms | ||
346 | |||
347 | The hmac-ripemd160 was incorrect and could lead to broken | ||
348 | Makefiles on systems that lacked support for it, but I made | ||
349 | all the others consistent too. | ||
350 | |||
351 | commit ed877ef653847d056bb433975d731b7a1132a979 | ||
352 | Author: djm@openbsd.org <djm@openbsd.org> | ||
353 | Date: Fri Jul 15 00:24:30 2016 +0000 | ||
354 | |||
355 | upstream commit | ||
356 | |||
357 | Add a ProxyJump ssh_config(5) option and corresponding -J | ||
358 | ssh(1) command-line flag to allow simplified indirection through a SSH | ||
359 | bastion or "jump host". | ||
360 | |||
361 | These options construct a proxy command that connects to the | ||
362 | specified jump host(s) (more than one may be specified) and uses | ||
363 | port-forwarding to establish a connection to the next destination. | ||
364 | |||
365 | This codifies the safest way of indirecting connections through SSH | ||
366 | servers and makes it easy to use. | ||
367 | |||
368 | ok markus@ | ||
369 | |||
370 | Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 | ||
371 | |||
372 | commit 5c02dd126206a26785379e80f2d3848e4470b711 | ||
373 | Author: Darren Tucker <dtucker@zip.com.au> | ||
374 | Date: Fri Jul 15 12:56:39 2016 +1000 | ||
375 | |||
376 | Map umac_ctx struct name too. | ||
377 | |||
378 | Prevents size mismatch linker warnings on Solaris 11. | ||
379 | |||
380 | commit 283b97ff33ea2c641161950849931bd578de6946 | ||
381 | Author: Darren Tucker <dtucker@zip.com.au> | ||
382 | Date: Fri Jul 15 13:49:44 2016 +1000 | ||
383 | |||
384 | Mitigate timing of disallowed users PAM logins. | ||
385 | |||
386 | When sshd decides to not allow a login (eg PermitRootLogin=no) and | ||
387 | it's using PAM, it sends a fake password to PAM so that the timing for | ||
388 | the failure is not noticeably different whether or not the password | ||
389 | is correct. This behaviour can be detected by sending a very long | ||
390 | password string which is slower to hash than the fake password. | ||
391 | |||
392 | Mitigate by constructing an invalid password that is the same length | ||
393 | as the one from the client and thus takes the same time to hash. | ||
394 | Diff from djm@ | ||
395 | |||
396 | commit 9286875a73b2de7736b5e50692739d314cd8d9dc | ||
397 | Author: Darren Tucker <dtucker@zip.com.au> | ||
398 | Date: Fri Jul 15 13:32:45 2016 +1000 | ||
399 | |||
400 | Determine appropriate salt for invalid users. | ||
401 | |||
402 | When sshd is processing a non-PAM login for a non-existent user it uses | ||
403 | the string from the fakepw structure as the salt for crypt(3)ing the | ||
404 | password supplied by the client. That string has a Blowfish prefix, so on | ||
405 | systems that don't understand that crypt will fail fast due to an invalid | ||
406 | salt, and even on those that do it may have significantly different timing | ||
407 | from the hash methods used for real accounts (eg sha512). This allows | ||
408 | user enumeration by, eg, sending large password strings. This was noted | ||
409 | by EddieEzra.Harari at verint.com (CVE-2016-6210). | ||
410 | |||
411 | To mitigate, use the same hash algorithm that root uses for hashing | ||
412 | passwords for users that do not exist on the system. ok djm@ | ||
413 | |||
414 | commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 | ||
415 | Author: Darren Tucker <dtucker@zip.com.au> | ||
416 | Date: Thu Jul 14 21:19:59 2016 +1000 | ||
417 | |||
418 | OpenSSL 1.1.x not currently supported. | ||
419 | |||
420 | commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb | ||
421 | Author: Darren Tucker <dtucker@zip.com.au> | ||
422 | Date: Thu Jul 14 12:25:24 2016 +1000 | ||
423 | |||
424 | Check for VIS_ALL. | ||
425 | |||
426 | If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. | ||
427 | |||
428 | commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 | ||
429 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
430 | Date: Thu Jul 14 01:24:21 2016 +0000 | ||
431 | |||
432 | upstream commit | ||
433 | |||
434 | Correct equal in test. | ||
435 | |||
436 | Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a | ||
437 | |||
438 | commit 372807c2065c8572fdc6478b25cc5ac363743073 | ||
439 | Author: tb@openbsd.org <tb@openbsd.org> | ||
440 | Date: Mon Jul 11 21:38:13 2016 +0000 | ||
441 | |||
442 | upstream commit | ||
443 | |||
444 | Add missing "recvfd" pledge promise: Raf Czlonka reported | ||
445 | ssh coredumps when Control* keywords were set in ssh_config. This patch also | ||
446 | fixes similar problems with scp and sftp. | ||
447 | |||
448 | ok deraadt, looks good to millert | ||
449 | |||
450 | Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b | ||
451 | |||
452 | commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd | ||
453 | Author: tedu@openbsd.org <tedu@openbsd.org> | ||
454 | Date: Mon Jul 11 03:19:44 2016 +0000 | ||
455 | |||
456 | upstream commit | ||
457 | |||
458 | obsolete note about fascistloggin is obsolete. ok djm | ||
459 | dtucker | ||
460 | |||
461 | Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a | ||
462 | |||
463 | commit a2333584170a565adf4f209586772ef8053b10b8 | ||
464 | Author: Darren Tucker <dtucker@zip.com.au> | ||
465 | Date: Thu Jul 14 10:59:09 2016 +1000 | ||
466 | |||
467 | Add compat code for missing wcwidth. | ||
468 | |||
469 | If we don't have wcwidth force fallback implementations of nl_langinfo | ||
470 | and mbtowc. Based on advice from Ingo Schwarze. | ||
471 | |||
472 | commit 8aaec7050614494014c47510b7e94daf6e644c62 | ||
473 | Author: Damien Miller <djm@mindrot.org> | ||
474 | Date: Thu Jul 14 09:48:48 2016 +1000 | ||
475 | |||
476 | fix missing include for systems with err.h | ||
477 | |||
478 | commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 | ||
479 | Author: Darren Tucker <dtucker@zip.com.au> | ||
480 | Date: Wed Jul 13 14:42:35 2016 +1000 | ||
481 | |||
482 | Move err.h replacements into compat lib. | ||
483 | |||
484 | Move implementations of err.h replacement functions into their own file | ||
485 | in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ | ||
486 | |||
487 | commit f3f2cc8386868f51440c45210098f65f9787449a | ||
488 | Author: Darren Tucker <dtucker@zip.com.au> | ||
489 | Date: Mon Jul 11 17:23:38 2016 +1000 | ||
490 | |||
491 | Check for wchar.h and langinfo.h | ||
492 | |||
493 | Wrap includes in the appropriate #ifdefs. | ||
494 | |||
495 | commit b9c50614eba9d90939b2b119b6e1b7e03b462278 | ||
496 | Author: Damien Miller <djm@mindrot.org> | ||
497 | Date: Fri Jul 8 13:59:13 2016 +1000 | ||
498 | |||
499 | whitelist more architectures for seccomp-bpf | ||
500 | |||
501 | bz#2590 - testing and patch from Jakub Jelen | ||
502 | |||
503 | commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 | ||
504 | Author: guenther@openbsd.org <guenther@openbsd.org> | ||
505 | Date: Mon Jul 4 18:01:44 2016 +0000 | ||
506 | |||
507 | upstream commit | ||
508 | |||
509 | DEBUGLIBS has been broken since the gcc4 switch, so delete | ||
510 | it. CFLAGS contains -g by default anyway | ||
511 | |||
512 | problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) | ||
513 | ok millert@ kettenis@ deraadt@ | ||
514 | |||
515 | Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 | ||
516 | |||
517 | commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 | ||
518 | Author: djm@openbsd.org <djm@openbsd.org> | ||
519 | Date: Fri Jul 8 03:44:42 2016 +0000 | ||
520 | |||
521 | upstream commit | ||
522 | |||
523 | Improve crypto ordering for Encrypt-then-MAC (EtM) mode | ||
524 | MAC algorithms. | ||
525 | |||
526 | Previously we were computing the MAC, decrypting the packet and then | ||
527 | checking the MAC. This gave rise to the possibility of creating a | ||
528 | side-channel oracle in the decryption step, though no such oracle has | ||
529 | been identified. | ||
530 | |||
531 | This adds a mac_check() function that computes and checks the MAC in | ||
532 | one pass, and uses it to advance MAC checking for EtM algorithms to | ||
533 | before payload decryption. | ||
534 | |||
535 | Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and | ||
536 | Martin Albrecht. feedback and ok markus@ | ||
537 | |||
538 | Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b | ||
539 | |||
540 | commit 71f5598f06941f645a451948c4a5125c83828e1c | ||
541 | Author: guenther@openbsd.org <guenther@openbsd.org> | ||
542 | Date: Mon Jul 4 18:01:44 2016 +0000 | ||
543 | |||
544 | upstream commit | ||
545 | |||
546 | DEBUGLIBS has been broken since the gcc4 switch, so | ||
547 | delete it. CFLAGS contains -g by default anyway | ||
548 | |||
549 | problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) | ||
550 | ok millert@ kettenis@ deraadt@ | ||
551 | |||
552 | Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 | ||
553 | |||
554 | commit e683fc6f1c8c7295648dbda679df8307786ec1ce | ||
555 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
556 | Date: Thu Jun 30 05:17:05 2016 +0000 | ||
557 | |||
558 | upstream commit | ||
559 | |||
560 | Explicitly check for 100% completion to avoid potential | ||
561 | floating point rounding error, which could cause progressmeter to report 99% | ||
562 | on completion. While there invert the test so the 100% case is clearer. with | ||
563 | & ok djm@ | ||
564 | |||
565 | Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d | ||
566 | |||
567 | commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 | ||
568 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
569 | Date: Wed Jun 29 17:14:28 2016 +0000 | ||
570 | |||
571 | upstream commit | ||
572 | |||
573 | sort the -o list; | ||
574 | |||
575 | Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac | ||
576 | |||
577 | commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af | ||
578 | Author: djm@openbsd.org <djm@openbsd.org> | ||
579 | Date: Thu Jun 23 05:17:51 2016 +0000 | ||
580 | |||
581 | upstream commit | ||
582 | |||
583 | fix AuthenticationMethods during configuration re-parse; | ||
584 | reported by Juan Francisco Cantero Hurtado | ||
585 | |||
586 | Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 | ||
587 | |||
588 | commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e | ||
589 | Author: djm@openbsd.org <djm@openbsd.org> | ||
590 | Date: Sun Jun 19 07:48:02 2016 +0000 | ||
591 | |||
592 | upstream commit | ||
593 | |||
594 | revert 1.34; causes problems loading public keys | ||
595 | |||
596 | reported by semarie@ | ||
597 | |||
598 | Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 | ||
599 | |||
600 | commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 | ||
601 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
602 | Date: Fri Jun 17 06:33:30 2016 +0000 | ||
603 | |||
604 | upstream commit | ||
605 | |||
606 | grammar fix; | ||
607 | |||
608 | Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 | ||
609 | |||
610 | commit 5e28b1a2a3757548b40018cc2493540a17c82e27 | ||
611 | Author: djm@openbsd.org <djm@openbsd.org> | ||
612 | Date: Fri Jun 17 05:06:23 2016 +0000 | ||
613 | |||
614 | upstream commit | ||
615 | |||
616 | translate OpenSSL error codes to something more | ||
617 | meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ | ||
618 | |||
619 | Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 | ||
620 | |||
621 | commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 | ||
622 | Author: djm@openbsd.org <djm@openbsd.org> | ||
623 | Date: Fri Jun 17 05:03:40 2016 +0000 | ||
624 | |||
625 | upstream commit | ||
626 | |||
627 | ban AuthenticationMethods="" and accept | ||
628 | AuthenticationMethods=any for the default behaviour of not requiring multiple | ||
629 | authentication | ||
630 | |||
631 | bz#2398 from Jakub Jelen; ok dtucker@ | ||
632 | |||
633 | Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 | ||
634 | |||
635 | commit 9816fc5daee5ca924dd5c4781825afbaab728877 | ||
636 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
637 | Date: Thu Jun 16 11:00:17 2016 +0000 | ||
638 | |||
639 | upstream commit | ||
640 | |||
641 | Include stdarg.h for va_copy as per man page. | ||
642 | |||
643 | Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd | ||
644 | |||
645 | commit b6cf84b51bc0f5889db48bf29a0c771954ade283 | ||
646 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
647 | Date: Thu Jun 16 06:10:45 2016 +0000 | ||
648 | |||
649 | upstream commit | ||
650 | |||
651 | keys stored in openssh format can have comments too; diff | ||
652 | from yonas yanfa, tweaked a bit; | ||
653 | |||
654 | ok djm | ||
655 | |||
656 | Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 | ||
657 | |||
658 | commit aa37768f17d01974b6bfa481e5e83841b6c76f86 | ||
659 | Author: Darren Tucker <dtucker@zip.com.au> | ||
660 | Date: Mon Jun 20 15:55:34 2016 +1000 | ||
661 | |||
662 | get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX | ||
663 | |||
664 | Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip | ||
665 | change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. | ||
666 | Fixes build on AIX. | ||
667 | |||
668 | commit 009891afc8df37bc2101e15d1e0b6433cfb90549 | ||
669 | Author: Darren Tucker <dtucker@zip.com.au> | ||
670 | Date: Fri Jun 17 14:34:09 2016 +1000 | ||
671 | |||
672 | Remove duplicate code from PAM. ok djm@ | ||
673 | |||
674 | commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba | ||
675 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
676 | Date: Wed Jun 15 00:40:40 2016 +0000 | ||
677 | |||
678 | upstream commit | ||
679 | |||
680 | Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message | ||
681 | about forward and reverse DNS not matching. We haven't supported IP-based | ||
682 | auth methods for a very long time so it's now misleading. part of bz#2585, | ||
683 | ok markus@ | ||
684 | |||
685 | Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 | ||
686 | |||
687 | commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd | ||
688 | Author: Darren Tucker <dtucker@zip.com.au> | ||
689 | Date: Wed Jun 15 11:22:38 2016 +1000 | ||
690 | |||
691 | Move platform_disable_tracing into its own file. | ||
692 | |||
693 | Prevents link errors resolving the extern "options" when platform.o | ||
694 | gets linked into ssh-agent when building --with-pam. | ||
695 | |||
696 | commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 | ||
697 | Author: Darren Tucker <dtucker@zip.com.au> | ||
698 | Date: Tue Jun 14 13:55:12 2016 +1000 | ||
699 | |||
700 | Track skipped upstream commit IDs. | ||
701 | |||
702 | There are a small number of "upstream" commits that do not correspond to | ||
703 | a file in -portable. This file tracks those so that we can reconcile | ||
704 | OpenBSD and Portable to ensure that no commits are accidentally missed. | ||
705 | |||
706 | If you add something to .skipped-commit-ids please also add an upstream | ||
707 | ID line in the following format when you commit it. | ||
708 | |||
709 | Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 | ||
710 | Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca | ||
711 | Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 | ||
712 | Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 | ||
713 | Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a | ||
714 | Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef | ||
715 | Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 | ||
716 | Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 | ||
717 | Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae | ||
718 | Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee | ||
719 | |||
720 | commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f | ||
721 | Author: Darren Tucker <dtucker@zip.com.au> | ||
722 | Date: Tue Jun 14 13:51:01 2016 +1000 | ||
723 | |||
724 | Remove now-defunct .cvsignore files. ok djm | ||
725 | |||
726 | commit 68777faf271efb2713960605c748f6c8a4b26d55 | ||
727 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
728 | Date: Wed Jun 8 02:13:01 2016 +0000 | ||
729 | |||
730 | upstream commit | ||
731 | |||
732 | Back out rev 1.28 "Check min and max sizes sent by the | ||
733 | client" change. It caused "key_verify failed for server_host_key" in clients | ||
734 | that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. | ||
735 | ok djm@ | ||
736 | |||
737 | Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 | ||
738 | |||
739 | commit a86ec4d0737ac5879223e7cd9d68c448df46e169 | ||
740 | Author: Darren Tucker <dtucker@zip.com.au> | ||
741 | Date: Tue Jun 14 10:48:27 2016 +1000 | ||
742 | |||
743 | Use Solaris setpflags(__PROC_PROTECT, ...). | ||
744 | |||
745 | Where possible, use Solaris setpflags to disable process tracing on | ||
746 | ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee | ||
747 | at oracle.com, ok djm. | ||
748 | |||
749 | commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 | ||
750 | Author: Darren Tucker <dtucker@zip.com.au> | ||
751 | Date: Tue Jun 14 10:43:53 2016 +1000 | ||
752 | |||
753 | Shorten prctl code a tiny bit. | ||
754 | |||
755 | commit 0fb7f5985351fbbcd2613d8485482c538e5123be | ||
756 | Author: Darren Tucker <dtucker@zip.com.au> | ||
757 | Date: Thu Jun 9 16:23:07 2016 +1000 | ||
758 | |||
759 | Move prctl PR_SET_DUMPABLE into platform.c. | ||
760 | |||
761 | This should make it easier to add additional platform support such as | ||
762 | Solaris (bz#2584). | ||
763 | |||
764 | commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 | ||
765 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
766 | Date: Fri Jun 3 04:10:41 2016 +0000 | ||
767 | |||
768 | upstream commit | ||
769 | |||
770 | Add a test for ssh(1)'s config file parsing. | ||
771 | |||
772 | Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 | ||
773 | |||
774 | commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 | ||
775 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
776 | Date: Fri Jun 3 03:47:59 2016 +0000 | ||
777 | |||
778 | upstream commit | ||
779 | |||
780 | Add 'sshd' to the test ID as I'm about to add a similar | ||
781 | set for ssh. | ||
782 | |||
783 | Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a | ||
784 | |||
785 | commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb | ||
786 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
787 | Date: Mon May 30 12:14:08 2016 +0000 | ||
788 | |||
789 | upstream commit | ||
790 | |||
791 | stricter malloc.conf(5) options for utf8 tests | ||
792 | |||
793 | Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 | ||
794 | |||
795 | commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc | ||
796 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
797 | Date: Mon May 30 12:05:56 2016 +0000 | ||
798 | |||
799 | upstream commit | ||
800 | |||
801 | Fix two rare edge cases: 1. If vasprintf() returns < 0, | ||
802 | do not access a NULL pointer in snmprintf(), and do not free() the pointer | ||
803 | returned from vasprintf() because on some systems other than OpenBSD, it | ||
804 | might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" | ||
805 | rather than -1 and NULL. | ||
806 | |||
807 | Besides, free(dst) is pointless after failure (not a bug). | ||
808 | |||
809 | One half OK martijn@, the other half OK deraadt@; | ||
810 | committing quickly before people get hurt. | ||
811 | |||
812 | Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 | ||
813 | |||
814 | commit 016881eb33a7948028848c90f4c7ac42e3af0e87 | ||
815 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
816 | Date: Thu May 26 19:14:25 2016 +0000 | ||
817 | |||
818 | upstream commit | ||
819 | |||
820 | test the new utf8 module | ||
821 | |||
822 | Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 | ||
823 | |||
824 | commit d4219028bdef448e089376f3afe81ef6079da264 | ||
825 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
826 | Date: Tue May 3 15:30:46 2016 +0000 | ||
827 | |||
828 | upstream commit | ||
829 | |||
830 | Set umask to prevent "Bad owner or permissions" errors. | ||
831 | |||
832 | Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 | ||
833 | |||
834 | commit 07d5608bb237e9b3fe86a2aeaa429392230faebf | ||
835 | Author: djm@openbsd.org <djm@openbsd.org> | ||
836 | Date: Tue May 3 14:41:04 2016 +0000 | ||
837 | |||
838 | upstream commit | ||
839 | |||
840 | support doas | ||
841 | |||
842 | Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 | ||
843 | |||
844 | commit 01cabf10adc7676cba5f40536a34d3b246edb73f | ||
845 | Author: djm@openbsd.org <djm@openbsd.org> | ||
846 | Date: Tue May 3 13:48:33 2016 +0000 | ||
847 | |||
848 | upstream commit | ||
849 | |||
850 | unit tests for sshbuf_dup_string() | ||
851 | |||
852 | Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d | ||
853 | |||
854 | commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 | ||
855 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
856 | Date: Fri Jun 3 06:44:12 2016 +0000 | ||
857 | |||
858 | upstream commit | ||
859 | |||
860 | tweak previous; | ||
861 | |||
862 | Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 | ||
863 | |||
864 | commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 | ||
865 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
866 | Date: Fri Jun 3 04:09:38 2016 +0000 | ||
867 | |||
868 | upstream commit | ||
869 | |||
870 | Allow ExitOnForwardFailure and ClearAllForwardings to be | ||
871 | overridden when using ssh -W (but still default to yes in that case). | ||
872 | bz#2577, ok djm@. | ||
873 | |||
874 | Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 | ||
875 | |||
876 | commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 | ||
877 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
878 | Date: Fri Jun 3 03:14:41 2016 +0000 | ||
879 | |||
880 | upstream commit | ||
881 | |||
882 | Move the host and port used by ssh -W into the Options | ||
883 | struct. This will make future changes a bit easier. ok djm@ | ||
884 | |||
885 | Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 | ||
886 | |||
887 | commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 | ||
888 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
889 | Date: Wed Jun 1 04:19:49 2016 +0000 | ||
890 | |||
891 | upstream commit | ||
892 | |||
893 | Check min and max sizes sent by the client against what | ||
894 | we support before passing them to the monitor. ok djm@ | ||
895 | |||
896 | Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece | ||
897 | |||
898 | commit 564cd2a8926ccb1dca43a535073540935b5e0373 | ||
899 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
900 | Date: Tue May 31 23:46:14 2016 +0000 | ||
901 | |||
902 | upstream commit | ||
903 | |||
904 | Ensure that the client's proposed DH-GEX max value is at | ||
905 | least as big as the minimum the server will accept. ok djm@ | ||
906 | |||
907 | Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 | ||
908 | |||
909 | commit df820722e40309c9b3f360ea4ed47a584ed74333 | ||
910 | Author: Darren Tucker <dtucker@zip.com.au> | ||
911 | Date: Mon Jun 6 11:36:13 2016 +1000 | ||
912 | |||
913 | Add compat bits to utf8.c. | ||
914 | |||
915 | commit 05c6574652571becfe9d924226c967a3f4b3f879 | ||
916 | Author: Darren Tucker <dtucker@zip.com.au> | ||
917 | Date: Mon Jun 6 11:33:43 2016 +1000 | ||
918 | |||
919 | Fix utf->utf8 typo. | ||
920 | |||
921 | commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce | ||
922 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
923 | Date: Mon May 30 18:34:41 2016 +0000 | ||
924 | |||
925 | upstream commit | ||
926 | |||
927 | Backout rev. 1.43 for now. | ||
928 | |||
929 | The function update_progress_meter() calls refresh_progress_meter() | ||
930 | which calls snmprintf() which calls malloc(); but update_progress_meter() | ||
931 | acts as the SIGALRM signal handler. | ||
932 | |||
933 | "malloc(): error: recursive call" reported by sobrado@. | ||
934 | |||
935 | Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e | ||
936 | |||
937 | commit cd9e1eabeb4137182200035ab6fa4522f8d24044 | ||
938 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
939 | Date: Mon May 30 12:57:21 2016 +0000 | ||
940 | |||
941 | upstream commit | ||
942 | |||
943 | Even when only writing an unescaped character, the dst | ||
944 | buffer may need to grow, or it would be overrun; issue found by tb@ with | ||
945 | malloc.conf(5) 'C'. | ||
946 | |||
947 | While here, reserve an additional byte for the terminating NUL | ||
948 | up front such that we don't have to realloc() later just for that. | ||
949 | |||
950 | OK tb@ | ||
951 | |||
952 | Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff | ||
953 | |||
954 | commit ac284a355f8065eaef2a16f446f3c44cdd17371d | ||
955 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
956 | Date: Mon May 30 12:05:56 2016 +0000 | ||
957 | |||
958 | upstream commit | ||
959 | |||
960 | Fix two rare edge cases: 1. If vasprintf() returns < 0, | ||
961 | do not access a NULL pointer in snmprintf(), and do not free() the pointer | ||
962 | returned from vasprintf() because on some systems other than OpenBSD, it | ||
963 | might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" | ||
964 | rather than -1 and NULL. | ||
965 | |||
966 | Besides, free(dst) is pointless after failure (not a bug). | ||
967 | |||
968 | One half OK martijn@, the other half OK deraadt@; | ||
969 | committing quickly before people get hurt. | ||
970 | |||
971 | Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 | ||
972 | |||
973 | commit 0e059cdf5fd86297546c63fa8607c24059118832 | ||
974 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
975 | Date: Wed May 25 23:48:45 2016 +0000 | ||
976 | |||
977 | upstream commit | ||
978 | |||
979 | To prevent screwing up terminal settings when printing to | ||
980 | the terminal, for ASCII and UTF-8, escape bytes not forming characters and | ||
981 | bytes forming non-printable characters with vis(3) VIS_OCTAL. For other | ||
982 | character sets, abort printing of the current string in these cases. In | ||
983 | particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * | ||
984 | sanitize data received from the remote host; * sanitize filenames, usernames, | ||
985 | and similar data even locally; * take character display widths into account | ||
986 | for the progressmeter. | ||
987 | |||
988 | This is believed to be sufficient to keep the local terminal safe | ||
989 | on OpenBSD, but bad things can still happen on other systems with | ||
990 | state-dependent locales because many places in the code print | ||
991 | unencoded ASCII characters into the output stream. | ||
992 | |||
993 | Using feedback from djm@ and martijn@, | ||
994 | various aspects discussed with many others. | ||
995 | |||
996 | deraadt@ says it should go in now, i probably already hesitated too long | ||
997 | |||
998 | Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0 | ||
999 | |||
1000 | commit 8c02e3639acefe1e447e293dbe23a0917abd3734 | ||
1001 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1002 | Date: Tue May 24 04:43:45 2016 +0000 | ||
1003 | |||
1004 | upstream commit | ||
1005 | |||
1006 | KNF compression proposal and simplify the client side a | ||
1007 | little. ok djm@ | ||
1008 | |||
1009 | Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605 | ||
1010 | |||
1011 | commit 7ec4946fb686813eb5f8c57397e465f5485159f4 | ||
1012 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1013 | Date: Tue May 24 02:31:57 2016 +0000 | ||
1014 | |||
1015 | upstream commit | ||
1016 | |||
1017 | Back out 'plug memleak'. | ||
1018 | |||
1019 | Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0 | ||
1020 | |||
1021 | commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5 | ||
1022 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1023 | Date: Mon May 23 23:30:50 2016 +0000 | ||
1024 | |||
1025 | upstream commit | ||
1026 | |||
1027 | prefer agent-hosted keys to keys from PKCS#11; ok markus | ||
1028 | |||
1029 | Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4 | ||
1030 | |||
1031 | commit a0cb7778fbc9b43458f7072eb68dd858766384d1 | ||
1032 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1033 | Date: Mon May 23 00:17:27 2016 +0000 | ||
1034 | |||
1035 | upstream commit | ||
1036 | |||
1037 | Plug mem leak in filter_proposal. ok djm@ | ||
1038 | |||
1039 | Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34 | ||
1040 | |||
1041 | commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743 | ||
1042 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1043 | Date: Fri Jun 3 16:03:44 2016 +1000 | ||
1044 | |||
1045 | Update vis.h and vis.c from OpenBSD. | ||
1046 | |||
1047 | This will be needed for the upcoming utf8 changes. | ||
1048 | |||
1049 | commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77 | ||
1050 | Author: Tim Rice <tim@multitalents.net> | ||
1051 | Date: Tue May 31 11:13:22 2016 -0700 | ||
1052 | |||
1053 | modified: configure.ac | ||
1054 | whitspace clean up. No code changes. | ||
1055 | |||
1056 | commit 604a037d84e41e31f0aec9075df0b8740c130200 | ||
1057 | Author: Damien Miller <djm@mindrot.org> | ||
1058 | Date: Tue May 31 16:45:28 2016 +1000 | ||
1059 | |||
1060 | whitespace at EOL | ||
1061 | |||
1062 | commit 18424200160ff5c923113e0a37ebe21ab7bcd17c | ||
1063 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1064 | Date: Mon May 30 19:35:28 2016 +1000 | ||
1065 | |||
1066 | Add missing ssh-host-config --name option | ||
1067 | |||
1068 | Patch from vinschen@redhat.com. | ||
1069 | |||
1070 | commit 39c0cecaa188a37a2e134795caa68e03f3ced592 | ||
1071 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1072 | Date: Fri May 20 10:01:58 2016 +1000 | ||
1073 | |||
1074 | Fix comment about sshpam_const and AIX. | ||
1075 | |||
1076 | From mschwager via github. | ||
1077 | |||
1078 | commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30 | ||
1079 | Author: Damien Miller <djm@mindrot.org> | ||
1080 | Date: Fri May 20 09:56:53 2016 +1000 | ||
1081 | |||
1082 | Deny lstat syscalls in seccomp sandbox | ||
1083 | |||
1084 | Avoids sandbox violations for some krb/gssapi libraries. | ||
1085 | |||
1086 | commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0 | ||
1087 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1088 | Date: Thu May 19 07:45:32 2016 +0000 | ||
1089 | |||
1090 | upstream commit | ||
1091 | |||
1092 | fix type of ed25519 values | ||
1093 | |||
1094 | Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0 | ||
1095 | |||
1096 | commit 75e21688f523799c9e0cc6601d76a9c5ca79f787 | ||
1097 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1098 | Date: Wed May 4 14:32:26 2016 +0000 | ||
1099 | |||
1100 | upstream commit | ||
1101 | |||
1102 | add IdentityAgent; noticed & ok jmc@ | ||
1103 | |||
1104 | Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a | ||
1105 | |||
1106 | commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b | ||
1107 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1108 | Date: Wed May 4 14:29:58 2016 +0000 | ||
1109 | |||
1110 | upstream commit | ||
1111 | |||
1112 | allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@ | ||
1113 | |||
1114 | Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac | ||
1115 | |||
1116 | commit 0516454151ae722fc8256c3c56115c6baf24c5b0 | ||
1117 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1118 | Date: Wed May 4 14:22:33 2016 +0000 | ||
1119 | |||
1120 | upstream commit | ||
1121 | |||
1122 | move SSH_MSG_NONE, so we don't have to include ssh1.h; | ||
1123 | ok deraadt@ | ||
1124 | |||
1125 | Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e | ||
1126 | |||
1127 | commit 332ff3d770631e7513fea38cf0d3689f673f0e3f | ||
1128 | Author: Damien Miller <djm@mindrot.org> | ||
1129 | Date: Tue May 10 09:51:06 2016 +1000 | ||
1130 | |||
1131 | initialise salen in binresvport_sa | ||
1132 | |||
1133 | avoids failures with UsePrivilegedPort=yes | ||
1134 | |||
1135 | patch from Juan Gallego | ||
1136 | |||
1137 | commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804 | ||
1138 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1139 | Date: Wed May 4 14:04:40 2016 +0000 | ||
1140 | |||
1141 | upstream commit | ||
1142 | |||
1143 | missing const in prototypes (ssh1) | ||
1144 | |||
1145 | Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05 | ||
1146 | |||
1147 | commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28 | ||
1148 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1149 | Date: Wed May 4 14:00:09 2016 +0000 | ||
1150 | |||
1151 | upstream commit | ||
1152 | |||
1153 | Fix inverted logic for updating StreamLocalBindMask which | ||
1154 | would cause the server to set an invalid mask. ok djm@ | ||
1155 | |||
1156 | Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587 | ||
1157 | |||
1158 | commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81 | ||
1159 | Author: markus@openbsd.org <markus@openbsd.org> | ||
1160 | Date: Wed May 4 12:21:53 2016 +0000 | ||
1161 | |||
1162 | upstream commit | ||
1163 | |||
1164 | IdentityAgent for specifying specific agent sockets; ok | ||
1165 | djm@ | ||
1166 | |||
1167 | Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1 | ||
1168 | |||
1169 | commit 910e59bba09ac309d78ce61e356da35292212935 | ||
1170 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1171 | Date: Wed May 4 12:16:39 2016 +0000 | ||
1172 | |||
1173 | upstream commit | ||
1174 | |||
1175 | fix junk characters after quotes | ||
1176 | |||
1177 | Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578 | ||
1178 | |||
1179 | commit 9283884e647b8be50ccd2997537af0065672107d | ||
1180 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1181 | Date: Tue May 3 18:38:12 2016 +0000 | ||
1182 | |||
1183 | upstream commit | ||
1184 | |||
1185 | correct article; | ||
1186 | |||
1187 | Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168 | ||
1188 | |||
1189 | commit cfefbcea1057c2623e76c579174a4107a0b6e6cd | ||
1190 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1191 | Date: Tue May 3 15:57:39 2016 +0000 | ||
1192 | |||
1193 | upstream commit | ||
1194 | |||
1195 | fix overriding of StreamLocalBindMask and | ||
1196 | StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes | ||
1197 | |||
1198 | Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2 | ||
1199 | |||
1200 | commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549 | ||
1201 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1202 | Date: Tue May 3 15:25:06 2016 +0000 | ||
1203 | |||
1204 | upstream commit | ||
1205 | |||
1206 | don't forget to include StreamLocalBindUnlink in the | ||
1207 | config dump output | ||
1208 | |||
1209 | Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb | ||
1210 | |||
1211 | commit cdcd941994dc430f50d0a4e6a712d32b66e6199e | ||
1212 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1213 | Date: Tue May 3 14:54:08 2016 +0000 | ||
1214 | |||
1215 | upstream commit | ||
1216 | |||
1217 | make nethack^wrandomart fingerprint flag more readily | ||
1218 | searchable pointed out by Matt Johnston | ||
1219 | |||
1220 | Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb | ||
1221 | |||
1222 | commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d | ||
1223 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1224 | Date: Tue May 3 13:10:24 2016 +0000 | ||
1225 | |||
1226 | upstream commit | ||
1227 | |||
1228 | clarify ordering of subkeys; pointed out by ietf-ssh AT | ||
1229 | stbuehler.de | ||
1230 | |||
1231 | Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463 | ||
1232 | |||
1233 | commit cca3b4395807bfb7aaeb83d2838f5c062ce30566 | ||
1234 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1235 | Date: Tue May 3 12:15:49 2016 +0000 | ||
1236 | |||
1237 | upstream commit | ||
1238 | |||
1239 | Use a subshell for constructing key types to work around | ||
1240 | different sed behaviours for -portable. | ||
1241 | |||
1242 | Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d | ||
1243 | |||
1244 | commit fa58208c6502dcce3e0daac0ca991ee657daf1f5 | ||
1245 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1246 | Date: Tue May 3 10:27:59 2016 +0000 | ||
1247 | |||
1248 | upstream commit | ||
1249 | |||
1250 | correct some typos and remove a long-stale XXX note. | ||
1251 | |||
1252 | add specification for ed25519 certificates | ||
1253 | |||
1254 | mention no host certificate options/extensions are currently defined | ||
1255 | |||
1256 | pointed out by Simon Tatham | ||
1257 | |||
1258 | Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a | ||
1259 | |||
1260 | commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04 | ||
1261 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1262 | Date: Tue May 3 10:24:27 2016 +0000 | ||
1263 | |||
1264 | upstream commit | ||
1265 | |||
1266 | add ed25519 keys that are supported but missing from this | ||
1267 | documents; from Peter Moody | ||
1268 | |||
1269 | Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b | ||
1270 | |||
1271 | commit 7f3d76319a69dab2efe3a520a8fef5b97e923636 | ||
1272 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1273 | Date: Tue May 3 09:03:49 2016 +0000 | ||
1274 | |||
1275 | upstream commit | ||
1276 | |||
1277 | Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch | ||
1278 | from Simon Tatham, ok markus@ | ||
1279 | |||
1280 | Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8 | ||
1281 | |||
1282 | commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62 | ||
1283 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1284 | Date: Mon May 2 14:10:58 2016 +0000 | ||
1285 | |||
1286 | upstream commit | ||
1287 | |||
1288 | unbreak config parsing on reexec from previous commit | ||
1289 | |||
1290 | Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab | ||
1291 | |||
1292 | commit 67f1459efd2e85bf03d032539283fa8107218936 | ||
1293 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1294 | Date: Mon May 2 09:52:00 2016 +0000 | ||
1295 | |||
1296 | upstream commit | ||
1297 | |||
1298 | unit and regress tests for SHA256/512; ok markus | ||
1299 | |||
1300 | Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6 | ||
1301 | |||
1302 | commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7 | ||
1303 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1304 | Date: Mon May 2 10:26:04 2016 +0000 | ||
1305 | |||
1306 | upstream commit | ||
1307 | |||
1308 | add support for additional fixed DH groups from | ||
1309 | draft-ietf-curdle-ssh-kex-sha2-03 | ||
1310 | |||
1311 | diffie-hellman-group14-sha256 (2K group) | ||
1312 | diffie-hellman-group16-sha512 (4K group) | ||
1313 | diffie-hellman-group18-sha512 (8K group) | ||
1314 | |||
1315 | based on patch from Mark D. Baushke and Darren Tucker | ||
1316 | ok markus@ | ||
1317 | |||
1318 | Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f | ||
1319 | |||
1320 | commit 57464e3934ba53ad8590ee3ccd840f693407fc1e | ||
1321 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1322 | Date: Mon May 2 09:36:42 2016 +0000 | ||
1323 | |||
1324 | upstream commit | ||
1325 | |||
1326 | support SHA256 and SHA512 RSA signatures in certificates; | ||
1327 | ok markus@ | ||
1328 | |||
1329 | Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a | ||
1330 | |||
1331 | commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e | ||
1332 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1333 | Date: Mon May 2 08:49:03 2016 +0000 | ||
1334 | |||
1335 | upstream commit | ||
1336 | |||
1337 | fix signed/unsigned errors reported by clang-3.7; add | ||
1338 | sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with | ||
1339 | better safety checking; feedback and ok markus@ | ||
1340 | |||
1341 | Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820 | ||
1342 | |||
1343 | commit d2d6bf864e52af8491a60dd507f85b74361f5da3 | ||
1344 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1345 | Date: Fri Apr 29 08:07:53 2016 +0000 | ||
1346 | |||
1347 | upstream commit | ||
1348 | |||
1349 | close ControlPersist background process stderr when not | ||
1350 | in debug mode or when logging to a file or syslog. bz#1988 ok dtucker | ||
1351 | |||
1352 | Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 | ||
1353 | |||
1354 | commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8 | ||
1355 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1356 | Date: Thu Apr 28 14:30:21 2016 +0000 | ||
1357 | |||
1358 | upstream commit | ||
1359 | |||
1360 | fix comment | ||
1361 | |||
1362 | Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15 | ||
1363 | |||
1364 | commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6 | ||
1365 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1366 | Date: Wed Apr 27 13:53:48 2016 +0000 | ||
1367 | |||
1368 | upstream commit | ||
1369 | |||
1370 | cidr permitted for {allow,deny}users; from lars nooden ok djm | ||
1371 | |||
1372 | Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11 | ||
1373 | |||
1374 | commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22 | ||
1375 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1376 | Date: Thu Apr 21 06:08:02 2016 +0000 | ||
1377 | |||
1378 | upstream commit | ||
1379 | |||
1380 | make argument == NULL tests more consistent | ||
1381 | |||
1382 | Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d | ||
1383 | |||
1384 | commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3 | ||
1385 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1386 | Date: Sun Apr 17 14:34:46 2016 +0000 | ||
1387 | |||
1388 | upstream commit | ||
1389 | |||
1390 | tweak previous; | ||
1391 | |||
1392 | Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f | ||
1393 | |||
1394 | commit 0f839e5969efa3bda615991be8a9d9311554c573 | ||
1395 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1396 | Date: Fri Apr 15 02:57:10 2016 +0000 | ||
1397 | |||
1398 | upstream commit | ||
1399 | |||
1400 | missing bit of Include regress | ||
1401 | |||
1402 | Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f | ||
1403 | |||
1404 | commit 12e4ac46aed681da55c2bba3cd11dfcab23591be | ||
1405 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1406 | Date: Fri Apr 15 02:55:53 2016 +0000 | ||
1407 | |||
1408 | upstream commit | ||
1409 | |||
1410 | remove redundant CLEANFILES section | ||
1411 | |||
1412 | Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587 | ||
1413 | |||
1414 | commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c | ||
1415 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1416 | Date: Fri Apr 15 00:48:01 2016 +0000 | ||
1417 | |||
1418 | upstream commit | ||
1419 | |||
1420 | sync CLEANFILES with portable, sort | ||
1421 | |||
1422 | Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed | ||
1423 | |||
1424 | commit 35f22dad263cce5c61d933ae439998cb965b8748 | ||
1425 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1426 | Date: Fri Apr 15 00:31:10 2016 +0000 | ||
1427 | |||
1428 | upstream commit | ||
1429 | |||
1430 | regression test for ssh_config Include directive | ||
1431 | |||
1432 | Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e | ||
1433 | |||
1434 | commit 6b8a1a87005818d4700ce8b42faef746e82c1f51 | ||
1435 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1436 | Date: Thu Apr 14 23:57:17 2016 +0000 | ||
1437 | |||
1438 | upstream commit | ||
1439 | |||
1440 | unbreak test for recent ssh de-duplicated forwarding | ||
1441 | change | ||
1442 | |||
1443 | Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3 | ||
1444 | |||
1445 | commit 076787702418985a2cc6808212dc28ce7afc01f0 | ||
1446 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1447 | Date: Thu Apr 14 23:21:42 2016 +0000 | ||
1448 | |||
1449 | upstream commit | ||
1450 | |||
1451 | add test knob and warning for StrictModes | ||
1452 | |||
1453 | Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682 | ||
1454 | |||
1455 | commit dc7990be865450574c7940c9880567f5d2555b37 | ||
1456 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1457 | Date: Fri Apr 15 00:30:19 2016 +0000 | ||
1458 | |||
1459 | upstream commit | ||
1460 | |||
1461 | Include directive for ssh_config(5); feedback & ok markus@ | ||
1462 | |||
1463 | Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff | ||
1464 | |||
1465 | commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755 | ||
1466 | Author: Damien Miller <djm@mindrot.org> | ||
1467 | Date: Wed Apr 13 10:39:57 2016 +1000 | ||
1468 | |||
1469 | ignore PAM environment vars when UseLogin=yes | ||
1470 | |||
1471 | If PAM is configured to read user-specified environment variables | ||
1472 | and UseLogin=yes in sshd_config, then a hostile local user may | ||
1473 | attack /bin/login via LD_PRELOAD or similar environment variables | ||
1474 | set via PAM. | ||
1475 | |||
1476 | CVE-2015-8325, found by Shayan Sadigh, via Colin Watson | ||
1477 | |||
1478 | commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9 | ||
1479 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1480 | Date: Sat Apr 9 12:39:30 2016 +0000 | ||
1481 | |||
1482 | upstream commit | ||
1483 | |||
1484 | make private key loading functions consistently handle NULL | ||
1485 | key pointer arguments; ok markus@ | ||
1486 | |||
1487 | Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761 | ||
1488 | |||
1489 | commit 5f41f030e2feb5295657285aa8c6602c7810bc4b | ||
1490 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1491 | Date: Fri Apr 8 21:14:13 2016 +1000 | ||
1492 | |||
1493 | Remove NO_IPPORT_RESERVED_CONCEPT | ||
1494 | |||
1495 | Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have | ||
1496 | the same effect without causing problems syncing patches with OpenBSD. | ||
1497 | Resync the two affected functions with OpenBSD. ok djm, sanity checked | ||
1498 | by Corinna. | ||
1499 | |||
1500 | commit 34a01b2cf737d946ddb140618e28c3048ab7a229 | ||
1501 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1502 | Date: Fri Apr 8 08:19:17 2016 +0000 | ||
1503 | |||
1504 | upstream commit | ||
1505 | |||
1506 | whitespace at EOL | ||
1507 | |||
1508 | Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6 | ||
1509 | |||
1510 | commit 90ee563fa6b54c59896c6c332c5188f866c5e75f | ||
1511 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1512 | Date: Fri Apr 8 06:35:54 2016 +0000 | ||
1513 | |||
1514 | upstream commit | ||
1515 | |||
1516 | We accidentally send an empty string and a zero uint32 with | ||
1517 | every direct-streamlocal@openssh.com channel open, in contravention of our | ||
1518 | own spec. | ||
1519 | |||
1520 | Fixing this is too hard wrt existing versions that expect these | ||
1521 | fields to be present and fatal() if they aren't, so document them | ||
1522 | as "reserved" fields in the PROTOCOL spec as though we always | ||
1523 | intended this and let us never speak of it again. | ||
1524 | |||
1525 | bz#2529, reported by Ron Frederick | ||
1526 | |||
1527 | Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7 | ||
1528 | |||
1529 | commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558 | ||
1530 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1531 | Date: Wed Apr 6 06:42:17 2016 +0000 | ||
1532 | |||
1533 | upstream commit | ||
1534 | |||
1535 | don't record duplicate LocalForward and RemoteForward | ||
1536 | entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation | ||
1537 | where the same forwards are added on the second pass through the | ||
1538 | configuration file. bz#2562; ok dtucker@ | ||
1539 | |||
1540 | Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1 | ||
1541 | |||
1542 | commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8 | ||
1543 | Author: krw@openbsd.org <krw@openbsd.org> | ||
1544 | Date: Sat Apr 2 14:37:42 2016 +0000 | ||
1545 | |||
1546 | upstream commit | ||
1547 | |||
1548 | Another use for fcntl() and thus of the superfluous 3rd | ||
1549 | parameter is when sanitising standard fd's before calling daemon(). | ||
1550 | |||
1551 | Use a tweaked version of the ssh(1) function in all three places | ||
1552 | found using fcntl() this way. | ||
1553 | |||
1554 | ok jca@ beck@ | ||
1555 | |||
1556 | Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218 | ||
1557 | |||
1558 | commit b3413534aa9d71a941005df2760d1eec2c2b0854 | ||
1559 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1560 | Date: Mon Apr 4 11:09:21 2016 +1000 | ||
1561 | |||
1562 | Tidy up openssl header test. | ||
1563 | |||
1564 | commit 815bcac0b94bb448de5acdd6ba925b8725240b4f | ||
1565 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1566 | Date: Mon Apr 4 11:07:59 2016 +1000 | ||
1567 | |||
1568 | Fix configure-time warnings for openssl test. | ||
1569 | |||
1570 | commit 95687f5831ae680f7959446d8ae4b52452ee05dd | ||
1571 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1572 | Date: Fri Apr 1 02:34:10 2016 +0000 | ||
1573 | |||
1574 | upstream commit | ||
1575 | |||
1576 | whitespace at EOL | ||
1577 | |||
1578 | Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a | ||
1579 | |||
1580 | commit fdfbf4580de09d84a974211715e14f88a5704b8e | ||
1581 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1582 | Date: Thu Mar 31 05:24:06 2016 +0000 | ||
1583 | |||
1584 | upstream commit | ||
1585 | |||
1586 | Remove fallback from moduli to "primes" file that was | ||
1587 | deprecated in 2001 and fix log messages referring to primes file. Based on | ||
1588 | patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@ | ||
1589 | |||
1590 | Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713 | ||
1591 | |||
1592 | commit 0235a5fa67fcac51adb564cba69011a535f86f6b | ||
1593 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1594 | Date: Thu Mar 17 17:19:43 2016 +0000 | ||
1595 | |||
1596 | upstream commit | ||
1597 | |||
1598 | UseDNS affects ssh hostname processing in authorized_keys, | ||
1599 | not known_hosts; bz#2554 reported by jjelen AT redhat.com | ||
1600 | |||
1601 | Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591 | ||
1602 | |||
1603 | commit 8c4739338f5e379d05b19d6e544540114965f07e | ||
1604 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1605 | Date: Tue Mar 15 09:24:43 2016 +1100 | ||
1606 | |||
1607 | Don't call Solaris setproject() with UsePAM=yes. | ||
1608 | |||
1609 | When Solaris Projects are enabled along with PAM setting the project | ||
1610 | is PAM's responsiblity. bz#2425, based on patch from | ||
1611 | brent.paulson at gmail.com. | ||
1612 | |||
1613 | commit cff26f373c58457a32cb263e212cfff53fca987b | ||
1614 | Author: Damien Miller <djm@mindrot.org> | ||
1615 | Date: Tue Mar 15 04:30:21 2016 +1100 | ||
1616 | |||
1617 | remove slogin from *.spec | ||
1618 | |||
1619 | commit c38905ba391434834da86abfc988a2b8b9b62477 | ||
1620 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1621 | Date: Mon Mar 14 16:20:54 2016 +0000 | ||
1622 | |||
1623 | upstream commit | ||
1624 | |||
1625 | unbreak authentication using lone certificate keys in | ||
1626 | ssh-agent: when attempting pubkey auth with a certificate, if no separate | ||
1627 | private key is found among the keys then try with the certificate key itself. | ||
1628 | |||
1629 | bz#2550 reported by Peter Moody | ||
1630 | |||
1631 | Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966 | ||
1632 | |||
1633 | commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871 | ||
1634 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1635 | Date: Thu Mar 10 11:47:57 2016 +0000 | ||
1636 | |||
1637 | upstream commit | ||
1638 | |||
1639 | sanitise characters destined for xauth reported by | ||
1640 | github.com/tintinweb feedback and ok deraadt and markus | ||
1641 | |||
1642 | Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261 | ||
1643 | |||
1644 | commit 732b463d37221722b1206f43aa59563766a6a968 | ||
1645 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1646 | Date: Mon Mar 14 16:04:23 2016 +1100 | ||
1647 | |||
1648 | Pass supported malloc options to connect-privsep. | ||
1649 | |||
1650 | This allows us to activate only the supported options during the malloc | ||
1651 | option portion of the connect-privsep test. | ||
1652 | |||
1653 | commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744 | ||
1654 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1655 | Date: Mon Mar 14 09:30:58 2016 +1100 | ||
1656 | |||
1657 | Remove leftover roaming.h file. | ||
1658 | |||
1659 | Pointed out by des at des.no. | ||
1660 | |||
1661 | commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea | ||
1662 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1663 | Date: Mon Mar 14 09:24:03 2016 +1100 | ||
1664 | |||
1665 | Quote variables that may contain whitespace. | ||
1666 | |||
1667 | The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to | ||
1668 | survive paths containing whitespace. bz#2551, from Corinna Vinschen via | ||
1669 | Philip Hands. | ||
1670 | |||
1671 | commit 627824480c01f0b24541842c7206ab9009644d02 | ||
1672 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1673 | Date: Fri Mar 11 14:47:41 2016 +1100 | ||
1674 | |||
1675 | Include priv.h for priv_set_t. | ||
1676 | |||
1677 | From alex at cooperi.net. | ||
1678 | |||
1679 | commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf | ||
1680 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1681 | Date: Wed Mar 9 13:14:18 2016 +1100 | ||
1682 | |||
1683 | Wrap stdint.h inside #ifdef HAVE_STDINT_H. | ||
1684 | |||
1685 | commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363 | ||
1686 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1687 | Date: Wed Mar 9 12:46:50 2016 +1100 | ||
1688 | |||
1689 | Add compat to monotime_double(). | ||
1690 | |||
1691 | Apply all of the portability changes in monotime() to monotime() double. | ||
1692 | Fixes build on at least older FreeBSD systems. | ||
1693 | |||
1694 | commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9 | ||
1695 | Author: Damien Miller <djm@mindrot.org> | ||
1696 | Date: Tue Mar 8 14:12:58 2016 -0800 | ||
1697 | |||
1698 | make a regress-binaries target | ||
1699 | |||
1700 | Easier to build all the regression/unit test binaries in one pass | ||
1701 | than going through all of ${REGRESS_BINARIES} | ||
1702 | |||
1703 | commit c425494d6b6181beb54a1b3763ef9e944fd3c214 | ||
1704 | Author: Damien Miller <djm@mindrot.org> | ||
1705 | Date: Tue Mar 8 14:03:54 2016 -0800 | ||
1706 | |||
1707 | unbreak kexfuzz for -Werror without __bounded__ | ||
1708 | |||
1709 | commit 3ed9218c336607846563daea5d5ab4f701f4e042 | ||
1710 | Author: Damien Miller <djm@mindrot.org> | ||
1711 | Date: Tue Mar 8 14:01:29 2016 -0800 | ||
1712 | |||
1713 | unbreak PAM after canohost refactor | ||
1714 | |||
1715 | commit 885fb2a44ff694f01e4f6470f803629e11f62961 | ||
1716 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1717 | Date: Tue Mar 8 11:58:43 2016 +1100 | ||
1718 | |||
1719 | auth_get_canonical_hostname in portable code. | ||
1720 | |||
1721 | "refactor canohost.c" replaced get_canonical_hostname, this makes the | ||
1722 | same change to some portable-specific code. | ||
1723 | |||
1724 | commit 95767262caa6692eff1e1565be1f5cb297949a89 | ||
1725 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1726 | Date: Mon Mar 7 19:02:43 2016 +0000 | ||
6 | 1727 | ||
7 | commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 | 1728 | upstream commit |
1729 | |||
1730 | refactor canohost.c: move functions that cache results closer | ||
1731 | to the places that use them (authn and session code). After this, no state is | ||
1732 | cached in canohost.c | ||
1733 | |||
1734 | feedback and ok markus@ | ||
1735 | |||
1736 | Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e | ||
1737 | |||
1738 | commit af0bb38ffd1f2c4f9f43b0029be2efe922815255 | ||
8 | Author: Damien Miller <djm@mindrot.org> | 1739 | Author: Damien Miller <djm@mindrot.org> |
9 | Date: Thu Mar 10 05:03:39 2016 +1100 | 1740 | Date: Fri Mar 4 15:11:55 2016 +1100 |
1741 | |||
1742 | hook unittests/misc/kexfuzz into build | ||
1743 | |||
1744 | commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248 | ||
1745 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1746 | Date: Fri Mar 4 02:48:06 2016 +0000 | ||
1747 | |||
1748 | upstream commit | ||
1749 | |||
1750 | Filter debug messages out of log before picking the last | ||
1751 | two lines. Should prevent problems if any more debug output is added late in | ||
1752 | the connection. | ||
1753 | |||
1754 | Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363 | ||
1755 | |||
1756 | commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb | ||
1757 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1758 | Date: Fri Mar 4 02:30:36 2016 +0000 | ||
1759 | |||
1760 | upstream commit | ||
1761 | |||
1762 | add KEX fuzzer harness; ok deraadt@ | ||
1763 | |||
1764 | Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1 | ||
1765 | |||
1766 | commit ae2562c47d41b68dbb00240fd6dd60bed205367a | ||
1767 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1768 | Date: Thu Mar 3 00:46:53 2016 +0000 | ||
1769 | |||
1770 | upstream commit | ||
1771 | |||
1772 | Look back 3 lines for possible error messages. Changes | ||
1773 | to the code mean that "Bad packet length" errors are 3 lines back instead of | ||
1774 | the previous two, which meant we didn't skip some offsets that we intended | ||
1775 | to. | ||
1776 | |||
1777 | Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684 | ||
10 | 1778 | ||
11 | sanitise characters destined for xauth(1) | 1779 | commit 988e429d903acfb298bfddfd75e7994327adfed0 |
1780 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1781 | Date: Fri Mar 4 03:35:44 2016 +0000 | ||
1782 | |||
1783 | upstream commit | ||
12 | 1784 | ||
13 | reported by github.com/tintinweb | 1785 | fix ClientAliveInterval when a time-based RekeyLimit is |
1786 | set; previously keepalive packets were not being sent. bz#2252 report and | ||
1787 | analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@ | ||
1788 | |||
1789 | Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81 | ||
1790 | |||
1791 | commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d | ||
1792 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1793 | Date: Wed Mar 2 22:43:52 2016 +0000 | ||
1794 | |||
1795 | upstream commit | ||
1796 | |||
1797 | Improve accuracy of reported transfer speeds by waiting | ||
1798 | for the ack from the other end. Pointed out by mmcc@, ok deraadt@ markus@ | ||
1799 | |||
1800 | Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d | ||
1801 | |||
1802 | commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723 | ||
1803 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1804 | Date: Wed Mar 2 22:42:40 2016 +0000 | ||
1805 | |||
1806 | upstream commit | ||
1807 | |||
1808 | Improve precision of progressmeter for sftp and scp by | ||
1809 | storing sub-second timestamps. Pointed out by mmcc@, ok deraadt@ markus@ | ||
1810 | |||
1811 | Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab | ||
1812 | |||
1813 | commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0 | ||
1814 | Author: jca@openbsd.org <jca@openbsd.org> | ||
1815 | Date: Mon Feb 29 20:22:36 2016 +0000 | ||
1816 | |||
1817 | upstream commit | ||
1818 | |||
1819 | Print ssize_t with %zd; ok deraadt@ mmcc@ | ||
1820 | |||
1821 | Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd | ||
1822 | |||
1823 | commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d | ||
1824 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1825 | Date: Sun Feb 28 22:27:00 2016 +0000 | ||
1826 | |||
1827 | upstream commit | ||
1828 | |||
1829 | rearrange DH public value tests to be a little more clear | ||
1830 | |||
1831 | rearrange DH private value generation to explain rationale more | ||
1832 | clearly and include an extra sanity check. | ||
1833 | |||
1834 | ok deraadt | ||
1835 | |||
1836 | Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad | ||
1837 | |||
1838 | commit 2ed17aa34008bdfc8db674315adc425a0712be11 | ||
1839 | Author: Darren Tucker <dtucker@zip.com.au> | ||
1840 | Date: Tue Mar 1 15:24:20 2016 +1100 | ||
1841 | |||
1842 | Import updated moduli file from OpenBSD. | ||
1843 | |||
1844 | Note that 1.5k bit groups have been removed. | ||
14 | 1845 | ||
15 | commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 | 1846 | commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 |
16 | Author: Darren Tucker <dtucker@zip.com.au> | 1847 | Author: Darren Tucker <dtucker@zip.com.au> |
@@ -7369,1537 +9200,3 @@ Date: Fri Aug 1 12:26:49 2014 +1000 | |||
7369 | 9200 | ||
7370 | - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need | 9201 | - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need |
7371 | a better solution, but this will have to do for now. | 9202 | a better solution, but this will have to do for now. |
7372 | |||
7373 | commit 426117b2e965e43f47015942b5be8dd88fe74b88 | ||
7374 | Author: Damien Miller <djm@mindrot.org> | ||
7375 | Date: Wed Jul 30 12:33:20 2014 +1000 | ||
7376 | |||
7377 | - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 | ||
7378 | [sftp-server.8 sshd_config.5] | ||
7379 | some systems no longer need /dev/log; | ||
7380 | issue noticed by jirib; | ||
7381 | ok deraadt | ||
7382 | |||
7383 | commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5 | ||
7384 | Author: Damien Miller <djm@mindrot.org> | ||
7385 | Date: Wed Jul 30 12:32:46 2014 +1000 | ||
7386 | |||
7387 | - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 | ||
7388 | [ssh-agent.c] | ||
7389 | Clear buffer used for handling messages. This prevents keys being | ||
7390 | left in memory after they have been expired or deleted in some cases | ||
7391 | (but note that ssh-agent is setgid so you would still need root to | ||
7392 | access them). Pointed out by Kevin Burns, ok deraadt | ||
7393 | |||
7394 | commit a8a0f65c57c8ecba94d65948e9090da54014dfef | ||
7395 | Author: Damien Miller <djm@mindrot.org> | ||
7396 | Date: Wed Jul 30 12:32:28 2014 +1000 | ||
7397 | |||
7398 | - OpenBSD CVS Sync | ||
7399 | - millert@cvs.openbsd.org 2014/07/24 22:57:10 | ||
7400 | [ssh.1] | ||
7401 | Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ | ||
7402 | |||
7403 | commit 56b840f2b81e14a2f95c203403633a72566736f8 | ||
7404 | Author: Damien Miller <djm@mindrot.org> | ||
7405 | Date: Fri Jul 25 08:11:30 2014 +1000 | ||
7406 | |||
7407 | - (djm) [regress/multiplex.sh] restore incorrectly deleted line; | ||
7408 | pointed out by Christian Hesse | ||
7409 | |||
7410 | commit dd417b60d5ca220565d1014e92b7f8f43dc081eb | ||
7411 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7412 | Date: Wed Jul 23 10:41:21 2014 +1000 | ||
7413 | |||
7414 | - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 | ||
7415 | [regress/unittests/sshkey/testdata/*] | ||
7416 | Regenerate test keys with certs signed with ed25519 instead of ecdsa. | ||
7417 | These can be used in -portable on platforms that don't support ECDSA. | ||
7418 | |||
7419 | commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f | ||
7420 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7421 | Date: Wed Jul 23 10:35:45 2014 +1000 | ||
7422 | |||
7423 | - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 | ||
7424 | [regress/unittests/sshkey/mktestdata.sh] | ||
7425 | Add $OpenBSD tag to make syncs easier | ||
7426 | |||
7427 | commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a | ||
7428 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7429 | Date: Wed Jul 23 10:34:26 2014 +1000 | ||
7430 | |||
7431 | - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 | ||
7432 | [regress/unittests/sshkey/mktestdata.sh] | ||
7433 | Sign test certs with ed25519 instead of ecdsa so that they'll work in | ||
7434 | -portable on platforms that don't have ECDSA in their OpenSSL. ok djm | ||
7435 | |||
7436 | commit cea099a7c4eaecb01b001e5453bb4e5c25006c22 | ||
7437 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7438 | Date: Wed Jul 23 10:04:02 2014 +1000 | ||
7439 | |||
7440 | - djm@cvs.openbsd.org 2014/07/22 01:32:12 | ||
7441 | [regress/multiplex.sh] | ||
7442 | change the test for still-open Unix domain sockets to be robust against | ||
7443 | nc implementations that produce error messages. from -portable | ||
7444 | (Id sync only) | ||
7445 | |||
7446 | commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45 | ||
7447 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7448 | Date: Wed Jul 23 09:43:42 2014 +1000 | ||
7449 | |||
7450 | - guenther@cvs.openbsd.org 2014/07/22 07:13:42 | ||
7451 | [umac.c] | ||
7452 | Convert from <sys/endian.h> to the shiney new <endian.h> | ||
7453 | ok dtucker@, who also confirmed that -portable handles this already | ||
7454 | (ID sync only, includes.h pulls in endian.h if available.) | ||
7455 | |||
7456 | commit 820763efef2d19d965602533036c2b4badc9d465 | ||
7457 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7458 | Date: Wed Jul 23 09:40:46 2014 +1000 | ||
7459 | |||
7460 | - dtucker@cvs.openbsd.org 2014/07/22 01:18:50 | ||
7461 | [key.c] | ||
7462 | Prevent spam from key_load_private_pem during hostbased auth. ok djm@ | ||
7463 | |||
7464 | commit c4ee219a66f3190fa96cbd45b4d11015685c6306 | ||
7465 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7466 | Date: Wed Jul 23 04:27:50 2014 +1000 | ||
7467 | |||
7468 | - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa- | ||
7469 | specific tests inside OPENSSL_HAS_ECC. | ||
7470 | |||
7471 | commit 04f4824940ea3edd60835416ececbae16438968a | ||
7472 | Author: Damien Miller <djm@mindrot.org> | ||
7473 | Date: Tue Jul 22 11:31:47 2014 +1000 | ||
7474 | |||
7475 | - (djm) [regress/multiplex.sh] change the test for still-open Unix | ||
7476 | domain sockets to be robust against nc implementations that produce | ||
7477 | error messages. | ||
7478 | |||
7479 | commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796 | ||
7480 | Author: Damien Miller <djm@mindrot.org> | ||
7481 | Date: Tue Jul 22 09:39:19 2014 +1000 | ||
7482 | |||
7483 | - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow; | ||
7484 | put it back | ||
7485 | |||
7486 | commit 948a1774a79a85f9deba6d74db95f402dee32c69 | ||
7487 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7488 | Date: Tue Jul 22 01:07:11 2014 +1000 | ||
7489 | |||
7490 | - (dtucker) [sshkey.c] ifdef out unused variable when compiling without | ||
7491 | OPENSSL_HAS_ECC. | ||
7492 | |||
7493 | commit c8f610f6cc57ae129758052439d9baf13699097b | ||
7494 | Author: Damien Miller <djm@mindrot.org> | ||
7495 | Date: Mon Jul 21 10:23:27 2014 +1000 | ||
7496 | |||
7497 | - (djm) [regress/multiplex.sh] Not all netcat accept the -N option. | ||
7498 | |||
7499 | commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5 | ||
7500 | Author: Damien Miller <djm@mindrot.org> | ||
7501 | Date: Mon Jul 21 09:52:54 2014 +1000 | ||
7502 | |||
7503 | - millert@cvs.openbsd.org 2014/07/15 15:54:15 | ||
7504 | [forwarding.sh multiplex.sh] | ||
7505 | Add support for Unix domain socket forwarding. A remote TCP port | ||
7506 | may be forwarded to a local Unix domain socket and vice versa or | ||
7507 | both ends may be a Unix domain socket. This is a reimplementation | ||
7508 | of the streamlocal patches by William Ahern from: | ||
7509 | http://www.25thandclement.com/~william/projects/streamlocal.html | ||
7510 | OK djm@ markus@ | ||
7511 | |||
7512 | commit 93a87ab27ecdc709169fb24411133998f81e2761 | ||
7513 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7514 | Date: Mon Jul 21 06:30:25 2014 +1000 | ||
7515 | |||
7516 | - (dtucker) [regress/unittests/sshkey/ | ||
7517 | {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in | ||
7518 | ifdefs. | ||
7519 | |||
7520 | commit 5573171352ea23df2dc6d2fe0324d023b7ba697c | ||
7521 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7522 | Date: Mon Jul 21 02:24:59 2014 +1000 | ||
7523 | |||
7524 | - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits | ||
7525 | needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm | ||
7526 | |||
7527 | commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3 | ||
7528 | Author: Tim Rice <tim@multitalents.net> | ||
7529 | Date: Fri Jul 18 20:00:11 2014 -0700 | ||
7530 | |||
7531 | - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used | ||
7532 | in servconf.h. | ||
7533 | |||
7534 | commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613 | ||
7535 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7536 | Date: Sat Jul 19 07:23:55 2014 +1000 | ||
7537 | |||
7538 | - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC. | ||
7539 | |||
7540 | commit f0fe9ea1be62227c130b317769de3d1e736b6dc1 | ||
7541 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7542 | Date: Sat Jul 19 06:33:12 2014 +1000 | ||
7543 | |||
7544 | - (dtucker) [Makefile.in] Add a t-exec target to run just the executable | ||
7545 | tests. | ||
7546 | |||
7547 | commit 450bc1180d4b061434a4b733c5c8814fa30b022b | ||
7548 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7549 | Date: Sat Jul 19 06:23:18 2014 +1000 | ||
7550 | |||
7551 | - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used | ||
7552 | in servconf.h. | ||
7553 | |||
7554 | commit ab2ec586baad122ed169285c31927ccf58bc7b28 | ||
7555 | Author: Damien Miller <djm@mindrot.org> | ||
7556 | Date: Fri Jul 18 15:04:47 2014 +1000 | ||
7557 | |||
7558 | - djm@cvs.openbsd.org 2014/07/18 02:46:01 | ||
7559 | [ssh-agent.c] | ||
7560 | restore umask around listener socket creation (dropped in streamlocal patch | ||
7561 | merge) | ||
7562 | |||
7563 | commit 357610d15946381ae90c271837dcdd0cdce7145f | ||
7564 | Author: Damien Miller <djm@mindrot.org> | ||
7565 | Date: Fri Jul 18 15:04:10 2014 +1000 | ||
7566 | |||
7567 | - djm@cvs.openbsd.org 2014/07/17 07:22:19 | ||
7568 | [mux.c ssh.c] | ||
7569 | reflect stdio-forward ("ssh -W host:port ...") failures in exit status. | ||
7570 | previously we were always returning 0. bz#2255 reported by Brendan | ||
7571 | Germain; ok dtucker | ||
7572 | |||
7573 | commit dad9a4a0b7c2b5d78605f8df28718f116524134e | ||
7574 | Author: Damien Miller <djm@mindrot.org> | ||
7575 | Date: Fri Jul 18 15:03:49 2014 +1000 | ||
7576 | |||
7577 | - djm@cvs.openbsd.org 2014/07/17 00:12:03 | ||
7578 | [key.c] | ||
7579 | silence "incorrect passphrase" error spam; reported and ok dtucker@ | ||
7580 | |||
7581 | commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533 | ||
7582 | Author: Damien Miller <djm@mindrot.org> | ||
7583 | Date: Fri Jul 18 15:03:27 2014 +1000 | ||
7584 | |||
7585 | - djm@cvs.openbsd.org 2014/07/17 00:10:18 | ||
7586 | [mux.c] | ||
7587 | preserve errno across syscall | ||
7588 | |||
7589 | commit 1b83320628cb0733e3688b85bfe4d388a7c51909 | ||
7590 | Author: Damien Miller <djm@mindrot.org> | ||
7591 | Date: Fri Jul 18 15:03:02 2014 +1000 | ||
7592 | |||
7593 | - djm@cvs.openbsd.org 2014/07/17 00:10:56 | ||
7594 | [sandbox-systrace.c] | ||
7595 | ifdef SYS_sendsyslog so this will compile without patching on -stable | ||
7596 | |||
7597 | commit 6d57656331bcd754d912950e4a18ad259d596e61 | ||
7598 | Author: Damien Miller <djm@mindrot.org> | ||
7599 | Date: Fri Jul 18 15:02:06 2014 +1000 | ||
7600 | |||
7601 | - jmc@cvs.openbsd.org 2014/07/16 14:48:57 | ||
7602 | [ssh.1] | ||
7603 | add the streamlocal* options to ssh's -o list; millert says they're | ||
7604 | irrelevant for scp/sftp; | ||
7605 | |||
7606 | ok markus millert | ||
7607 | |||
7608 | commit 7acefbbcbeab725420ea07397ae35992f505f702 | ||
7609 | Author: Damien Miller <djm@mindrot.org> | ||
7610 | Date: Fri Jul 18 14:11:24 2014 +1000 | ||
7611 | |||
7612 | - millert@cvs.openbsd.org 2014/07/15 15:54:14 | ||
7613 | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | ||
7614 | [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] | ||
7615 | [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] | ||
7616 | [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] | ||
7617 | [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] | ||
7618 | [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] | ||
7619 | [sshd_config.5 sshlogin.c] | ||
7620 | Add support for Unix domain socket forwarding. A remote TCP port | ||
7621 | may be forwarded to a local Unix domain socket and vice versa or | ||
7622 | both ends may be a Unix domain socket. This is a reimplementation | ||
7623 | of the streamlocal patches by William Ahern from: | ||
7624 | http://www.25thandclement.com/~william/projects/streamlocal.html | ||
7625 | OK djm@ markus@ | ||
7626 | |||
7627 | commit 6262d760e00714523633bd989d62e273a3dca99a | ||
7628 | Author: Damien Miller <djm@mindrot.org> | ||
7629 | Date: Thu Jul 17 09:52:07 2014 +1000 | ||
7630 | |||
7631 | - tedu@cvs.openbsd.org 2014/07/11 13:54:34 | ||
7632 | [myproposal.h] | ||
7633 | by popular demand, add back hamc-sha1 to server proposal for better compat | ||
7634 | with many clients still in use. ok deraadt | ||
7635 | |||
7636 | commit 9d69d937b46ecba17f16d923e538ceda7b705c7a | ||
7637 | Author: Damien Miller <djm@mindrot.org> | ||
7638 | Date: Thu Jul 17 09:49:37 2014 +1000 | ||
7639 | |||
7640 | - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 | ||
7641 | [sandbox-systrace.c] | ||
7642 | Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking, | ||
7643 | update your kernels and sshd soon.. libc will start using sendsyslog() | ||
7644 | in about 4 days. | ||
7645 | |||
7646 | commit f6293a0b4129826fc2e37e4062f96825df43c326 | ||
7647 | Author: Damien Miller <djm@mindrot.org> | ||
7648 | Date: Thu Jul 17 09:01:25 2014 +1000 | ||
7649 | |||
7650 | - (djm) [digest-openssl.c] Preserve array order when disabling digests. | ||
7651 | Reported by Petr Lautrbach. | ||
7652 | |||
7653 | commit 00f9cd230709c04399ef5ff80492d70a55230694 | ||
7654 | Author: Damien Miller <djm@mindrot.org> | ||
7655 | Date: Tue Jul 15 10:41:38 2014 +1000 | ||
7656 | |||
7657 | - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto | ||
7658 | has been located; fixes builds agains libressl-portable | ||
7659 | |||
7660 | commit 1d0df3249c87019556b83306c28d4769375c2edc | ||
7661 | Author: Damien Miller <djm@mindrot.org> | ||
7662 | Date: Fri Jul 11 09:19:04 2014 +1000 | ||
7663 | |||
7664 | - OpenBSD CVS Sync | ||
7665 | - benno@cvs.openbsd.org 2014/07/09 14:15:56 | ||
7666 | [ssh-add.c] | ||
7667 | fix ssh-add crash while loading more than one key | ||
7668 | ok markus@ | ||
7669 | |||
7670 | commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d | ||
7671 | Author: Damien Miller <djm@mindrot.org> | ||
7672 | Date: Wed Jul 9 13:22:31 2014 +1000 | ||
7673 | |||
7674 | - djm@cvs.openbsd.org 2014/07/07 08:15:26 | ||
7675 | [multiplex.sh] | ||
7676 | remove forced-fatal that I stuck in there to test the new cleanup | ||
7677 | logic and forgot to remove... | ||
7678 | |||
7679 | commit 612f965239a30fe536b11ece1834d9f470aeb029 | ||
7680 | Author: Damien Miller <djm@mindrot.org> | ||
7681 | Date: Wed Jul 9 13:22:03 2014 +1000 | ||
7682 | |||
7683 | - djm@cvs.openbsd.org 2014/07/06 07:42:03 | ||
7684 | [multiplex.sh test-exec.sh] | ||
7685 | add a hook to the cleanup() function to kill $SSH_PID if it is set | ||
7686 | |||
7687 | use it to kill the mux master started in multiplex.sh (it was being left | ||
7688 | around on fatal failures) | ||
7689 | |||
7690 | commit d0bb950485ba121e43a77caf434115ed6417b46f | ||
7691 | Author: Damien Miller <djm@mindrot.org> | ||
7692 | Date: Wed Jul 9 13:07:28 2014 +1000 | ||
7693 | |||
7694 | - djm@cvs.openbsd.org 2014/07/09 03:02:15 | ||
7695 | [key.c] | ||
7696 | downgrade more error() to debug() to better match what old authfile.c | ||
7697 | did; suppresses spurious errors with hostbased authentication enabled | ||
7698 | |||
7699 | commit 0070776a038655c57f57e70cd05e4c38a5de9d84 | ||
7700 | Author: Damien Miller <djm@mindrot.org> | ||
7701 | Date: Wed Jul 9 13:07:06 2014 +1000 | ||
7702 | |||
7703 | - djm@cvs.openbsd.org 2014/07/09 01:45:10 | ||
7704 | [sftp.c] | ||
7705 | more useful error message when GLOB_NOSPACE occurs; | ||
7706 | bz#2254, patch from Orion Poplawski | ||
7707 | |||
7708 | commit 079bac2a43c74ef7cf56850afbab3b1932534c50 | ||
7709 | Author: Damien Miller <djm@mindrot.org> | ||
7710 | Date: Wed Jul 9 13:06:25 2014 +1000 | ||
7711 | |||
7712 | - djm@cvs.openbsd.org 2014/07/07 08:19:12 | ||
7713 | [ssh_config.5] | ||
7714 | mention that ProxyCommand is executed using shell "exec" to avoid | ||
7715 | a lingering process; bz#1977 | ||
7716 | |||
7717 | commit 3a48cc090096cf99b9de592deb5f90e444edebfb | ||
7718 | Author: Damien Miller <djm@mindrot.org> | ||
7719 | Date: Sun Jul 6 09:32:49 2014 +1000 | ||
7720 | |||
7721 | - djm@cvs.openbsd.org 2014/07/05 23:11:48 | ||
7722 | [channels.c] | ||
7723 | fix remote-forward cancel regression; ok markus@ | ||
7724 | |||
7725 | commit 48bae3a38cb578713e676708164f6e7151cc64fa | ||
7726 | Author: Damien Miller <djm@mindrot.org> | ||
7727 | Date: Sun Jul 6 09:27:06 2014 +1000 | ||
7728 | |||
7729 | - djm@cvs.openbsd.org 2014/07/03 23:18:35 | ||
7730 | [authfile.h] | ||
7731 | remove leakmalloc droppings | ||
7732 | |||
7733 | commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826 | ||
7734 | Author: Damien Miller <djm@mindrot.org> | ||
7735 | Date: Fri Jul 4 09:00:04 2014 +1000 | ||
7736 | |||
7737 | - djm@cvs.openbsd.org 2014/07/03 22:40:43 | ||
7738 | [servconf.c servconf.h session.c sshd.8 sshd_config.5] | ||
7739 | Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is | ||
7740 | executed, mirroring the no-user-rc authorized_keys option; | ||
7741 | bz#2160; ok markus@ | ||
7742 | |||
7743 | commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8 | ||
7744 | Author: Damien Miller <djm@mindrot.org> | ||
7745 | Date: Fri Jul 4 08:59:41 2014 +1000 | ||
7746 | |||
7747 | - djm@cvs.openbsd.org 2014/07/03 22:33:41 | ||
7748 | [channels.c] | ||
7749 | allow explicit ::1 and 127.0.0.1 forwarding bind addresses when | ||
7750 | GatewayPorts=no; allows client to choose address family; | ||
7751 | bz#2222 ok markus@ | ||
7752 | |||
7753 | commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983 | ||
7754 | Author: Damien Miller <djm@mindrot.org> | ||
7755 | Date: Fri Jul 4 08:59:24 2014 +1000 | ||
7756 | |||
7757 | - djm@cvs.openbsd.org 2014/07/03 22:23:46 | ||
7758 | [sshconnect.c] | ||
7759 | when rekeying, skip file/DNS lookup if it is the same as the key sent | ||
7760 | during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@ | ||
7761 | |||
7762 | commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd | ||
7763 | Author: Damien Miller <djm@mindrot.org> | ||
7764 | Date: Fri Jul 4 08:59:01 2014 +1000 | ||
7765 | |||
7766 | - jsing@cvs.openbsd.org 2014/07/03 12:42:16 | ||
7767 | [cipher-chachapoly.c] | ||
7768 | Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this | ||
7769 | makes it easier to verify that chacha_encrypt_bytes() is only called once | ||
7770 | per chacha_ivsetup() call. | ||
7771 | ok djm@ | ||
7772 | |||
7773 | commit 686feb560ec43a06ba04da82b50f3c183c947309 | ||
7774 | Author: Damien Miller <djm@mindrot.org> | ||
7775 | Date: Thu Jul 3 21:29:38 2014 +1000 | ||
7776 | |||
7777 | - djm@cvs.openbsd.org 2014/07/03 11:16:55 | ||
7778 | [auth.c auth.h auth1.c auth2.c] | ||
7779 | make the "Too many authentication failures" message include the | ||
7780 | user, source address, port and protocol in a format similar to the | ||
7781 | authentication success / failure messages; bz#2199, ok dtucker | ||
7782 | |||
7783 | commit 0f12341402e18fd9996ec23189b9418d2722453f | ||
7784 | Author: Damien Miller <djm@mindrot.org> | ||
7785 | Date: Thu Jul 3 21:28:09 2014 +1000 | ||
7786 | |||
7787 | - jmc@cvs.openbsd.org 2014/07/03 07:45:27 | ||
7788 | [ssh_config.5] | ||
7789 | escape %C since groff thinks it part of an Rs/Re block; | ||
7790 | |||
7791 | commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3 | ||
7792 | Author: Damien Miller <djm@mindrot.org> | ||
7793 | Date: Thu Jul 3 21:27:46 2014 +1000 | ||
7794 | |||
7795 | - djm@cvs.openbsd.org 2014/07/03 06:39:19 | ||
7796 | [ssh.c ssh_config.5] | ||
7797 | Add a %C escape sequence for LocalCommand and ControlPath that expands | ||
7798 | to a unique identifer based on a has of the tuple of (local host, | ||
7799 | remote user, hostname, port). | ||
7800 | |||
7801 | Helps avoid exceeding sockaddr_un's miserly pathname limits for mux | ||
7802 | control paths. | ||
7803 | |||
7804 | bz#2220, based on patch from mancha1 AT zoho.com; ok markus@ | ||
7805 | |||
7806 | commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830 | ||
7807 | Author: Damien Miller <djm@mindrot.org> | ||
7808 | Date: Thu Jul 3 21:26:42 2014 +1000 | ||
7809 | |||
7810 | - djm@cvs.openbsd.org 2014/07/03 05:38:17 | ||
7811 | [ssh.1] | ||
7812 | document that -g will only work in the multiplexed case if applied to | ||
7813 | the mux master | ||
7814 | |||
7815 | commit ef9f13ba4c58057b2166d1f2e790535da402fbe5 | ||
7816 | Author: Damien Miller <djm@mindrot.org> | ||
7817 | Date: Thu Jul 3 21:26:21 2014 +1000 | ||
7818 | |||
7819 | - djm@cvs.openbsd.org 2014/07/03 05:32:36 | ||
7820 | [ssh_config.5] | ||
7821 | mention '%%' escape sequence in HostName directives and how it may | ||
7822 | be used to specify IPv6 link-local addresses | ||
7823 | |||
7824 | commit e6a407789e5432dd2e53336fb73476cc69048c54 | ||
7825 | Author: Damien Miller <djm@mindrot.org> | ||
7826 | Date: Thu Jul 3 21:25:03 2014 +1000 | ||
7827 | |||
7828 | - djm@cvs.openbsd.org 2014/07/03 04:36:45 | ||
7829 | [digest.h] | ||
7830 | forward-declare struct sshbuf so consumers don't need to include sshbuf.h | ||
7831 | |||
7832 | commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919 | ||
7833 | Author: Damien Miller <djm@mindrot.org> | ||
7834 | Date: Thu Jul 3 21:24:40 2014 +1000 | ||
7835 | |||
7836 | - djm@cvs.openbsd.org 2014/07/03 03:47:27 | ||
7837 | [ssh-keygen.c] | ||
7838 | When hashing or removing hosts using ssh-keygen, don't choke on | ||
7839 | @revoked markers and don't remove @cert-authority markers; | ||
7840 | bz#2241, reported by mlindgren AT runelind.net | ||
7841 | |||
7842 | commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8 | ||
7843 | Author: Damien Miller <djm@mindrot.org> | ||
7844 | Date: Thu Jul 3 21:24:19 2014 +1000 | ||
7845 | |||
7846 | - djm@cvs.openbsd.org 2014/07/03 03:34:09 | ||
7847 | [gss-serv.c session.c ssh-keygen.c] | ||
7848 | standardise on NI_MAXHOST for gethostname() string lengths; about | ||
7849 | 1/2 the cases were using it already. Fixes bz#2239 en passant | ||
7850 | |||
7851 | commit c174a3b7c14e0d178c61219de2aa1110e209950c | ||
7852 | Author: Damien Miller <djm@mindrot.org> | ||
7853 | Date: Thu Jul 3 21:23:24 2014 +1000 | ||
7854 | |||
7855 | - djm@cvs.openbsd.org 2014/07/03 03:26:43 | ||
7856 | [digest-openssl.c] | ||
7857 | use EVP_Digest() for one-shot hash instead of creating, updating, | ||
7858 | finalising and destroying a context. | ||
7859 | bz#2231, based on patch from Timo Teras | ||
7860 | |||
7861 | commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5 | ||
7862 | Author: Damien Miller <djm@mindrot.org> | ||
7863 | Date: Thu Jul 3 21:23:01 2014 +1000 | ||
7864 | |||
7865 | - djm@cvs.openbsd.org 2014/07/03 03:15:01 | ||
7866 | [ssh-add.c] | ||
7867 | make stdout line-buffered; saves partial output getting lost when | ||
7868 | ssh-add fatal()s part-way through (e.g. when listing keys from an | ||
7869 | agent that supports key types that ssh-add doesn't); | ||
7870 | bz#2234, reported by Phil Pennock | ||
7871 | |||
7872 | commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba | ||
7873 | Author: Damien Miller <djm@mindrot.org> | ||
7874 | Date: Thu Jul 3 21:22:40 2014 +1000 | ||
7875 | |||
7876 | - djm@cvs.openbsd.org 2014/07/03 03:11:03 | ||
7877 | [ssh-agent.c] | ||
7878 | Only cleanup agent socket in the main agent process and not in any | ||
7879 | subprocesses it may have started (e.g. forked askpass). Fixes | ||
7880 | agent sockets being zapped when askpass processes fatal(); | ||
7881 | bz#2236 patch from Dmitry V. Levin | ||
7882 | |||
7883 | commit 61e28e55c3438d796b02ef878bcd28620d452670 | ||
7884 | Author: Damien Miller <djm@mindrot.org> | ||
7885 | Date: Thu Jul 3 21:22:22 2014 +1000 | ||
7886 | |||
7887 | - djm@cvs.openbsd.org 2014/07/03 01:45:38 | ||
7888 | [sshkey.c] | ||
7889 | make Ed25519 keys' title fit properly in the randomart border; bz#2247 | ||
7890 | based on patch from Christian Hesse | ||
7891 | |||
7892 | commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68 | ||
7893 | Author: Damien Miller <djm@mindrot.org> | ||
7894 | Date: Thu Jul 3 13:29:50 2014 +1000 | ||
7895 | |||
7896 | - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist; | ||
7897 | bz#2237 | ||
7898 | |||
7899 | commit 8da0fa24934501909408327298097b1629b89eaa | ||
7900 | Author: Damien Miller <djm@mindrot.org> | ||
7901 | Date: Thu Jul 3 11:54:19 2014 +1000 | ||
7902 | |||
7903 | - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto | ||
7904 | doesn't support it. | ||
7905 | |||
7906 | commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb | ||
7907 | Author: Damien Miller <djm@mindrot.org> | ||
7908 | Date: Wed Jul 2 17:45:55 2014 +1000 | ||
7909 | |||
7910 | - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test | ||
7911 | |||
7912 | commit 82b2482ce68654815ee049b9bf021bb362a35ff2 | ||
7913 | Author: Damien Miller <djm@mindrot.org> | ||
7914 | Date: Wed Jul 2 17:43:41 2014 +1000 | ||
7915 | |||
7916 | - (djm) [sshkey.c] Conditionalise inclusion of util.h | ||
7917 | |||
7918 | commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80 | ||
7919 | Author: Damien Miller <djm@mindrot.org> | ||
7920 | Date: Wed Jul 2 17:38:31 2014 +1000 | ||
7921 | |||
7922 | - djm@cvs.openbsd.org 2014/06/24 01:14:17 | ||
7923 | [Makefile.in regress/Makefile regress/unittests/Makefile] | ||
7924 | [regress/unittests/sshkey/Makefile] | ||
7925 | [regress/unittests/sshkey/common.c] | ||
7926 | [regress/unittests/sshkey/common.h] | ||
7927 | [regress/unittests/sshkey/mktestdata.sh] | ||
7928 | [regress/unittests/sshkey/test_file.c] | ||
7929 | [regress/unittests/sshkey/test_fuzz.c] | ||
7930 | [regress/unittests/sshkey/test_sshkey.c] | ||
7931 | [regress/unittests/sshkey/tests.c] | ||
7932 | [regress/unittests/sshkey/testdata/dsa_1] | ||
7933 | [regress/unittests/sshkey/testdata/dsa_1-cert.fp] | ||
7934 | [regress/unittests/sshkey/testdata/dsa_1-cert.pub] | ||
7935 | [regress/unittests/sshkey/testdata/dsa_1.fp] | ||
7936 | [regress/unittests/sshkey/testdata/dsa_1.fp.bb] | ||
7937 | [regress/unittests/sshkey/testdata/dsa_1.param.g] | ||
7938 | [regress/unittests/sshkey/testdata/dsa_1.param.priv] | ||
7939 | [regress/unittests/sshkey/testdata/dsa_1.param.pub] | ||
7940 | [regress/unittests/sshkey/testdata/dsa_1.pub] | ||
7941 | [regress/unittests/sshkey/testdata/dsa_1_pw] | ||
7942 | [regress/unittests/sshkey/testdata/dsa_2] | ||
7943 | [regress/unittests/sshkey/testdata/dsa_2.fp] | ||
7944 | [regress/unittests/sshkey/testdata/dsa_2.fp.bb] | ||
7945 | [regress/unittests/sshkey/testdata/dsa_2.pub] | ||
7946 | [regress/unittests/sshkey/testdata/dsa_n] | ||
7947 | [regress/unittests/sshkey/testdata/dsa_n_pw] | ||
7948 | [regress/unittests/sshkey/testdata/ecdsa_1] | ||
7949 | [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] | ||
7950 | [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] | ||
7951 | [regress/unittests/sshkey/testdata/ecdsa_1.fp] | ||
7952 | [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] | ||
7953 | [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] | ||
7954 | [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] | ||
7955 | [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] | ||
7956 | [regress/unittests/sshkey/testdata/ecdsa_1.pub] | ||
7957 | [regress/unittests/sshkey/testdata/ecdsa_1_pw] | ||
7958 | [regress/unittests/sshkey/testdata/ecdsa_2] | ||
7959 | [regress/unittests/sshkey/testdata/ecdsa_2.fp] | ||
7960 | [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] | ||
7961 | [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] | ||
7962 | [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] | ||
7963 | [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] | ||
7964 | [regress/unittests/sshkey/testdata/ecdsa_2.pub] | ||
7965 | [regress/unittests/sshkey/testdata/ecdsa_n] | ||
7966 | [regress/unittests/sshkey/testdata/ecdsa_n_pw] | ||
7967 | [regress/unittests/sshkey/testdata/ed25519_1] | ||
7968 | [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] | ||
7969 | [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] | ||
7970 | [regress/unittests/sshkey/testdata/ed25519_1.fp] | ||
7971 | [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] | ||
7972 | [regress/unittests/sshkey/testdata/ed25519_1.pub] | ||
7973 | [regress/unittests/sshkey/testdata/ed25519_1_pw] | ||
7974 | [regress/unittests/sshkey/testdata/ed25519_2] | ||
7975 | [regress/unittests/sshkey/testdata/ed25519_2.fp] | ||
7976 | [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] | ||
7977 | [regress/unittests/sshkey/testdata/ed25519_2.pub] | ||
7978 | [regress/unittests/sshkey/testdata/pw] | ||
7979 | [regress/unittests/sshkey/testdata/rsa1_1] | ||
7980 | [regress/unittests/sshkey/testdata/rsa1_1.fp] | ||
7981 | [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] | ||
7982 | [regress/unittests/sshkey/testdata/rsa1_1.param.n] | ||
7983 | [regress/unittests/sshkey/testdata/rsa1_1.pub] | ||
7984 | [regress/unittests/sshkey/testdata/rsa1_1_pw] | ||
7985 | [regress/unittests/sshkey/testdata/rsa1_2] | ||
7986 | [regress/unittests/sshkey/testdata/rsa1_2.fp] | ||
7987 | [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] | ||
7988 | [regress/unittests/sshkey/testdata/rsa1_2.param.n] | ||
7989 | [regress/unittests/sshkey/testdata/rsa1_2.pub] | ||
7990 | [regress/unittests/sshkey/testdata/rsa_1] | ||
7991 | [regress/unittests/sshkey/testdata/rsa_1-cert.fp] | ||
7992 | [regress/unittests/sshkey/testdata/rsa_1-cert.pub] | ||
7993 | [regress/unittests/sshkey/testdata/rsa_1.fp] | ||
7994 | [regress/unittests/sshkey/testdata/rsa_1.fp.bb] | ||
7995 | [regress/unittests/sshkey/testdata/rsa_1.param.n] | ||
7996 | [regress/unittests/sshkey/testdata/rsa_1.param.p] | ||
7997 | [regress/unittests/sshkey/testdata/rsa_1.param.q] | ||
7998 | [regress/unittests/sshkey/testdata/rsa_1.pub] | ||
7999 | [regress/unittests/sshkey/testdata/rsa_1_pw] | ||
8000 | [regress/unittests/sshkey/testdata/rsa_2] | ||
8001 | [regress/unittests/sshkey/testdata/rsa_2.fp] | ||
8002 | [regress/unittests/sshkey/testdata/rsa_2.fp.bb] | ||
8003 | [regress/unittests/sshkey/testdata/rsa_2.param.n] | ||
8004 | [regress/unittests/sshkey/testdata/rsa_2.param.p] | ||
8005 | [regress/unittests/sshkey/testdata/rsa_2.param.q] | ||
8006 | [regress/unittests/sshkey/testdata/rsa_2.pub] | ||
8007 | [regress/unittests/sshkey/testdata/rsa_n] | ||
8008 | [regress/unittests/sshkey/testdata/rsa_n_pw] | ||
8009 | unit and fuzz tests for new key API | ||
8010 | |||
8011 | commit c1dc24b71f087f385b92652b9673f52af64e0428 | ||
8012 | Author: Damien Miller <djm@mindrot.org> | ||
8013 | Date: Wed Jul 2 17:02:03 2014 +1000 | ||
8014 | |||
8015 | - djm@cvs.openbsd.org 2014/06/24 01:04:43 | ||
8016 | [regress/krl.sh] | ||
8017 | regress test for broken consecutive revoked serial number ranges | ||
8018 | |||
8019 | commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92 | ||
8020 | Author: Damien Miller <djm@mindrot.org> | ||
8021 | Date: Wed Jul 2 17:01:08 2014 +1000 | ||
8022 | |||
8023 | - djm@cvs.openbsd.org 2014/05/21 07:04:21 | ||
8024 | [regress/integrity.sh] | ||
8025 | when failing because of unexpected output, show the offending output | ||
8026 | |||
8027 | commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e | ||
8028 | Author: Damien Miller <djm@mindrot.org> | ||
8029 | Date: Wed Jul 2 15:38:05 2014 +1000 | ||
8030 | |||
8031 | - djm@cvs.openbsd.org 2014/04/30 05:32:00 | ||
8032 | [regress/Makefile] | ||
8033 | unit tests for new buffer API; including basic fuzz testing | ||
8034 | NB. Id sync only. | ||
8035 | |||
8036 | commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185 | ||
8037 | Author: Damien Miller <djm@mindrot.org> | ||
8038 | Date: Wed Jul 2 15:33:09 2014 +1000 | ||
8039 | |||
8040 | - djm@cvs.openbsd.org 2014/06/30 12:54:39 | ||
8041 | [key.c] | ||
8042 | suppress spurious error message when loading key with a passphrase; | ||
8043 | reported by kettenis@ ok markus@ | ||
8044 | - djm@cvs.openbsd.org 2014/07/02 04:59:06 | ||
8045 | [cipher-3des1.c] | ||
8046 | fix ssh protocol 1 on the server that regressed with the sshkey change | ||
8047 | (sometimes fatal() after auth completed), make file return useful status | ||
8048 | codes. | ||
8049 | NB. Id sync only for these two. They were bundled into the sshkey merge | ||
8050 | above, since it was easier to sync the entire file and then apply | ||
8051 | portable-specific changed atop it. | ||
8052 | |||
8053 | commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc | ||
8054 | Author: Damien Miller <djm@mindrot.org> | ||
8055 | Date: Wed Jul 2 15:30:00 2014 +1000 | ||
8056 | |||
8057 | - markus@cvs.openbsd.org 2014/06/27 18:50:39 | ||
8058 | [ssh-add.c] | ||
8059 | fix loading of private keys | ||
8060 | |||
8061 | commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82 | ||
8062 | Author: Damien Miller <djm@mindrot.org> | ||
8063 | Date: Wed Jul 2 15:29:40 2014 +1000 | ||
8064 | |||
8065 | - markus@cvs.openbsd.org 2014/06/27 16:41:56 | ||
8066 | [channels.c channels.h clientloop.c ssh.c] | ||
8067 | fix remote fwding with same listen port but different listen address | ||
8068 | with gerhard@, ok djm@ | ||
8069 | |||
8070 | commit 9e01ff28664921ce9b6500681333e42fb133b4d0 | ||
8071 | Author: Damien Miller <djm@mindrot.org> | ||
8072 | Date: Wed Jul 2 15:29:21 2014 +1000 | ||
8073 | |||
8074 | - deraadt@cvs.openbsd.org 2014/06/25 14:16:09 | ||
8075 | [sshbuf.c] | ||
8076 | unblock SIGSEGV before raising it | ||
8077 | ok djm | ||
8078 | |||
8079 | commit 1845fe6bda0729e52f4c645137f4fc3070b5438a | ||
8080 | Author: Damien Miller <djm@mindrot.org> | ||
8081 | Date: Wed Jul 2 15:29:01 2014 +1000 | ||
8082 | |||
8083 | - djm@cvs.openbsd.org 2014/06/24 02:21:01 | ||
8084 | [scp.c] | ||
8085 | when copying local->remote fails during read, don't send uninitialised | ||
8086 | heap to the remote end. Reported by Jann Horn | ||
8087 | |||
8088 | commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883 | ||
8089 | Author: Damien Miller <djm@mindrot.org> | ||
8090 | Date: Wed Jul 2 15:28:40 2014 +1000 | ||
8091 | |||
8092 | - djm@cvs.openbsd.org 2014/06/24 02:19:48 | ||
8093 | [ssh.c] | ||
8094 | don't fatal() when hostname canonicalisation fails with a | ||
8095 | ProxyCommand in use; continue and allow the ProxyCommand to | ||
8096 | connect anyway (e.g. to a host with a name outside the DNS | ||
8097 | behind a bastion) | ||
8098 | |||
8099 | commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8 | ||
8100 | Author: Damien Miller <djm@mindrot.org> | ||
8101 | Date: Wed Jul 2 15:28:02 2014 +1000 | ||
8102 | |||
8103 | - djm@cvs.openbsd.org 2014/06/24 01:13:21 | ||
8104 | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c | ||
8105 | [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c | ||
8106 | [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h | ||
8107 | [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h | ||
8108 | [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h | ||
8109 | [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c | ||
8110 | [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c | ||
8111 | [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c | ||
8112 | [sshconnect2.c sshd.c sshkey.c sshkey.h | ||
8113 | [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] | ||
8114 | New key API: refactor key-related functions to be more library-like, | ||
8115 | existing API is offered as a set of wrappers. | ||
8116 | |||
8117 | with and ok markus@ | ||
8118 | |||
8119 | Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew | ||
8120 | Dempsky and Ron Bowes for a detailed review a few months ago. | ||
8121 | |||
8122 | NB. This commit also removes portable OpenSSH support for OpenSSL | ||
8123 | <0.9.8e. | ||
8124 | |||
8125 | commit 2cd7929250cf9e9f658d70dcd452f529ba08c942 | ||
8126 | Author: Damien Miller <djm@mindrot.org> | ||
8127 | Date: Wed Jul 2 12:48:30 2014 +1000 | ||
8128 | |||
8129 | - djm@cvs.openbsd.org 2014/06/24 00:52:02 | ||
8130 | [krl.c] | ||
8131 | fix bug in KRL generation: multiple consecutive revoked certificate | ||
8132 | serial number ranges could be serialised to an invalid format. | ||
8133 | |||
8134 | Readers of a broken KRL caused by this bug will fail closed, so no | ||
8135 | should-have-been-revoked key will be accepted. | ||
8136 | |||
8137 | commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898 | ||
8138 | Author: Damien Miller <djm@mindrot.org> | ||
8139 | Date: Wed Jul 2 12:48:04 2014 +1000 | ||
8140 | |||
8141 | - naddy@cvs.openbsd.org 2014/06/18 15:42:09 | ||
8142 | [sshbuf-getput-crypto.c] | ||
8143 | The ssh_get_bignum functions must accept the same range of bignums | ||
8144 | the corresponding ssh_put_bignum functions create. This fixes the | ||
8145 | use of 16384-bit RSA keys (bug reported by Eivind Evensen). | ||
8146 | ok djm@ | ||
8147 | |||
8148 | commit 84a89161a9629239b64171ef3e22ef6a3e462d51 | ||
8149 | Author: Damien Miller <djm@mindrot.org> | ||
8150 | Date: Wed Jul 2 12:47:48 2014 +1000 | ||
8151 | |||
8152 | - matthew@cvs.openbsd.org 2014/06/18 02:59:13 | ||
8153 | [sandbox-systrace.c] | ||
8154 | Now that we have a dedicated getentropy(2) system call for | ||
8155 | arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace | ||
8156 | sandbox. | ||
8157 | |||
8158 | ok djm | ||
8159 | |||
8160 | commit 51504ceec627c0ad57b9f75585c7b3d277f326be | ||
8161 | Author: Damien Miller <djm@mindrot.org> | ||
8162 | Date: Wed Jul 2 12:47:25 2014 +1000 | ||
8163 | |||
8164 | - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 | ||
8165 | [sandbox-systrace.c] | ||
8166 | permit SYS_getentropy | ||
8167 | from matthew | ||
8168 | |||
8169 | commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88 | ||
8170 | Author: Tim Rice <tim@multitalents.net> | ||
8171 | Date: Wed Jun 18 16:17:28 2014 -0700 | ||
8172 | |||
8173 | - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare | ||
8174 | |||
8175 | commit 316fac6f18f87262a315c79bcf68b9f92c9337e4 | ||
8176 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8177 | Date: Tue Jun 17 23:06:07 2014 +1000 | ||
8178 | |||
8179 | - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} | ||
8180 | openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] | ||
8181 | Move the OpenSSL header/library version test into its own function and add | ||
8182 | tests for it. Fix it to allow fix version upgrades (but not downgrades). | ||
8183 | Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). | ||
8184 | ok djm@ chl@ | ||
8185 | |||
8186 | commit af665bb7b092a59104db1e65577851cf35b86e32 | ||
8187 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8188 | Date: Mon Jun 16 22:50:55 2014 +1000 | ||
8189 | |||
8190 | - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via | ||
8191 | OpenSMTPD and chl@ | ||
8192 | |||
8193 | commit f9696566fb41320820f3b257ab564fa321bb3751 | ||
8194 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8195 | Date: Fri Jun 13 11:06:04 2014 +1000 | ||
8196 | |||
8197 | - (dtucker) [configure.ac] Remove tcpwrappers support, support has already | ||
8198 | been removed from sshd.c. | ||
8199 | |||
8200 | commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc | ||
8201 | Author: Tim Rice <tim@multitalents.net> | ||
8202 | Date: Wed Jun 11 18:31:10 2014 -0700 | ||
8203 | |||
8204 | - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for | ||
8205 | u_intXX_t types. | ||
8206 | |||
8207 | commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37 | ||
8208 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8209 | Date: Thu Jun 12 05:32:29 2014 +1000 | ||
8210 | |||
8211 | - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*] | ||
8212 | Wrap stdlib.h include an ifdef for platforms that don't have it. | ||
8213 | |||
8214 | commit cf5392c2db2bb1dbef9818511d34056404436109 | ||
8215 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8216 | Date: Thu Jun 12 05:22:49 2014 +1000 | ||
8217 | |||
8218 | - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from | ||
8219 | openbsd-compat/bsd-asprintf.c. | ||
8220 | |||
8221 | commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd | ||
8222 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8223 | Date: Wed Jun 11 13:39:24 2014 +1000 | ||
8224 | |||
8225 | - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for | ||
8226 | compat stuff, specifically whether or not OpenSSL has ECC. | ||
8227 | |||
8228 | commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08 | ||
8229 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8230 | Date: Wed Jun 11 13:10:00 2014 +1000 | ||
8231 | |||
8232 | - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an | ||
8233 | assigment that might get optimized out. ok djm@ | ||
8234 | |||
8235 | commit b9609fd86c623d6d440e630f5f9a63295f7aea20 | ||
8236 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8237 | Date: Wed Jun 11 08:04:02 2014 +1000 | ||
8238 | |||
8239 | - (dtucker) [sshbuf.h] Only declare ECC functions if building without | ||
8240 | OpenSSL or if OpenSSL has ECC. | ||
8241 | |||
8242 | commit a54a040f66944c6e8913df8635a01a2327219be9 | ||
8243 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8244 | Date: Wed Jun 11 07:58:35 2014 +1000 | ||
8245 | |||
8246 | - dtucker@cvs.openbsd.org 2014/06/10 21:46:11 | ||
8247 | [sshbuf.h] | ||
8248 | Group ECC functions together to make things a little easier in -portable. | ||
8249 | "doesn't bother me" deraadt@ | ||
8250 | |||
8251 | commit 9f92c53bad04a89067756be8198d4ec2d8a08875 | ||
8252 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8253 | Date: Wed Jun 11 07:57:58 2014 +1000 | ||
8254 | |||
8255 | - djm@cvs.openbsd.org 2014/06/05 22:17:50 | ||
8256 | [sshconnect2.c] | ||
8257 | fix inverted test that caused PKCS#11 keys that were explicitly listed | ||
8258 | not to be preferred. Reported by Dirk-Willem van Gulik | ||
8259 | |||
8260 | commit 15c254a25394f96643da2ad0f674acdc51e89856 | ||
8261 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8262 | Date: Wed Jun 11 07:38:49 2014 +1000 | ||
8263 | |||
8264 | - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef | ||
8265 | ECC variable too. | ||
8266 | |||
8267 | commit d7af0cc5bf273eeed0897a99420bc26841d07d8f | ||
8268 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8269 | Date: Wed Jun 11 07:37:25 2014 +1000 | ||
8270 | |||
8271 | - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in | ||
8272 | the proposal if the version of OpenSSL we're using doesn't support ECC. | ||
8273 | |||
8274 | commit 67508ac2563c33d582be181a3e777c65f549d22f | ||
8275 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8276 | Date: Wed Jun 11 06:27:16 2014 +1000 | ||
8277 | |||
8278 | - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | ||
8279 | regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256 | ||
8280 | curve tests if OpenSSL has them. | ||
8281 | |||
8282 | commit 6482d90a65459a88c18c925368525855832272b3 | ||
8283 | Author: Damien Miller <djm@mindrot.org> | ||
8284 | Date: Tue May 27 14:34:42 2014 +1000 | ||
8285 | |||
8286 | - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] | ||
8287 | [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege | ||
8288 | separation user at runtime, since it may need to be a domain account. | ||
8289 | Patch from Corinna Vinschen. | ||
8290 | |||
8291 | commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc | ||
8292 | Author: Damien Miller <djm@mindrot.org> | ||
8293 | Date: Tue May 27 14:31:58 2014 +1000 | ||
8294 | |||
8295 | - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config | ||
8296 | from Corinna Vinschen, fixing a number of bugs and preparing for | ||
8297 | Cygwin 1.7.30. | ||
8298 | |||
8299 | commit eae88744662e6b149f43ef071657727f1a157d95 | ||
8300 | Author: Damien Miller <djm@mindrot.org> | ||
8301 | Date: Tue May 27 14:27:02 2014 +1000 | ||
8302 | |||
8303 | - (djm) [cipher.c] Fix merge botch. | ||
8304 | |||
8305 | commit 564b5e253c1d95c26a00e8288f0089a2571661c3 | ||
8306 | Author: Damien Miller <djm@mindrot.org> | ||
8307 | Date: Thu May 22 08:23:59 2014 +1000 | ||
8308 | |||
8309 | - (djm) [Makefile.in] typo in path | ||
8310 | |||
8311 | commit e84d10302aeaf7a1acb05c451f8718143656856a | ||
8312 | Author: Damien Miller <djm@mindrot.org> | ||
8313 | Date: Wed May 21 17:13:36 2014 +1000 | ||
8314 | |||
8315 | revert a diff I didn't mean to commit | ||
8316 | |||
8317 | commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50 | ||
8318 | Author: Damien Miller <djm@mindrot.org> | ||
8319 | Date: Wed May 21 17:12:53 2014 +1000 | ||
8320 | |||
8321 | - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC | ||
8322 | when it is available. It takes into account time spent suspended, | ||
8323 | thereby ensuring timeouts (e.g. for expiring agent keys) fire | ||
8324 | correctly. bz#2228 reported by John Haxby | ||
8325 | |||
8326 | commit 18912775cb97c0b1e75e838d3c7d4b56648137b5 | ||
8327 | Author: Damien Miller <djm@mindrot.org> | ||
8328 | Date: Wed May 21 17:06:46 2014 +1000 | ||
8329 | |||
8330 | - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use | ||
8331 | vhangup on Linux. It doens't work for non-root users, and for them | ||
8332 | it just messes up the tty settings. | ||
8333 | |||
8334 | commit 7f1c264d3049cd95234e91970ccb5406e1d15b27 | ||
8335 | Author: Damien Miller <djm@mindrot.org> | ||
8336 | Date: Thu May 15 18:01:52 2014 +1000 | ||
8337 | |||
8338 | - (djm) [sshbuf.c] need __predict_false | ||
8339 | |||
8340 | commit e7429f2be8643e1100380a8a7389d85cc286c8fe | ||
8341 | Author: Damien Miller <djm@mindrot.org> | ||
8342 | Date: Thu May 15 18:01:01 2014 +1000 | ||
8343 | |||
8344 | - (djm) [regress/Makefile Makefile.in] | ||
8345 | [regress/unittests/sshbuf/test_sshbuf.c | ||
8346 | [regress/unittests/sshbuf/test_sshbuf_fixed.c] | ||
8347 | [regress/unittests/sshbuf/test_sshbuf_fuzz.c] | ||
8348 | [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] | ||
8349 | [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] | ||
8350 | [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] | ||
8351 | [regress/unittests/sshbuf/test_sshbuf_misc.c] | ||
8352 | [regress/unittests/sshbuf/tests.c] | ||
8353 | [regress/unittests/test_helper/fuzz.c] | ||
8354 | [regress/unittests/test_helper/test_helper.c] | ||
8355 | Hook new unit tests into the build and "make tests" | ||
8356 | |||
8357 | commit def1de086707b0e6b046fe7e115c60aca0227a99 | ||
8358 | Author: Damien Miller <djm@mindrot.org> | ||
8359 | Date: Thu May 15 15:17:15 2014 +1000 | ||
8360 | |||
8361 | - (djm) [regress/unittests/Makefile] | ||
8362 | [regress/unittests/Makefile.inc] | ||
8363 | [regress/unittests/sshbuf/Makefile] | ||
8364 | [regress/unittests/sshbuf/test_sshbuf.c] | ||
8365 | [regress/unittests/sshbuf/test_sshbuf_fixed.c] | ||
8366 | [regress/unittests/sshbuf/test_sshbuf_fuzz.c] | ||
8367 | [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] | ||
8368 | [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] | ||
8369 | [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] | ||
8370 | [regress/unittests/sshbuf/test_sshbuf_misc.c] | ||
8371 | [regress/unittests/sshbuf/tests.c] | ||
8372 | [regress/unittests/test_helper/Makefile] | ||
8373 | [regress/unittests/test_helper/fuzz.c] | ||
8374 | [regress/unittests/test_helper/test_helper.c] | ||
8375 | [regress/unittests/test_helper/test_helper.h] | ||
8376 | Import new unit tests from OpenBSD; not yet hooked up to build. | ||
8377 | |||
8378 | commit 167685756fde8bc213a8df2c8e1848e312db0f46 | ||
8379 | Author: Damien Miller <djm@mindrot.org> | ||
8380 | Date: Thu May 15 15:08:40 2014 +1000 | ||
8381 | |||
8382 | - logan@cvs.openbsd.org 2014/05/04 10:40:59 | ||
8383 | [connect-privsep.sh] | ||
8384 | Remove the Z flag from the list of malloc options as it | ||
8385 | was removed from malloc.c 10 days ago. | ||
8386 | |||
8387 | OK from miod@ | ||
8388 | |||
8389 | commit d0b69fe90466920d69c96069312e24b581771bd7 | ||
8390 | Author: Damien Miller <djm@mindrot.org> | ||
8391 | Date: Thu May 15 15:08:19 2014 +1000 | ||
8392 | |||
8393 | - dtucker@cvs.openbsd.org 2014/05/03 18:46:14 | ||
8394 | [proxy-connect.sh] | ||
8395 | Add tests for with and without compression, with and without privsep. | ||
8396 | |||
8397 | commit edb1af50441d19fb2dd9ccb4d75bf14473fca584 | ||
8398 | Author: Damien Miller <djm@mindrot.org> | ||
8399 | Date: Thu May 15 15:07:53 2014 +1000 | ||
8400 | |||
8401 | - djm@cvs.openbsd.org 2014/04/21 22:15:37 | ||
8402 | [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh] | ||
8403 | repair regress tests broken by server-side default cipher/kex/mac changes | ||
8404 | by ensuring that the option under test is included in the server's | ||
8405 | algorithm list | ||
8406 | |||
8407 | commit 54343e95c70994695f8842fb22836321350198d3 | ||
8408 | Author: Damien Miller <djm@mindrot.org> | ||
8409 | Date: Thu May 15 15:07:33 2014 +1000 | ||
8410 | |||
8411 | - djm@cvs.openbsd.org 2014/03/13 20:44:49 | ||
8412 | [login-timeout.sh] | ||
8413 | this test is a sorry mess of race conditions; add another sleep | ||
8414 | to avoid a failure on slow machines (at least until I find a | ||
8415 | better way) | ||
8416 | |||
8417 | commit e5b9f0f2ee6e133894307e44e862b66426990733 | ||
8418 | Author: Damien Miller <djm@mindrot.org> | ||
8419 | Date: Thu May 15 14:58:07 2014 +1000 | ||
8420 | |||
8421 | - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] | ||
8422 | [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes | ||
8423 | |||
8424 | commit b9c566788a9ebd6a9d466f47a532124f111f0542 | ||
8425 | Author: Damien Miller <djm@mindrot.org> | ||
8426 | Date: Thu May 15 14:43:37 2014 +1000 | ||
8427 | |||
8428 | - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write | ||
8429 | portability glue to support building without libcrypto | ||
8430 | |||
8431 | commit 3dc27178b42234b653a32f7a87292d7994045ee3 | ||
8432 | Author: Damien Miller <djm@mindrot.org> | ||
8433 | Date: Thu May 15 14:37:59 2014 +1000 | ||
8434 | |||
8435 | - logan@cvs.openbsd.org 2014/05/05 07:02:30 | ||
8436 | [sftp.c] | ||
8437 | Zap extra whitespace. | ||
8438 | |||
8439 | OK from djm@ and dtucker@ | ||
8440 | |||
8441 | commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472 | ||
8442 | Author: Damien Miller <djm@mindrot.org> | ||
8443 | Date: Thu May 15 14:37:39 2014 +1000 | ||
8444 | |||
8445 | - markus@cvs.openbsd.org 2014/05/03 17:20:34 | ||
8446 | [monitor.c packet.c packet.h] | ||
8447 | unbreak compression, by re-init-ing the compression code in the | ||
8448 | post-auth child. the new buffer code is more strict, and requires | ||
8449 | buffer_init() while the old code was happy after a bzero(); | ||
8450 | originally from djm@ | ||
8451 | |||
8452 | commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733 | ||
8453 | Author: Damien Miller <djm@mindrot.org> | ||
8454 | Date: Thu May 15 14:37:03 2014 +1000 | ||
8455 | |||
8456 | - djm@cvs.openbsd.org 2014/05/02 03:27:54 | ||
8457 | [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] | ||
8458 | [misc.h poly1305.h ssh-pkcs11.c defines.h] | ||
8459 | revert __bounded change; it causes way more problems for portable than | ||
8460 | it solves; pointed out by dtucker@ | ||
8461 | |||
8462 | commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf | ||
8463 | Author: Damien Miller <djm@mindrot.org> | ||
8464 | Date: Thu May 15 14:35:03 2014 +1000 | ||
8465 | |||
8466 | - naddy@cvs.openbsd.org 2014/04/30 19:07:48 | ||
8467 | [mac.c myproposal.h umac.c] | ||
8468 | UMAC can use our local fallback implementation of AES when OpenSSL isn't | ||
8469 | available. Glue code straight from Ted Krovetz's original umac.c. | ||
8470 | ok markus@ | ||
8471 | |||
8472 | commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1 | ||
8473 | Author: Damien Miller <djm@mindrot.org> | ||
8474 | Date: Thu May 15 14:33:43 2014 +1000 | ||
8475 | |||
8476 | - djm@cvs.openbsd.org 2014/04/30 05:29:56 | ||
8477 | [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] | ||
8478 | [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] | ||
8479 | [ssherr.h] | ||
8480 | New buffer API; the first installment of the conversion/replacement | ||
8481 | of OpenSSH's internals to make them usable as a standalone library. | ||
8482 | |||
8483 | This includes a set of wrappers to make it compatible with the | ||
8484 | existing buffer API so replacement can occur incrementally. | ||
8485 | |||
8486 | With and ok markus@ | ||
8487 | |||
8488 | Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew | ||
8489 | Dempsky and Ron Bowes for a detailed review. | ||
8490 | |||
8491 | commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b | ||
8492 | Author: Damien Miller <djm@mindrot.org> | ||
8493 | Date: Thu May 15 14:25:18 2014 +1000 | ||
8494 | |||
8495 | - dtucker@cvs.openbsd.org 2014/04/29 20:36:51 | ||
8496 | [sftp.c] | ||
8497 | Don't attempt to append a nul quote char to the filename. Should prevent | ||
8498 | fatal'ing with "el_insertstr failed" when there's a single quote char | ||
8499 | somewhere in the string. bz#2238, ok markus@ | ||
8500 | |||
8501 | commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f | ||
8502 | Author: Damien Miller <djm@mindrot.org> | ||
8503 | Date: Thu May 15 14:24:59 2014 +1000 | ||
8504 | |||
8505 | - dtucker@cvs.openbsd.org 2014/04/29 19:58:50 | ||
8506 | [sftp.c] | ||
8507 | Move nulling of variable next to where it's freed. ok markus@ | ||
8508 | |||
8509 | commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 | ||
8510 | Author: Damien Miller <djm@mindrot.org> | ||
8511 | Date: Thu May 15 14:24:09 2014 +1000 | ||
8512 | |||
8513 | - markus@cvs.openbsd.org 2014/04/29 18:01:49 | ||
8514 | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] | ||
8515 | [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] | ||
8516 | [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] | ||
8517 | [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] | ||
8518 | make compiling against OpenSSL optional (make OPENSSL=no); | ||
8519 | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; | ||
8520 | allows us to explore further options; with and ok djm | ||
8521 | |||
8522 | commit c5893785564498cea73cb60d2cf199490483e080 | ||
8523 | Author: Damien Miller <djm@mindrot.org> | ||
8524 | Date: Thu May 15 13:48:49 2014 +1000 | ||
8525 | |||
8526 | - djm@cvs.openbsd.org 2014/04/29 13:10:30 | ||
8527 | [clientloop.c serverloop.c] | ||
8528 | bz#1818 - don't send channel success/failre replies on channels that | ||
8529 | have sent a close already; analysis and patch from Simon Tatham; | ||
8530 | ok markus@ | ||
8531 | |||
8532 | commit 633de33b192d808d87537834c316dc8b75fe1880 | ||
8533 | Author: Damien Miller <djm@mindrot.org> | ||
8534 | Date: Thu May 15 13:48:26 2014 +1000 | ||
8535 | |||
8536 | - djm@cvs.openbsd.org 2014/04/28 03:09:18 | ||
8537 | [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] | ||
8538 | [ssh-keygen.c] | ||
8539 | buffer_get_string_ptr's return should be const to remind | ||
8540 | callers that futzing with it will futz with the actual buffer | ||
8541 | contents | ||
8542 | |||
8543 | commit 15271907843e4ae50dcfc83b3594014cf5e9607b | ||
8544 | Author: Damien Miller <djm@mindrot.org> | ||
8545 | Date: Thu May 15 13:47:56 2014 +1000 | ||
8546 | |||
8547 | - djm@cvs.openbsd.org 2014/04/23 12:42:34 | ||
8548 | [readconf.c] | ||
8549 | don't record duplicate IdentityFiles | ||
8550 | |||
8551 | commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7 | ||
8552 | Author: Damien Miller <djm@mindrot.org> | ||
8553 | Date: Thu May 15 13:47:37 2014 +1000 | ||
8554 | |||
8555 | - jmc@cvs.openbsd.org 2014/04/22 14:16:30 | ||
8556 | [sftp.1] | ||
8557 | zap eol whitespace; | ||
8558 | |||
8559 | commit d875ff78d2b8436807381051de112f0ebf9b9ae1 | ||
8560 | Author: Damien Miller <djm@mindrot.org> | ||
8561 | Date: Thu May 15 13:47:15 2014 +1000 | ||
8562 | |||
8563 | - logan@cvs.openbsd.org 2014/04/22 12:42:04 | ||
8564 | [sftp.1] | ||
8565 | Document sftp upload resume. | ||
8566 | OK from djm@, with feedback from okan@. | ||
8567 | |||
8568 | commit b15cd7bb097fd80dc99520f45290ef775da1ef19 | ||
8569 | Author: Damien Miller <djm@mindrot.org> | ||
8570 | Date: Thu May 15 13:46:52 2014 +1000 | ||
8571 | |||
8572 | - logan@cvs.openbsd.org 2014/04/22 10:07:12 | ||
8573 | [sftp.c] | ||
8574 | Sort the sftp command list. | ||
8575 | OK from djm@ | ||
8576 | |||
8577 | commit d8accc0aa72656ba63d50937165c5ae49db1dcd6 | ||
8578 | Author: Damien Miller <djm@mindrot.org> | ||
8579 | Date: Thu May 15 13:46:25 2014 +1000 | ||
8580 | |||
8581 | - logan@cvs.openbsd.org 2014/04/21 14:36:16 | ||
8582 | [sftp-client.c sftp-client.h sftp.c] | ||
8583 | Implement sftp upload resume support. | ||
8584 | OK from djm@, with input from guenther@, mlarkin@ and | ||
8585 | okan@ | ||
8586 | |||
8587 | commit 16cd3928a87d20c77b13592a74b60b08621d3ce6 | ||
8588 | Author: Damien Miller <djm@mindrot.org> | ||
8589 | Date: Thu May 15 13:45:58 2014 +1000 | ||
8590 | |||
8591 | - logan@cvs.openbsd.org 2014/04/20 09:24:26 | ||
8592 | [dns.c dns.h ssh-keygen.c] | ||
8593 | Add support for SSHFP DNS records for ED25519 key types. | ||
8594 | OK from djm@ | ||
8595 | |||
8596 | commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea | ||
8597 | Author: Damien Miller <djm@mindrot.org> | ||
8598 | Date: Thu May 15 13:45:26 2014 +1000 | ||
8599 | |||
8600 | - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine | ||
8601 | OpenBSD | ||
8602 | |||
8603 | commit f028460d0b2e5a584355321015cde69bf6fd933e | ||
8604 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8605 | Date: Thu May 1 02:24:35 2014 +1000 | ||
8606 | |||
8607 | - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already | ||
8608 | have it. Only attempt to use __attribute__(__bounded__) for gcc. | ||
8609 | |||
8610 | commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf | ||
8611 | Author: Damien Miller <djm@mindrot.org> | ||
8612 | Date: Sun Apr 20 13:33:58 2014 +1000 | ||
8613 | |||
8614 | - djm@cvs.openbsd.org 2014/04/20 02:49:32 | ||
8615 | [compat.c] | ||
8616 | add a canonical 6.6 + curve25519 bignum fix fake version that I can | ||
8617 | recommend people use ahead of the openssh-6.7 release | ||
8618 | |||
8619 | commit 888566913933a802f3a329ace123ebcb7154cf78 | ||
8620 | Author: Damien Miller <djm@mindrot.org> | ||
8621 | Date: Sun Apr 20 13:33:19 2014 +1000 | ||
8622 | |||
8623 | - djm@cvs.openbsd.org 2014/04/20 02:30:25 | ||
8624 | [misc.c misc.h umac.c] | ||
8625 | use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on | ||
8626 | strict-alignment architectures; reported by and ok stsp@ | ||
8627 | |||
8628 | commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d | ||
8629 | Author: Damien Miller <djm@mindrot.org> | ||
8630 | Date: Sun Apr 20 13:29:28 2014 +1000 | ||
8631 | |||
8632 | - tedu@cvs.openbsd.org 2014/04/19 18:42:19 | ||
8633 | [ssh.1] | ||
8634 | delete .xr to hosts.equiv. there's still an unfortunate amount of | ||
8635 | documentation referring to rhosts equivalency in here. | ||
8636 | |||
8637 | commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4 | ||
8638 | Author: Damien Miller <djm@mindrot.org> | ||
8639 | Date: Sun Apr 20 13:29:06 2014 +1000 | ||
8640 | |||
8641 | - tedu@cvs.openbsd.org 2014/04/19 18:15:16 | ||
8642 | [sshd.8] | ||
8643 | remove some really old rsh references | ||
8644 | |||
8645 | commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e | ||
8646 | Author: Damien Miller <djm@mindrot.org> | ||
8647 | Date: Sun Apr 20 13:27:53 2014 +1000 | ||
8648 | |||
8649 | - tedu@cvs.openbsd.org 2014/04/19 14:53:48 | ||
8650 | [ssh-keysign.c sshd.c] | ||
8651 | Delete futile calls to RAND_seed. ok djm | ||
8652 | NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon | ||
8653 | |||
8654 | commit 0e6b67423b8662f9ca4c92750309e144fd637ef1 | ||
8655 | Author: Damien Miller <djm@mindrot.org> | ||
8656 | Date: Sun Apr 20 13:27:01 2014 +1000 | ||
8657 | |||
8658 | - djm@cvs.openbsd.org 2014/04/19 05:54:59 | ||
8659 | [compat.c] | ||
8660 | missing wildcard; pointed out by naddy@ | ||
8661 | |||
8662 | commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5 | ||
8663 | Author: Damien Miller <djm@mindrot.org> | ||
8664 | Date: Sun Apr 20 13:25:30 2014 +1000 | ||
8665 | |||
8666 | - djm@cvs.openbsd.org 2014/04/18 23:52:25 | ||
8667 | [compat.c compat.h sshconnect2.c sshd.c version.h] | ||
8668 | OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections | ||
8669 | using the curve25519-sha256@libssh.org KEX exchange method to fail | ||
8670 | when connecting with something that implements the spec properly. | ||
8671 | |||
8672 | Disable this KEX method when speaking to one of the affected | ||
8673 | versions. | ||
8674 | |||
8675 | reported by Aris Adamantiadis; ok markus@ | ||
8676 | |||
8677 | commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d | ||
8678 | Author: Damien Miller <djm@mindrot.org> | ||
8679 | Date: Sun Apr 20 13:25:09 2014 +1000 | ||
8680 | |||
8681 | - djm@cvs.openbsd.org 2014/04/16 23:28:12 | ||
8682 | [ssh-agent.1] | ||
8683 | remove the identity files from this manpage - ssh-agent doesn't deal | ||
8684 | with them at all and the same information is duplicated in ssh-add.1 | ||
8685 | (which does deal with them); prodded by deraadt@ | ||
8686 | |||
8687 | commit adbfdbbdccc70c9bd70d81ae096db115445c6e26 | ||
8688 | Author: Damien Miller <djm@mindrot.org> | ||
8689 | Date: Sun Apr 20 13:24:49 2014 +1000 | ||
8690 | |||
8691 | - djm@cvs.openbsd.org 2014/04/16 23:22:45 | ||
8692 | [bufaux.c] | ||
8693 | skip leading zero bytes in buffer_put_bignum2_from_string(); | ||
8694 | reported by jan AT mojzis.com; ok markus@ | ||
8695 | |||
8696 | commit 75c62728dc87af6805696eeb520b9748faa136c8 | ||
8697 | Author: Damien Miller <djm@mindrot.org> | ||
8698 | Date: Sun Apr 20 13:24:31 2014 +1000 | ||
8699 | |||
8700 | - djm@cvs.openbsd.org 2014/04/12 04:55:53 | ||
8701 | [sshd.c] | ||
8702 | avoid crash at exit: check that pmonitor!=NULL before dereferencing; | ||
8703 | bz#2225, patch from kavi AT juniper.net | ||
8704 | |||
8705 | commit 2a328437fb1b0976f2f4522d8645803d5a5d0967 | ||
8706 | Author: Damien Miller <djm@mindrot.org> | ||
8707 | Date: Sun Apr 20 13:24:01 2014 +1000 | ||
8708 | |||
8709 | - djm@cvs.openbsd.org 2014/04/01 05:32:57 | ||
8710 | [packet.c] | ||
8711 | demote a debug3 to PACKET_DEBUG; ok markus@ | ||
8712 | |||
8713 | commit 7d6a9fb660c808882d064e152d6070ffc3844c3f | ||
8714 | Author: Damien Miller <djm@mindrot.org> | ||
8715 | Date: Sun Apr 20 13:23:43 2014 +1000 | ||
8716 | |||
8717 | - djm@cvs.openbsd.org 2014/04/01 03:34:10 | ||
8718 | [sshconnect.c] | ||
8719 | When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any | ||
8720 | certificate keys to plain keys and attempt SSHFP resolution. | ||
8721 | |||
8722 | Prevents a server from skipping SSHFP lookup and forcing a new-hostkey | ||
8723 | dialog by offering only certificate keys. | ||
8724 | |||
8725 | Reported by mcv21 AT cam.ac.uk | ||
8726 | |||
8727 | commit fcd62c0b66b8415405ed0af29c236329eb88cc0f | ||
8728 | Author: Damien Miller <djm@mindrot.org> | ||
8729 | Date: Sun Apr 20 13:23:21 2014 +1000 | ||
8730 | |||
8731 | - djm@cvs.openbsd.org 2014/04/01 02:05:27 | ||
8732 | [ssh-keysign.c] | ||
8733 | include fingerprint of key not found | ||
8734 | use arc4random_buf() instead of loop+arc4random() | ||
8735 | |||
8736 | commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46 | ||
8737 | Author: Damien Miller <djm@mindrot.org> | ||
8738 | Date: Sun Apr 20 13:23:03 2014 +1000 | ||
8739 | |||
8740 | - jmc@cvs.openbsd.org 2014/03/31 13:39:34 | ||
8741 | [ssh-keygen.1] | ||
8742 | the text for the -K option was inserted in the wrong place in -r1.108; | ||
8743 | fix From: Matthew Clarke | ||
8744 | |||
8745 | commit c1621c84f2dc1279065ab9fde2aa9327af418900 | ||
8746 | Author: Damien Miller <djm@mindrot.org> | ||
8747 | Date: Sun Apr 20 13:22:46 2014 +1000 | ||
8748 | |||
8749 | - naddy@cvs.openbsd.org 2014/03/28 05:17:11 | ||
8750 | [ssh_config.5 sshd_config.5] | ||
8751 | sync available and default algorithms, improve algorithm list formatting | ||
8752 | help from jmc@ and schwarze@, ok deraadt@ | ||
8753 | |||
8754 | commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054 | ||
8755 | Author: Damien Miller <djm@mindrot.org> | ||
8756 | Date: Sun Apr 20 13:22:18 2014 +1000 | ||
8757 | |||
8758 | - tedu@cvs.openbsd.org 2014/03/26 19:58:37 | ||
8759 | [sshd.8 sshd.c] | ||
8760 | remove libwrap support. ok deraadt djm mfriedl | ||
8761 | |||
8762 | commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391 | ||
8763 | Author: Damien Miller <djm@mindrot.org> | ||
8764 | Date: Sun Apr 20 13:21:22 2014 +1000 | ||
8765 | |||
8766 | - djm@cvs.openbsd.org 2014/03/26 04:55:35 | ||
8767 | [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c | ||
8768 | [misc.h poly1305.h ssh-pkcs11.c] | ||
8769 | use __bounded(...) attribute recently added to sys/cdefs.h instead of | ||
8770 | longform __attribute__(__bounded(...)); | ||
8771 | |||
8772 | for brevity and a warning free compilation with llvm/clang | ||
8773 | |||
8774 | commit 9235a030ad1b16903fb495d81544e0f7c7449523 | ||
8775 | Author: Damien Miller <djm@mindrot.org> | ||
8776 | Date: Sun Apr 20 13:17:20 2014 +1000 | ||
8777 | |||
8778 | Three commits in one (since they touch the same heavily-diverged file | ||
8779 | repeatedly): | ||
8780 | |||
8781 | - markus@cvs.openbsd.org 2014/03/25 09:40:03 | ||
8782 | [myproposal.h] | ||
8783 | trimm default proposals. | ||
8784 | |||
8785 | This commit removes the weaker pre-SHA2 hashes, the broken ciphers | ||
8786 | (arcfour), and the broken modes (CBC) from the default configuration | ||
8787 | (the patch only changes the default, all the modes are still available | ||
8788 | for the config files). | ||
8789 | |||
8790 | ok djm@, reminded by tedu@ & naddy@ and discussed with many | ||
8791 | - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 | ||
8792 | [myproposal.h] | ||
8793 | The current sharing of myproposal[] between both client and server code | ||
8794 | makes the previous diff highly unpallatable. We want to go in that | ||
8795 | direction for the server, but not for the client. Sigh. | ||
8796 | Brought up by naddy. | ||
8797 | - markus@cvs.openbsd.org 2014/03/27 23:01:27 | ||
8798 | [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] | ||
8799 | disable weak proposals in sshd, but keep them in ssh; ok djm@ | ||
8800 | |||
8801 | commit 6e1777f592f15f4559728c78204617537b1ac076 | ||
8802 | Author: Damien Miller <djm@mindrot.org> | ||
8803 | Date: Sun Apr 20 13:02:58 2014 +1000 | ||
8804 | |||
8805 | - tedu@cvs.openbsd.org 2014/03/19 14:42:44 | ||
8806 | [scp.1] | ||
8807 | there is no need for rcp anymore | ||
8808 | ok deraadt millert | ||
8809 | |||
8810 | commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887 | ||
8811 | Author: Damien Miller <djm@mindrot.org> | ||
8812 | Date: Sun Apr 20 13:02:26 2014 +1000 | ||
8813 | |||
8814 | - tedu@cvs.openbsd.org 2014/03/17 19:44:10 | ||
8815 | [ssh.1] | ||
8816 | old descriptions of des and blowfish are old. maybe ok deraadt | ||
8817 | |||
8818 | commit f0858de6e1324ec730752387074b111b8551081e | ||
8819 | Author: Damien Miller <djm@mindrot.org> | ||
8820 | Date: Sun Apr 20 13:01:30 2014 +1000 | ||
8821 | |||
8822 | - deraadt@cvs.openbsd.org 2014/03/15 17:28:26 | ||
8823 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c] | ||
8824 | Improve usage() and documentation towards the standard form. | ||
8825 | In particular, this line saves a lot of man page reading time. | ||
8826 | usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] | ||
8827 | [-N new_passphrase] [-C comment] [-f output_keyfile] | ||
8828 | ok schwarze jmc | ||
8829 | |||
8830 | commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa | ||
8831 | Author: Damien Miller <djm@mindrot.org> | ||
8832 | Date: Sun Apr 20 13:00:51 2014 +1000 | ||
8833 | |||
8834 | - naddy@cvs.openbsd.org 2014/03/12 13:06:59 | ||
8835 | [ssh-keyscan.1] | ||
8836 | scan for Ed25519 keys by default too | ||
8837 | |||
8838 | commit 3819519288b2b3928c6882f5883b0f55148f4fc0 | ||
8839 | Author: Damien Miller <djm@mindrot.org> | ||
8840 | Date: Sun Apr 20 13:00:28 2014 +1000 | ||
8841 | |||
8842 | - djm@cvs.openbsd.org 2014/03/12 04:51:12 | ||
8843 | [authfile.c] | ||
8844 | correct test that kdf name is not "none" or "bcrypt" | ||
8845 | |||
8846 | commit 8f9cd709c7cf0655d414306a0ed28306b33802be | ||
8847 | Author: Damien Miller <djm@mindrot.org> | ||
8848 | Date: Sun Apr 20 13:00:11 2014 +1000 | ||
8849 | |||
8850 | - djm@cvs.openbsd.org 2014/03/12 04:50:32 | ||
8851 | [auth-bsdauth.c ssh-keygen.c] | ||
8852 | don't count on things that accept arguments by reference to clear | ||
8853 | things for us on error; most things do, but it's unsafe form. | ||
8854 | |||
8855 | commit 1c7ef4be83f6dec84509a312518b9df00ab491d9 | ||
8856 | Author: Damien Miller <djm@mindrot.org> | ||
8857 | Date: Sun Apr 20 12:59:46 2014 +1000 | ||
8858 | |||
8859 | - djm@cvs.openbsd.org 2014/03/12 04:44:58 | ||
8860 | [ssh-keyscan.c] | ||
8861 | scan for Ed25519 keys by default too | ||
8862 | |||
8863 | commit c10bf4d051c97939b30a1616c0499310057d07da | ||
8864 | Author: Damien Miller <djm@mindrot.org> | ||
8865 | Date: Sun Apr 20 12:58:04 2014 +1000 | ||
8866 | |||
8867 | - djm@cvs.openbsd.org 2014/03/03 22:22:30 | ||
8868 | [session.c] | ||
8869 | ignore enviornment variables with embedded '=' or '\0' characters; | ||
8870 | spotted by Jann Horn; ok deraadt@ | ||
8871 | Id sync only - portable already has this. | ||
8872 | |||
8873 | commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e | ||
8874 | Author: Damien Miller <djm@mindrot.org> | ||
8875 | Date: Tue Apr 1 14:42:46 2014 +1100 | ||
8876 | |||
8877 | - (djm) Use full release (e.g. 6.5p1) in debug output rather than just | ||
8878 | version. From des@des.no | ||
8879 | |||
8880 | commit 14928b7492abec82afa4c2b778fc03f78cd419b6 | ||
8881 | Author: Damien Miller <djm@mindrot.org> | ||
8882 | Date: Tue Apr 1 14:38:07 2014 +1100 | ||
8883 | |||
8884 | - (djm) On platforms that support it, use prctl() to prevent sftp-server | ||
8885 | from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net | ||
8886 | |||
8887 | commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8 | ||
8888 | Author: Damien Miller <djm@mindrot.org> | ||
8889 | Date: Mon Mar 17 14:45:56 2014 +1100 | ||
8890 | |||
8891 | - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to | ||
8892 | remind myself to add sandbox violation logging via the log socket. | ||
8893 | |||
8894 | commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705 | ||
8895 | Author: Tim Rice <tim@multitalents.net> | ||
8896 | Date: Fri Mar 14 12:45:01 2014 -0700 | ||
8897 | |||
8898 | 20140314 | ||
8899 | - (tim) [opensshd.init.in] Add support for ed25519 | ||
8900 | |||
8901 | commit 19158b2447e35838d69b2b735fb640d1e86061ea | ||
8902 | Author: Damien Miller <djm@mindrot.org> | ||
8903 | Date: Thu Mar 13 13:14:21 2014 +1100 | ||
8904 | |||
8905 | - (djm) Release OpenSSH 6.6 | ||
@@ -7,14 +7,15 @@ OpenSSL) | |||
7 | Zlib 1.1.4 or 1.2.1.2 or greater (ealier 1.2.x versions have problems): | 7 | Zlib 1.1.4 or 1.2.1.2 or greater (ealier 1.2.x versions have problems): |
8 | http://www.gzip.org/zlib/ | 8 | http://www.gzip.org/zlib/ |
9 | 9 | ||
10 | libcrypto (LibreSSL or OpenSSL >= 0.9.8f) | 10 | libcrypto (LibreSSL or OpenSSL >= 0.9.8f < 1.1.0) |
11 | LibreSSL http://www.libressl.org/ ; or | 11 | LibreSSL http://www.libressl.org/ ; or |
12 | OpenSSL http://www.openssl.org/ | 12 | OpenSSL http://www.openssl.org/ |
13 | 13 | ||
14 | LibreSSL/OpenSSL should be compiled as a position-independent library | 14 | LibreSSL/OpenSSL should be compiled as a position-independent library |
15 | (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it. | 15 | (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it. |
16 | If you must use a non-position-independent libcrypto, then you may need | 16 | If you must use a non-position-independent libcrypto, then you may need |
17 | to configure OpenSSH --without-pie. | 17 | to configure OpenSSH --without-pie. Note that because of API changes, |
18 | OpenSSL 1.1.x is not currently supported. | ||
18 | 19 | ||
19 | The remaining items are optional. | 20 | The remaining items are optional. |
20 | 21 | ||
diff --git a/Makefile.in b/Makefile.in index 85cde7fc4..21948dd7d 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -82,7 +82,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | |||
82 | compat.o crc32.o deattack.o fatal.o hostfile.o \ | 82 | compat.o crc32.o deattack.o fatal.o hostfile.o \ |
83 | log.o match.o md-sha256.o moduli.o nchan.o packet.o opacket.o \ | 83 | log.o match.o md-sha256.o moduli.o nchan.o packet.o opacket.o \ |
84 | readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ | 84 | readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ |
85 | atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \ | 85 | atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf8.o \ |
86 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ | 86 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ |
87 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ | 87 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ |
88 | ssh-pkcs11.o smult_curve25519_ref.o \ | 88 | ssh-pkcs11.o smult_curve25519_ref.o \ |
@@ -93,7 +93,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | |||
93 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ | 93 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ |
94 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ | 94 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ |
95 | kexgssc.o \ | 95 | kexgssc.o \ |
96 | platform-pledge.o | 96 | platform-pledge.o platform-tracing.o |
97 | 97 | ||
98 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ | 98 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ |
99 | sshconnect.o sshconnect1.o sshconnect2.o mux.o | 99 | sshconnect.o sshconnect1.o sshconnect2.o mux.o |
@@ -224,7 +224,7 @@ umac128.o: umac.c | |||
224 | $(CC) $(CFLAGS) $(CPPFLAGS) -o umac128.o -c $(srcdir)/umac.c \ | 224 | $(CC) $(CFLAGS) $(CPPFLAGS) -o umac128.o -c $(srcdir)/umac.c \ |
225 | -DUMAC_OUTPUT_LEN=16 -Dumac_new=umac128_new \ | 225 | -DUMAC_OUTPUT_LEN=16 -Dumac_new=umac128_new \ |
226 | -Dumac_update=umac128_update -Dumac_final=umac128_final \ | 226 | -Dumac_update=umac128_update -Dumac_final=umac128_final \ |
227 | -Dumac_delete=umac128_delete | 227 | -Dumac_delete=umac128_delete -Dumac_ctx=umac128_ctx |
228 | 228 | ||
229 | clean: regressclean | 229 | clean: regressclean |
230 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log | 230 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log |
@@ -241,6 +241,8 @@ clean: regressclean | |||
241 | rm -f regress/unittests/hostkeys/test_hostkeys | 241 | rm -f regress/unittests/hostkeys/test_hostkeys |
242 | rm -f regress/unittests/kex/*.o | 242 | rm -f regress/unittests/kex/*.o |
243 | rm -f regress/unittests/kex/test_kex | 243 | rm -f regress/unittests/kex/test_kex |
244 | rm -f regress/misc/kexfuzz/*.o | ||
245 | rm -f regress/misc/kexfuzz/kexfuzz | ||
244 | (cd openbsd-compat && $(MAKE) clean) | 246 | (cd openbsd-compat && $(MAKE) clean) |
245 | 247 | ||
246 | distclean: regressclean | 248 | distclean: regressclean |
@@ -261,6 +263,7 @@ distclean: regressclean | |||
261 | rm -f regress/unittests/hostkeys/test_hostkeys | 263 | rm -f regress/unittests/hostkeys/test_hostkeys |
262 | rm -f regress/unittests/kex/*.o | 264 | rm -f regress/unittests/kex/*.o |
263 | rm -f regress/unittests/kex/test_kex | 265 | rm -f regress/unittests/kex/test_kex |
266 | rm -f regress/unittests/misc/kexfuzz | ||
264 | (cd openbsd-compat && $(MAKE) distclean) | 267 | (cd openbsd-compat && $(MAKE) distclean) |
265 | if test -d pkg ; then \ | 268 | if test -d pkg ; then \ |
266 | rm -fr pkg ; \ | 269 | rm -fr pkg ; \ |
@@ -421,23 +424,27 @@ regress-prep: | |||
421 | mkdir -p `pwd`/regress/unittests/hostkeys | 424 | mkdir -p `pwd`/regress/unittests/hostkeys |
422 | [ -d `pwd`/regress/unittests/kex ] || \ | 425 | [ -d `pwd`/regress/unittests/kex ] || \ |
423 | mkdir -p `pwd`/regress/unittests/kex | 426 | mkdir -p `pwd`/regress/unittests/kex |
427 | [ -d `pwd`/regress/misc/kexfuzz ] || \ | ||
428 | mkdir -p `pwd`/regress/misc/kexfuzz | ||
424 | [ -f `pwd`/regress/Makefile ] || \ | 429 | [ -f `pwd`/regress/Makefile ] || \ |
425 | ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile | 430 | ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile |
426 | 431 | ||
427 | regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c | 432 | REGRESSLIBS=libssh.a $(LIBCOMPAT) |
428 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ | 433 | |
434 | regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) | ||
435 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ | ||
429 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | 436 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) |
430 | 437 | ||
431 | regress/setuid-allowed$(EXEEXT): $(srcdir)/regress/setuid-allowed.c | 438 | regress/setuid-allowed$(EXEEXT): $(srcdir)/regress/setuid-allowed.c $(REGRESSLIBS) |
432 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ | 439 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/setuid-allowed.c \ |
433 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | 440 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) |
434 | 441 | ||
435 | regress/netcat$(EXEEXT): $(srcdir)/regress/netcat.c | 442 | regress/netcat$(EXEEXT): $(srcdir)/regress/netcat.c $(REGRESSLIBS) |
436 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ | 443 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/netcat.c \ |
437 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | 444 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) |
438 | 445 | ||
439 | regress/check-perm$(EXEEXT): $(srcdir)/regress/check-perm.c | 446 | regress/check-perm$(EXEEXT): $(srcdir)/regress/check-perm.c $(REGRESSLIBS) |
440 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ | 447 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/check-perm.c \ |
441 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | 448 | $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) |
442 | 449 | ||
443 | UNITTESTS_TEST_HELPER_OBJS=\ | 450 | UNITTESTS_TEST_HELPER_OBJS=\ |
@@ -507,8 +514,14 @@ regress/unittests/hostkeys/test_hostkeys$(EXEEXT): \ | |||
507 | regress/unittests/test_helper/libtest_helper.a \ | 514 | regress/unittests/test_helper/libtest_helper.a \ |
508 | -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | 515 | -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) |
509 | 516 | ||
510 | REGRESS_BINARIES=\ | 517 | MISC_KEX_FUZZ_OBJS=\ |
511 | regress/modpipe$(EXEEXT) \ | 518 | regress/misc/kexfuzz/kexfuzz.o |
519 | |||
520 | regress/misc/kexfuzz/kexfuzz$(EXEEXT): ${MISC_KEX_FUZZ_OBJS} libssh.a | ||
521 | $(LD) -o $@ $(LDFLAGS) $(MISC_KEX_FUZZ_OBJS) \ | ||
522 | -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) | ||
523 | |||
524 | regress-binaries: regress/modpipe$(EXEEXT) \ | ||
512 | regress/setuid-allowed$(EXEEXT) \ | 525 | regress/setuid-allowed$(EXEEXT) \ |
513 | regress/netcat$(EXEEXT) \ | 526 | regress/netcat$(EXEEXT) \ |
514 | regress/check-perm$(EXEEXT) \ | 527 | regress/check-perm$(EXEEXT) \ |
@@ -516,9 +529,10 @@ REGRESS_BINARIES=\ | |||
516 | regress/unittests/sshkey/test_sshkey$(EXEEXT) \ | 529 | regress/unittests/sshkey/test_sshkey$(EXEEXT) \ |
517 | regress/unittests/bitmap/test_bitmap$(EXEEXT) \ | 530 | regress/unittests/bitmap/test_bitmap$(EXEEXT) \ |
518 | regress/unittests/hostkeys/test_hostkeys$(EXEEXT) \ | 531 | regress/unittests/hostkeys/test_hostkeys$(EXEEXT) \ |
519 | regress/unittests/kex/test_kex$(EXEEXT) | 532 | regress/unittests/kex/test_kex$(EXEEXT) \ |
533 | regress/misc/kexfuzz/kexfuzz$(EXEEXT) | ||
520 | 534 | ||
521 | tests interop-tests t-exec: regress-prep $(TARGETS) $(REGRESS_BINARIES) | 535 | tests interop-tests t-exec: regress-prep regress-binaries $(TARGETS) |
522 | BUILDDIR=`pwd`; \ | 536 | BUILDDIR=`pwd`; \ |
523 | TEST_SSH_SCP="$${BUILDDIR}/scp"; \ | 537 | TEST_SSH_SCP="$${BUILDDIR}/scp"; \ |
524 | TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ | 538 | TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ |
@@ -543,6 +557,7 @@ tests interop-tests t-exec: regress-prep $(TARGETS) $(REGRESS_BINARIES) | |||
543 | OBJ="$${BUILDDIR}/regress/" \ | 557 | OBJ="$${BUILDDIR}/regress/" \ |
544 | PATH="$${BUILDDIR}:$${PATH}" \ | 558 | PATH="$${BUILDDIR}:$${PATH}" \ |
545 | TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ | 559 | TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ |
560 | TEST_MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ | ||
546 | TEST_SSH_SCP="$${TEST_SSH_SCP}" \ | 561 | TEST_SSH_SCP="$${TEST_SSH_SCP}" \ |
547 | TEST_SSH_SSH="$${TEST_SSH_SSH}" \ | 562 | TEST_SSH_SSH="$${TEST_SSH_SSH}" \ |
548 | TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ | 563 | TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ |
@@ -247,6 +247,8 @@ to request that the server make a connection to a Unix domain socket. | |||
247 | uint32 initial window size | 247 | uint32 initial window size |
248 | uint32 maximum packet size | 248 | uint32 maximum packet size |
249 | string socket path | 249 | string socket path |
250 | string reserved | ||
251 | uint32 reserved | ||
250 | 252 | ||
251 | Similar to forwarded-tcpip, forwarded-streamlocal is sent by the | 253 | Similar to forwarded-tcpip, forwarded-streamlocal is sent by the |
252 | server when the client has previously send the server a streamlocal-forward | 254 | server when the client has previously send the server a streamlocal-forward |
@@ -452,4 +454,4 @@ respond with a SSH_FXP_STATUS message. | |||
452 | This extension is advertised in the SSH_FXP_VERSION hello with version | 454 | This extension is advertised in the SSH_FXP_VERSION hello with version |
453 | "1". | 455 | "1". |
454 | 456 | ||
455 | $OpenBSD: PROTOCOL,v 1.29 2015/07/17 03:09:19 djm Exp $ | 457 | $OpenBSD: PROTOCOL,v 1.30 2016/04/08 06:35:54 djm Exp $ |
diff --git a/PROTOCOL.agent b/PROTOCOL.agent index 27ec0c1de..60d36f912 100644 --- a/PROTOCOL.agent +++ b/PROTOCOL.agent | |||
@@ -206,6 +206,28 @@ ECDSA certificates may be added with: | |||
206 | string key_comment | 206 | string key_comment |
207 | constraint[] key_constraints | 207 | constraint[] key_constraints |
208 | 208 | ||
209 | ED25519 keys may be added using the following request | ||
210 | byte SSH2_AGENTC_ADD_IDENTITY or | ||
211 | SSH2_AGENTC_ADD_ID_CONSTRAINED | ||
212 | string "ssh-ed25519" | ||
213 | string ed25519_public_key | ||
214 | string ed25519_private_key || ed25519_public_key | ||
215 | string key_comment | ||
216 | constraint[] key_constraints | ||
217 | |||
218 | ED25519 certificates may be added with: | ||
219 | byte SSH2_AGENTC_ADD_IDENTITY or | ||
220 | SSH2_AGENTC_ADD_ID_CONSTRAINED | ||
221 | string "ssh-ed25519-cert-v01@openssh.com" | ||
222 | string certificate | ||
223 | string ed25519_public_key | ||
224 | string ed25519_private_key || ed25519_public_key | ||
225 | string key_comment | ||
226 | constraint[] key_constraints | ||
227 | |||
228 | For both ssh-ed25519 and ssh-ed25519-cert-v01@openssh.com keys, the private | ||
229 | key has the public key appended (for historical reasons). | ||
230 | |||
209 | RSA keys may be added with this request: | 231 | RSA keys may be added with this request: |
210 | 232 | ||
211 | byte SSH2_AGENTC_ADD_IDENTITY or | 233 | byte SSH2_AGENTC_ADD_IDENTITY or |
@@ -557,4 +579,4 @@ Locking and unlocking affects both protocol 1 and protocol 2 keys. | |||
557 | SSH_AGENT_CONSTRAIN_LIFETIME 1 | 579 | SSH_AGENT_CONSTRAIN_LIFETIME 1 |
558 | SSH_AGENT_CONSTRAIN_CONFIRM 2 | 580 | SSH_AGENT_CONSTRAIN_CONFIRM 2 |
559 | 581 | ||
560 | $OpenBSD: PROTOCOL.agent,v 1.8 2015/05/08 03:56:51 djm Exp $ | 582 | $OpenBSD: PROTOCOL.agent,v 1.11 2016/05/19 07:45:32 djm Exp $ |
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys index c98591093..aa6f5ae4c 100644 --- a/PROTOCOL.certkeys +++ b/PROTOCOL.certkeys | |||
@@ -100,9 +100,9 @@ DSA certificate | |||
100 | 100 | ||
101 | ECDSA certificate | 101 | ECDSA certificate |
102 | 102 | ||
103 | string "ecdsa-sha2-nistp256@openssh.com" | | 103 | string "ecdsa-sha2-nistp256-v01@openssh.com" | |
104 | "ecdsa-sha2-nistp384@openssh.com" | | 104 | "ecdsa-sha2-nistp384-v01@openssh.com" | |
105 | "ecdsa-sha2-nistp521@openssh.com" | 105 | "ecdsa-sha2-nistp521-v01@openssh.com" |
106 | string nonce | 106 | string nonce |
107 | string curve | 107 | string curve |
108 | string public_key | 108 | string public_key |
@@ -118,6 +118,23 @@ ECDSA certificate | |||
118 | string signature key | 118 | string signature key |
119 | string signature | 119 | string signature |
120 | 120 | ||
121 | ED25519 certificate | ||
122 | |||
123 | string "ssh-ed25519-cert-v01@openssh.com" | ||
124 | string nonce | ||
125 | string pk | ||
126 | uint64 serial | ||
127 | uint32 type | ||
128 | string key id | ||
129 | string valid principals | ||
130 | uint64 valid after | ||
131 | uint64 valid before | ||
132 | string critical options | ||
133 | string extensions | ||
134 | string reserved | ||
135 | string signature key | ||
136 | string signature | ||
137 | |||
121 | The nonce field is a CA-provided random bitstring of arbitrary length | 138 | The nonce field is a CA-provided random bitstring of arbitrary length |
122 | (but typically 16 or 32 bytes) included to make attacks that depend on | 139 | (but typically 16 or 32 bytes) included to make attacks that depend on |
123 | inducing collisions in the signature hash infeasible. | 140 | inducing collisions in the signature hash infeasible. |
@@ -129,6 +146,9 @@ p, q, g, y are the DSA parameters as described in FIPS-186-2. | |||
129 | curve and public key are respectively the ECDSA "[identifier]" and "Q" | 146 | curve and public key are respectively the ECDSA "[identifier]" and "Q" |
130 | defined in section 3.1 of RFC5656. | 147 | defined in section 3.1 of RFC5656. |
131 | 148 | ||
149 | pk is the encoded Ed25519 public key as defined by | ||
150 | draft-josefsson-eddsa-ed25519-03. | ||
151 | |||
132 | serial is an optional certificate serial number set by the CA to | 152 | serial is an optional certificate serial number set by the CA to |
133 | provide an abbreviated way to refer to certificates from that CA. | 153 | provide an abbreviated way to refer to certificates from that CA. |
134 | If a CA does not wish to number its certificates it must set this | 154 | If a CA does not wish to number its certificates it must set this |
@@ -146,7 +166,7 @@ strings packed inside it. These principals list the names for which this | |||
146 | certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and | 166 | certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and |
147 | usernames for SSH_CERT_TYPE_USER certificates. As a special case, a | 167 | usernames for SSH_CERT_TYPE_USER certificates. As a special case, a |
148 | zero-length "valid principals" field means the certificate is valid for | 168 | zero-length "valid principals" field means the certificate is valid for |
149 | any principal of the specified type. XXX DNS wildcards? | 169 | any principal of the specified type. |
150 | 170 | ||
151 | "valid after" and "valid before" specify a validity period for the | 171 | "valid after" and "valid before" specify a validity period for the |
152 | certificate. Each represents a time in seconds since 1970-01-01 | 172 | certificate. Each represents a time in seconds since 1970-01-01 |
@@ -183,7 +203,7 @@ signature is computed over all preceding fields from the initial string | |||
183 | up to, and including the signature key. Signatures are computed and | 203 | up to, and including the signature key. Signatures are computed and |
184 | encoded according to the rules defined for the CA's public key algorithm | 204 | encoded according to the rules defined for the CA's public key algorithm |
185 | (RFC4253 section 6.6 for ssh-rsa and ssh-dss, RFC5656 for the ECDSA | 205 | (RFC4253 section 6.6 for ssh-rsa and ssh-dss, RFC5656 for the ECDSA |
186 | types). | 206 | types), and draft-josefsson-eddsa-ed25519-03 for Ed25519. |
187 | 207 | ||
188 | Critical options | 208 | Critical options |
189 | ---------------- | 209 | ---------------- |
@@ -203,8 +223,9 @@ option-specific information (see below). All options are | |||
203 | "critical", if an implementation does not recognise a option | 223 | "critical", if an implementation does not recognise a option |
204 | then the validating party should refuse to accept the certificate. | 224 | then the validating party should refuse to accept the certificate. |
205 | 225 | ||
206 | The supported options and the contents and structure of their | 226 | No critical options are defined for host certificates at present. The |
207 | data fields are: | 227 | supported user certificate options and the contents and structure of |
228 | their data fields are: | ||
208 | 229 | ||
209 | Name Format Description | 230 | Name Format Description |
210 | ----------------------------------------------------------------------------- | 231 | ----------------------------------------------------------------------------- |
@@ -233,8 +254,9 @@ as is the requirement that each name appear only once. | |||
233 | If an implementation does not recognise an extension, then it should | 254 | If an implementation does not recognise an extension, then it should |
234 | ignore it. | 255 | ignore it. |
235 | 256 | ||
236 | The supported extensions and the contents and structure of their data | 257 | No extensions are defined for host certificates at present. The |
237 | fields are: | 258 | supported user certificate extensions and the contents and structure of |
259 | their data fields are: | ||
238 | 260 | ||
239 | Name Format Description | 261 | Name Format Description |
240 | ----------------------------------------------------------------------------- | 262 | ----------------------------------------------------------------------------- |
@@ -262,4 +284,4 @@ permit-user-rc empty Flag indicating that execution of | |||
262 | of this script will not be permitted if | 284 | of this script will not be permitted if |
263 | this option is not present. | 285 | this option is not present. |
264 | 286 | ||
265 | $OpenBSD: PROTOCOL.certkeys,v 1.9 2012/03/28 07:23:22 djm Exp $ | 287 | $OpenBSD: PROTOCOL.certkeys,v 1.10 2016/05/03 10:27:59 djm Exp $ |
diff --git a/PROTOCOL.chacha20poly1305 b/PROTOCOL.chacha20poly1305 index 9cf73a926..4857d3853 100644 --- a/PROTOCOL.chacha20poly1305 +++ b/PROTOCOL.chacha20poly1305 | |||
@@ -34,6 +34,8 @@ Detailed Construction | |||
34 | The chacha20-poly1305@openssh.com cipher requires 512 bits of key | 34 | The chacha20-poly1305@openssh.com cipher requires 512 bits of key |
35 | material as output from the SSH key exchange. This forms two 256 bit | 35 | material as output from the SSH key exchange. This forms two 256 bit |
36 | keys (K_1 and K_2), used by two separate instances of chacha20. | 36 | keys (K_1 and K_2), used by two separate instances of chacha20. |
37 | The first 256 bits consitute K_2 and the second 256 bits become | ||
38 | K_1. | ||
37 | 39 | ||
38 | The instance keyed by K_1 is a stream cipher that is used only | 40 | The instance keyed by K_1 is a stream cipher that is used only |
39 | to encrypt the 4 byte packet length field. The second instance, | 41 | to encrypt the 4 byte packet length field. The second instance, |
@@ -101,5 +103,5 @@ References | |||
101 | [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley | 103 | [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley |
102 | http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 | 104 | http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 |
103 | 105 | ||
104 | $OpenBSD: PROTOCOL.chacha20poly1305,v 1.2 2013/12/02 02:50:27 djm Exp $ | 106 | $OpenBSD: PROTOCOL.chacha20poly1305,v 1.3 2016/05/03 13:10:24 djm Exp $ |
105 | 107 | ||
@@ -1,4 +1,4 @@ | |||
1 | See http://www.openssh.com/txt/release-7.2p2 for the release notes. | 1 | See http://www.openssh.com/txt/release-7.3p1 for the release notes. |
2 | 2 | ||
3 | Please read http://www.openssh.com/report.html for bug reporting | 3 | Please read http://www.openssh.com/report.html for bug reporting |
4 | instructions and note that we do not use Github for bug reporting or | 4 | instructions and note that we do not use Github for bug reporting or |
diff --git a/audit-linux.c b/audit-linux.c index b3ee2f4da..d3524f7e1 100644 --- a/audit-linux.c +++ b/audit-linux.c | |||
@@ -36,17 +36,17 @@ | |||
36 | #include "log.h" | 36 | #include "log.h" |
37 | #include "audit.h" | 37 | #include "audit.h" |
38 | #include "canohost.h" | 38 | #include "canohost.h" |
39 | #include "packet.h" | ||
39 | 40 | ||
40 | const char* audit_username(void); | 41 | const char *audit_username(void); |
41 | 42 | ||
42 | int | 43 | int |
43 | linux_audit_record_event(int uid, const char *username, | 44 | linux_audit_record_event(int uid, const char *username, const char *hostname, |
44 | const char *hostname, const char *ip, const char *ttyn, int success) | 45 | const char *ip, const char *ttyn, int success) |
45 | { | 46 | { |
46 | int audit_fd, rc, saved_errno; | 47 | int audit_fd, rc, saved_errno; |
47 | 48 | ||
48 | audit_fd = audit_open(); | 49 | if ((audit_fd = audit_open()) < 0) { |
49 | if (audit_fd < 0) { | ||
50 | if (errno == EINVAL || errno == EPROTONOSUPPORT || | 50 | if (errno == EINVAL || errno == EPROTONOSUPPORT || |
51 | errno == EAFNOSUPPORT) | 51 | errno == EAFNOSUPPORT) |
52 | return 1; /* No audit support in kernel */ | 52 | return 1; /* No audit support in kernel */ |
@@ -58,6 +58,7 @@ linux_audit_record_event(int uid, const char *username, | |||
58 | username == NULL ? uid : -1, hostname, ip, ttyn, success); | 58 | username == NULL ? uid : -1, hostname, ip, ttyn, success); |
59 | saved_errno = errno; | 59 | saved_errno = errno; |
60 | close(audit_fd); | 60 | close(audit_fd); |
61 | |||
61 | /* | 62 | /* |
62 | * Do not report error if the error is EPERM and sshd is run as non | 63 | * Do not report error if the error is EPERM and sshd is run as non |
63 | * root user. | 64 | * root user. |
@@ -65,7 +66,8 @@ linux_audit_record_event(int uid, const char *username, | |||
65 | if ((rc == -EPERM) && (geteuid() != 0)) | 66 | if ((rc == -EPERM) && (geteuid() != 0)) |
66 | rc = 0; | 67 | rc = 0; |
67 | errno = saved_errno; | 68 | errno = saved_errno; |
68 | return (rc >= 0); | 69 | |
70 | return rc >= 0; | ||
69 | } | 71 | } |
70 | 72 | ||
71 | /* Below is the sshd audit API code */ | 73 | /* Below is the sshd audit API code */ |
@@ -73,8 +75,8 @@ linux_audit_record_event(int uid, const char *username, | |||
73 | void | 75 | void |
74 | audit_connection_from(const char *host, int port) | 76 | audit_connection_from(const char *host, int port) |
75 | { | 77 | { |
76 | } | ||
77 | /* not implemented */ | 78 | /* not implemented */ |
79 | } | ||
78 | 80 | ||
79 | void | 81 | void |
80 | audit_run_command(const char *command) | 82 | audit_run_command(const char *command) |
@@ -85,8 +87,8 @@ audit_run_command(const char *command) | |||
85 | void | 87 | void |
86 | audit_session_open(struct logininfo *li) | 88 | audit_session_open(struct logininfo *li) |
87 | { | 89 | { |
88 | if (linux_audit_record_event(li->uid, NULL, li->hostname, | 90 | if (linux_audit_record_event(li->uid, NULL, li->hostname, NULL, |
89 | NULL, li->line, 1) == 0) | 91 | li->line, 1) == 0) |
90 | fatal("linux_audit_write_entry failed: %s", strerror(errno)); | 92 | fatal("linux_audit_write_entry failed: %s", strerror(errno)); |
91 | } | 93 | } |
92 | 94 | ||
@@ -99,6 +101,8 @@ audit_session_close(struct logininfo *li) | |||
99 | void | 101 | void |
100 | audit_event(ssh_audit_event_t event) | 102 | audit_event(ssh_audit_event_t event) |
101 | { | 103 | { |
104 | struct ssh *ssh = active_state; /* XXX */ | ||
105 | |||
102 | switch(event) { | 106 | switch(event) { |
103 | case SSH_AUTH_SUCCESS: | 107 | case SSH_AUTH_SUCCESS: |
104 | case SSH_CONNECTION_CLOSE: | 108 | case SSH_CONNECTION_CLOSE: |
@@ -106,7 +110,6 @@ audit_event(ssh_audit_event_t event) | |||
106 | case SSH_LOGIN_EXCEED_MAXTRIES: | 110 | case SSH_LOGIN_EXCEED_MAXTRIES: |
107 | case SSH_LOGIN_ROOT_DENIED: | 111 | case SSH_LOGIN_ROOT_DENIED: |
108 | break; | 112 | break; |
109 | |||
110 | case SSH_AUTH_FAIL_NONE: | 113 | case SSH_AUTH_FAIL_NONE: |
111 | case SSH_AUTH_FAIL_PASSWD: | 114 | case SSH_AUTH_FAIL_PASSWD: |
112 | case SSH_AUTH_FAIL_KBDINT: | 115 | case SSH_AUTH_FAIL_KBDINT: |
@@ -115,12 +118,11 @@ audit_event(ssh_audit_event_t event) | |||
115 | case SSH_AUTH_FAIL_GSSAPI: | 118 | case SSH_AUTH_FAIL_GSSAPI: |
116 | case SSH_INVALID_USER: | 119 | case SSH_INVALID_USER: |
117 | linux_audit_record_event(-1, audit_username(), NULL, | 120 | linux_audit_record_event(-1, audit_username(), NULL, |
118 | get_remote_ipaddr(), "sshd", 0); | 121 | ssh_remote_ipaddr(ssh), "sshd", 0); |
119 | break; | 122 | break; |
120 | |||
121 | default: | 123 | default: |
122 | debug("%s: unhandled event %d", __func__, event); | 124 | debug("%s: unhandled event %d", __func__, event); |
125 | break; | ||
123 | } | 126 | } |
124 | } | 127 | } |
125 | |||
126 | #endif /* USE_LINUX_AUDIT */ | 128 | #endif /* USE_LINUX_AUDIT */ |
diff --git a/auth-krb5.c b/auth-krb5.c index f019fb1a1..38e7fee21 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-krb5.c,v 1.21 2016/01/27 06:44:58 djm Exp $ */ | 1 | /* $OpenBSD: auth-krb5.c,v 1.22 2016/05/04 14:22:33 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Kerberos v5 authentication and ticket-passing routines. | 3 | * Kerberos v5 authentication and ticket-passing routines. |
4 | * | 4 | * |
@@ -36,7 +36,6 @@ | |||
36 | 36 | ||
37 | #include "xmalloc.h" | 37 | #include "xmalloc.h" |
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | ||
40 | #include "packet.h" | 39 | #include "packet.h" |
41 | #include "log.h" | 40 | #include "log.h" |
42 | #include "buffer.h" | 41 | #include "buffer.h" |
diff --git a/auth-options.c b/auth-options.c index bda39df4e..a9d9a81cb 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-options.c,v 1.70 2015/12/10 17:08:40 mmcc Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.71 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -29,6 +29,7 @@ | |||
29 | #include "ssherr.h" | 29 | #include "ssherr.h" |
30 | #include "log.h" | 30 | #include "log.h" |
31 | #include "canohost.h" | 31 | #include "canohost.h" |
32 | #include "packet.h" | ||
32 | #include "sshbuf.h" | 33 | #include "sshbuf.h" |
33 | #include "misc.h" | 34 | #include "misc.h" |
34 | #include "channels.h" | 35 | #include "channels.h" |
@@ -131,6 +132,7 @@ match_flag(const char *opt, int allow_negate, char **optsp, const char *msg) | |||
131 | int | 132 | int |
132 | auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | 133 | auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) |
133 | { | 134 | { |
135 | struct ssh *ssh = active_state; /* XXX */ | ||
134 | const char *cp; | 136 | const char *cp; |
135 | int i, r; | 137 | int i, r; |
136 | 138 | ||
@@ -284,9 +286,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
284 | } | 286 | } |
285 | cp = "from=\""; | 287 | cp = "from=\""; |
286 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 288 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
287 | const char *remote_ip = get_remote_ipaddr(); | 289 | const char *remote_ip = ssh_remote_ipaddr(ssh); |
288 | const char *remote_host = get_canonical_hostname( | 290 | const char *remote_host = auth_get_canonical_hostname( |
289 | options.use_dns); | 291 | ssh, options.use_dns); |
290 | char *patterns = xmalloc(strlen(opts) + 1); | 292 | char *patterns = xmalloc(strlen(opts) + 1); |
291 | 293 | ||
292 | opts += strlen(cp); | 294 | opts += strlen(cp); |
@@ -471,6 +473,7 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, | |||
471 | char **cert_forced_command, | 473 | char **cert_forced_command, |
472 | int *cert_source_address_done) | 474 | int *cert_source_address_done) |
473 | { | 475 | { |
476 | struct ssh *ssh = active_state; /* XXX */ | ||
474 | char *command, *allowed; | 477 | char *command, *allowed; |
475 | const char *remote_ip; | 478 | const char *remote_ip; |
476 | char *name = NULL; | 479 | char *name = NULL; |
@@ -544,7 +547,7 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, | |||
544 | free(allowed); | 547 | free(allowed); |
545 | goto out; | 548 | goto out; |
546 | } | 549 | } |
547 | remote_ip = get_remote_ipaddr(); | 550 | remote_ip = ssh_remote_ipaddr(ssh); |
548 | result = addr_match_cidr_list(remote_ip, | 551 | result = addr_match_cidr_list(remote_ip, |
549 | allowed); | 552 | allowed); |
550 | free(allowed); | 553 | free(allowed); |
diff --git a/auth-pam.c b/auth-pam.c index abd6a5e1b..348fe370a 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -68,9 +68,9 @@ | |||
68 | 68 | ||
69 | /* OpenGroup RFC86.0 and XSSO specify no "const" on arguments */ | 69 | /* OpenGroup RFC86.0 and XSSO specify no "const" on arguments */ |
70 | #ifdef PAM_SUN_CODEBASE | 70 | #ifdef PAM_SUN_CODEBASE |
71 | # define sshpam_const /* Solaris, HP-UX, AIX */ | 71 | # define sshpam_const /* Solaris, HP-UX, SunOS */ |
72 | #else | 72 | #else |
73 | # define sshpam_const const /* LinuxPAM, OpenPAM */ | 73 | # define sshpam_const const /* LinuxPAM, OpenPAM, AIX */ |
74 | #endif | 74 | #endif |
75 | 75 | ||
76 | /* Ambiguity in spec: is it an array of pointers or a pointer to an array? */ | 76 | /* Ambiguity in spec: is it an array of pointers or a pointer to an array? */ |
@@ -154,9 +154,12 @@ sshpam_sigchld_handler(int sig) | |||
154 | <= 0) { | 154 | <= 0) { |
155 | /* PAM thread has not exitted, privsep slave must have */ | 155 | /* PAM thread has not exitted, privsep slave must have */ |
156 | kill(cleanup_ctxt->pam_thread, SIGTERM); | 156 | kill(cleanup_ctxt->pam_thread, SIGTERM); |
157 | if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) | 157 | while (waitpid(cleanup_ctxt->pam_thread, |
158 | <= 0) | 158 | &sshpam_thread_status, 0) == -1) { |
159 | return; /* could not wait */ | 159 | if (errno == EINTR) |
160 | continue; | ||
161 | return; | ||
162 | } | ||
160 | } | 163 | } |
161 | if (WIFSIGNALED(sshpam_thread_status) && | 164 | if (WIFSIGNALED(sshpam_thread_status) && |
162 | WTERMSIG(sshpam_thread_status) == SIGTERM) | 165 | WTERMSIG(sshpam_thread_status) == SIGTERM) |
@@ -217,7 +220,11 @@ pthread_join(sp_pthread_t thread, void **value) | |||
217 | if (sshpam_thread_status != -1) | 220 | if (sshpam_thread_status != -1) |
218 | return (sshpam_thread_status); | 221 | return (sshpam_thread_status); |
219 | signal(SIGCHLD, sshpam_oldsig); | 222 | signal(SIGCHLD, sshpam_oldsig); |
220 | waitpid(thread, &status, 0); | 223 | while (waitpid(thread, &status, 0) == -1) { |
224 | if (errno == EINTR) | ||
225 | continue; | ||
226 | fatal("%s: waitpid: %s", __func__, strerror(errno)); | ||
227 | } | ||
221 | return (status); | 228 | return (status); |
222 | } | 229 | } |
223 | #endif | 230 | #endif |
@@ -229,6 +236,7 @@ static int sshpam_authenticated = 0; | |||
229 | static int sshpam_session_open = 0; | 236 | static int sshpam_session_open = 0; |
230 | static int sshpam_cred_established = 0; | 237 | static int sshpam_cred_established = 0; |
231 | static int sshpam_account_status = -1; | 238 | static int sshpam_account_status = -1; |
239 | static int sshpam_maxtries_reached = 0; | ||
232 | static char **sshpam_env = NULL; | 240 | static char **sshpam_env = NULL; |
233 | static Authctxt *sshpam_authctxt = NULL; | 241 | static Authctxt *sshpam_authctxt = NULL; |
234 | static const char *sshpam_password = NULL; | 242 | static const char *sshpam_password = NULL; |
@@ -364,17 +372,6 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, | |||
364 | for (i = 0; i < n; ++i) { | 372 | for (i = 0; i < n; ++i) { |
365 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | 373 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { |
366 | case PAM_PROMPT_ECHO_OFF: | 374 | case PAM_PROMPT_ECHO_OFF: |
367 | buffer_put_cstring(&buffer, | ||
368 | PAM_MSG_MEMBER(msg, i, msg)); | ||
369 | if (ssh_msg_send(ctxt->pam_csock, | ||
370 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | ||
371 | goto fail; | ||
372 | if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) | ||
373 | goto fail; | ||
374 | if (buffer_get_char(&buffer) != PAM_AUTHTOK) | ||
375 | goto fail; | ||
376 | reply[i].resp = buffer_get_string(&buffer, NULL); | ||
377 | break; | ||
378 | case PAM_PROMPT_ECHO_ON: | 375 | case PAM_PROMPT_ECHO_ON: |
379 | buffer_put_cstring(&buffer, | 376 | buffer_put_cstring(&buffer, |
380 | PAM_MSG_MEMBER(msg, i, msg)); | 377 | PAM_MSG_MEMBER(msg, i, msg)); |
@@ -388,12 +385,6 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, | |||
388 | reply[i].resp = buffer_get_string(&buffer, NULL); | 385 | reply[i].resp = buffer_get_string(&buffer, NULL); |
389 | break; | 386 | break; |
390 | case PAM_ERROR_MSG: | 387 | case PAM_ERROR_MSG: |
391 | buffer_put_cstring(&buffer, | ||
392 | PAM_MSG_MEMBER(msg, i, msg)); | ||
393 | if (ssh_msg_send(ctxt->pam_csock, | ||
394 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | ||
395 | goto fail; | ||
396 | break; | ||
397 | case PAM_TEXT_INFO: | 388 | case PAM_TEXT_INFO: |
398 | buffer_put_cstring(&buffer, | 389 | buffer_put_cstring(&buffer, |
399 | PAM_MSG_MEMBER(msg, i, msg)); | 390 | PAM_MSG_MEMBER(msg, i, msg)); |
@@ -467,6 +458,8 @@ sshpam_thread(void *ctxtp) | |||
467 | if (sshpam_err != PAM_SUCCESS) | 458 | if (sshpam_err != PAM_SUCCESS) |
468 | goto auth_fail; | 459 | goto auth_fail; |
469 | sshpam_err = pam_authenticate(sshpam_handle, flags); | 460 | sshpam_err = pam_authenticate(sshpam_handle, flags); |
461 | if (sshpam_err == PAM_MAXTRIES) | ||
462 | sshpam_set_maxtries_reached(1); | ||
470 | if (sshpam_err != PAM_SUCCESS) | 463 | if (sshpam_err != PAM_SUCCESS) |
471 | goto auth_fail; | 464 | goto auth_fail; |
472 | 465 | ||
@@ -518,6 +511,8 @@ sshpam_thread(void *ctxtp) | |||
518 | /* XXX - can't do much about an error here */ | 511 | /* XXX - can't do much about an error here */ |
519 | if (sshpam_err == PAM_ACCT_EXPIRED) | 512 | if (sshpam_err == PAM_ACCT_EXPIRED) |
520 | ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, &buffer); | 513 | ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, &buffer); |
514 | else if (sshpam_maxtries_reached) | ||
515 | ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, &buffer); | ||
521 | else | 516 | else |
522 | ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); | 517 | ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); |
523 | buffer_free(&buffer); | 518 | buffer_free(&buffer); |
@@ -623,6 +618,7 @@ sshpam_init(Authctxt *authctxt) | |||
623 | extern char *__progname; | 618 | extern char *__progname; |
624 | const char *pam_rhost, *pam_user, *user = authctxt->user; | 619 | const char *pam_rhost, *pam_user, *user = authctxt->user; |
625 | const char **ptr_pam_user = &pam_user; | 620 | const char **ptr_pam_user = &pam_user; |
621 | struct ssh *ssh = active_state; /* XXX */ | ||
626 | 622 | ||
627 | if (sshpam_handle != NULL) { | 623 | if (sshpam_handle != NULL) { |
628 | /* We already have a PAM context; check if the user matches */ | 624 | /* We already have a PAM context; check if the user matches */ |
@@ -643,7 +639,7 @@ sshpam_init(Authctxt *authctxt) | |||
643 | sshpam_handle = NULL; | 639 | sshpam_handle = NULL; |
644 | return (-1); | 640 | return (-1); |
645 | } | 641 | } |
646 | pam_rhost = get_remote_name_or_ip(utmp_len, options.use_dns); | 642 | pam_rhost = auth_get_canonical_hostname(ssh, options.use_dns); |
647 | debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost); | 643 | debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost); |
648 | sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost); | 644 | sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost); |
649 | if (sshpam_err != PAM_SUCCESS) { | 645 | if (sshpam_err != PAM_SUCCESS) { |
@@ -714,6 +710,7 @@ static int | |||
714 | sshpam_query(void *ctx, char **name, char **info, | 710 | sshpam_query(void *ctx, char **name, char **info, |
715 | u_int *num, char ***prompts, u_int **echo_on) | 711 | u_int *num, char ***prompts, u_int **echo_on) |
716 | { | 712 | { |
713 | struct ssh *ssh = active_state; /* XXX */ | ||
717 | Buffer buffer; | 714 | Buffer buffer; |
718 | struct pam_ctxt *ctxt = ctx; | 715 | struct pam_ctxt *ctxt = ctx; |
719 | size_t plen; | 716 | size_t plen; |
@@ -756,7 +753,11 @@ sshpam_query(void *ctx, char **name, char **info, | |||
756 | free(msg); | 753 | free(msg); |
757 | break; | 754 | break; |
758 | case PAM_ACCT_EXPIRED: | 755 | case PAM_ACCT_EXPIRED: |
759 | sshpam_account_status = 0; | 756 | case PAM_MAXTRIES: |
757 | if (type == PAM_ACCT_EXPIRED) | ||
758 | sshpam_account_status = 0; | ||
759 | if (type == PAM_MAXTRIES) | ||
760 | sshpam_set_maxtries_reached(1); | ||
760 | /* FALLTHROUGH */ | 761 | /* FALLTHROUGH */ |
761 | case PAM_AUTH_ERR: | 762 | case PAM_AUTH_ERR: |
762 | debug3("PAM: %s", pam_strerror(sshpam_handle, type)); | 763 | debug3("PAM: %s", pam_strerror(sshpam_handle, type)); |
@@ -796,7 +797,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
796 | error("PAM: %s for %s%.100s from %.100s", msg, | 797 | error("PAM: %s for %s%.100s from %.100s", msg, |
797 | sshpam_authctxt->valid ? "" : "illegal user ", | 798 | sshpam_authctxt->valid ? "" : "illegal user ", |
798 | sshpam_authctxt->user, | 799 | sshpam_authctxt->user, |
799 | get_remote_name_or_ip(utmp_len, options.use_dns)); | 800 | auth_get_canonical_hostname(ssh, options.use_dns)); |
800 | /* FALLTHROUGH */ | 801 | /* FALLTHROUGH */ |
801 | default: | 802 | default: |
802 | *num = 0; | 803 | *num = 0; |
@@ -1233,6 +1234,8 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | |||
1233 | sshpam_err = pam_authenticate(sshpam_handle, flags); | 1234 | sshpam_err = pam_authenticate(sshpam_handle, flags); |
1234 | sshpam_password = NULL; | 1235 | sshpam_password = NULL; |
1235 | free(fake); | 1236 | free(fake); |
1237 | if (sshpam_err == PAM_MAXTRIES) | ||
1238 | sshpam_set_maxtries_reached(1); | ||
1236 | if (sshpam_err == PAM_SUCCESS && authctxt->valid) { | 1239 | if (sshpam_err == PAM_SUCCESS && authctxt->valid) { |
1237 | debug("PAM: password authentication accepted for %.100s", | 1240 | debug("PAM: password authentication accepted for %.100s", |
1238 | authctxt->user); | 1241 | authctxt->user); |
@@ -1244,4 +1247,21 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | |||
1244 | return 0; | 1247 | return 0; |
1245 | } | 1248 | } |
1246 | } | 1249 | } |
1250 | |||
1251 | int | ||
1252 | sshpam_get_maxtries_reached(void) | ||
1253 | { | ||
1254 | return sshpam_maxtries_reached; | ||
1255 | } | ||
1256 | |||
1257 | void | ||
1258 | sshpam_set_maxtries_reached(int reached) | ||
1259 | { | ||
1260 | if (reached == 0 || sshpam_maxtries_reached) | ||
1261 | return; | ||
1262 | sshpam_maxtries_reached = 1; | ||
1263 | options.password_authentication = 0; | ||
1264 | options.kbd_interactive_authentication = 0; | ||
1265 | options.challenge_response_authentication = 0; | ||
1266 | } | ||
1247 | #endif /* USE_PAM */ | 1267 | #endif /* USE_PAM */ |
diff --git a/auth-pam.h b/auth-pam.h index a1a2b52d8..2e9a0c0a3 100644 --- a/auth-pam.h +++ b/auth-pam.h | |||
@@ -45,6 +45,8 @@ void free_pam_environment(char **); | |||
45 | void sshpam_thread_cleanup(void); | 45 | void sshpam_thread_cleanup(void); |
46 | void sshpam_cleanup(void); | 46 | void sshpam_cleanup(void); |
47 | int sshpam_auth_passwd(Authctxt *, const char *); | 47 | int sshpam_auth_passwd(Authctxt *, const char *); |
48 | int sshpam_get_maxtries_reached(void); | ||
49 | void sshpam_set_maxtries_reached(int); | ||
48 | int is_pam_session_open(void); | 50 | int is_pam_session_open(void); |
49 | 51 | ||
50 | #endif /* USE_PAM */ | 52 | #endif /* USE_PAM */ |
diff --git a/auth-passwd.c b/auth-passwd.c index 530b5d4f7..996c2cf71 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-passwd.c,v 1.44 2014/07/15 15:54:14 millert Exp $ */ | 1 | /* $OpenBSD: auth-passwd.c,v 1.45 2016/07/21 01:39:35 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -66,6 +66,8 @@ extern login_cap_t *lc; | |||
66 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ | 66 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ |
67 | #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ | 67 | #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ |
68 | 68 | ||
69 | #define MAX_PASSWORD_LEN 1024 | ||
70 | |||
69 | void | 71 | void |
70 | disable_forwarding(void) | 72 | disable_forwarding(void) |
71 | { | 73 | { |
@@ -87,6 +89,9 @@ auth_password(Authctxt *authctxt, const char *password) | |||
87 | static int expire_checked = 0; | 89 | static int expire_checked = 0; |
88 | #endif | 90 | #endif |
89 | 91 | ||
92 | if (strlen(password) > MAX_PASSWORD_LEN) | ||
93 | return 0; | ||
94 | |||
90 | #ifndef HAVE_CYGWIN | 95 | #ifndef HAVE_CYGWIN |
91 | if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) | 96 | if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) |
92 | ok = 0; | 97 | ok = 0; |
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index 2e20396ea..057335ba4 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-rh-rsa.c,v 1.44 2014/07/15 15:54:14 millert Exp $ */ | 1 | /* $OpenBSD: auth-rh-rsa.c,v 1.45 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -42,8 +42,8 @@ | |||
42 | extern ServerOptions options; | 42 | extern ServerOptions options; |
43 | 43 | ||
44 | int | 44 | int |
45 | auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, | 45 | auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *cuser, |
46 | Key *client_host_key) | 46 | const char *chost, Key *client_host_key) |
47 | { | 47 | { |
48 | HostStatus host_status; | 48 | HostStatus host_status; |
49 | 49 | ||
@@ -68,7 +68,8 @@ auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost, | |||
68 | int | 68 | int |
69 | auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) | 69 | auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) |
70 | { | 70 | { |
71 | char *chost; | 71 | struct ssh *ssh = active_state; /* XXX */ |
72 | const char *chost; | ||
72 | struct passwd *pw = authctxt->pw; | 73 | struct passwd *pw = authctxt->pw; |
73 | 74 | ||
74 | debug("Trying rhosts with RSA host authentication for client user %.100s", | 75 | debug("Trying rhosts with RSA host authentication for client user %.100s", |
@@ -78,7 +79,7 @@ auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) | |||
78 | client_host_key->rsa == NULL) | 79 | client_host_key->rsa == NULL) |
79 | return 0; | 80 | return 0; |
80 | 81 | ||
81 | chost = (char *)get_canonical_hostname(options.use_dns); | 82 | chost = auth_get_canonical_hostname(ssh, options.use_dns); |
82 | debug("Rhosts RSA authentication: canonical host %.900s", chost); | 83 | debug("Rhosts RSA authentication: canonical host %.900s", chost); |
83 | 84 | ||
84 | if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { | 85 | if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) { |
diff --git a/auth-rhosts.c b/auth-rhosts.c index 2ff2cffa9..c17c13cc1 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-rhosts.c,v 1.46 2014/12/23 22:42:48 djm Exp $ */ | 1 | /* $OpenBSD: auth-rhosts.c,v 1.47 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -30,14 +30,15 @@ | |||
30 | #include <unistd.h> | 30 | #include <unistd.h> |
31 | 31 | ||
32 | #include "packet.h" | 32 | #include "packet.h" |
33 | #include "buffer.h" | ||
34 | #include "uidswap.h" | 33 | #include "uidswap.h" |
35 | #include "pathnames.h" | 34 | #include "pathnames.h" |
36 | #include "log.h" | 35 | #include "log.h" |
37 | #include "misc.h" | 36 | #include "misc.h" |
37 | #include "buffer.h" /* XXX */ | ||
38 | #include "key.h" /* XXX */ | ||
38 | #include "servconf.h" | 39 | #include "servconf.h" |
39 | #include "canohost.h" | 40 | #include "canohost.h" |
40 | #include "key.h" | 41 | #include "sshkey.h" |
41 | #include "hostfile.h" | 42 | #include "hostfile.h" |
42 | #include "auth.h" | 43 | #include "auth.h" |
43 | 44 | ||
@@ -189,10 +190,11 @@ check_rhosts_file(const char *filename, const char *hostname, | |||
189 | int | 190 | int |
190 | auth_rhosts(struct passwd *pw, const char *client_user) | 191 | auth_rhosts(struct passwd *pw, const char *client_user) |
191 | { | 192 | { |
193 | struct ssh *ssh = active_state; /* XXX */ | ||
192 | const char *hostname, *ipaddr; | 194 | const char *hostname, *ipaddr; |
193 | 195 | ||
194 | hostname = get_canonical_hostname(options.use_dns); | 196 | hostname = auth_get_canonical_hostname(ssh, options.use_dns); |
195 | ipaddr = get_remote_ipaddr(); | 197 | ipaddr = ssh_remote_ipaddr(ssh); |
196 | return auth_rhosts2(pw, client_user, hostname, ipaddr); | 198 | return auth_rhosts2(pw, client_user, hostname, ipaddr); |
197 | } | 199 | } |
198 | 200 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.115 2016/06/15 00:40:40 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -27,6 +27,7 @@ | |||
27 | 27 | ||
28 | #include <sys/types.h> | 28 | #include <sys/types.h> |
29 | #include <sys/stat.h> | 29 | #include <sys/stat.h> |
30 | #include <sys/socket.h> | ||
30 | 31 | ||
31 | #include <netinet/in.h> | 32 | #include <netinet/in.h> |
32 | 33 | ||
@@ -50,6 +51,7 @@ | |||
50 | #include <string.h> | 51 | #include <string.h> |
51 | #include <unistd.h> | 52 | #include <unistd.h> |
52 | #include <limits.h> | 53 | #include <limits.h> |
54 | #include <netdb.h> | ||
53 | 55 | ||
54 | #include "xmalloc.h" | 56 | #include "xmalloc.h" |
55 | #include "match.h" | 57 | #include "match.h" |
@@ -97,6 +99,7 @@ int auth_debug_init; | |||
97 | int | 99 | int |
98 | allowed_user(struct passwd * pw) | 100 | allowed_user(struct passwd * pw) |
99 | { | 101 | { |
102 | struct ssh *ssh = active_state; /* XXX */ | ||
100 | struct stat st; | 103 | struct stat st; |
101 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 104 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
102 | u_int i; | 105 | u_int i; |
@@ -182,8 +185,8 @@ allowed_user(struct passwd * pw) | |||
182 | 185 | ||
183 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || | 186 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || |
184 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 187 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { |
185 | hostname = get_canonical_hostname(options.use_dns); | 188 | hostname = auth_get_canonical_hostname(ssh, options.use_dns); |
186 | ipaddr = get_remote_ipaddr(); | 189 | ipaddr = ssh_remote_ipaddr(ssh); |
187 | } | 190 | } |
188 | 191 | ||
189 | /* Return false if user is listed in DenyUsers */ | 192 | /* Return false if user is listed in DenyUsers */ |
@@ -274,6 +277,7 @@ void | |||
274 | auth_log(Authctxt *authctxt, int authenticated, int partial, | 277 | auth_log(Authctxt *authctxt, int authenticated, int partial, |
275 | const char *method, const char *submethod) | 278 | const char *method, const char *submethod) |
276 | { | 279 | { |
280 | struct ssh *ssh = active_state; /* XXX */ | ||
277 | void (*authlog) (const char *fmt,...) = verbose; | 281 | void (*authlog) (const char *fmt,...) = verbose; |
278 | char *authmsg; | 282 | char *authmsg; |
279 | 283 | ||
@@ -300,8 +304,8 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
300 | submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, | 304 | submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, |
301 | authctxt->valid ? "" : "invalid user ", | 305 | authctxt->valid ? "" : "invalid user ", |
302 | authctxt->user, | 306 | authctxt->user, |
303 | get_remote_ipaddr(), | 307 | ssh_remote_ipaddr(ssh), |
304 | get_remote_port(), | 308 | ssh_remote_port(ssh), |
305 | compat20 ? "ssh2" : "ssh1", | 309 | compat20 ? "ssh2" : "ssh1", |
306 | authctxt->info != NULL ? ": " : "", | 310 | authctxt->info != NULL ? ": " : "", |
307 | authctxt->info != NULL ? authctxt->info : ""); | 311 | authctxt->info != NULL ? authctxt->info : ""); |
@@ -314,11 +318,12 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
314 | strncmp(method, "keyboard-interactive", 20) == 0 || | 318 | strncmp(method, "keyboard-interactive", 20) == 0 || |
315 | strcmp(method, "challenge-response") == 0)) | 319 | strcmp(method, "challenge-response") == 0)) |
316 | record_failed_login(authctxt->user, | 320 | record_failed_login(authctxt->user, |
317 | get_canonical_hostname(options.use_dns), "ssh"); | 321 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
318 | # ifdef WITH_AIXAUTHENTICATE | 322 | # ifdef WITH_AIXAUTHENTICATE |
319 | if (authenticated) | 323 | if (authenticated) |
320 | sys_auth_record_login(authctxt->user, | 324 | sys_auth_record_login(authctxt->user, |
321 | get_canonical_hostname(options.use_dns), "ssh", &loginmsg); | 325 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", |
326 | &loginmsg); | ||
322 | # endif | 327 | # endif |
323 | #endif | 328 | #endif |
324 | #ifdef SSH_AUDIT_EVENTS | 329 | #ifdef SSH_AUDIT_EVENTS |
@@ -331,12 +336,14 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
331 | void | 336 | void |
332 | auth_maxtries_exceeded(Authctxt *authctxt) | 337 | auth_maxtries_exceeded(Authctxt *authctxt) |
333 | { | 338 | { |
339 | struct ssh *ssh = active_state; /* XXX */ | ||
340 | |||
334 | error("maximum authentication attempts exceeded for " | 341 | error("maximum authentication attempts exceeded for " |
335 | "%s%.100s from %.200s port %d %s", | 342 | "%s%.100s from %.200s port %d %s", |
336 | authctxt->valid ? "" : "invalid user ", | 343 | authctxt->valid ? "" : "invalid user ", |
337 | authctxt->user, | 344 | authctxt->user, |
338 | get_remote_ipaddr(), | 345 | ssh_remote_ipaddr(ssh), |
339 | get_remote_port(), | 346 | ssh_remote_port(ssh), |
340 | compat20 ? "ssh2" : "ssh1"); | 347 | compat20 ? "ssh2" : "ssh1"); |
341 | packet_disconnect("Too many authentication failures"); | 348 | packet_disconnect("Too many authentication failures"); |
342 | /* NOTREACHED */ | 349 | /* NOTREACHED */ |
@@ -348,6 +355,8 @@ auth_maxtries_exceeded(Authctxt *authctxt) | |||
348 | int | 355 | int |
349 | auth_root_allowed(const char *method) | 356 | auth_root_allowed(const char *method) |
350 | { | 357 | { |
358 | struct ssh *ssh = active_state; /* XXX */ | ||
359 | |||
351 | switch (options.permit_root_login) { | 360 | switch (options.permit_root_login) { |
352 | case PERMIT_YES: | 361 | case PERMIT_YES: |
353 | return 1; | 362 | return 1; |
@@ -365,7 +374,8 @@ auth_root_allowed(const char *method) | |||
365 | } | 374 | } |
366 | break; | 375 | break; |
367 | } | 376 | } |
368 | logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); | 377 | logit("ROOT LOGIN REFUSED FROM %.200s port %d", |
378 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
369 | return 0; | 379 | return 0; |
370 | } | 380 | } |
371 | 381 | ||
@@ -602,6 +612,7 @@ auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) | |||
602 | struct passwd * | 612 | struct passwd * |
603 | getpwnamallow(const char *user) | 613 | getpwnamallow(const char *user) |
604 | { | 614 | { |
615 | struct ssh *ssh = active_state; /* XXX */ | ||
605 | #ifdef HAVE_LOGIN_CAP | 616 | #ifdef HAVE_LOGIN_CAP |
606 | extern login_cap_t *lc; | 617 | extern login_cap_t *lc; |
607 | #ifdef BSD_AUTH | 618 | #ifdef BSD_AUTH |
@@ -637,11 +648,11 @@ getpwnamallow(const char *user) | |||
637 | } | 648 | } |
638 | #endif | 649 | #endif |
639 | if (pw == NULL) { | 650 | if (pw == NULL) { |
640 | logit("Invalid user %.100s from %.100s", | 651 | logit("Invalid user %.100s from %.100s port %d", |
641 | user, get_remote_ipaddr()); | 652 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
642 | #ifdef CUSTOM_FAILED_LOGIN | 653 | #ifdef CUSTOM_FAILED_LOGIN |
643 | record_failed_login(user, | 654 | record_failed_login(user, |
644 | get_canonical_hostname(options.use_dns), "ssh"); | 655 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
645 | #endif | 656 | #endif |
646 | #ifdef SSH_AUDIT_EVENTS | 657 | #ifdef SSH_AUDIT_EVENTS |
647 | audit_event(SSH_INVALID_USER); | 658 | audit_event(SSH_INVALID_USER); |
@@ -771,3 +782,24 @@ fakepw(void) | |||
771 | 782 | ||
772 | return (&fake); | 783 | return (&fake); |
773 | } | 784 | } |
785 | |||
786 | /* | ||
787 | * Return the canonical name of the host in the other side of the current | ||
788 | * connection. The host name is cached, so it is efficient to call this | ||
789 | * several times. | ||
790 | */ | ||
791 | |||
792 | const char * | ||
793 | auth_get_canonical_hostname(struct ssh *ssh, int use_dns) | ||
794 | { | ||
795 | static char *dnsname; | ||
796 | |||
797 | if (!use_dns) | ||
798 | return ssh_remote_ipaddr(ssh); | ||
799 | else if (dnsname != NULL) | ||
800 | return dnsname; | ||
801 | else { | ||
802 | dnsname = remote_hostname(ssh); | ||
803 | return dnsname; | ||
804 | } | ||
805 | } | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.h,v 1.86 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.88 2016/05/04 14:04:40 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -125,7 +125,8 @@ BIGNUM *auth_rsa_generate_challenge(Key *); | |||
125 | int auth_rsa_verify_response(Key *, BIGNUM *, u_char[]); | 125 | int auth_rsa_verify_response(Key *, BIGNUM *, u_char[]); |
126 | int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); | 126 | int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); |
127 | 127 | ||
128 | int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); | 128 | int auth_rhosts_rsa_key_allowed(struct passwd *, const char *, |
129 | const char *, Key *); | ||
129 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); | 130 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
130 | int user_key_allowed(struct passwd *, Key *, int); | 131 | int user_key_allowed(struct passwd *, Key *, int); |
131 | void pubkey_auth_info(Authctxt *, const Key *, const char *, ...) | 132 | void pubkey_auth_info(Authctxt *, const Key *, const char *, ...) |
@@ -198,6 +199,8 @@ FILE *auth_openkeyfile(const char *, struct passwd *, int); | |||
198 | FILE *auth_openprincipals(const char *, struct passwd *, int); | 199 | FILE *auth_openprincipals(const char *, struct passwd *, int); |
199 | int auth_key_is_revoked(Key *); | 200 | int auth_key_is_revoked(Key *); |
200 | 201 | ||
202 | const char *auth_get_canonical_hostname(struct ssh *, int); | ||
203 | |||
201 | HostStatus | 204 | HostStatus |
202 | check_key_in_hostfiles(struct passwd *, Key *, const char *, | 205 | check_key_in_hostfiles(struct passwd *, Key *, const char *, |
203 | const char *, const char *); | 206 | const char *, const char *); |
diff --git a/auth2-chall.c b/auth2-chall.c index 4aff09d80..ead480318 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */ | 1 | /* $OpenBSD: auth2-chall.c,v 1.44 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2001 Per Allansson. All rights reserved. | 4 | * Copyright (c) 2001 Per Allansson. All rights reserved. |
@@ -122,8 +122,8 @@ kbdint_alloc(const char *devs) | |||
122 | buffer_append(&b, devices[i]->name, | 122 | buffer_append(&b, devices[i]->name, |
123 | strlen(devices[i]->name)); | 123 | strlen(devices[i]->name)); |
124 | } | 124 | } |
125 | buffer_append(&b, "\0", 1); | 125 | if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL) |
126 | kbdintctxt->devices = xstrdup(buffer_ptr(&b)); | 126 | fatal("%s: sshbuf_dup_string failed", __func__); |
127 | buffer_free(&b); | 127 | buffer_free(&b); |
128 | } else { | 128 | } else { |
129 | kbdintctxt->devices = xstrdup(devs); | 129 | kbdintctxt->devices = xstrdup(devs); |
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index e2327cf77..1b3c3b202 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-hostbased.c,v 1.25 2015/05/04 06:10:48 djm Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.26 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -160,6 +160,7 @@ int | |||
160 | hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, | 160 | hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, |
161 | Key *key) | 161 | Key *key) |
162 | { | 162 | { |
163 | struct ssh *ssh = active_state; /* XXX */ | ||
163 | const char *resolvedname, *ipaddr, *lookup, *reason; | 164 | const char *resolvedname, *ipaddr, *lookup, *reason; |
164 | HostStatus host_status; | 165 | HostStatus host_status; |
165 | int len; | 166 | int len; |
@@ -168,8 +169,8 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, | |||
168 | if (auth_key_is_revoked(key)) | 169 | if (auth_key_is_revoked(key)) |
169 | return 0; | 170 | return 0; |
170 | 171 | ||
171 | resolvedname = get_canonical_hostname(options.use_dns); | 172 | resolvedname = auth_get_canonical_hostname(ssh, options.use_dns); |
172 | ipaddr = get_remote_ipaddr(); | 173 | ipaddr = ssh_remote_ipaddr(ssh); |
173 | 174 | ||
174 | debug2("%s: chost %s resolvedname %s ipaddr %s", __func__, | 175 | debug2("%s: chost %s resolvedname %s ipaddr %s", __func__, |
175 | chost, resolvedname, ipaddr); | 176 | chost, resolvedname, ipaddr); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2.c,v 1.135 2015/01/19 20:07:45 markus Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.136 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -432,8 +432,8 @@ authmethods_get(Authctxt *authctxt) | |||
432 | buffer_append(&b, authmethods[i]->name, | 432 | buffer_append(&b, authmethods[i]->name, |
433 | strlen(authmethods[i]->name)); | 433 | strlen(authmethods[i]->name)); |
434 | } | 434 | } |
435 | buffer_append(&b, "\0", 1); | 435 | if ((list = sshbuf_dup_string(&b)) == NULL) |
436 | list = xstrdup(buffer_ptr(&b)); | 436 | fatal("%s: sshbuf_dup_string failed", __func__); |
437 | buffer_free(&b); | 437 | buffer_free(&b); |
438 | return list; | 438 | return list; |
439 | } | 439 | } |
diff --git a/authfile.c b/authfile.c index d67042411..f46b4e37f 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.120 2015/12/11 04:21:11 mmcc Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.121 2016/04/09 12:39:30 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -147,7 +147,8 @@ sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp) | |||
147 | struct sshbuf *b = NULL; | 147 | struct sshbuf *b = NULL; |
148 | int r; | 148 | int r; |
149 | 149 | ||
150 | *keyp = NULL; | 150 | if (keyp != NULL) |
151 | *keyp = NULL; | ||
151 | if (commentp != NULL) | 152 | if (commentp != NULL) |
152 | *commentp = NULL; | 153 | *commentp = NULL; |
153 | 154 | ||
@@ -200,7 +201,8 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, | |||
200 | { | 201 | { |
201 | int fd, r; | 202 | int fd, r; |
202 | 203 | ||
203 | *keyp = NULL; | 204 | if (keyp != NULL) |
205 | *keyp = NULL; | ||
204 | if (commentp != NULL) | 206 | if (commentp != NULL) |
205 | *commentp = NULL; | 207 | *commentp = NULL; |
206 | 208 | ||
@@ -231,6 +233,8 @@ sshkey_load_private_type_fd(int fd, int type, const char *passphrase, | |||
231 | struct sshbuf *buffer = NULL; | 233 | struct sshbuf *buffer = NULL; |
232 | int r; | 234 | int r; |
233 | 235 | ||
236 | if (keyp != NULL) | ||
237 | *keyp = NULL; | ||
234 | if ((buffer = sshbuf_new()) == NULL) { | 238 | if ((buffer = sshbuf_new()) == NULL) { |
235 | r = SSH_ERR_ALLOC_FAIL; | 239 | r = SSH_ERR_ALLOC_FAIL; |
236 | goto out; | 240 | goto out; |
@@ -255,7 +259,8 @@ sshkey_load_private(const char *filename, const char *passphrase, | |||
255 | struct sshbuf *buffer = NULL; | 259 | struct sshbuf *buffer = NULL; |
256 | int r, fd; | 260 | int r, fd; |
257 | 261 | ||
258 | *keyp = NULL; | 262 | if (keyp != NULL) |
263 | *keyp = NULL; | ||
259 | if (commentp != NULL) | 264 | if (commentp != NULL) |
260 | *commentp = NULL; | 265 | *commentp = NULL; |
261 | 266 | ||
@@ -408,7 +413,8 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
408 | char *file = NULL; | 413 | char *file = NULL; |
409 | int r = SSH_ERR_INTERNAL_ERROR; | 414 | int r = SSH_ERR_INTERNAL_ERROR; |
410 | 415 | ||
411 | *keyp = NULL; | 416 | if (keyp != NULL) |
417 | *keyp = NULL; | ||
412 | 418 | ||
413 | if (asprintf(&file, "%s-cert.pub", filename) == -1) | 419 | if (asprintf(&file, "%s-cert.pub", filename) == -1) |
414 | return SSH_ERR_ALLOC_FAIL; | 420 | return SSH_ERR_ALLOC_FAIL; |
@@ -418,11 +424,12 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
418 | } | 424 | } |
419 | if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) | 425 | if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) |
420 | goto out; | 426 | goto out; |
421 | 427 | /* success */ | |
422 | *keyp = pub; | 428 | if (keyp != NULL) { |
423 | pub = NULL; | 429 | *keyp = pub; |
430 | pub = NULL; | ||
431 | } | ||
424 | r = 0; | 432 | r = 0; |
425 | |||
426 | out: | 433 | out: |
427 | free(file); | 434 | free(file); |
428 | sshkey_free(pub); | 435 | sshkey_free(pub); |
@@ -437,7 +444,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | |||
437 | struct sshkey *key = NULL, *cert = NULL; | 444 | struct sshkey *key = NULL, *cert = NULL; |
438 | int r; | 445 | int r; |
439 | 446 | ||
440 | *keyp = NULL; | 447 | if (keyp != NULL) |
448 | *keyp = NULL; | ||
441 | 449 | ||
442 | switch (type) { | 450 | switch (type) { |
443 | #ifdef WITH_OPENSSL | 451 | #ifdef WITH_OPENSSL |
@@ -467,8 +475,10 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | |||
467 | (r = sshkey_cert_copy(cert, key)) != 0) | 475 | (r = sshkey_cert_copy(cert, key)) != 0) |
468 | goto out; | 476 | goto out; |
469 | r = 0; | 477 | r = 0; |
470 | *keyp = key; | 478 | if (keyp != NULL) { |
471 | key = NULL; | 479 | *keyp = key; |
480 | key = NULL; | ||
481 | } | ||
472 | out: | 482 | out: |
473 | sshkey_free(key); | 483 | sshkey_free(key); |
474 | sshkey_free(cert); | 484 | sshkey_free(cert); |
diff --git a/canohost.c b/canohost.c index 223964ea3..404731d24 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: canohost.c,v 1.72 2015/03/01 15:44:40 millert Exp $ */ | 1 | /* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,52 +35,44 @@ | |||
35 | #include "canohost.h" | 35 | #include "canohost.h" |
36 | #include "misc.h" | 36 | #include "misc.h" |
37 | 37 | ||
38 | static void check_ip_options(int, char *); | ||
39 | static char *canonical_host_ip = NULL; | ||
40 | static int cached_port = -1; | ||
41 | |||
42 | /* | 38 | /* |
43 | * Return the canonical name of the host at the other end of the socket. The | 39 | * Returns the remote DNS hostname as a string. The returned string must not |
44 | * caller should free the returned string. | 40 | * be freed. NB. this will usually trigger a DNS query the first time it is |
41 | * called. | ||
42 | * This function does additional checks on the hostname to mitigate some | ||
43 | * attacks on legacy rhosts-style authentication. | ||
44 | * XXX is RhostsRSAAuthentication vulnerable to these? | ||
45 | * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?) | ||
45 | */ | 46 | */ |
46 | 47 | ||
47 | static char * | 48 | char * |
48 | get_remote_hostname(int sock, int use_dns) | 49 | remote_hostname(struct ssh *ssh) |
49 | { | 50 | { |
50 | struct sockaddr_storage from; | 51 | struct sockaddr_storage from; |
51 | socklen_t fromlen; | 52 | socklen_t fromlen; |
52 | struct addrinfo hints, *ai, *aitop; | 53 | struct addrinfo hints, *ai, *aitop; |
53 | char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST]; | 54 | char name[NI_MAXHOST], ntop2[NI_MAXHOST]; |
55 | const char *ntop = ssh_remote_ipaddr(ssh); | ||
54 | 56 | ||
55 | /* Get IP address of client. */ | 57 | /* Get IP address of client. */ |
56 | fromlen = sizeof(from); | 58 | fromlen = sizeof(from); |
57 | memset(&from, 0, sizeof(from)); | 59 | memset(&from, 0, sizeof(from)); |
58 | if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { | 60 | if (getpeername(ssh_packet_get_connection_in(ssh), |
61 | (struct sockaddr *)&from, &fromlen) < 0) { | ||
59 | debug("getpeername failed: %.100s", strerror(errno)); | 62 | debug("getpeername failed: %.100s", strerror(errno)); |
60 | cleanup_exit(255); | 63 | return strdup(ntop); |
61 | } | 64 | } |
62 | 65 | ||
63 | if (from.ss_family == AF_INET) | ||
64 | check_ip_options(sock, ntop); | ||
65 | |||
66 | ipv64_normalise_mapped(&from, &fromlen); | 66 | ipv64_normalise_mapped(&from, &fromlen); |
67 | |||
68 | if (from.ss_family == AF_INET6) | 67 | if (from.ss_family == AF_INET6) |
69 | fromlen = sizeof(struct sockaddr_in6); | 68 | fromlen = sizeof(struct sockaddr_in6); |
70 | 69 | ||
71 | if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), | ||
72 | NULL, 0, NI_NUMERICHOST) != 0) | ||
73 | fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); | ||
74 | |||
75 | if (!use_dns) | ||
76 | return xstrdup(ntop); | ||
77 | |||
78 | debug3("Trying to reverse map address %.100s.", ntop); | 70 | debug3("Trying to reverse map address %.100s.", ntop); |
79 | /* Map the IP address to a host name. */ | 71 | /* Map the IP address to a host name. */ |
80 | if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), | 72 | if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), |
81 | NULL, 0, NI_NAMEREQD) != 0) { | 73 | NULL, 0, NI_NAMEREQD) != 0) { |
82 | /* Host name not found. Use ip address. */ | 74 | /* Host name not found. Use ip address. */ |
83 | return xstrdup(ntop); | 75 | return strdup(ntop); |
84 | } | 76 | } |
85 | 77 | ||
86 | /* | 78 | /* |
@@ -95,10 +87,10 @@ get_remote_hostname(int sock, int use_dns) | |||
95 | logit("Nasty PTR record \"%s\" is set up for %s, ignoring", | 87 | logit("Nasty PTR record \"%s\" is set up for %s, ignoring", |
96 | name, ntop); | 88 | name, ntop); |
97 | freeaddrinfo(ai); | 89 | freeaddrinfo(ai); |
98 | return xstrdup(ntop); | 90 | return strdup(ntop); |
99 | } | 91 | } |
100 | 92 | ||
101 | /* Names are stores in lowercase. */ | 93 | /* Names are stored in lowercase. */ |
102 | lowercase(name); | 94 | lowercase(name); |
103 | 95 | ||
104 | /* | 96 | /* |
@@ -115,8 +107,8 @@ get_remote_hostname(int sock, int use_dns) | |||
115 | hints.ai_socktype = SOCK_STREAM; | 107 | hints.ai_socktype = SOCK_STREAM; |
116 | if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { | 108 | if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { |
117 | logit("reverse mapping checking getaddrinfo for %.700s " | 109 | logit("reverse mapping checking getaddrinfo for %.700s " |
118 | "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop); | 110 | "[%s] failed.", name, ntop); |
119 | return xstrdup(ntop); | 111 | return strdup(ntop); |
120 | } | 112 | } |
121 | /* Look for the address from the list of addresses. */ | 113 | /* Look for the address from the list of addresses. */ |
122 | for (ai = aitop; ai; ai = ai->ai_next) { | 114 | for (ai = aitop; ai; ai = ai->ai_next) { |
@@ -127,53 +119,13 @@ get_remote_hostname(int sock, int use_dns) | |||
127 | } | 119 | } |
128 | freeaddrinfo(aitop); | 120 | freeaddrinfo(aitop); |
129 | /* If we reached the end of the list, the address was not there. */ | 121 | /* If we reached the end of the list, the address was not there. */ |
130 | if (!ai) { | 122 | if (ai == NULL) { |
131 | /* Address not found for the host name. */ | 123 | /* Address not found for the host name. */ |
132 | logit("Address %.100s maps to %.600s, but this does not " | 124 | logit("Address %.100s maps to %.600s, but this does not " |
133 | "map back to the address - POSSIBLE BREAK-IN ATTEMPT!", | 125 | "map back to the address.", ntop, name); |
134 | ntop, name); | 126 | return strdup(ntop); |
135 | return xstrdup(ntop); | ||
136 | } | ||
137 | return xstrdup(name); | ||
138 | } | ||
139 | |||
140 | /* | ||
141 | * If IP options are supported, make sure there are none (log and | ||
142 | * disconnect them if any are found). Basically we are worried about | ||
143 | * source routing; it can be used to pretend you are somebody | ||
144 | * (ip-address) you are not. That itself may be "almost acceptable" | ||
145 | * under certain circumstances, but rhosts autentication is useless | ||
146 | * if source routing is accepted. Notice also that if we just dropped | ||
147 | * source routing here, the other side could use IP spoofing to do | ||
148 | * rest of the interaction and could still bypass security. So we | ||
149 | * exit here if we detect any IP options. | ||
150 | */ | ||
151 | /* IPv4 only */ | ||
152 | static void | ||
153 | check_ip_options(int sock, char *ipaddr) | ||
154 | { | ||
155 | #ifdef IP_OPTIONS | ||
156 | u_char options[200]; | ||
157 | char text[sizeof(options) * 3 + 1]; | ||
158 | socklen_t option_size, i; | ||
159 | int ipproto; | ||
160 | struct protoent *ip; | ||
161 | |||
162 | if ((ip = getprotobyname("ip")) != NULL) | ||
163 | ipproto = ip->p_proto; | ||
164 | else | ||
165 | ipproto = IPPROTO_IP; | ||
166 | option_size = sizeof(options); | ||
167 | if (getsockopt(sock, ipproto, IP_OPTIONS, options, | ||
168 | &option_size) >= 0 && option_size != 0) { | ||
169 | text[0] = '\0'; | ||
170 | for (i = 0; i < option_size; i++) | ||
171 | snprintf(text + i*3, sizeof(text) - i*3, | ||
172 | " %2.2x", options[i]); | ||
173 | fatal("Connection from %.100s with IP options:%.800s", | ||
174 | ipaddr, text); | ||
175 | } | 127 | } |
176 | #endif /* IP_OPTIONS */ | 128 | return strdup(name); |
177 | } | 129 | } |
178 | 130 | ||
179 | void | 131 | void |
@@ -202,38 +154,6 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) | |||
202 | } | 154 | } |
203 | 155 | ||
204 | /* | 156 | /* |
205 | * Return the canonical name of the host in the other side of the current | ||
206 | * connection. The host name is cached, so it is efficient to call this | ||
207 | * several times. | ||
208 | */ | ||
209 | |||
210 | const char * | ||
211 | get_canonical_hostname(int use_dns) | ||
212 | { | ||
213 | char *host; | ||
214 | static char *canonical_host_name = NULL; | ||
215 | static char *remote_ip = NULL; | ||
216 | |||
217 | /* Check if we have previously retrieved name with same option. */ | ||
218 | if (use_dns && canonical_host_name != NULL) | ||
219 | return canonical_host_name; | ||
220 | if (!use_dns && remote_ip != NULL) | ||
221 | return remote_ip; | ||
222 | |||
223 | /* Get the real hostname if socket; otherwise return UNKNOWN. */ | ||
224 | if (packet_connection_is_on_socket()) | ||
225 | host = get_remote_hostname(packet_get_connection_in(), use_dns); | ||
226 | else | ||
227 | host = "UNKNOWN"; | ||
228 | |||
229 | if (use_dns) | ||
230 | canonical_host_name = host; | ||
231 | else | ||
232 | remote_ip = host; | ||
233 | return host; | ||
234 | } | ||
235 | |||
236 | /* | ||
237 | * Returns the local/remote IP-address/hostname of socket as a string. | 157 | * Returns the local/remote IP-address/hostname of socket as a string. |
238 | * The returned string must be freed. | 158 | * The returned string must be freed. |
239 | */ | 159 | */ |
@@ -250,12 +170,10 @@ get_socket_address(int sock, int remote, int flags) | |||
250 | memset(&addr, 0, sizeof(addr)); | 170 | memset(&addr, 0, sizeof(addr)); |
251 | 171 | ||
252 | if (remote) { | 172 | if (remote) { |
253 | if (getpeername(sock, (struct sockaddr *)&addr, &addrlen) | 173 | if (getpeername(sock, (struct sockaddr *)&addr, &addrlen) != 0) |
254 | < 0) | ||
255 | return NULL; | 174 | return NULL; |
256 | } else { | 175 | } else { |
257 | if (getsockname(sock, (struct sockaddr *)&addr, &addrlen) | 176 | if (getsockname(sock, (struct sockaddr *)&addr, &addrlen) != 0) |
258 | < 0) | ||
259 | return NULL; | 177 | return NULL; |
260 | } | 178 | } |
261 | 179 | ||
@@ -271,7 +189,7 @@ get_socket_address(int sock, int remote, int flags) | |||
271 | /* Get the address in ascii. */ | 189 | /* Get the address in ascii. */ |
272 | if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, | 190 | if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, |
273 | sizeof(ntop), NULL, 0, flags)) != 0) { | 191 | sizeof(ntop), NULL, 0, flags)) != 0) { |
274 | error("get_socket_address: getnameinfo %d failed: %s", | 192 | error("%s: getnameinfo %d failed: %s", __func__, |
275 | flags, ssh_gai_strerror(r)); | 193 | flags, ssh_gai_strerror(r)); |
276 | return NULL; | 194 | return NULL; |
277 | } | 195 | } |
@@ -316,7 +234,8 @@ get_local_name(int fd) | |||
316 | 234 | ||
317 | /* Handle the case where we were passed a pipe */ | 235 | /* Handle the case where we were passed a pipe */ |
318 | if (gethostname(myname, sizeof(myname)) == -1) { | 236 | if (gethostname(myname, sizeof(myname)) == -1) { |
319 | verbose("get_local_name: gethostname: %s", strerror(errno)); | 237 | verbose("%s: gethostname: %s", __func__, strerror(errno)); |
238 | host = xstrdup("UNKNOWN"); | ||
320 | } else { | 239 | } else { |
321 | host = xstrdup(myname); | 240 | host = xstrdup(myname); |
322 | } | 241 | } |
@@ -324,51 +243,9 @@ get_local_name(int fd) | |||
324 | return host; | 243 | return host; |
325 | } | 244 | } |
326 | 245 | ||
327 | void | ||
328 | clear_cached_addr(void) | ||
329 | { | ||
330 | free(canonical_host_ip); | ||
331 | canonical_host_ip = NULL; | ||
332 | cached_port = -1; | ||
333 | } | ||
334 | |||
335 | /* | ||
336 | * Returns the IP-address of the remote host as a string. The returned | ||
337 | * string must not be freed. | ||
338 | */ | ||
339 | |||
340 | const char * | ||
341 | get_remote_ipaddr(void) | ||
342 | { | ||
343 | /* Check whether we have cached the ipaddr. */ | ||
344 | if (canonical_host_ip == NULL) { | ||
345 | if (packet_connection_is_on_socket()) { | ||
346 | canonical_host_ip = | ||
347 | get_peer_ipaddr(packet_get_connection_in()); | ||
348 | if (canonical_host_ip == NULL) | ||
349 | cleanup_exit(255); | ||
350 | } else { | ||
351 | /* If not on socket, return UNKNOWN. */ | ||
352 | canonical_host_ip = xstrdup("UNKNOWN"); | ||
353 | } | ||
354 | } | ||
355 | return canonical_host_ip; | ||
356 | } | ||
357 | |||
358 | const char * | ||
359 | get_remote_name_or_ip(u_int utmp_len, int use_dns) | ||
360 | { | ||
361 | static const char *remote = ""; | ||
362 | if (utmp_len > 0) | ||
363 | remote = get_canonical_hostname(use_dns); | ||
364 | if (utmp_len == 0 || strlen(remote) > utmp_len) | ||
365 | remote = get_remote_ipaddr(); | ||
366 | return remote; | ||
367 | } | ||
368 | |||
369 | /* Returns the local/remote port for the socket. */ | 246 | /* Returns the local/remote port for the socket. */ |
370 | 247 | ||
371 | int | 248 | static int |
372 | get_sock_port(int sock, int local) | 249 | get_sock_port(int sock, int local) |
373 | { | 250 | { |
374 | struct sockaddr_storage from; | 251 | struct sockaddr_storage from; |
@@ -402,27 +279,11 @@ get_sock_port(int sock, int local) | |||
402 | /* Return port number. */ | 279 | /* Return port number. */ |
403 | if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, | 280 | if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, |
404 | strport, sizeof(strport), NI_NUMERICSERV)) != 0) | 281 | strport, sizeof(strport), NI_NUMERICSERV)) != 0) |
405 | fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s", | 282 | fatal("%s: getnameinfo NI_NUMERICSERV failed: %s", __func__, |
406 | ssh_gai_strerror(r)); | 283 | ssh_gai_strerror(r)); |
407 | return atoi(strport); | 284 | return atoi(strport); |
408 | } | 285 | } |
409 | 286 | ||
410 | /* Returns remote/local port number for the current connection. */ | ||
411 | |||
412 | static int | ||
413 | get_port(int local) | ||
414 | { | ||
415 | /* | ||
416 | * If the connection is not a socket, return 65535. This is | ||
417 | * intentionally chosen to be an unprivileged port number. | ||
418 | */ | ||
419 | if (!packet_connection_is_on_socket()) | ||
420 | return 65535; | ||
421 | |||
422 | /* Get socket and return the port number. */ | ||
423 | return get_sock_port(packet_get_connection_in(), local); | ||
424 | } | ||
425 | |||
426 | int | 287 | int |
427 | get_peer_port(int sock) | 288 | get_peer_port(int sock) |
428 | { | 289 | { |
@@ -430,17 +291,7 @@ get_peer_port(int sock) | |||
430 | } | 291 | } |
431 | 292 | ||
432 | int | 293 | int |
433 | get_remote_port(void) | 294 | get_local_port(int sock) |
434 | { | ||
435 | /* Cache to avoid getpeername() on a dead connection */ | ||
436 | if (cached_port == -1) | ||
437 | cached_port = get_port(0); | ||
438 | |||
439 | return cached_port; | ||
440 | } | ||
441 | |||
442 | int | ||
443 | get_local_port(void) | ||
444 | { | 295 | { |
445 | return get_port(1); | 296 | return get_sock_port(sock, 1); |
446 | } | 297 | } |
diff --git a/canohost.h b/canohost.h index 4c8636f42..0cadc9f18 100644 --- a/canohost.h +++ b/canohost.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: canohost.h,v 1.11 2009/05/27 06:31:25 andreas Exp $ */ | 1 | /* $OpenBSD: canohost.h,v 1.12 2016/03/07 19:02:43 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -12,18 +12,18 @@ | |||
12 | * called by a name other than "ssh" or "Secure Shell". | 12 | * called by a name other than "ssh" or "Secure Shell". |
13 | */ | 13 | */ |
14 | 14 | ||
15 | const char *get_canonical_hostname(int); | 15 | #ifndef _CANOHOST_H |
16 | const char *get_remote_ipaddr(void); | 16 | #define _CANOHOST_H |
17 | const char *get_remote_name_or_ip(u_int, int); | ||
18 | 17 | ||
18 | struct ssh; | ||
19 | |||
20 | char *remote_hostname(struct ssh *); | ||
19 | char *get_peer_ipaddr(int); | 21 | char *get_peer_ipaddr(int); |
20 | int get_peer_port(int); | 22 | int get_peer_port(int); |
21 | char *get_local_ipaddr(int); | 23 | char *get_local_ipaddr(int); |
22 | char *get_local_name(int); | 24 | char *get_local_name(int); |
25 | int get_local_port(int); | ||
23 | 26 | ||
24 | int get_remote_port(void); | 27 | #endif /* _CANOHOST_H */ |
25 | int get_local_port(void); | ||
26 | int get_sock_port(int, int); | ||
27 | void clear_cached_addr(void); | ||
28 | 28 | ||
29 | void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); | 29 | void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); |
diff --git a/channels.c b/channels.c index c9d2015ee..9f9e972f4 100644 --- a/channels.c +++ b/channels.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.c,v 1.349 2016/02/05 13:28:19 naddy Exp $ */ | 1 | /* $OpenBSD: channels.c,v 1.351 2016/07/19 11:38:53 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -138,6 +138,9 @@ static int num_adm_permitted_opens = 0; | |||
138 | /* special-case port number meaning allow any port */ | 138 | /* special-case port number meaning allow any port */ |
139 | #define FWD_PERMIT_ANY_PORT 0 | 139 | #define FWD_PERMIT_ANY_PORT 0 |
140 | 140 | ||
141 | /* special-case wildcard meaning allow any host */ | ||
142 | #define FWD_PERMIT_ANY_HOST "*" | ||
143 | |||
141 | /* | 144 | /* |
142 | * If this is true, all opens are permitted. This is the case on the server | 145 | * If this is true, all opens are permitted. This is the case on the server |
143 | * on which we have to trust the client anyway, and the user could do | 146 | * on which we have to trust the client anyway, and the user could do |
@@ -1416,7 +1419,7 @@ port_open_helper(Channel *c, char *rtype) | |||
1416 | { | 1419 | { |
1417 | char buf[1024]; | 1420 | char buf[1024]; |
1418 | char *local_ipaddr = get_local_ipaddr(c->sock); | 1421 | char *local_ipaddr = get_local_ipaddr(c->sock); |
1419 | int local_port = c->sock == -1 ? 65536 : get_sock_port(c->sock, 1); | 1422 | int local_port = c->sock == -1 ? 65536 : get_local_port(c->sock); |
1420 | char *remote_ipaddr = get_peer_ipaddr(c->sock); | 1423 | char *remote_ipaddr = get_peer_ipaddr(c->sock); |
1421 | int remote_port = get_peer_port(c->sock); | 1424 | int remote_port = get_peer_port(c->sock); |
1422 | 1425 | ||
@@ -2935,7 +2938,7 @@ channel_setup_fwd_listener_tcpip(int type, struct Forward *fwd, | |||
2935 | if (type == SSH_CHANNEL_RPORT_LISTENER && fwd->listen_port == 0 && | 2938 | if (type == SSH_CHANNEL_RPORT_LISTENER && fwd->listen_port == 0 && |
2936 | allocated_listen_port != NULL && | 2939 | allocated_listen_port != NULL && |
2937 | *allocated_listen_port == 0) { | 2940 | *allocated_listen_port == 0) { |
2938 | *allocated_listen_port = get_sock_port(sock, 1); | 2941 | *allocated_listen_port = get_local_port(sock); |
2939 | debug("Allocated listen port %d", | 2942 | debug("Allocated listen port %d", |
2940 | *allocated_listen_port); | 2943 | *allocated_listen_port); |
2941 | } | 2944 | } |
@@ -3298,7 +3301,8 @@ open_match(ForwardPermission *allowed_open, const char *requestedhost, | |||
3298 | if (allowed_open->port_to_connect != FWD_PERMIT_ANY_PORT && | 3301 | if (allowed_open->port_to_connect != FWD_PERMIT_ANY_PORT && |
3299 | allowed_open->port_to_connect != requestedport) | 3302 | allowed_open->port_to_connect != requestedport) |
3300 | return 0; | 3303 | return 0; |
3301 | if (strcmp(allowed_open->host_to_connect, requestedhost) != 0) | 3304 | if (strcmp(allowed_open->host_to_connect, FWD_PERMIT_ANY_HOST) != 0 && |
3305 | strcmp(allowed_open->host_to_connect, requestedhost) != 0) | ||
3302 | return 0; | 3306 | return 0; |
3303 | return 1; | 3307 | return 1; |
3304 | } | 3308 | } |
diff --git a/cipher-bf1.c b/cipher-bf1.c index ee72ac085..7d51f5198 100644 --- a/cipher-bf1.c +++ b/cipher-bf1.c | |||
@@ -20,7 +20,7 @@ | |||
20 | 20 | ||
21 | #include "includes.h" | 21 | #include "includes.h" |
22 | 22 | ||
23 | #ifdef WITH_OPENSSL | 23 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) |
24 | 24 | ||
25 | #include <sys/types.h> | 25 | #include <sys/types.h> |
26 | 26 | ||
@@ -100,4 +100,4 @@ evp_ssh1_bf(void) | |||
100 | ssh1_bf.key_len = 32; | 100 | ssh1_bf.key_len = 32; |
101 | return (&ssh1_bf); | 101 | return (&ssh1_bf); |
102 | } | 102 | } |
103 | #endif /* WITH_OPENSSL */ | 103 | #endif /* defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) */ |
@@ -81,18 +81,26 @@ static const struct sshcipher ciphers[] = { | |||
81 | #ifdef WITH_SSH1 | 81 | #ifdef WITH_SSH1 |
82 | { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, | 82 | { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, |
83 | { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, | 83 | { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, |
84 | # ifndef OPENSSL_NO_BF | ||
84 | { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, | 85 | { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, 0, 0, 1, evp_ssh1_bf }, |
86 | # endif /* OPENSSL_NO_BF */ | ||
85 | #endif /* WITH_SSH1 */ | 87 | #endif /* WITH_SSH1 */ |
86 | #ifdef WITH_OPENSSL | 88 | #ifdef WITH_OPENSSL |
87 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, | 89 | { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, |
88 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, | 90 | { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, |
91 | # ifndef OPENSSL_NO_BF | ||
89 | { "blowfish-cbc", | 92 | { "blowfish-cbc", |
90 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, | 93 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, |
94 | # endif /* OPENSSL_NO_BF */ | ||
95 | # ifndef OPENSSL_NO_CAST | ||
91 | { "cast128-cbc", | 96 | { "cast128-cbc", |
92 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, | 97 | SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, |
98 | # endif /* OPENSSL_NO_CAST */ | ||
99 | # ifndef OPENSSL_NO_RC4 | ||
93 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, | 100 | { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, |
94 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, | 101 | { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, |
95 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, | 102 | { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, |
103 | # endif /* OPENSSL_NO_RC4 */ | ||
96 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, | 104 | { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, |
97 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, | 105 | { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, |
98 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, | 106 | { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, |
@@ -625,7 +633,7 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) | |||
625 | int | 633 | int |
626 | cipher_get_keycontext(const struct sshcipher_ctx *cc, u_char *dat) | 634 | cipher_get_keycontext(const struct sshcipher_ctx *cc, u_char *dat) |
627 | { | 635 | { |
628 | #ifdef WITH_OPENSSL | 636 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_RC4) |
629 | const struct sshcipher *c = cc->cipher; | 637 | const struct sshcipher *c = cc->cipher; |
630 | int plen = 0; | 638 | int plen = 0; |
631 | 639 | ||
@@ -644,7 +652,7 @@ cipher_get_keycontext(const struct sshcipher_ctx *cc, u_char *dat) | |||
644 | void | 652 | void |
645 | cipher_set_keycontext(struct sshcipher_ctx *cc, const u_char *dat) | 653 | cipher_set_keycontext(struct sshcipher_ctx *cc, const u_char *dat) |
646 | { | 654 | { |
647 | #ifdef WITH_OPENSSL | 655 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_RC4) |
648 | const struct sshcipher *c = cc->cipher; | 656 | const struct sshcipher *c = cc->cipher; |
649 | int plen; | 657 | int plen; |
650 | 658 | ||
diff --git a/clientloop.c b/clientloop.c index 3b6cacb08..e5cc3f8cb 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.284 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.286 2016/07/23 02:54:08 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -127,6 +127,9 @@ extern int stdin_null_flag; | |||
127 | /* Flag indicating that no shell has been requested */ | 127 | /* Flag indicating that no shell has been requested */ |
128 | extern int no_shell_flag; | 128 | extern int no_shell_flag; |
129 | 129 | ||
130 | /* Flag indicating that ssh should daemonise after authentication is complete */ | ||
131 | extern int fork_after_authentication_flag; | ||
132 | |||
130 | /* Control socket */ | 133 | /* Control socket */ |
131 | extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */ | 134 | extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */ |
132 | 135 | ||
@@ -1514,9 +1517,9 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | |||
1514 | debug("Entering interactive session."); | 1517 | debug("Entering interactive session."); |
1515 | 1518 | ||
1516 | if (options.control_master && | 1519 | if (options.control_master && |
1517 | ! option_clear_or_none(options.control_path)) { | 1520 | !option_clear_or_none(options.control_path)) { |
1518 | debug("pledge: id"); | 1521 | debug("pledge: id"); |
1519 | if (pledge("stdio rpath wpath cpath unix inet dns proc exec id tty", | 1522 | if (pledge("stdio rpath wpath cpath unix inet dns recvfd proc exec id tty", |
1520 | NULL) == -1) | 1523 | NULL) == -1) |
1521 | fatal("%s pledge(): %s", __func__, strerror(errno)); | 1524 | fatal("%s pledge(): %s", __func__, strerror(errno)); |
1522 | 1525 | ||
@@ -1532,7 +1535,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | |||
1532 | NULL) == -1) | 1535 | NULL) == -1) |
1533 | fatal("%s pledge(): %s", __func__, strerror(errno)); | 1536 | fatal("%s pledge(): %s", __func__, strerror(errno)); |
1534 | 1537 | ||
1535 | } else if (! option_clear_or_none(options.proxy_command)) { | 1538 | } else if (!option_clear_or_none(options.proxy_command) || |
1539 | fork_after_authentication_flag) { | ||
1536 | debug("pledge: proc"); | 1540 | debug("pledge: proc"); |
1537 | if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1) | 1541 | if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1) |
1538 | fatal("%s pledge(): %s", __func__, strerror(errno)); | 1542 | fatal("%s pledge(): %s", __func__, strerror(errno)); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.c,v 1.97 2015/08/19 23:21:42 djm Exp $ */ | 1 | /* $OpenBSD: compat.c,v 1.99 2016/05/24 02:31:57 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
diff --git a/config.h.in b/config.h.in index 621c1396e..d7caf9aa4 100644 --- a/config.h.in +++ b/config.h.in | |||
@@ -75,7 +75,7 @@ | |||
75 | /* Define if your snprintf is busted */ | 75 | /* Define if your snprintf is busted */ |
76 | #undef BROKEN_SNPRINTF | 76 | #undef BROKEN_SNPRINTF |
77 | 77 | ||
78 | /* FreeBSD strnvis argument order is swapped compared to OpenBSD */ | 78 | /* missing VIS_ALL */ |
79 | #undef BROKEN_STRNVIS | 79 | #undef BROKEN_STRNVIS |
80 | 80 | ||
81 | /* tcgetattr with ICANON may hang */ | 81 | /* tcgetattr with ICANON may hang */ |
@@ -400,6 +400,15 @@ | |||
400 | /* Define to 1 if you have the `endutxent' function. */ | 400 | /* Define to 1 if you have the `endutxent' function. */ |
401 | #undef HAVE_ENDUTXENT | 401 | #undef HAVE_ENDUTXENT |
402 | 402 | ||
403 | /* Define to 1 if you have the `err' function. */ | ||
404 | #undef HAVE_ERR | ||
405 | |||
406 | /* Define to 1 if you have the `errx' function. */ | ||
407 | #undef HAVE_ERRX | ||
408 | |||
409 | /* Define to 1 if you have the <err.h> header file. */ | ||
410 | #undef HAVE_ERR_H | ||
411 | |||
403 | /* Define if your system has /etc/default/login */ | 412 | /* Define if your system has /etc/default/login */ |
404 | #undef HAVE_ETC_DEFAULT_LOGIN | 413 | #undef HAVE_ETC_DEFAULT_LOGIN |
405 | 414 | ||
@@ -667,6 +676,9 @@ | |||
667 | /* Define to 1 if you have the `krb5_get_error_message' function. */ | 676 | /* Define to 1 if you have the `krb5_get_error_message' function. */ |
668 | #undef HAVE_KRB5_GET_ERROR_MESSAGE | 677 | #undef HAVE_KRB5_GET_ERROR_MESSAGE |
669 | 678 | ||
679 | /* Define to 1 if you have the <langinfo.h> header file. */ | ||
680 | #undef HAVE_LANGINFO_H | ||
681 | |||
670 | /* Define to 1 if you have the <lastlog.h> header file. */ | 682 | /* Define to 1 if you have the <lastlog.h> header file. */ |
671 | #undef HAVE_LASTLOG_H | 683 | #undef HAVE_LASTLOG_H |
672 | 684 | ||
@@ -757,6 +769,9 @@ | |||
757 | /* Define to 1 if you have the `mblen' function. */ | 769 | /* Define to 1 if you have the `mblen' function. */ |
758 | #undef HAVE_MBLEN | 770 | #undef HAVE_MBLEN |
759 | 771 | ||
772 | /* Define to 1 if you have the `mbtowc' function. */ | ||
773 | #undef HAVE_MBTOWC | ||
774 | |||
760 | /* Define to 1 if you have the `md5_crypt' function. */ | 775 | /* Define to 1 if you have the `md5_crypt' function. */ |
761 | #undef HAVE_MD5_CRYPT | 776 | #undef HAVE_MD5_CRYPT |
762 | 777 | ||
@@ -802,6 +817,9 @@ | |||
802 | /* Define to 1 if you have the `ngetaddrinfo' function. */ | 817 | /* Define to 1 if you have the `ngetaddrinfo' function. */ |
803 | #undef HAVE_NGETADDRINFO | 818 | #undef HAVE_NGETADDRINFO |
804 | 819 | ||
820 | /* Define to 1 if you have the `nl_langinfo' function. */ | ||
821 | #undef HAVE_NL_LANGINFO | ||
822 | |||
805 | /* Define to 1 if you have the `nsleep' function. */ | 823 | /* Define to 1 if you have the `nsleep' function. */ |
806 | #undef HAVE_NSLEEP | 824 | #undef HAVE_NSLEEP |
807 | 825 | ||
@@ -962,6 +980,9 @@ | |||
962 | /* Define to 1 if you have the `setpcred' function. */ | 980 | /* Define to 1 if you have the `setpcred' function. */ |
963 | #undef HAVE_SETPCRED | 981 | #undef HAVE_SETPCRED |
964 | 982 | ||
983 | /* Define to 1 if you have the `setpflags' function. */ | ||
984 | #undef HAVE_SETPFLAGS | ||
985 | |||
965 | /* Define to 1 if you have the `setppriv' function. */ | 986 | /* Define to 1 if you have the `setppriv' function. */ |
966 | #undef HAVE_SETPPRIV | 987 | #undef HAVE_SETPPRIV |
967 | 988 | ||
@@ -1352,6 +1373,15 @@ | |||
1352 | /* Define to 1 if you have the `waitpid' function. */ | 1373 | /* Define to 1 if you have the `waitpid' function. */ |
1353 | #undef HAVE_WAITPID | 1374 | #undef HAVE_WAITPID |
1354 | 1375 | ||
1376 | /* Define to 1 if you have the `warn' function. */ | ||
1377 | #undef HAVE_WARN | ||
1378 | |||
1379 | /* Define to 1 if you have the <wchar.h> header file. */ | ||
1380 | #undef HAVE_WCHAR_H | ||
1381 | |||
1382 | /* Define to 1 if you have the `wcwidth' function. */ | ||
1383 | #undef HAVE_WCWIDTH | ||
1384 | |||
1355 | /* Define to 1 if you have the `_getlong' function. */ | 1385 | /* Define to 1 if you have the `_getlong' function. */ |
1356 | #undef HAVE__GETLONG | 1386 | #undef HAVE__GETLONG |
1357 | 1387 | ||
@@ -1447,9 +1477,6 @@ | |||
1447 | /* compiler does not accept __attribute__ on return types */ | 1477 | /* compiler does not accept __attribute__ on return types */ |
1448 | #undef NO_ATTRIBUTE_ON_RETURN_TYPE | 1478 | #undef NO_ATTRIBUTE_ON_RETURN_TYPE |
1449 | 1479 | ||
1450 | /* Define if the concept of ports only accessible to superusers isn't known */ | ||
1451 | #undef NO_IPPORT_RESERVED_CONCEPT | ||
1452 | |||
1453 | /* Define if you don't want to use lastlog in session.c */ | 1480 | /* Define if you don't want to use lastlog in session.c */ |
1454 | #undef NO_SSH_LASTLOG | 1481 | #undef NO_SSH_LASTLOG |
1455 | 1482 | ||
@@ -1305,6 +1305,7 @@ Optional Features: | |||
1305 | --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) | 1305 | --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) |
1306 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] | 1306 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] |
1307 | --disable-largefile omit support for large files | 1307 | --disable-largefile omit support for large files |
1308 | --disable-pkcs11 disable PKCS#11 support code [no] | ||
1308 | --disable-strip Disable calling strip(1) on install | 1309 | --disable-strip Disable calling strip(1) on install |
1309 | --disable-etc-default-login Disable using PATH from /etc/default/login no | 1310 | --disable-etc-default-login Disable using PATH from /etc/default/login no |
1310 | --disable-lastlog disable use of lastlog even if detected no | 1311 | --disable-lastlog disable use of lastlog even if detected no |
@@ -7441,6 +7442,9 @@ fi | |||
7441 | 7442 | ||
7442 | 7443 | ||
7443 | 7444 | ||
7445 | |||
7446 | |||
7447 | |||
7444 | for ac_header in \ | 7448 | for ac_header in \ |
7445 | blf.h \ | 7449 | blf.h \ |
7446 | bstring.h \ | 7450 | bstring.h \ |
@@ -7449,6 +7453,7 @@ for ac_header in \ | |||
7449 | dirent.h \ | 7453 | dirent.h \ |
7450 | endian.h \ | 7454 | endian.h \ |
7451 | elf.h \ | 7455 | elf.h \ |
7456 | err.h \ | ||
7452 | features.h \ | 7457 | features.h \ |
7453 | fcntl.h \ | 7458 | fcntl.h \ |
7454 | floatingpoint.h \ | 7459 | floatingpoint.h \ |
@@ -7457,6 +7462,7 @@ for ac_header in \ | |||
7457 | ia.h \ | 7462 | ia.h \ |
7458 | iaf.h \ | 7463 | iaf.h \ |
7459 | inttypes.h \ | 7464 | inttypes.h \ |
7465 | langinfo.h \ | ||
7460 | limits.h \ | 7466 | limits.h \ |
7461 | locale.h \ | 7467 | locale.h \ |
7462 | login.h \ | 7468 | login.h \ |
@@ -7509,6 +7515,7 @@ for ac_header in \ | |||
7509 | utmp.h \ | 7515 | utmp.h \ |
7510 | utmpx.h \ | 7516 | utmpx.h \ |
7511 | vis.h \ | 7517 | vis.h \ |
7518 | wchar.h \ | ||
7512 | 7519 | ||
7513 | do | 7520 | do |
7514 | as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` | 7521 | as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` |
@@ -8981,11 +8988,6 @@ _ACEOF | |||
8981 | 8988 | ||
8982 | 8989 | ||
8983 | cat >>confdefs.h <<\_ACEOF | 8990 | cat >>confdefs.h <<\_ACEOF |
8984 | #define NO_IPPORT_RESERVED_CONCEPT 1 | ||
8985 | _ACEOF | ||
8986 | |||
8987 | |||
8988 | cat >>confdefs.h <<\_ACEOF | ||
8989 | #define DISABLE_FD_PASSING 1 | 8991 | #define DISABLE_FD_PASSING 1 |
8990 | _ACEOF | 8992 | _ACEOF |
8991 | 8993 | ||
@@ -10374,6 +10376,30 @@ echo $ECHO_N "checking for seccomp architecture... $ECHO_C" >&6; } | |||
10374 | aarch64*-*) | 10376 | aarch64*-*) |
10375 | seccomp_audit_arch=AUDIT_ARCH_AARCH64 | 10377 | seccomp_audit_arch=AUDIT_ARCH_AARCH64 |
10376 | ;; | 10378 | ;; |
10379 | s390x-*) | ||
10380 | seccomp_audit_arch=AUDIT_ARCH_S390X | ||
10381 | ;; | ||
10382 | s390-*) | ||
10383 | seccomp_audit_arch=AUDIT_ARCH_S390 | ||
10384 | ;; | ||
10385 | powerpc64-*) | ||
10386 | seccomp_audit_arch=AUDIT_ARCH_PPC64 | ||
10387 | ;; | ||
10388 | powerpc64le-*) | ||
10389 | seccomp_audit_arch=AUDIT_ARCH_PPC64LE | ||
10390 | ;; | ||
10391 | mips-*) | ||
10392 | seccomp_audit_arch=AUDIT_ARCH_MIPS | ||
10393 | ;; | ||
10394 | mipsel-*) | ||
10395 | seccomp_audit_arch=AUDIT_ARCH_MIPSEL | ||
10396 | ;; | ||
10397 | mips64-*) | ||
10398 | seccomp_audit_arch=AUDIT_ARCH_MIPS64 | ||
10399 | ;; | ||
10400 | mips64el-*) | ||
10401 | seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 | ||
10402 | ;; | ||
10377 | esac | 10403 | esac |
10378 | if test "x$seccomp_audit_arch" != "x" ; then | 10404 | if test "x$seccomp_audit_arch" != "x" ; then |
10379 | { echo "$as_me:$LINENO: result: \"$seccomp_audit_arch\"" >&5 | 10405 | { echo "$as_me:$LINENO: result: \"$seccomp_audit_arch\"" >&5 |
@@ -10401,6 +10427,7 @@ _ACEOF | |||
10401 | if test "x$withval" != "xno" ; then | 10427 | if test "x$withval" != "xno" ; then |
10402 | need_dash_r=1 | 10428 | need_dash_r=1 |
10403 | fi | 10429 | fi |
10430 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" | ||
10404 | 10431 | ||
10405 | cat >>confdefs.h <<\_ACEOF | 10432 | cat >>confdefs.h <<\_ACEOF |
10406 | #define SSH_TUN_FREEBSD 1 | 10433 | #define SSH_TUN_FREEBSD 1 |
@@ -10867,6 +10894,100 @@ _ACEOF | |||
10867 | echo "${ECHO_T}no" >&6; } | 10894 | echo "${ECHO_T}no" >&6; } |
10868 | fi | 10895 | fi |
10869 | 10896 | ||
10897 | for ac_func in setpflags | ||
10898 | do | ||
10899 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
10900 | { echo "$as_me:$LINENO: checking for $ac_func" >&5 | ||
10901 | echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } | ||
10902 | if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then | ||
10903 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
10904 | else | ||
10905 | cat >conftest.$ac_ext <<_ACEOF | ||
10906 | /* confdefs.h. */ | ||
10907 | _ACEOF | ||
10908 | cat confdefs.h >>conftest.$ac_ext | ||
10909 | cat >>conftest.$ac_ext <<_ACEOF | ||
10910 | /* end confdefs.h. */ | ||
10911 | /* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. | ||
10912 | For example, HP-UX 11i <limits.h> declares gettimeofday. */ | ||
10913 | #define $ac_func innocuous_$ac_func | ||
10914 | |||
10915 | /* System header to define __stub macros and hopefully few prototypes, | ||
10916 | which can conflict with char $ac_func (); below. | ||
10917 | Prefer <limits.h> to <assert.h> if __STDC__ is defined, since | ||
10918 | <limits.h> exists even on freestanding compilers. */ | ||
10919 | |||
10920 | #ifdef __STDC__ | ||
10921 | # include <limits.h> | ||
10922 | #else | ||
10923 | # include <assert.h> | ||
10924 | #endif | ||
10925 | |||
10926 | #undef $ac_func | ||
10927 | |||
10928 | /* Override any GCC internal prototype to avoid an error. | ||
10929 | Use char because int might match the return type of a GCC | ||
10930 | builtin and then its argument prototype would still apply. */ | ||
10931 | #ifdef __cplusplus | ||
10932 | extern "C" | ||
10933 | #endif | ||
10934 | char $ac_func (); | ||
10935 | /* The GNU C library defines this for functions which it implements | ||
10936 | to always fail with ENOSYS. Some functions are actually named | ||
10937 | something starting with __ and the normal name is an alias. */ | ||
10938 | #if defined __stub_$ac_func || defined __stub___$ac_func | ||
10939 | choke me | ||
10940 | #endif | ||
10941 | |||
10942 | int | ||
10943 | main () | ||
10944 | { | ||
10945 | return $ac_func (); | ||
10946 | ; | ||
10947 | return 0; | ||
10948 | } | ||
10949 | _ACEOF | ||
10950 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
10951 | if { (ac_try="$ac_link" | ||
10952 | case "(($ac_try" in | ||
10953 | *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; | ||
10954 | *) ac_try_echo=$ac_try;; | ||
10955 | esac | ||
10956 | eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 | ||
10957 | (eval "$ac_link") 2>conftest.er1 | ||
10958 | ac_status=$? | ||
10959 | grep -v '^ *+' conftest.er1 >conftest.err | ||
10960 | rm -f conftest.er1 | ||
10961 | cat conftest.err >&5 | ||
10962 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10963 | (exit $ac_status); } && { | ||
10964 | test -z "$ac_c_werror_flag" || | ||
10965 | test ! -s conftest.err | ||
10966 | } && test -s conftest$ac_exeext && | ||
10967 | $as_test_x conftest$ac_exeext; then | ||
10968 | eval "$as_ac_var=yes" | ||
10969 | else | ||
10970 | echo "$as_me: failed program was:" >&5 | ||
10971 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10972 | |||
10973 | eval "$as_ac_var=no" | ||
10974 | fi | ||
10975 | |||
10976 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ | ||
10977 | conftest$ac_exeext conftest.$ac_ext | ||
10978 | fi | ||
10979 | ac_res=`eval echo '${'$as_ac_var'}'` | ||
10980 | { echo "$as_me:$LINENO: result: $ac_res" >&5 | ||
10981 | echo "${ECHO_T}$ac_res" >&6; } | ||
10982 | if test `eval echo '${'$as_ac_var'}'` = yes; then | ||
10983 | cat >>confdefs.h <<_ACEOF | ||
10984 | #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
10985 | _ACEOF | ||
10986 | |||
10987 | fi | ||
10988 | done | ||
10989 | |||
10990 | |||
10870 | for ac_func in setppriv | 10991 | for ac_func in setppriv |
10871 | do | 10992 | do |
10872 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | 10993 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` |
@@ -15446,6 +15567,70 @@ fi | |||
15446 | 15567 | ||
15447 | 15568 | ||
15448 | 15569 | ||
15570 | { echo "$as_me:$LINENO: checking whether VIS_ALL is declared" >&5 | ||
15571 | echo $ECHO_N "checking whether VIS_ALL is declared... $ECHO_C" >&6; } | ||
15572 | if test "${ac_cv_have_decl_VIS_ALL+set}" = set; then | ||
15573 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
15574 | else | ||
15575 | cat >conftest.$ac_ext <<_ACEOF | ||
15576 | /* confdefs.h. */ | ||
15577 | _ACEOF | ||
15578 | cat confdefs.h >>conftest.$ac_ext | ||
15579 | cat >>conftest.$ac_ext <<_ACEOF | ||
15580 | /* end confdefs.h. */ | ||
15581 | #include <vis.h> | ||
15582 | |||
15583 | int | ||
15584 | main () | ||
15585 | { | ||
15586 | #ifndef VIS_ALL | ||
15587 | (void) VIS_ALL; | ||
15588 | #endif | ||
15589 | |||
15590 | ; | ||
15591 | return 0; | ||
15592 | } | ||
15593 | _ACEOF | ||
15594 | rm -f conftest.$ac_objext | ||
15595 | if { (ac_try="$ac_compile" | ||
15596 | case "(($ac_try" in | ||
15597 | *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; | ||
15598 | *) ac_try_echo=$ac_try;; | ||
15599 | esac | ||
15600 | eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 | ||
15601 | (eval "$ac_compile") 2>conftest.er1 | ||
15602 | ac_status=$? | ||
15603 | grep -v '^ *+' conftest.er1 >conftest.err | ||
15604 | rm -f conftest.er1 | ||
15605 | cat conftest.err >&5 | ||
15606 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
15607 | (exit $ac_status); } && { | ||
15608 | test -z "$ac_c_werror_flag" || | ||
15609 | test ! -s conftest.err | ||
15610 | } && test -s conftest.$ac_objext; then | ||
15611 | ac_cv_have_decl_VIS_ALL=yes | ||
15612 | else | ||
15613 | echo "$as_me: failed program was:" >&5 | ||
15614 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
15615 | |||
15616 | ac_cv_have_decl_VIS_ALL=no | ||
15617 | fi | ||
15618 | |||
15619 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
15620 | fi | ||
15621 | { echo "$as_me:$LINENO: result: $ac_cv_have_decl_VIS_ALL" >&5 | ||
15622 | echo "${ECHO_T}$ac_cv_have_decl_VIS_ALL" >&6; } | ||
15623 | if test $ac_cv_have_decl_VIS_ALL = yes; then | ||
15624 | : | ||
15625 | else | ||
15626 | |||
15627 | cat >>confdefs.h <<\_ACEOF | ||
15628 | #define BROKEN_STRNVIS 1 | ||
15629 | _ACEOF | ||
15630 | |||
15631 | fi | ||
15632 | |||
15633 | |||
15449 | { echo "$as_me:$LINENO: checking whether struct dirent allocates space for d_name" >&5 | 15634 | { echo "$as_me:$LINENO: checking whether struct dirent allocates space for d_name" >&5 |
15450 | echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6; } | 15635 | echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6; } |
15451 | if test "$cross_compiling" = yes; then | 15636 | if test "$cross_compiling" = yes; then |
@@ -15616,7 +15801,7 @@ fi | |||
15616 | 15801 | ||
15617 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ | 15802 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ |
15618 | conftest$ac_exeext conftest.$ac_ext | 15803 | conftest$ac_exeext conftest.$ac_ext |
15619 | { echo "$as_me:$LINENO: checking if skeychallenge takes 4 arguments" >&5 | 15804 | { echo "$as_me:$LINENO: checking if skeychallenge takes 4 arguments" >&5 |
15620 | echo $ECHO_N "checking if skeychallenge takes 4 arguments... $ECHO_C" >&6; } | 15805 | echo $ECHO_N "checking if skeychallenge takes 4 arguments... $ECHO_C" >&6; } |
15621 | cat >conftest.$ac_ext <<_ACEOF | 15806 | cat >conftest.$ac_ext <<_ACEOF |
15622 | /* confdefs.h. */ | 15807 | /* confdefs.h. */ |
@@ -15871,7 +16056,7 @@ fi | |||
15871 | if test "x$PKGCONFIG" != "xno"; then | 16056 | if test "x$PKGCONFIG" != "xno"; then |
15872 | { echo "$as_me:$LINENO: checking if $PKGCONFIG knows about libedit" >&5 | 16057 | { echo "$as_me:$LINENO: checking if $PKGCONFIG knows about libedit" >&5 |
15873 | echo $ECHO_N "checking if $PKGCONFIG knows about libedit... $ECHO_C" >&6; } | 16058 | echo $ECHO_N "checking if $PKGCONFIG knows about libedit... $ECHO_C" >&6; } |
15874 | if "$PKGCONFIG" libedit; then | 16059 | if "$PKGCONFIG" libedit; then |
15875 | { echo "$as_me:$LINENO: result: yes" >&5 | 16060 | { echo "$as_me:$LINENO: result: yes" >&5 |
15876 | echo "${ECHO_T}yes" >&6; } | 16061 | echo "${ECHO_T}yes" >&6; } |
15877 | use_pkgconfig_for_libedit=yes | 16062 | use_pkgconfig_for_libedit=yes |
@@ -16384,7 +16569,7 @@ cat >>confdefs.h <<\_ACEOF | |||
16384 | _ACEOF | 16569 | _ACEOF |
16385 | 16570 | ||
16386 | if test "$sol2ver" -ge 11; then | 16571 | if test "$sol2ver" -ge 11; then |
16387 | SSHDLIBS="$SSHDLIBS -lscf" | 16572 | SSHDLIBS="$SSHDLIBS -lscf" |
16388 | 16573 | ||
16389 | cat >>confdefs.h <<\_ACEOF | 16574 | cat >>confdefs.h <<\_ACEOF |
16390 | #define BROKEN_BSM_API 1 | 16575 | #define BROKEN_BSM_API 1 |
@@ -16895,6 +17080,8 @@ fi | |||
16895 | 17080 | ||
16896 | 17081 | ||
16897 | 17082 | ||
17083 | |||
17084 | |||
16898 | for ac_func in \ | 17085 | for ac_func in \ |
16899 | Blowfish_initstate \ | 17086 | Blowfish_initstate \ |
16900 | Blowfish_expandstate \ | 17087 | Blowfish_expandstate \ |
@@ -16914,6 +17101,8 @@ for ac_func in \ | |||
16914 | closefrom \ | 17101 | closefrom \ |
16915 | dirfd \ | 17102 | dirfd \ |
16916 | endgrent \ | 17103 | endgrent \ |
17104 | err \ | ||
17105 | errx \ | ||
16917 | explicit_bzero \ | 17106 | explicit_bzero \ |
16918 | fchmod \ | 17107 | fchmod \ |
16919 | fchown \ | 17108 | fchown \ |
@@ -16940,7 +17129,6 @@ for ac_func in \ | |||
16940 | inet_ntop \ | 17129 | inet_ntop \ |
16941 | innetgr \ | 17130 | innetgr \ |
16942 | login_getcapbool \ | 17131 | login_getcapbool \ |
16943 | mblen \ | ||
16944 | md5_crypt \ | 17132 | md5_crypt \ |
16945 | memmove \ | 17133 | memmove \ |
16946 | memset_s \ | 17134 | memset_s \ |
@@ -17005,6 +17193,7 @@ for ac_func in \ | |||
17005 | vasprintf \ | 17193 | vasprintf \ |
17006 | vsnprintf \ | 17194 | vsnprintf \ |
17007 | waitpid \ | 17195 | waitpid \ |
17196 | warn \ | ||
17008 | 17197 | ||
17009 | do | 17198 | do |
17010 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | 17199 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` |
@@ -17099,6 +17288,107 @@ fi | |||
17099 | done | 17288 | done |
17100 | 17289 | ||
17101 | 17290 | ||
17291 | saved_CFLAGS="$CFLAGS" | ||
17292 | CFLAGS="$CFLAGS -D_XOPEN_SOURCE" | ||
17293 | |||
17294 | |||
17295 | |||
17296 | |||
17297 | for ac_func in mblen mbtowc nl_langinfo wcwidth | ||
17298 | do | ||
17299 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
17300 | { echo "$as_me:$LINENO: checking for $ac_func" >&5 | ||
17301 | echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } | ||
17302 | if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then | ||
17303 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
17304 | else | ||
17305 | cat >conftest.$ac_ext <<_ACEOF | ||
17306 | /* confdefs.h. */ | ||
17307 | _ACEOF | ||
17308 | cat confdefs.h >>conftest.$ac_ext | ||
17309 | cat >>conftest.$ac_ext <<_ACEOF | ||
17310 | /* end confdefs.h. */ | ||
17311 | /* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. | ||
17312 | For example, HP-UX 11i <limits.h> declares gettimeofday. */ | ||
17313 | #define $ac_func innocuous_$ac_func | ||
17314 | |||
17315 | /* System header to define __stub macros and hopefully few prototypes, | ||
17316 | which can conflict with char $ac_func (); below. | ||
17317 | Prefer <limits.h> to <assert.h> if __STDC__ is defined, since | ||
17318 | <limits.h> exists even on freestanding compilers. */ | ||
17319 | |||
17320 | #ifdef __STDC__ | ||
17321 | # include <limits.h> | ||
17322 | #else | ||
17323 | # include <assert.h> | ||
17324 | #endif | ||
17325 | |||
17326 | #undef $ac_func | ||
17327 | |||
17328 | /* Override any GCC internal prototype to avoid an error. | ||
17329 | Use char because int might match the return type of a GCC | ||
17330 | builtin and then its argument prototype would still apply. */ | ||
17331 | #ifdef __cplusplus | ||
17332 | extern "C" | ||
17333 | #endif | ||
17334 | char $ac_func (); | ||
17335 | /* The GNU C library defines this for functions which it implements | ||
17336 | to always fail with ENOSYS. Some functions are actually named | ||
17337 | something starting with __ and the normal name is an alias. */ | ||
17338 | #if defined __stub_$ac_func || defined __stub___$ac_func | ||
17339 | choke me | ||
17340 | #endif | ||
17341 | |||
17342 | int | ||
17343 | main () | ||
17344 | { | ||
17345 | return $ac_func (); | ||
17346 | ; | ||
17347 | return 0; | ||
17348 | } | ||
17349 | _ACEOF | ||
17350 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
17351 | if { (ac_try="$ac_link" | ||
17352 | case "(($ac_try" in | ||
17353 | *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; | ||
17354 | *) ac_try_echo=$ac_try;; | ||
17355 | esac | ||
17356 | eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 | ||
17357 | (eval "$ac_link") 2>conftest.er1 | ||
17358 | ac_status=$? | ||
17359 | grep -v '^ *+' conftest.er1 >conftest.err | ||
17360 | rm -f conftest.er1 | ||
17361 | cat conftest.err >&5 | ||
17362 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
17363 | (exit $ac_status); } && { | ||
17364 | test -z "$ac_c_werror_flag" || | ||
17365 | test ! -s conftest.err | ||
17366 | } && test -s conftest$ac_exeext && | ||
17367 | $as_test_x conftest$ac_exeext; then | ||
17368 | eval "$as_ac_var=yes" | ||
17369 | else | ||
17370 | echo "$as_me: failed program was:" >&5 | ||
17371 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
17372 | |||
17373 | eval "$as_ac_var=no" | ||
17374 | fi | ||
17375 | |||
17376 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ | ||
17377 | conftest$ac_exeext conftest.$ac_ext | ||
17378 | fi | ||
17379 | ac_res=`eval echo '${'$as_ac_var'}'` | ||
17380 | { echo "$as_me:$LINENO: result: $ac_res" >&5 | ||
17381 | echo "${ECHO_T}$ac_res" >&6; } | ||
17382 | if test `eval echo '${'$as_ac_var'}'` = yes; then | ||
17383 | cat >>confdefs.h <<_ACEOF | ||
17384 | #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
17385 | _ACEOF | ||
17386 | |||
17387 | fi | ||
17388 | done | ||
17389 | |||
17390 | CFLAGS="$saved_CFLAGS" | ||
17391 | |||
17102 | cat >conftest.$ac_ext <<_ACEOF | 17392 | cat >conftest.$ac_ext <<_ACEOF |
17103 | /* confdefs.h. */ | 17393 | /* confdefs.h. */ |
17104 | _ACEOF | 17394 | _ACEOF |
@@ -17148,8 +17438,20 @@ fi | |||
17148 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ | 17438 | rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ |
17149 | conftest$ac_exeext conftest.$ac_ext | 17439 | conftest$ac_exeext conftest.$ac_ext |
17150 | 17440 | ||
17441 | disable_pkcs11= | ||
17442 | # Check whether --enable-pkcs11 was given. | ||
17443 | if test "${enable_pkcs11+set}" = set; then | ||
17444 | enableval=$enable_pkcs11; | ||
17445 | if test "x$enableval" = "xno" ; then | ||
17446 | disable_pkcs11=1 | ||
17447 | fi | ||
17448 | |||
17449 | |||
17450 | fi | ||
17451 | |||
17452 | |||
17151 | # PKCS11 depends on OpenSSL. | 17453 | # PKCS11 depends on OpenSSL. |
17152 | if test "x$openssl" = "xyes" ; then | 17454 | if test "x$openssl" = "xyes" && test "x$disable_pkcs11" = "x"; then |
17153 | # PKCS#11 support requires dlopen() and co | 17455 | # PKCS#11 support requires dlopen() and co |
17154 | { echo "$as_me:$LINENO: checking for library containing dlopen" >&5 | 17456 | { echo "$as_me:$LINENO: checking for library containing dlopen" >&5 |
17155 | echo $ECHO_N "checking for library containing dlopen... $ECHO_C" >&6; } | 17457 | echo $ECHO_N "checking for library containing dlopen... $ECHO_C" >&6; } |
@@ -21388,8 +21690,9 @@ main () | |||
21388 | if(fd == NULL) | 21690 | if(fd == NULL) |
21389 | exit(1); | 21691 | exit(1); |
21390 | 21692 | ||
21391 | if ((rc = fprintf(fd ,"%08lx (%s)\n", | 21693 | if ((rc = fprintf(fd, "%08lx (%s)\n", |
21392 | (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) | 21694 | (unsigned long)OPENSSL_VERSION_NUMBER, |
21695 | OPENSSL_VERSION_TEXT)) < 0) | ||
21393 | exit(1); | 21696 | exit(1); |
21394 | 21697 | ||
21395 | exit(0); | 21698 | exit(0); |
@@ -21476,8 +21779,8 @@ main () | |||
21476 | if(fd == NULL) | 21779 | if(fd == NULL) |
21477 | exit(1); | 21780 | exit(1); |
21478 | 21781 | ||
21479 | if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), | 21782 | if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(), |
21480 | SSLeay_version(SSLEAY_VERSION))) <0) | 21783 | SSLeay_version(SSLEAY_VERSION))) < 0) |
21481 | exit(1); | 21784 | exit(1); |
21482 | 21785 | ||
21483 | exit(0); | 21786 | exit(0); |
@@ -22110,7 +22413,8 @@ sed 's/^/| /' conftest.$ac_ext >&5 | |||
22110 | { echo "$as_me:$LINENO: result: no" >&5 | 22413 | { echo "$as_me:$LINENO: result: no" >&5 |
22111 | echo "${ECHO_T}no" >&6; } | 22414 | echo "${ECHO_T}no" >&6; } |
22112 | unsupported_algorithms="$unsupported_cipers \ | 22415 | unsupported_algorithms="$unsupported_cipers \ |
22113 | aes128-gcm@openssh.com aes256-gcm@openssh.com" | 22416 | aes128-gcm@openssh.com \ |
22417 | aes256-gcm@openssh.com" | ||
22114 | 22418 | ||
22115 | 22419 | ||
22116 | fi | 22420 | fi |
@@ -22606,9 +22910,11 @@ _ACEOF | |||
22606 | 22910 | ||
22607 | else | 22911 | else |
22608 | unsupported_algorithms="$unsupported_algorithms \ | 22912 | unsupported_algorithms="$unsupported_algorithms \ |
22609 | hmac-sha2-256 hmac-sha2-512 \ | 22913 | hmac-sha2-256 \ |
22914 | hmac-sha2-512 \ | ||
22610 | diffie-hellman-group-exchange-sha256 \ | 22915 | diffie-hellman-group-exchange-sha256 \ |
22611 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | 22916 | hmac-sha2-256-etm@openssh.com \ |
22917 | hmac-sha2-512-etm@openssh.com" | ||
22612 | 22918 | ||
22613 | 22919 | ||
22614 | fi | 22920 | fi |
@@ -22708,8 +23014,8 @@ _ACEOF | |||
22708 | 23014 | ||
22709 | else | 23015 | else |
22710 | unsupported_algorithms="$unsupported_algorithms \ | 23016 | unsupported_algorithms="$unsupported_algorithms \ |
22711 | hmac-ripemd160 | 23017 | hmac-ripemd160 \ |
22712 | hmac-ripemd160@openssh.com | 23018 | hmac-ripemd160@openssh.com \ |
22713 | hmac-ripemd160-etm@openssh.com" | 23019 | hmac-ripemd160-etm@openssh.com" |
22714 | 23020 | ||
22715 | 23021 | ||
@@ -22996,8 +23302,10 @@ _ACEOF | |||
22996 | TEST_SSH_ECC=yes | 23302 | TEST_SSH_ECC=yes |
22997 | COMMENT_OUT_ECC="" | 23303 | COMMENT_OUT_ECC="" |
22998 | else | 23304 | else |
22999 | unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \ | 23305 | unsupported_algorithms="$unsupported_algorithms \ |
23000 | ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com" | 23306 | ecdsa-sha2-nistp256 \ |
23307 | ecdh-sha2-nistp256 \ | ||
23308 | ecdsa-sha2-nistp256-cert-v01@openssh.com" | ||
23001 | fi | 23309 | fi |
23002 | if test x$enable_nistp384 = x1; then | 23310 | if test x$enable_nistp384 = x1; then |
23003 | 23311 | ||
@@ -23008,8 +23316,10 @@ _ACEOF | |||
23008 | TEST_SSH_ECC=yes | 23316 | TEST_SSH_ECC=yes |
23009 | COMMENT_OUT_ECC="" | 23317 | COMMENT_OUT_ECC="" |
23010 | else | 23318 | else |
23011 | unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \ | 23319 | unsupported_algorithms="$unsupported_algorithms \ |
23012 | ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com" | 23320 | ecdsa-sha2-nistp384 \ |
23321 | ecdh-sha2-nistp384 \ | ||
23322 | ecdsa-sha2-nistp384-cert-v01@openssh.com" | ||
23013 | fi | 23323 | fi |
23014 | if test x$enable_nistp521 = x1; then | 23324 | if test x$enable_nistp521 = x1; then |
23015 | 23325 | ||
@@ -23020,8 +23330,10 @@ _ACEOF | |||
23020 | TEST_SSH_ECC=yes | 23330 | TEST_SSH_ECC=yes |
23021 | COMMENT_OUT_ECC="" | 23331 | COMMENT_OUT_ECC="" |
23022 | else | 23332 | else |
23023 | unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \ | 23333 | unsupported_algorithms="$unsupported_algorithms \ |
23024 | ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com" | 23334 | ecdh-sha2-nistp521 \ |
23335 | ecdsa-sha2-nistp521 \ | ||
23336 | ecdsa-sha2-nistp521-cert-v01@openssh.com" | ||
23025 | fi | 23337 | fi |
23026 | 23338 | ||
23027 | 23339 | ||
@@ -32808,7 +33120,6 @@ sed 's/^/| /' conftest.$ac_ext >&5 | |||
32808 | echo "${ECHO_T}no" >&6; } | 33120 | echo "${ECHO_T}no" >&6; } |
32809 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" | 33121 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" |
32810 | 33122 | ||
32811 | |||
32812 | fi | 33123 | fi |
32813 | 33124 | ||
32814 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | 33125 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext |
@@ -34471,7 +34782,7 @@ eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 | |||
34471 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | 34782 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 |
34472 | (exit $ac_status); }; }; then | 34783 | (exit $ac_status); }; }; then |
34473 | 34784 | ||
34474 | maildir_what=`awk -F: '{print $1}' conftest.maildir` | 34785 | maildir_what=`awk -F: '{print $1}' conftest.maildir` |
34475 | maildir=`awk -F: '{print $2}' conftest.maildir \ | 34786 | maildir=`awk -F: '{print $2}' conftest.maildir \ |
34476 | | sed 's|/$||'` | 34787 | | sed 's|/$||'` |
34477 | { echo "$as_me:$LINENO: result: Using: $maildir from $maildir_what" >&5 | 34788 | { echo "$as_me:$LINENO: result: Using: $maildir from $maildir_what" >&5 |
diff --git a/configure.ac b/configure.ac index c978c1104..6cafb1535 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -373,6 +373,7 @@ AC_CHECK_HEADERS([ \ | |||
373 | dirent.h \ | 373 | dirent.h \ |
374 | endian.h \ | 374 | endian.h \ |
375 | elf.h \ | 375 | elf.h \ |
376 | err.h \ | ||
376 | features.h \ | 377 | features.h \ |
377 | fcntl.h \ | 378 | fcntl.h \ |
378 | floatingpoint.h \ | 379 | floatingpoint.h \ |
@@ -381,6 +382,7 @@ AC_CHECK_HEADERS([ \ | |||
381 | ia.h \ | 382 | ia.h \ |
382 | iaf.h \ | 383 | iaf.h \ |
383 | inttypes.h \ | 384 | inttypes.h \ |
385 | langinfo.h \ | ||
384 | limits.h \ | 386 | limits.h \ |
385 | locale.h \ | 387 | locale.h \ |
386 | login.h \ | 388 | login.h \ |
@@ -433,6 +435,7 @@ AC_CHECK_HEADERS([ \ | |||
433 | utmp.h \ | 435 | utmp.h \ |
434 | utmpx.h \ | 436 | utmpx.h \ |
435 | vis.h \ | 437 | vis.h \ |
438 | wchar.h \ | ||
436 | ]) | 439 | ]) |
437 | 440 | ||
438 | # lastlog.h requires sys/time.h to be included first on Solaris | 441 | # lastlog.h requires sys/time.h to be included first on Solaris |
@@ -586,9 +589,6 @@ case "$host" in | |||
586 | [Define if you want to disable shadow passwords]) | 589 | [Define if you want to disable shadow passwords]) |
587 | AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], | 590 | AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], |
588 | [Define if X11 doesn't support AF_UNIX sockets on that system]) | 591 | [Define if X11 doesn't support AF_UNIX sockets on that system]) |
589 | AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1], | ||
590 | [Define if the concept of ports only accessible to | ||
591 | superusers isn't known]) | ||
592 | AC_DEFINE([DISABLE_FD_PASSING], [1], | 592 | AC_DEFINE([DISABLE_FD_PASSING], [1], |
593 | [Define if your platform needs to skip post auth | 593 | [Define if your platform needs to skip post auth |
594 | file descriptor passing]) | 594 | file descriptor passing]) |
@@ -657,7 +657,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
657 | [AC_MSG_RESULT([no])] | 657 | [AC_MSG_RESULT([no])] |
658 | ) | 658 | ) |
659 | m4_pattern_allow([AU_IPv]) | 659 | m4_pattern_allow([AU_IPv]) |
660 | AC_CHECK_DECL([AU_IPv4], [], | 660 | AC_CHECK_DECL([AU_IPv4], [], |
661 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) | 661 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) |
662 | [#include <bsm/audit.h>] | 662 | [#include <bsm/audit.h>] |
663 | AC_DEFINE([LASTLOG_WRITE_PUTUTXLINE], [1], | 663 | AC_DEFINE([LASTLOG_WRITE_PUTUTXLINE], [1], |
@@ -676,12 +676,12 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
676 | SSHDLIBS="$SSHDLIBS -lcrypt" | 676 | SSHDLIBS="$SSHDLIBS -lcrypt" |
677 | TEST_MALLOC_OPTIONS="AFGJPRX" | 677 | TEST_MALLOC_OPTIONS="AFGJPRX" |
678 | ;; | 678 | ;; |
679 | *-*-haiku*) | 679 | *-*-haiku*) |
680 | LIBS="$LIBS -lbsd " | 680 | LIBS="$LIBS -lbsd " |
681 | AC_CHECK_LIB([network], [socket]) | 681 | AC_CHECK_LIB([network], [socket]) |
682 | AC_DEFINE([HAVE_U_INT64_T]) | 682 | AC_DEFINE([HAVE_U_INT64_T]) |
683 | MANTYPE=man | 683 | MANTYPE=man |
684 | ;; | 684 | ;; |
685 | *-*-hpux*) | 685 | *-*-hpux*) |
686 | # first we define all of the options common to all HP-UX releases | 686 | # first we define all of the options common to all HP-UX releases |
687 | CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" | 687 | CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" |
@@ -821,6 +821,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
821 | aarch64*-*) | 821 | aarch64*-*) |
822 | seccomp_audit_arch=AUDIT_ARCH_AARCH64 | 822 | seccomp_audit_arch=AUDIT_ARCH_AARCH64 |
823 | ;; | 823 | ;; |
824 | s390x-*) | ||
825 | seccomp_audit_arch=AUDIT_ARCH_S390X | ||
826 | ;; | ||
827 | s390-*) | ||
828 | seccomp_audit_arch=AUDIT_ARCH_S390 | ||
829 | ;; | ||
830 | powerpc64-*) | ||
831 | seccomp_audit_arch=AUDIT_ARCH_PPC64 | ||
832 | ;; | ||
833 | powerpc64le-*) | ||
834 | seccomp_audit_arch=AUDIT_ARCH_PPC64LE | ||
835 | ;; | ||
836 | mips-*) | ||
837 | seccomp_audit_arch=AUDIT_ARCH_MIPS | ||
838 | ;; | ||
839 | mipsel-*) | ||
840 | seccomp_audit_arch=AUDIT_ARCH_MIPSEL | ||
841 | ;; | ||
842 | mips64-*) | ||
843 | seccomp_audit_arch=AUDIT_ARCH_MIPS64 | ||
844 | ;; | ||
845 | mips64el-*) | ||
846 | seccomp_audit_arch=AUDIT_ARCH_MIPSEL64 | ||
847 | ;; | ||
824 | esac | 848 | esac |
825 | if test "x$seccomp_audit_arch" != "x" ; then | 849 | if test "x$seccomp_audit_arch" != "x" ; then |
826 | AC_MSG_RESULT(["$seccomp_audit_arch"]) | 850 | AC_MSG_RESULT(["$seccomp_audit_arch"]) |
@@ -839,6 +863,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
839 | if test "x$withval" != "xno" ; then | 863 | if test "x$withval" != "xno" ; then |
840 | need_dash_r=1 | 864 | need_dash_r=1 |
841 | fi | 865 | fi |
866 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" | ||
842 | AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) | 867 | AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) |
843 | AC_CHECK_HEADER([net/if_tap.h], , | 868 | AC_CHECK_HEADER([net/if_tap.h], , |
844 | AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) | 869 | AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) |
@@ -923,6 +948,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
923 | else | 948 | else |
924 | AC_MSG_RESULT([no]) | 949 | AC_MSG_RESULT([no]) |
925 | fi | 950 | fi |
951 | AC_CHECK_FUNCS([setpflags]) | ||
926 | AC_CHECK_FUNCS([setppriv]) | 952 | AC_CHECK_FUNCS([setppriv]) |
927 | AC_CHECK_FUNCS([priv_basicset]) | 953 | AC_CHECK_FUNCS([priv_basicset]) |
928 | AC_CHECK_HEADERS([priv.h]) | 954 | AC_CHECK_HEADERS([priv.h]) |
@@ -1402,6 +1428,9 @@ g.gl_statv = NULL; | |||
1402 | 1428 | ||
1403 | AC_CHECK_DECLS([GLOB_NOMATCH], , , [#include <glob.h>]) | 1429 | AC_CHECK_DECLS([GLOB_NOMATCH], , , [#include <glob.h>]) |
1404 | 1430 | ||
1431 | AC_CHECK_DECL([VIS_ALL], , | ||
1432 | AC_DEFINE(BROKEN_STRNVIS, 1, [missing VIS_ALL]), [#include <vis.h>]) | ||
1433 | |||
1405 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) | 1434 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) |
1406 | AC_RUN_IFELSE( | 1435 | AC_RUN_IFELSE( |
1407 | [AC_LANG_PROGRAM([[ | 1436 | [AC_LANG_PROGRAM([[ |
@@ -1462,7 +1491,7 @@ AC_ARG_WITH([skey], | |||
1462 | AC_MSG_RESULT([no]) | 1491 | AC_MSG_RESULT([no]) |
1463 | AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) | 1492 | AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) |
1464 | ]) | 1493 | ]) |
1465 | AC_MSG_CHECKING([if skeychallenge takes 4 arguments]) | 1494 | AC_MSG_CHECKING([if skeychallenge takes 4 arguments]) |
1466 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ | 1495 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ |
1467 | #include <stdio.h> | 1496 | #include <stdio.h> |
1468 | #include <skey.h> | 1497 | #include <skey.h> |
@@ -1581,7 +1610,7 @@ AC_ARG_WITH([libedit], | |||
1581 | AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) | 1610 | AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) |
1582 | if test "x$PKGCONFIG" != "xno"; then | 1611 | if test "x$PKGCONFIG" != "xno"; then |
1583 | AC_MSG_CHECKING([if $PKGCONFIG knows about libedit]) | 1612 | AC_MSG_CHECKING([if $PKGCONFIG knows about libedit]) |
1584 | if "$PKGCONFIG" libedit; then | 1613 | if "$PKGCONFIG" libedit; then |
1585 | AC_MSG_RESULT([yes]) | 1614 | AC_MSG_RESULT([yes]) |
1586 | use_pkgconfig_for_libedit=yes | 1615 | use_pkgconfig_for_libedit=yes |
1587 | else | 1616 | else |
@@ -1652,9 +1681,9 @@ AC_ARG_WITH([audit], | |||
1652 | AC_CHECK_FUNCS([getaudit_addr aug_get_machine]) | 1681 | AC_CHECK_FUNCS([getaudit_addr aug_get_machine]) |
1653 | AC_DEFINE([USE_BSM_AUDIT], [1], [Use BSM audit module]) | 1682 | AC_DEFINE([USE_BSM_AUDIT], [1], [Use BSM audit module]) |
1654 | if test "$sol2ver" -ge 11; then | 1683 | if test "$sol2ver" -ge 11; then |
1655 | SSHDLIBS="$SSHDLIBS -lscf" | 1684 | SSHDLIBS="$SSHDLIBS -lscf" |
1656 | AC_DEFINE([BROKEN_BSM_API], [1], | 1685 | AC_DEFINE([BROKEN_BSM_API], [1], |
1657 | [The system has incomplete BSM API]) | 1686 | [The system has incomplete BSM API]) |
1658 | fi | 1687 | fi |
1659 | ;; | 1688 | ;; |
1660 | linux) | 1689 | linux) |
@@ -1746,6 +1775,8 @@ AC_CHECK_FUNCS([ \ | |||
1746 | closefrom \ | 1775 | closefrom \ |
1747 | dirfd \ | 1776 | dirfd \ |
1748 | endgrent \ | 1777 | endgrent \ |
1778 | err \ | ||
1779 | errx \ | ||
1749 | explicit_bzero \ | 1780 | explicit_bzero \ |
1750 | fchmod \ | 1781 | fchmod \ |
1751 | fchown \ | 1782 | fchown \ |
@@ -1772,7 +1803,6 @@ AC_CHECK_FUNCS([ \ | |||
1772 | inet_ntop \ | 1803 | inet_ntop \ |
1773 | innetgr \ | 1804 | innetgr \ |
1774 | login_getcapbool \ | 1805 | login_getcapbool \ |
1775 | mblen \ | ||
1776 | md5_crypt \ | 1806 | md5_crypt \ |
1777 | memmove \ | 1807 | memmove \ |
1778 | memset_s \ | 1808 | memset_s \ |
@@ -1837,8 +1867,15 @@ AC_CHECK_FUNCS([ \ | |||
1837 | vasprintf \ | 1867 | vasprintf \ |
1838 | vsnprintf \ | 1868 | vsnprintf \ |
1839 | waitpid \ | 1869 | waitpid \ |
1870 | warn \ | ||
1840 | ]) | 1871 | ]) |
1841 | 1872 | ||
1873 | dnl Wide character support. Linux man page says it needs _XOPEN_SOURCE. | ||
1874 | saved_CFLAGS="$CFLAGS" | ||
1875 | CFLAGS="$CFLAGS -D_XOPEN_SOURCE" | ||
1876 | AC_CHECK_FUNCS([mblen mbtowc nl_langinfo wcwidth]) | ||
1877 | CFLAGS="$saved_CFLAGS" | ||
1878 | |||
1842 | AC_LINK_IFELSE( | 1879 | AC_LINK_IFELSE( |
1843 | [AC_LANG_PROGRAM( | 1880 | [AC_LANG_PROGRAM( |
1844 | [[ #include <ctype.h> ]], | 1881 | [[ #include <ctype.h> ]], |
@@ -1846,8 +1883,18 @@ AC_LINK_IFELSE( | |||
1846 | [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) | 1883 | [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) |
1847 | ]) | 1884 | ]) |
1848 | 1885 | ||
1886 | disable_pkcs11= | ||
1887 | AC_ARG_ENABLE([pkcs11], | ||
1888 | [ --disable-pkcs11 disable PKCS#11 support code [no]], | ||
1889 | [ | ||
1890 | if test "x$enableval" = "xno" ; then | ||
1891 | disable_pkcs11=1 | ||
1892 | fi | ||
1893 | ] | ||
1894 | ) | ||
1895 | |||
1849 | # PKCS11 depends on OpenSSL. | 1896 | # PKCS11 depends on OpenSSL. |
1850 | if test "x$openssl" = "xyes" ; then | 1897 | if test "x$openssl" = "xyes" && test "x$disable_pkcs11" = "x"; then |
1851 | # PKCS#11 support requires dlopen() and co | 1898 | # PKCS#11 support requires dlopen() and co |
1852 | AC_SEARCH_LIBS([dlopen], [dl], | 1899 | AC_SEARCH_LIBS([dlopen], [dl], |
1853 | [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])] | 1900 | [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])] |
@@ -2062,7 +2109,7 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then | |||
2062 | [[ | 2109 | [[ |
2063 | char b[5]; | 2110 | char b[5]; |
2064 | snprintf(b,5,"123456789"); | 2111 | snprintf(b,5,"123456789"); |
2065 | exit(b[4]!='\0'); | 2112 | exit(b[4]!='\0'); |
2066 | ]])], | 2113 | ]])], |
2067 | [AC_MSG_RESULT([yes])], | 2114 | [AC_MSG_RESULT([yes])], |
2068 | [ | 2115 | [ |
@@ -2472,8 +2519,9 @@ if test "x$openssl" = "xyes" ; then | |||
2472 | if(fd == NULL) | 2519 | if(fd == NULL) |
2473 | exit(1); | 2520 | exit(1); |
2474 | 2521 | ||
2475 | if ((rc = fprintf(fd ,"%08lx (%s)\n", | 2522 | if ((rc = fprintf(fd, "%08lx (%s)\n", |
2476 | (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) | 2523 | (unsigned long)OPENSSL_VERSION_NUMBER, |
2524 | OPENSSL_VERSION_TEXT)) < 0) | ||
2477 | exit(1); | 2525 | exit(1); |
2478 | 2526 | ||
2479 | exit(0); | 2527 | exit(0); |
@@ -2508,8 +2556,8 @@ if test "x$openssl" = "xyes" ; then | |||
2508 | if(fd == NULL) | 2556 | if(fd == NULL) |
2509 | exit(1); | 2557 | exit(1); |
2510 | 2558 | ||
2511 | if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), | 2559 | if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(), |
2512 | SSLeay_version(SSLEAY_VERSION))) <0) | 2560 | SSLeay_version(SSLEAY_VERSION))) < 0) |
2513 | exit(1); | 2561 | exit(1); |
2514 | 2562 | ||
2515 | exit(0); | 2563 | exit(0); |
@@ -2684,7 +2732,8 @@ if test "x$openssl" = "xyes" ; then | |||
2684 | [ | 2732 | [ |
2685 | AC_MSG_RESULT([no]) | 2733 | AC_MSG_RESULT([no]) |
2686 | unsupported_algorithms="$unsupported_cipers \ | 2734 | unsupported_algorithms="$unsupported_cipers \ |
2687 | aes128-gcm@openssh.com aes256-gcm@openssh.com" | 2735 | aes128-gcm@openssh.com \ |
2736 | aes256-gcm@openssh.com" | ||
2688 | ] | 2737 | ] |
2689 | ) | 2738 | ) |
2690 | 2739 | ||
@@ -2727,16 +2776,18 @@ if test "x$openssl" = "xyes" ; then | |||
2727 | # Search for SHA256 support in libc and/or OpenSSL | 2776 | # Search for SHA256 support in libc and/or OpenSSL |
2728 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , | 2777 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , |
2729 | [unsupported_algorithms="$unsupported_algorithms \ | 2778 | [unsupported_algorithms="$unsupported_algorithms \ |
2730 | hmac-sha2-256 hmac-sha2-512 \ | 2779 | hmac-sha2-256 \ |
2780 | hmac-sha2-512 \ | ||
2731 | diffie-hellman-group-exchange-sha256 \ | 2781 | diffie-hellman-group-exchange-sha256 \ |
2732 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | 2782 | hmac-sha2-256-etm@openssh.com \ |
2783 | hmac-sha2-512-etm@openssh.com" | ||
2733 | ] | 2784 | ] |
2734 | ) | 2785 | ) |
2735 | # Search for RIPE-MD support in OpenSSL | 2786 | # Search for RIPE-MD support in OpenSSL |
2736 | AC_CHECK_FUNCS([EVP_ripemd160], , | 2787 | AC_CHECK_FUNCS([EVP_ripemd160], , |
2737 | [unsupported_algorithms="$unsupported_algorithms \ | 2788 | [unsupported_algorithms="$unsupported_algorithms \ |
2738 | hmac-ripemd160 | 2789 | hmac-ripemd160 \ |
2739 | hmac-ripemd160@openssh.com | 2790 | hmac-ripemd160@openssh.com \ |
2740 | hmac-ripemd160-etm@openssh.com" | 2791 | hmac-ripemd160-etm@openssh.com" |
2741 | ] | 2792 | ] |
2742 | ) | 2793 | ) |
@@ -2837,24 +2888,30 @@ if test "x$openssl" = "xyes" ; then | |||
2837 | TEST_SSH_ECC=yes | 2888 | TEST_SSH_ECC=yes |
2838 | COMMENT_OUT_ECC="" | 2889 | COMMENT_OUT_ECC="" |
2839 | else | 2890 | else |
2840 | unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \ | 2891 | unsupported_algorithms="$unsupported_algorithms \ |
2841 | ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com" | 2892 | ecdsa-sha2-nistp256 \ |
2893 | ecdh-sha2-nistp256 \ | ||
2894 | ecdsa-sha2-nistp256-cert-v01@openssh.com" | ||
2842 | fi | 2895 | fi |
2843 | if test x$enable_nistp384 = x1; then | 2896 | if test x$enable_nistp384 = x1; then |
2844 | AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1]) | 2897 | AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1]) |
2845 | TEST_SSH_ECC=yes | 2898 | TEST_SSH_ECC=yes |
2846 | COMMENT_OUT_ECC="" | 2899 | COMMENT_OUT_ECC="" |
2847 | else | 2900 | else |
2848 | unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \ | 2901 | unsupported_algorithms="$unsupported_algorithms \ |
2849 | ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com" | 2902 | ecdsa-sha2-nistp384 \ |
2903 | ecdh-sha2-nistp384 \ | ||
2904 | ecdsa-sha2-nistp384-cert-v01@openssh.com" | ||
2850 | fi | 2905 | fi |
2851 | if test x$enable_nistp521 = x1; then | 2906 | if test x$enable_nistp521 = x1; then |
2852 | AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1]) | 2907 | AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1]) |
2853 | TEST_SSH_ECC=yes | 2908 | TEST_SSH_ECC=yes |
2854 | COMMENT_OUT_ECC="" | 2909 | COMMENT_OUT_ECC="" |
2855 | else | 2910 | else |
2856 | unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \ | 2911 | unsupported_algorithms="$unsupported_algorithms \ |
2857 | ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com" | 2912 | ecdh-sha2-nistp521 \ |
2913 | ecdsa-sha2-nistp521 \ | ||
2914 | ecdsa-sha2-nistp521-cert-v01@openssh.com" | ||
2858 | fi | 2915 | fi |
2859 | 2916 | ||
2860 | AC_SUBST([TEST_SSH_ECC]) | 2917 | AC_SUBST([TEST_SSH_ECC]) |
@@ -2876,7 +2933,7 @@ AC_CHECK_LIB([iaf], [ia_openinfo], [ | |||
2876 | LIBS="$LIBS -liaf" | 2933 | LIBS="$LIBS -liaf" |
2877 | AC_CHECK_FUNCS([set_id], [SSHDLIBS="$SSHDLIBS -liaf" | 2934 | AC_CHECK_FUNCS([set_id], [SSHDLIBS="$SSHDLIBS -liaf" |
2878 | AC_DEFINE([HAVE_LIBIAF], [1], | 2935 | AC_DEFINE([HAVE_LIBIAF], [1], |
2879 | [Define if system has libiaf that supports set_id]) | 2936 | [Define if system has libiaf that supports set_id]) |
2880 | ]) | 2937 | ]) |
2881 | ]) | 2938 | ]) |
2882 | LIBS="$saved_LIBS" | 2939 | LIBS="$saved_LIBS" |
@@ -3402,7 +3459,7 @@ fi | |||
3402 | AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ | 3459 | AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ |
3403 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3460 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3404 | [[ u_int a; a = 1;]])], | 3461 | [[ u_int a; a = 1;]])], |
3405 | [ ac_cv_have_u_int="yes" ], [ ac_cv_have_u_int="no" | 3462 | [ ac_cv_have_u_int="yes" ], [ ac_cv_have_u_int="no" |
3406 | ]) | 3463 | ]) |
3407 | ]) | 3464 | ]) |
3408 | if test "x$ac_cv_have_u_int" = "xyes" ; then | 3465 | if test "x$ac_cv_have_u_int" = "xyes" ; then |
@@ -3413,7 +3470,7 @@ fi | |||
3413 | AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ | 3470 | AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ |
3414 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3471 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3415 | [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], | 3472 | [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], |
3416 | [ ac_cv_have_intxx_t="yes" ], [ ac_cv_have_intxx_t="no" | 3473 | [ ac_cv_have_intxx_t="yes" ], [ ac_cv_have_intxx_t="no" |
3417 | ]) | 3474 | ]) |
3418 | ]) | 3475 | ]) |
3419 | if test "x$ac_cv_have_intxx_t" = "xyes" ; then | 3476 | if test "x$ac_cv_have_intxx_t" = "xyes" ; then |
@@ -3430,7 +3487,7 @@ then | |||
3430 | [ | 3487 | [ |
3431 | AC_DEFINE([HAVE_INTXX_T]) | 3488 | AC_DEFINE([HAVE_INTXX_T]) |
3432 | AC_MSG_RESULT([yes]) | 3489 | AC_MSG_RESULT([yes]) |
3433 | ], [ AC_MSG_RESULT([no]) | 3490 | ], [ AC_MSG_RESULT([no]) |
3434 | ]) | 3491 | ]) |
3435 | fi | 3492 | fi |
3436 | 3493 | ||
@@ -3447,7 +3504,7 @@ AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ | |||
3447 | ]], [[ | 3504 | ]], [[ |
3448 | int64_t a; a = 1; | 3505 | int64_t a; a = 1; |
3449 | ]])], | 3506 | ]])], |
3450 | [ ac_cv_have_int64_t="yes" ], [ ac_cv_have_int64_t="no" | 3507 | [ ac_cv_have_int64_t="yes" ], [ ac_cv_have_int64_t="no" |
3451 | ]) | 3508 | ]) |
3452 | ]) | 3509 | ]) |
3453 | if test "x$ac_cv_have_int64_t" = "xyes" ; then | 3510 | if test "x$ac_cv_have_int64_t" = "xyes" ; then |
@@ -3457,7 +3514,7 @@ fi | |||
3457 | AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ | 3514 | AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ |
3458 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3515 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3459 | [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], | 3516 | [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], |
3460 | [ ac_cv_have_u_intxx_t="yes" ], [ ac_cv_have_u_intxx_t="no" | 3517 | [ ac_cv_have_u_intxx_t="yes" ], [ ac_cv_have_u_intxx_t="no" |
3461 | ]) | 3518 | ]) |
3462 | ]) | 3519 | ]) |
3463 | if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then | 3520 | if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then |
@@ -3472,14 +3529,14 @@ if test -z "$have_u_intxx_t" ; then | |||
3472 | [ | 3529 | [ |
3473 | AC_DEFINE([HAVE_U_INTXX_T]) | 3530 | AC_DEFINE([HAVE_U_INTXX_T]) |
3474 | AC_MSG_RESULT([yes]) | 3531 | AC_MSG_RESULT([yes]) |
3475 | ], [ AC_MSG_RESULT([no]) | 3532 | ], [ AC_MSG_RESULT([no]) |
3476 | ]) | 3533 | ]) |
3477 | fi | 3534 | fi |
3478 | 3535 | ||
3479 | AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ | 3536 | AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ |
3480 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3537 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3481 | [[ u_int64_t a; a = 1;]])], | 3538 | [[ u_int64_t a; a = 1;]])], |
3482 | [ ac_cv_have_u_int64_t="yes" ], [ ac_cv_have_u_int64_t="no" | 3539 | [ ac_cv_have_u_int64_t="yes" ], [ ac_cv_have_u_int64_t="no" |
3483 | ]) | 3540 | ]) |
3484 | ]) | 3541 | ]) |
3485 | if test "x$ac_cv_have_u_int64_t" = "xyes" ; then | 3542 | if test "x$ac_cv_have_u_int64_t" = "xyes" ; then |
@@ -3496,7 +3553,7 @@ then | |||
3496 | [ | 3553 | [ |
3497 | AC_DEFINE([HAVE_U_INT64_T]) | 3554 | AC_DEFINE([HAVE_U_INT64_T]) |
3498 | AC_MSG_RESULT([yes]) | 3555 | AC_MSG_RESULT([yes]) |
3499 | ], [ AC_MSG_RESULT([no]) | 3556 | ], [ AC_MSG_RESULT([no]) |
3500 | ]) | 3557 | ]) |
3501 | fi | 3558 | fi |
3502 | 3559 | ||
@@ -3510,7 +3567,7 @@ if test -z "$have_u_intxx_t" ; then | |||
3510 | uint32_t c; | 3567 | uint32_t c; |
3511 | a = b = c = 1; | 3568 | a = b = c = 1; |
3512 | ]])], | 3569 | ]])], |
3513 | [ ac_cv_have_uintxx_t="yes" ], [ ac_cv_have_uintxx_t="no" | 3570 | [ ac_cv_have_uintxx_t="yes" ], [ ac_cv_have_uintxx_t="no" |
3514 | ]) | 3571 | ]) |
3515 | ]) | 3572 | ]) |
3516 | if test "x$ac_cv_have_uintxx_t" = "xyes" ; then | 3573 | if test "x$ac_cv_have_uintxx_t" = "xyes" ; then |
@@ -3528,7 +3585,7 @@ then | |||
3528 | [ | 3585 | [ |
3529 | AC_DEFINE([HAVE_UINTXX_T]) | 3586 | AC_DEFINE([HAVE_UINTXX_T]) |
3530 | AC_MSG_RESULT([yes]) | 3587 | AC_MSG_RESULT([yes]) |
3531 | ], [ AC_MSG_RESULT([no]) | 3588 | ], [ AC_MSG_RESULT([no]) |
3532 | ]) | 3589 | ]) |
3533 | fi | 3590 | fi |
3534 | 3591 | ||
@@ -3541,7 +3598,7 @@ then | |||
3541 | [ | 3598 | [ |
3542 | AC_DEFINE([HAVE_UINTXX_T]) | 3599 | AC_DEFINE([HAVE_UINTXX_T]) |
3543 | AC_MSG_RESULT([yes]) | 3600 | AC_MSG_RESULT([yes]) |
3544 | ], [ AC_MSG_RESULT([no]) | 3601 | ], [ AC_MSG_RESULT([no]) |
3545 | ]) | 3602 | ]) |
3546 | fi | 3603 | fi |
3547 | 3604 | ||
@@ -3568,7 +3625,7 @@ fi | |||
3568 | AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ | 3625 | AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ |
3569 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3626 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3570 | [[ u_char foo; foo = 125; ]])], | 3627 | [[ u_char foo; foo = 125; ]])], |
3571 | [ ac_cv_have_u_char="yes" ], [ ac_cv_have_u_char="no" | 3628 | [ ac_cv_have_u_char="yes" ], [ ac_cv_have_u_char="no" |
3572 | ]) | 3629 | ]) |
3573 | ]) | 3630 | ]) |
3574 | if test "x$ac_cv_have_u_char" = "xyes" ; then | 3631 | if test "x$ac_cv_have_u_char" = "xyes" ; then |
@@ -3603,7 +3660,7 @@ AC_CHECK_TYPES([in_addr_t, in_port_t], , , | |||
3603 | AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ | 3660 | AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ |
3604 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3661 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3605 | [[ size_t foo; foo = 1235; ]])], | 3662 | [[ size_t foo; foo = 1235; ]])], |
3606 | [ ac_cv_have_size_t="yes" ], [ ac_cv_have_size_t="no" | 3663 | [ ac_cv_have_size_t="yes" ], [ ac_cv_have_size_t="no" |
3607 | ]) | 3664 | ]) |
3608 | ]) | 3665 | ]) |
3609 | if test "x$ac_cv_have_size_t" = "xyes" ; then | 3666 | if test "x$ac_cv_have_size_t" = "xyes" ; then |
@@ -3613,7 +3670,7 @@ fi | |||
3613 | AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ | 3670 | AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ |
3614 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3671 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3615 | [[ ssize_t foo; foo = 1235; ]])], | 3672 | [[ ssize_t foo; foo = 1235; ]])], |
3616 | [ ac_cv_have_ssize_t="yes" ], [ ac_cv_have_ssize_t="no" | 3673 | [ ac_cv_have_ssize_t="yes" ], [ ac_cv_have_ssize_t="no" |
3617 | ]) | 3674 | ]) |
3618 | ]) | 3675 | ]) |
3619 | if test "x$ac_cv_have_ssize_t" = "xyes" ; then | 3676 | if test "x$ac_cv_have_ssize_t" = "xyes" ; then |
@@ -3623,7 +3680,7 @@ fi | |||
3623 | AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ | 3680 | AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ |
3624 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <time.h> ]], | 3681 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <time.h> ]], |
3625 | [[ clock_t foo; foo = 1235; ]])], | 3682 | [[ clock_t foo; foo = 1235; ]])], |
3626 | [ ac_cv_have_clock_t="yes" ], [ ac_cv_have_clock_t="no" | 3683 | [ ac_cv_have_clock_t="yes" ], [ ac_cv_have_clock_t="no" |
3627 | ]) | 3684 | ]) |
3628 | ]) | 3685 | ]) |
3629 | if test "x$ac_cv_have_clock_t" = "xyes" ; then | 3686 | if test "x$ac_cv_have_clock_t" = "xyes" ; then |
@@ -3654,7 +3711,7 @@ fi | |||
3654 | AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ | 3711 | AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ |
3655 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3712 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3656 | [[ pid_t foo; foo = 1235; ]])], | 3713 | [[ pid_t foo; foo = 1235; ]])], |
3657 | [ ac_cv_have_pid_t="yes" ], [ ac_cv_have_pid_t="no" | 3714 | [ ac_cv_have_pid_t="yes" ], [ ac_cv_have_pid_t="no" |
3658 | ]) | 3715 | ]) |
3659 | ]) | 3716 | ]) |
3660 | if test "x$ac_cv_have_pid_t" = "xyes" ; then | 3717 | if test "x$ac_cv_have_pid_t" = "xyes" ; then |
@@ -3664,7 +3721,7 @@ fi | |||
3664 | AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ | 3721 | AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ |
3665 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], | 3722 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], |
3666 | [[ mode_t foo; foo = 1235; ]])], | 3723 | [[ mode_t foo; foo = 1235; ]])], |
3667 | [ ac_cv_have_mode_t="yes" ], [ ac_cv_have_mode_t="no" | 3724 | [ ac_cv_have_mode_t="yes" ], [ ac_cv_have_mode_t="no" |
3668 | ]) | 3725 | ]) |
3669 | ]) | 3726 | ]) |
3670 | if test "x$ac_cv_have_mode_t" = "xyes" ; then | 3727 | if test "x$ac_cv_have_mode_t" = "xyes" ; then |
@@ -3678,7 +3735,7 @@ AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage | |||
3678 | #include <sys/socket.h> | 3735 | #include <sys/socket.h> |
3679 | ]], [[ struct sockaddr_storage s; ]])], | 3736 | ]], [[ struct sockaddr_storage s; ]])], |
3680 | [ ac_cv_have_struct_sockaddr_storage="yes" ], | 3737 | [ ac_cv_have_struct_sockaddr_storage="yes" ], |
3681 | [ ac_cv_have_struct_sockaddr_storage="no" | 3738 | [ ac_cv_have_struct_sockaddr_storage="no" |
3682 | ]) | 3739 | ]) |
3683 | ]) | 3740 | ]) |
3684 | if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then | 3741 | if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then |
@@ -3692,7 +3749,7 @@ AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ | |||
3692 | #include <netinet/in.h> | 3749 | #include <netinet/in.h> |
3693 | ]], [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])], | 3750 | ]], [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])], |
3694 | [ ac_cv_have_struct_sockaddr_in6="yes" ], | 3751 | [ ac_cv_have_struct_sockaddr_in6="yes" ], |
3695 | [ ac_cv_have_struct_sockaddr_in6="no" | 3752 | [ ac_cv_have_struct_sockaddr_in6="no" |
3696 | ]) | 3753 | ]) |
3697 | ]) | 3754 | ]) |
3698 | if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then | 3755 | if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then |
@@ -3706,7 +3763,7 @@ AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ | |||
3706 | #include <netinet/in.h> | 3763 | #include <netinet/in.h> |
3707 | ]], [[ struct in6_addr s; s.s6_addr[0] = 0; ]])], | 3764 | ]], [[ struct in6_addr s; s.s6_addr[0] = 0; ]])], |
3708 | [ ac_cv_have_struct_in6_addr="yes" ], | 3765 | [ ac_cv_have_struct_in6_addr="yes" ], |
3709 | [ ac_cv_have_struct_in6_addr="no" | 3766 | [ ac_cv_have_struct_in6_addr="no" |
3710 | ]) | 3767 | ]) |
3711 | ]) | 3768 | ]) |
3712 | if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then | 3769 | if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then |
@@ -3730,7 +3787,7 @@ AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ | |||
3730 | #include <netdb.h> | 3787 | #include <netdb.h> |
3731 | ]], [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])], | 3788 | ]], [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])], |
3732 | [ ac_cv_have_struct_addrinfo="yes" ], | 3789 | [ ac_cv_have_struct_addrinfo="yes" ], |
3733 | [ ac_cv_have_struct_addrinfo="no" | 3790 | [ ac_cv_have_struct_addrinfo="no" |
3734 | ]) | 3791 | ]) |
3735 | ]) | 3792 | ]) |
3736 | if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then | 3793 | if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then |
@@ -3742,7 +3799,7 @@ AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ | |||
3742 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/time.h> ]], | 3799 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/time.h> ]], |
3743 | [[ struct timeval tv; tv.tv_sec = 1;]])], | 3800 | [[ struct timeval tv; tv.tv_sec = 1;]])], |
3744 | [ ac_cv_have_struct_timeval="yes" ], | 3801 | [ ac_cv_have_struct_timeval="yes" ], |
3745 | [ ac_cv_have_struct_timeval="no" | 3802 | [ ac_cv_have_struct_timeval="no" |
3746 | ]) | 3803 | ]) |
3747 | ]) | 3804 | ]) |
3748 | if test "x$ac_cv_have_struct_timeval" = "xyes" ; then | 3805 | if test "x$ac_cv_have_struct_timeval" = "xyes" ; then |
@@ -3850,7 +3907,7 @@ AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], | |||
3850 | #include <sys/socket.h> | 3907 | #include <sys/socket.h> |
3851 | ]], [[ struct sockaddr_storage s; s.__ss_family = 1; ]])], | 3908 | ]], [[ struct sockaddr_storage s; s.__ss_family = 1; ]])], |
3852 | [ ac_cv_have___ss_family_in_struct_ss="yes" ], | 3909 | [ ac_cv_have___ss_family_in_struct_ss="yes" ], |
3853 | [ ac_cv_have___ss_family_in_struct_ss="no" | 3910 | [ ac_cv_have___ss_family_in_struct_ss="no" |
3854 | ]) | 3911 | ]) |
3855 | ]) | 3912 | ]) |
3856 | if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then | 3913 | if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then |
@@ -3949,7 +4006,7 @@ AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ | |||
3949 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], | 4006 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], |
3950 | [[ extern char *__progname; printf("%s", __progname); ]])], | 4007 | [[ extern char *__progname; printf("%s", __progname); ]])], |
3951 | [ ac_cv_libc_defines___progname="yes" ], | 4008 | [ ac_cv_libc_defines___progname="yes" ], |
3952 | [ ac_cv_libc_defines___progname="no" | 4009 | [ ac_cv_libc_defines___progname="no" |
3953 | ]) | 4010 | ]) |
3954 | ]) | 4011 | ]) |
3955 | if test "x$ac_cv_libc_defines___progname" = "xyes" ; then | 4012 | if test "x$ac_cv_libc_defines___progname" = "xyes" ; then |
@@ -3960,7 +4017,7 @@ AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNC | |||
3960 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], | 4017 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], |
3961 | [[ printf("%s", __FUNCTION__); ]])], | 4018 | [[ printf("%s", __FUNCTION__); ]])], |
3962 | [ ac_cv_cc_implements___FUNCTION__="yes" ], | 4019 | [ ac_cv_cc_implements___FUNCTION__="yes" ], |
3963 | [ ac_cv_cc_implements___FUNCTION__="no" | 4020 | [ ac_cv_cc_implements___FUNCTION__="no" |
3964 | ]) | 4021 | ]) |
3965 | ]) | 4022 | ]) |
3966 | if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then | 4023 | if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then |
@@ -3972,7 +4029,7 @@ AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, | |||
3972 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], | 4029 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], |
3973 | [[ printf("%s", __func__); ]])], | 4030 | [[ printf("%s", __func__); ]])], |
3974 | [ ac_cv_cc_implements___func__="yes" ], | 4031 | [ ac_cv_cc_implements___func__="yes" ], |
3975 | [ ac_cv_cc_implements___func__="no" | 4032 | [ ac_cv_cc_implements___func__="no" |
3976 | ]) | 4033 | ]) |
3977 | ]) | 4034 | ]) |
3978 | if test "x$ac_cv_cc_implements___func__" = "xyes" ; then | 4035 | if test "x$ac_cv_cc_implements___func__" = "xyes" ; then |
@@ -3985,7 +4042,7 @@ AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ | |||
3985 | va_list x,y; | 4042 | va_list x,y; |
3986 | ]], [[ va_copy(x,y); ]])], | 4043 | ]], [[ va_copy(x,y); ]])], |
3987 | [ ac_cv_have_va_copy="yes" ], | 4044 | [ ac_cv_have_va_copy="yes" ], |
3988 | [ ac_cv_have_va_copy="no" | 4045 | [ ac_cv_have_va_copy="no" |
3989 | ]) | 4046 | ]) |
3990 | ]) | 4047 | ]) |
3991 | if test "x$ac_cv_have_va_copy" = "xyes" ; then | 4048 | if test "x$ac_cv_have_va_copy" = "xyes" ; then |
@@ -3997,7 +4054,7 @@ AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ | |||
3997 | #include <stdarg.h> | 4054 | #include <stdarg.h> |
3998 | va_list x,y; | 4055 | va_list x,y; |
3999 | ]], [[ __va_copy(x,y); ]])], | 4056 | ]], [[ __va_copy(x,y); ]])], |
4000 | [ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no" | 4057 | [ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no" |
4001 | ]) | 4058 | ]) |
4002 | ]) | 4059 | ]) |
4003 | if test "x$ac_cv_have___va_copy" = "xyes" ; then | 4060 | if test "x$ac_cv_have___va_copy" = "xyes" ; then |
@@ -4009,7 +4066,7 @@ AC_CACHE_CHECK([whether getopt has optreset support], | |||
4009 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <getopt.h> ]], | 4066 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <getopt.h> ]], |
4010 | [[ extern int optreset; optreset = 0; ]])], | 4067 | [[ extern int optreset; optreset = 0; ]])], |
4011 | [ ac_cv_have_getopt_optreset="yes" ], | 4068 | [ ac_cv_have_getopt_optreset="yes" ], |
4012 | [ ac_cv_have_getopt_optreset="no" | 4069 | [ ac_cv_have_getopt_optreset="no" |
4013 | ]) | 4070 | ]) |
4014 | ]) | 4071 | ]) |
4015 | if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then | 4072 | if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then |
@@ -4021,7 +4078,7 @@ AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ | |||
4021 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], | 4078 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], |
4022 | [[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);]])], | 4079 | [[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);]])], |
4023 | [ ac_cv_libc_defines_sys_errlist="yes" ], | 4080 | [ ac_cv_libc_defines_sys_errlist="yes" ], |
4024 | [ ac_cv_libc_defines_sys_errlist="no" | 4081 | [ ac_cv_libc_defines_sys_errlist="no" |
4025 | ]) | 4082 | ]) |
4026 | ]) | 4083 | ]) |
4027 | if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then | 4084 | if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then |
@@ -4034,7 +4091,7 @@ AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ | |||
4034 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], | 4091 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], |
4035 | [[ extern int sys_nerr; printf("%i", sys_nerr);]])], | 4092 | [[ extern int sys_nerr; printf("%i", sys_nerr);]])], |
4036 | [ ac_cv_libc_defines_sys_nerr="yes" ], | 4093 | [ ac_cv_libc_defines_sys_nerr="yes" ], |
4037 | [ ac_cv_libc_defines_sys_nerr="no" | 4094 | [ ac_cv_libc_defines_sys_nerr="no" |
4038 | ]) | 4095 | ]) |
4039 | ]) | 4096 | ]) |
4040 | if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then | 4097 | if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then |
@@ -4193,7 +4250,6 @@ AC_ARG_WITH([kerberos5], | |||
4193 | [K5LIBS="$K5LIBS -ldes"]) | 4250 | [K5LIBS="$K5LIBS -ldes"]) |
4194 | ], [ AC_MSG_RESULT([no]) | 4251 | ], [ AC_MSG_RESULT([no]) |
4195 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" | 4252 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" |
4196 | |||
4197 | ]) | 4253 | ]) |
4198 | AC_SEARCH_LIBS([dn_expand], [resolv]) | 4254 | AC_SEARCH_LIBS([dn_expand], [resolv]) |
4199 | 4255 | ||
@@ -4399,7 +4455,7 @@ AC_ARG_WITH([maildir], | |||
4399 | exit(0); | 4455 | exit(0); |
4400 | ]])], | 4456 | ]])], |
4401 | [ | 4457 | [ |
4402 | maildir_what=`awk -F: '{print $1}' conftest.maildir` | 4458 | maildir_what=`awk -F: '{print $1}' conftest.maildir` |
4403 | maildir=`awk -F: '{print $2}' conftest.maildir \ | 4459 | maildir=`awk -F: '{print $2}' conftest.maildir \ |
4404 | | sed 's|/$||'` | 4460 | | sed 's|/$||'` |
4405 | AC_MSG_RESULT([Using: $maildir from $maildir_what]) | 4461 | AC_MSG_RESULT([Using: $maildir from $maildir_what]) |
@@ -4744,7 +4800,7 @@ AC_ARG_WITH([pid-dir], | |||
4744 | ] | 4800 | ] |
4745 | ) | 4801 | ) |
4746 | 4802 | ||
4747 | AC_DEFINE_UNQUOTED([_PATH_SSH_PIDDIR], ["$piddir"], | 4803 | AC_DEFINE_UNQUOTED([_PATH_SSH_PIDDIR], ["$piddir"], |
4748 | [Specify location of ssh.pid]) | 4804 | [Specify location of ssh.pid]) |
4749 | AC_SUBST([piddir]) | 4805 | AC_SUBST([piddir]) |
4750 | 4806 | ||
@@ -4902,7 +4958,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ | |||
4902 | ]], [[ char *utmp = UTMP_FILE; ]])], | 4958 | ]], [[ char *utmp = UTMP_FILE; ]])], |
4903 | [ AC_MSG_RESULT([yes]) ], | 4959 | [ AC_MSG_RESULT([yes]) ], |
4904 | [ AC_MSG_RESULT([no]) | 4960 | [ AC_MSG_RESULT([no]) |
4905 | system_utmp_path=no | 4961 | system_utmp_path=no |
4906 | ]) | 4962 | ]) |
4907 | if test -z "$conf_utmp_location"; then | 4963 | if test -z "$conf_utmp_location"; then |
4908 | if test x"$system_utmp_path" = x"no" ; then | 4964 | if test x"$system_utmp_path" = x"no" ; then |
@@ -4932,7 +4988,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ | |||
4932 | ]], [[ char *wtmp = WTMP_FILE; ]])], | 4988 | ]], [[ char *wtmp = WTMP_FILE; ]])], |
4933 | [ AC_MSG_RESULT([yes]) ], | 4989 | [ AC_MSG_RESULT([yes]) ], |
4934 | [ AC_MSG_RESULT([no]) | 4990 | [ AC_MSG_RESULT([no]) |
4935 | system_wtmp_path=no | 4991 | system_wtmp_path=no |
4936 | ]) | 4992 | ]) |
4937 | if test -z "$conf_wtmp_location"; then | 4993 | if test -z "$conf_wtmp_location"; then |
4938 | if test x"$system_wtmp_path" = x"no" ; then | 4994 | if test x"$system_wtmp_path" = x"no" ; then |
@@ -4965,7 +5021,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ | |||
4965 | ]], [[ char *wtmpx = WTMPX_FILE; ]])], | 5021 | ]], [[ char *wtmpx = WTMPX_FILE; ]])], |
4966 | [ AC_MSG_RESULT([yes]) ], | 5022 | [ AC_MSG_RESULT([yes]) ], |
4967 | [ AC_MSG_RESULT([no]) | 5023 | [ AC_MSG_RESULT([no]) |
4968 | system_wtmpx_path=no | 5024 | system_wtmpx_path=no |
4969 | ]) | 5025 | ]) |
4970 | if test -z "$conf_wtmpx_location"; then | 5026 | if test -z "$conf_wtmpx_location"; then |
4971 | if test x"$system_wtmpx_path" = x"no" ; then | 5027 | if test x"$system_wtmpx_path" = x"no" ; then |
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 1396d99cd..a73a0f657 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README | |||
@@ -25,6 +25,7 @@ Options: | |||
25 | --yes -y Answer all questions with "yes" automatically. | 25 | --yes -y Answer all questions with "yes" automatically. |
26 | --no -n Answer all questions with "no" automatically. | 26 | --no -n Answer all questions with "no" automatically. |
27 | --cygwin -c <options> Use "options" as value for CYGWIN environment var. | 27 | --cygwin -c <options> Use "options" as value for CYGWIN environment var. |
28 | --name -N <name> sshd windows service name. | ||
28 | --port -p <n> sshd listens on port n. | 29 | --port -p <n> sshd listens on port n. |
29 | --user -u <account> privileged user for service, default 'cyg_server'. | 30 | --user -u <account> privileged user for service, default 'cyg_server'. |
30 | --pwd -w <passwd> Use "pwd" as password for privileged user. | 31 | --pwd -w <passwd> Use "pwd" as password for privileged user. |
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index eefe82df0..fd8678f12 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec | |||
@@ -1,4 +1,4 @@ | |||
1 | %define ver 7.2p2 | 1 | %define ver 7.3p1 |
2 | %define rel 1 | 2 | %define rel 1 |
3 | 3 | ||
4 | # OpenSSH privilege separation requires a user & group ID | 4 | # OpenSSH privilege separation requires a user & group ID |
@@ -358,8 +358,6 @@ fi | |||
358 | %attr(0644,root,root) %{_mandir}/man1/ssh.1* | 358 | %attr(0644,root,root) %{_mandir}/man1/ssh.1* |
359 | %attr(0644,root,root) %{_mandir}/man5/ssh_config.5* | 359 | %attr(0644,root,root) %{_mandir}/man5/ssh_config.5* |
360 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config | 360 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config |
361 | %attr(-,root,root) %{_bindir}/slogin | ||
362 | %attr(-,root,root) %{_mandir}/man1/slogin.1* | ||
363 | %if ! %{rescue} | 361 | %if ! %{rescue} |
364 | %attr(2755,root,nobody) %{_bindir}/ssh-agent | 362 | %attr(2755,root,nobody) %{_bindir}/ssh-agent |
365 | %attr(0755,root,root) %{_bindir}/ssh-add | 363 | %attr(0755,root,root) %{_bindir}/ssh-add |
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id index afde8b170..bef5c95d9 100644 --- a/contrib/ssh-copy-id +++ b/contrib/ssh-copy-id | |||
@@ -233,17 +233,17 @@ populate_new_ids() { | |||
233 | -o ControlPath=none \ | 233 | -o ControlPath=none \ |
234 | -o LogLevel=INFO \ | 234 | -o LogLevel=INFO \ |
235 | -o PreferredAuthentications=publickey \ | 235 | -o PreferredAuthentications=publickey \ |
236 | -o IdentitiesOnly=yes "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null | 236 | -o IdentitiesOnly=yes "$@" exit 2>"$L_TMP_ID_FILE.stderr" </dev/null |
237 | if [ "$?" = "$L_SUCCESS" ] ; then | 237 | if [ "$?" = "$L_SUCCESS" ] ; then |
238 | : > $L_TMP_ID_FILE | 238 | : > "$L_TMP_ID_FILE" |
239 | else | 239 | else |
240 | grep 'Permission denied' $L_TMP_ID_FILE.stderr >/dev/null || { | 240 | grep 'Permission denied' "$L_TMP_ID_FILE.stderr" >/dev/null || { |
241 | sed -e 's/^/ERROR: /' <$L_TMP_ID_FILE.stderr >$L_TMP_ID_FILE | 241 | sed -e 's/^/ERROR: /' <"$L_TMP_ID_FILE.stderr" >"$L_TMP_ID_FILE" |
242 | cat >/dev/null #consume the other keys, causing loop to end | 242 | cat >/dev/null #consume the other keys, causing loop to end |
243 | } | 243 | } |
244 | fi | 244 | fi |
245 | 245 | ||
246 | cat $L_TMP_ID_FILE | 246 | cat "$L_TMP_ID_FILE" |
247 | done | 247 | done |
248 | } | 248 | } |
249 | ) | 249 | ) |
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index f20a78656..d2b2728d5 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec | |||
@@ -13,7 +13,7 @@ | |||
13 | 13 | ||
14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation | 14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation |
15 | Name: openssh | 15 | Name: openssh |
16 | Version: 7.2p2 | 16 | Version: 7.3p1 |
17 | URL: http://www.openssh.com/ | 17 | URL: http://www.openssh.com/ |
18 | Release: 1 | 18 | Release: 1 |
19 | Source0: openssh-%{version}.tar.gz | 19 | Source0: openssh-%{version}.tar.gz |
@@ -202,7 +202,6 @@ rm -rf $RPM_BUILD_ROOT | |||
202 | %attr(0755,root,root) %{_bindir}/ssh-keygen | 202 | %attr(0755,root,root) %{_bindir}/ssh-keygen |
203 | %attr(0755,root,root) %{_bindir}/scp | 203 | %attr(0755,root,root) %{_bindir}/scp |
204 | %attr(0755,root,root) %{_bindir}/ssh | 204 | %attr(0755,root,root) %{_bindir}/ssh |
205 | %attr(-,root,root) %{_bindir}/slogin | ||
206 | %attr(0755,root,root) %{_bindir}/ssh-agent | 205 | %attr(0755,root,root) %{_bindir}/ssh-agent |
207 | %attr(0755,root,root) %{_bindir}/ssh-add | 206 | %attr(0755,root,root) %{_bindir}/ssh-add |
208 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | 207 | %attr(0755,root,root) %{_bindir}/ssh-keyscan |
@@ -214,7 +213,6 @@ rm -rf $RPM_BUILD_ROOT | |||
214 | %attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper | 213 | %attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper |
215 | %attr(0644,root,root) %doc %{_mandir}/man1/scp.1* | 214 | %attr(0644,root,root) %doc %{_mandir}/man1/scp.1* |
216 | %attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* | 215 | %attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* |
217 | %attr(-,root,root) %doc %{_mandir}/man1/slogin.1* | ||
218 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* | 216 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* |
219 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* | 217 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* |
220 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* | 218 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* |
diff --git a/debian/.git-dpm b/debian/.git-dpm index 782b862df..1532e846b 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm | |||
@@ -1,8 +1,8 @@ | |||
1 | # see git-dpm(1) from git-dpm package | 1 | # see git-dpm(1) from git-dpm package |
2 | 751d1f6494fb3ffd75188de7390c28725a5b91a6 | 2 | 4c914ccd85bbf391c4dc61b85e3c178fef465e3f |
3 | 751d1f6494fb3ffd75188de7390c28725a5b91a6 | 3 | 4c914ccd85bbf391c4dc61b85e3c178fef465e3f |
4 | f0329aac23c61e1a5197d6d57349a63f459bccb0 | 4 | a8ed8d256b2e2c05b0c15565a7938028c5192277 |
5 | f0329aac23c61e1a5197d6d57349a63f459bccb0 | 5 | a8ed8d256b2e2c05b0c15565a7938028c5192277 |
6 | openssh_7.2p2.orig.tar.gz | 6 | openssh_7.3p1.orig.tar.gz |
7 | 70e35d7d6386fe08abbd823b3a12a3ca44ac6d38 | 7 | bfade84283fcba885e2084343ab19a08c7d123a5 |
8 | 1499808 | 8 | 1522617 |
diff --git a/debian/changelog b/debian/changelog index 46a0a6f39..76607d617 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,60 @@ | |||
1 | openssh (1:7.3p1-1) UNRELEASED; urgency=medium | ||
2 | |||
3 | * New upstream release (http://www.openssh.com/txt/release-7.3): | ||
4 | - SECURITY: sshd(8): Mitigate a potential denial-of-service attack | ||
5 | against the system's crypt(3) function via sshd(8). An attacker could | ||
6 | send very long passwords that would cause excessive CPU use in | ||
7 | crypt(3). sshd(8) now refuses to accept password authentication | ||
8 | requests of length greater than 1024 characters. | ||
9 | - SECURITY: ssh(1), sshd(8): Fix observable timing weakness in the CBC | ||
10 | padding oracle countermeasures. Note that CBC ciphers are disabled by | ||
11 | default and only included for legacy compatibility. | ||
12 | - SECURITY: ssh(1), sshd(8): Improve operation ordering of MAC | ||
13 | verification for Encrypt-then-MAC (EtM) mode transport MAC algorithms | ||
14 | to verify the MAC before decrypting any ciphertext. This removes the | ||
15 | possibility of timing differences leaking facts about the plaintext, | ||
16 | though no such leakage has been observed. | ||
17 | - ssh(1): Add a ProxyJump option and corresponding -J command-line flag | ||
18 | to allow simplified indirection through a one or more SSH bastions or | ||
19 | "jump hosts". | ||
20 | - ssh(1): Add an IdentityAgent option to allow specifying specific agent | ||
21 | sockets instead of accepting one from the environment. | ||
22 | - ssh(1): Allow ExitOnForwardFailure and ClearAllForwardings to be | ||
23 | optionally overridden when using ssh -W. | ||
24 | - ssh(1), sshd(8): Implement support for the IUTF8 terminal mode as per | ||
25 | draft-sgtatham-secsh-iutf8-00 (closes: #337041, LP: #394570). | ||
26 | - ssh(1), sshd(8): Add support for additional fixed Diffie-Hellman 2K, | ||
27 | 4K and 8K groups from draft-ietf-curdle-ssh-kex-sha2-03. | ||
28 | - ssh-keygen(1), ssh(1), sshd(8): Support SHA256 and SHA512 RSA | ||
29 | signatures in certificates. | ||
30 | - ssh(1): Add an Include directive for ssh_config(5) files (closes: | ||
31 | #536031). | ||
32 | - ssh(1): Permit UTF-8 characters in pre-authentication banners sent | ||
33 | from the server. | ||
34 | - ssh(1), sshd(8): Reduce the syslog level of some relatively common | ||
35 | protocol events from LOG_CRIT. | ||
36 | - sshd(8): Refuse AuthenticationMethods="" in configurations and accept | ||
37 | AuthenticationMethods=any for the default behaviour of not requiring | ||
38 | multiple authentication. | ||
39 | - sshd(8): Remove obsolete and misleading "POSSIBLE BREAK-IN ATTEMPT!" | ||
40 | message when forward and reverse DNS don't match. | ||
41 | - ssh(1): Deduplicate LocalForward and RemoteForward entries to fix | ||
42 | failures when both ExitOnForwardFailure and hostname canonicalisation | ||
43 | are enabled. | ||
44 | - sshd(8): Remove fallback from moduli to obsolete "primes" file that | ||
45 | was deprecated in 2001 (LP: #1528251). | ||
46 | - sshd_config(5): Correct description of UseDNS: it affects ssh hostname | ||
47 | processing for authorized_keys, not known_hosts. | ||
48 | - sshd(8): Send ClientAliveInterval pings when a time-based RekeyLimit | ||
49 | is set; previously keepalive packets were not being sent. | ||
50 | - sshd(8): Whitelist more architectures to enable the seccomp-bpf | ||
51 | sandbox. | ||
52 | - scp(1): Respect the local user's LC_CTYPE locale (closes: #396295). | ||
53 | - Take character display widths into account for the progressmeter | ||
54 | (closes: #407088). | ||
55 | |||
56 | -- Colin Watson <cjwatson@debian.org> Sat, 06 Aug 2016 11:00:55 +0100 | ||
57 | |||
1 | openssh (1:7.2p2-8) unstable; urgency=medium | 58 | openssh (1:7.2p2-8) unstable; urgency=medium |
2 | 59 | ||
3 | [ Colin Watson ] | 60 | [ Colin Watson ] |
diff --git a/debian/patches/CVE-2015-8325.patch b/debian/patches/CVE-2015-8325.patch deleted file mode 100644 index de2c33577..000000000 --- a/debian/patches/CVE-2015-8325.patch +++ /dev/null | |||
@@ -1,33 +0,0 @@ | |||
1 | From 7f3fb4e5fdddc6600e70ae663c21511fbcf2c64c Mon Sep 17 00:00:00 2001 | ||
2 | From: Damien Miller <djm@mindrot.org> | ||
3 | Date: Wed, 13 Apr 2016 10:39:57 +1000 | ||
4 | Subject: ignore PAM environment vars when UseLogin=yes | ||
5 | |||
6 | If PAM is configured to read user-specified environment variables | ||
7 | and UseLogin=yes in sshd_config, then a hostile local user may | ||
8 | attack /bin/login via LD_PRELOAD or similar environment variables | ||
9 | set via PAM. | ||
10 | |||
11 | CVE-2015-8325, found by Shayan Sadigh, via Colin Watson | ||
12 | |||
13 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755 | ||
14 | Last-Update: 2016-04-13 | ||
15 | |||
16 | Patch-Name: CVE-2015-8325.patch | ||
17 | --- | ||
18 | session.c | 2 +- | ||
19 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
20 | |||
21 | diff --git a/session.c b/session.c | ||
22 | index f246b8a..8ab9814 100644 | ||
23 | --- a/session.c | ||
24 | +++ b/session.c | ||
25 | @@ -1317,7 +1317,7 @@ do_setup_env(Session *s, const char *shell) | ||
26 | * Pull in any environment variables that may have | ||
27 | * been set by PAM. | ||
28 | */ | ||
29 | - if (options.use_pam) { | ||
30 | + if (options.use_pam && !options.use_login) { | ||
31 | char **p; | ||
32 | |||
33 | p = fetch_pam_child_environment(); | ||
diff --git a/debian/patches/CVE-2016-6210-1.patch b/debian/patches/CVE-2016-6210-1.patch deleted file mode 100644 index 9b46ec12a..000000000 --- a/debian/patches/CVE-2016-6210-1.patch +++ /dev/null | |||
@@ -1,114 +0,0 @@ | |||
1 | From e5ef9d3942cebda819a6fd81647b51c8d87d23df Mon Sep 17 00:00:00 2001 | ||
2 | From: Darren Tucker <dtucker@zip.com.au> | ||
3 | Date: Fri, 15 Jul 2016 13:32:45 +1000 | ||
4 | Subject: Determine appropriate salt for invalid users. | ||
5 | |||
6 | When sshd is processing a non-PAM login for a non-existent user it uses | ||
7 | the string from the fakepw structure as the salt for crypt(3)ing the | ||
8 | password supplied by the client. That string has a Blowfish prefix, so on | ||
9 | systems that don't understand that crypt will fail fast due to an invalid | ||
10 | salt, and even on those that do it may have significantly different timing | ||
11 | from the hash methods used for real accounts (eg sha512). This allows | ||
12 | user enumeration by, eg, sending large password strings. This was noted | ||
13 | by EddieEzra.Harari at verint.com (CVE-2016-6210). | ||
14 | |||
15 | To mitigate, use the same hash algorithm that root uses for hashing | ||
16 | passwords for users that do not exist on the system. ok djm@ | ||
17 | |||
18 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc | ||
19 | Bug-Debian: https://bugs.debian.org/831902 | ||
20 | Last-Update: 2016-07-22 | ||
21 | |||
22 | Patch-Name: CVE-2016-6210-1.patch | ||
23 | --- | ||
24 | auth-passwd.c | 12 ++++++++---- | ||
25 | openbsd-compat/xcrypt.c | 34 ++++++++++++++++++++++++++++++++++ | ||
26 | 2 files changed, 42 insertions(+), 4 deletions(-) | ||
27 | |||
28 | diff --git a/auth-passwd.c b/auth-passwd.c | ||
29 | index 63ccf3c..530b5d4 100644 | ||
30 | --- a/auth-passwd.c | ||
31 | +++ b/auth-passwd.c | ||
32 | @@ -193,7 +193,7 @@ int | ||
33 | sys_auth_passwd(Authctxt *authctxt, const char *password) | ||
34 | { | ||
35 | struct passwd *pw = authctxt->pw; | ||
36 | - char *encrypted_password; | ||
37 | + char *encrypted_password, *salt = NULL; | ||
38 | |||
39 | /* Just use the supplied fake password if authctxt is invalid */ | ||
40 | char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; | ||
41 | @@ -202,9 +202,13 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) | ||
42 | if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) | ||
43 | return (1); | ||
44 | |||
45 | - /* Encrypt the candidate password using the proper salt. */ | ||
46 | - encrypted_password = xcrypt(password, | ||
47 | - (pw_password[0] && pw_password[1]) ? pw_password : "xx"); | ||
48 | + /* | ||
49 | + * Encrypt the candidate password using the proper salt, or pass a | ||
50 | + * NULL and let xcrypt pick one. | ||
51 | + */ | ||
52 | + if (authctxt->valid && pw_password[0] && pw_password[1]) | ||
53 | + salt = pw_password; | ||
54 | + encrypted_password = xcrypt(password, salt); | ||
55 | |||
56 | /* | ||
57 | * Authentication is accepted if the encrypted passwords | ||
58 | diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c | ||
59 | index 8577cbd..8913bb8 100644 | ||
60 | --- a/openbsd-compat/xcrypt.c | ||
61 | +++ b/openbsd-compat/xcrypt.c | ||
62 | @@ -25,6 +25,7 @@ | ||
63 | #include "includes.h" | ||
64 | |||
65 | #include <sys/types.h> | ||
66 | +#include <string.h> | ||
67 | #include <unistd.h> | ||
68 | #include <pwd.h> | ||
69 | |||
70 | @@ -62,11 +63,44 @@ | ||
71 | # define crypt DES_crypt | ||
72 | # endif | ||
73 | |||
74 | +/* | ||
75 | + * Pick an appropriate password encryption type and salt for the running | ||
76 | + * system. | ||
77 | + */ | ||
78 | +static const char * | ||
79 | +pick_salt(void) | ||
80 | +{ | ||
81 | + struct passwd *pw; | ||
82 | + char *passwd, *p; | ||
83 | + size_t typelen; | ||
84 | + static char salt[32]; | ||
85 | + | ||
86 | + if (salt[0] != '\0') | ||
87 | + return salt; | ||
88 | + strlcpy(salt, "xx", sizeof(salt)); | ||
89 | + if ((pw = getpwuid(0)) == NULL) | ||
90 | + return salt; | ||
91 | + passwd = shadow_pw(pw); | ||
92 | + if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL) | ||
93 | + return salt; /* no $, DES */ | ||
94 | + typelen = p - passwd + 1; | ||
95 | + strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); | ||
96 | + explicit_bzero(passwd, strlen(passwd)); | ||
97 | + return salt; | ||
98 | +} | ||
99 | + | ||
100 | char * | ||
101 | xcrypt(const char *password, const char *salt) | ||
102 | { | ||
103 | char *crypted; | ||
104 | |||
105 | + /* | ||
106 | + * If we don't have a salt we are encrypting a fake password for | ||
107 | + * for timing purposes. Pick an appropriate salt. | ||
108 | + */ | ||
109 | + if (salt == NULL) | ||
110 | + salt = pick_salt(); | ||
111 | + | ||
112 | # ifdef HAVE_MD5_PASSWORDS | ||
113 | if (is_md5_salt(salt)) | ||
114 | crypted = md5_crypt(password, salt); | ||
diff --git a/debian/patches/CVE-2016-6210-2.patch b/debian/patches/CVE-2016-6210-2.patch deleted file mode 100644 index 1c580f90b..000000000 --- a/debian/patches/CVE-2016-6210-2.patch +++ /dev/null | |||
@@ -1,111 +0,0 @@ | |||
1 | From dde63f7f998ac3812a26bbb2c1b2947f24fcd060 Mon Sep 17 00:00:00 2001 | ||
2 | From: Darren Tucker <dtucker@zip.com.au> | ||
3 | Date: Fri, 15 Jul 2016 13:49:44 +1000 | ||
4 | Subject: Mitigate timing of disallowed users PAM logins. | ||
5 | |||
6 | When sshd decides to not allow a login (eg PermitRootLogin=no) and | ||
7 | it's using PAM, it sends a fake password to PAM so that the timing for | ||
8 | the failure is not noticeably different whether or not the password | ||
9 | is correct. This behaviour can be detected by sending a very long | ||
10 | password string which is slower to hash than the fake password. | ||
11 | |||
12 | Mitigate by constructing an invalid password that is the same length | ||
13 | as the one from the client and thus takes the same time to hash. | ||
14 | Diff from djm@ | ||
15 | |||
16 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946 | ||
17 | Bug-Debian: https://bugs.debian.org/831902 | ||
18 | Last-Update: 2016-07-22 | ||
19 | |||
20 | Patch-Name: CVE-2016-6210-2.patch | ||
21 | --- | ||
22 | auth-pam.c | 35 +++++++++++++++++++++++++++++++---- | ||
23 | 1 file changed, 31 insertions(+), 4 deletions(-) | ||
24 | |||
25 | diff --git a/auth-pam.c b/auth-pam.c | ||
26 | index 8425af1..abd6a5e 100644 | ||
27 | --- a/auth-pam.c | ||
28 | +++ b/auth-pam.c | ||
29 | @@ -232,7 +232,6 @@ static int sshpam_account_status = -1; | ||
30 | static char **sshpam_env = NULL; | ||
31 | static Authctxt *sshpam_authctxt = NULL; | ||
32 | static const char *sshpam_password = NULL; | ||
33 | -static char badpw[] = "\b\n\r\177INCORRECT"; | ||
34 | |||
35 | /* Some PAM implementations don't implement this */ | ||
36 | #ifndef HAVE_PAM_GETENVLIST | ||
37 | @@ -810,12 +809,35 @@ sshpam_query(void *ctx, char **name, char **info, | ||
38 | return (-1); | ||
39 | } | ||
40 | |||
41 | +/* | ||
42 | + * Returns a junk password of identical length to that the user supplied. | ||
43 | + * Used to mitigate timing attacks against crypt(3)/PAM stacks that | ||
44 | + * vary processing time in proportion to password length. | ||
45 | + */ | ||
46 | +static char * | ||
47 | +fake_password(const char *wire_password) | ||
48 | +{ | ||
49 | + const char junk[] = "\b\n\r\177INCORRECT"; | ||
50 | + char *ret = NULL; | ||
51 | + size_t i, l = wire_password != NULL ? strlen(wire_password) : 0; | ||
52 | + | ||
53 | + if (l >= INT_MAX) | ||
54 | + fatal("%s: password length too long: %zu", __func__, l); | ||
55 | + | ||
56 | + ret = malloc(l + 1); | ||
57 | + for (i = 0; i < l; i++) | ||
58 | + ret[i] = junk[i % (sizeof(junk) - 1)]; | ||
59 | + ret[i] = '\0'; | ||
60 | + return ret; | ||
61 | +} | ||
62 | + | ||
63 | /* XXX - see also comment in auth-chall.c:verify_response */ | ||
64 | static int | ||
65 | sshpam_respond(void *ctx, u_int num, char **resp) | ||
66 | { | ||
67 | Buffer buffer; | ||
68 | struct pam_ctxt *ctxt = ctx; | ||
69 | + char *fake; | ||
70 | |||
71 | debug2("PAM: %s entering, %u responses", __func__, num); | ||
72 | switch (ctxt->pam_done) { | ||
73 | @@ -836,8 +858,11 @@ sshpam_respond(void *ctx, u_int num, char **resp) | ||
74 | (sshpam_authctxt->pw->pw_uid != 0 || | ||
75 | options.permit_root_login == PERMIT_YES)) | ||
76 | buffer_put_cstring(&buffer, *resp); | ||
77 | - else | ||
78 | - buffer_put_cstring(&buffer, badpw); | ||
79 | + else { | ||
80 | + fake = fake_password(*resp); | ||
81 | + buffer_put_cstring(&buffer, fake); | ||
82 | + free(fake); | ||
83 | + } | ||
84 | if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { | ||
85 | buffer_free(&buffer); | ||
86 | return (-1); | ||
87 | @@ -1181,6 +1206,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | ||
88 | { | ||
89 | int flags = (options.permit_empty_passwd == 0 ? | ||
90 | PAM_DISALLOW_NULL_AUTHTOK : 0); | ||
91 | + char *fake = NULL; | ||
92 | |||
93 | if (!options.use_pam || sshpam_handle == NULL) | ||
94 | fatal("PAM: %s called when PAM disabled or failed to " | ||
95 | @@ -1196,7 +1222,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | ||
96 | */ | ||
97 | if (!authctxt->valid || (authctxt->pw->pw_uid == 0 && | ||
98 | options.permit_root_login != PERMIT_YES)) | ||
99 | - sshpam_password = badpw; | ||
100 | + sshpam_password = fake = fake_password(password); | ||
101 | |||
102 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, | ||
103 | (const void *)&passwd_conv); | ||
104 | @@ -1206,6 +1232,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) | ||
105 | |||
106 | sshpam_err = pam_authenticate(sshpam_handle, flags); | ||
107 | sshpam_password = NULL; | ||
108 | + free(fake); | ||
109 | if (sshpam_err == PAM_SUCCESS && authctxt->valid) { | ||
110 | debug("PAM: password authentication accepted for %.100s", | ||
111 | authctxt->user); | ||
diff --git a/debian/patches/CVE-2016-6210-3.patch b/debian/patches/CVE-2016-6210-3.patch deleted file mode 100644 index 303c34ee1..000000000 --- a/debian/patches/CVE-2016-6210-3.patch +++ /dev/null | |||
@@ -1,60 +0,0 @@ | |||
1 | From abde8dda29c2db2405d6fbca2fe022430e2c1177 Mon Sep 17 00:00:00 2001 | ||
2 | From: Darren Tucker <dtucker@zip.com.au> | ||
3 | Date: Thu, 21 Jul 2016 14:17:31 +1000 | ||
4 | Subject: Search users for one with a valid salt. | ||
5 | |||
6 | If the root account is locked (eg password "!!" or "*LK*") keep looking | ||
7 | until we find a user with a valid salt to use for crypting passwords of | ||
8 | invalid users. ok djm@ | ||
9 | |||
10 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=dbf788b4d9d9490a5fff08a7b09888272bb10fcc | ||
11 | Bug-Debian: https://bugs.debian.org/831902 | ||
12 | Last-Update: 2016-07-22 | ||
13 | |||
14 | Patch-Name: CVE-2016-6210-3.patch | ||
15 | --- | ||
16 | openbsd-compat/xcrypt.c | 24 +++++++++++++++--------- | ||
17 | 1 file changed, 15 insertions(+), 9 deletions(-) | ||
18 | |||
19 | diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c | ||
20 | index 8913bb8..cf6a9b9 100644 | ||
21 | --- a/openbsd-compat/xcrypt.c | ||
22 | +++ b/openbsd-compat/xcrypt.c | ||
23 | @@ -65,7 +65,9 @@ | ||
24 | |||
25 | /* | ||
26 | * Pick an appropriate password encryption type and salt for the running | ||
27 | - * system. | ||
28 | + * system by searching through accounts until we find one that has a valid | ||
29 | + * salt. Usually this will be root unless the root account is locked out. | ||
30 | + * If we don't find one we return a traditional DES-based salt. | ||
31 | */ | ||
32 | static const char * | ||
33 | pick_salt(void) | ||
34 | @@ -78,14 +80,18 @@ pick_salt(void) | ||
35 | if (salt[0] != '\0') | ||
36 | return salt; | ||
37 | strlcpy(salt, "xx", sizeof(salt)); | ||
38 | - if ((pw = getpwuid(0)) == NULL) | ||
39 | - return salt; | ||
40 | - passwd = shadow_pw(pw); | ||
41 | - if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL) | ||
42 | - return salt; /* no $, DES */ | ||
43 | - typelen = p - passwd + 1; | ||
44 | - strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); | ||
45 | - explicit_bzero(passwd, strlen(passwd)); | ||
46 | + setpwent(); | ||
47 | + while ((pw = getpwent()) != NULL) { | ||
48 | + passwd = shadow_pw(pw); | ||
49 | + if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) { | ||
50 | + typelen = p - passwd + 1; | ||
51 | + strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); | ||
52 | + explicit_bzero(passwd, strlen(passwd)); | ||
53 | + goto out; | ||
54 | + } | ||
55 | + } | ||
56 | + out: | ||
57 | + endpwent(); | ||
58 | return salt; | ||
59 | } | ||
60 | |||
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch index a08e710da..7abed3704 100644 --- a/debian/patches/auth-log-verbosity.patch +++ b/debian/patches/auth-log-verbosity.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 1dd7836b386be1816bc565aafb9875769430a02d Mon Sep 17 00:00:00 2001 | 1 | From b4b79ae5a16f73426b54c6394a29b2b49da4dc16 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:02 +0000 |
4 | Subject: Quieten logs when multiple from= restrictions are used | 4 | Subject: Quieten logs when multiple from= restrictions are used |
@@ -16,10 +16,10 @@ Patch-Name: auth-log-verbosity.patch | |||
16 | 4 files changed, 32 insertions(+), 9 deletions(-) | 16 | 4 files changed, 32 insertions(+), 9 deletions(-) |
17 | 17 | ||
18 | diff --git a/auth-options.c b/auth-options.c | 18 | diff --git a/auth-options.c b/auth-options.c |
19 | index edbaf80..bda39df 100644 | 19 | index b399b91..a9d9a81 100644 |
20 | --- a/auth-options.c | 20 | --- a/auth-options.c |
21 | +++ b/auth-options.c | 21 | +++ b/auth-options.c |
22 | @@ -58,9 +58,20 @@ int forced_tun_device = -1; | 22 | @@ -59,9 +59,20 @@ int forced_tun_device = -1; |
23 | /* "principals=" option. */ | 23 | /* "principals=" option. */ |
24 | char *authorized_principals = NULL; | 24 | char *authorized_principals = NULL; |
25 | 25 | ||
@@ -40,7 +40,7 @@ index edbaf80..bda39df 100644 | |||
40 | auth_clear_options(void) | 40 | auth_clear_options(void) |
41 | { | 41 | { |
42 | no_agent_forwarding_flag = 0; | 42 | no_agent_forwarding_flag = 0; |
43 | @@ -314,10 +325,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | 43 | @@ -316,10 +327,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) |
44 | /* FALLTHROUGH */ | 44 | /* FALLTHROUGH */ |
45 | case 0: | 45 | case 0: |
46 | free(patterns); | 46 | free(patterns); |
@@ -58,7 +58,7 @@ index edbaf80..bda39df 100644 | |||
58 | auth_debug_add("Your host '%.200s' is not " | 58 | auth_debug_add("Your host '%.200s' is not " |
59 | "permitted to use this key for login.", | 59 | "permitted to use this key for login.", |
60 | remote_host); | 60 | remote_host); |
61 | @@ -540,11 +554,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, | 61 | @@ -543,11 +557,14 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, |
62 | break; | 62 | break; |
63 | case 0: | 63 | case 0: |
64 | /* no match */ | 64 | /* no match */ |
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch index 16319024c..d75494fa6 100644 --- a/debian/patches/authorized-keys-man-symlink.patch +++ b/debian/patches/authorized-keys-man-symlink.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 37a9102e7075f34d57b02d1eac631efa73f120fd Mon Sep 17 00:00:00 2001 | 1 | From 724283a55e8928a5564722ebe9c133033b51809d Mon Sep 17 00:00:00 2001 |
2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> | 2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> |
3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 |
4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) | 4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) |
@@ -13,10 +13,10 @@ Patch-Name: authorized-keys-man-symlink.patch | |||
13 | 1 file changed, 1 insertion(+) | 13 | 1 file changed, 1 insertion(+) |
14 | 14 | ||
15 | diff --git a/Makefile.in b/Makefile.in | 15 | diff --git a/Makefile.in b/Makefile.in |
16 | index 0954c63..85cde7f 100644 | 16 | index 51817df..21948dd 100644 |
17 | --- a/Makefile.in | 17 | --- a/Makefile.in |
18 | +++ b/Makefile.in | 18 | +++ b/Makefile.in |
19 | @@ -324,6 +324,7 @@ install-files: | 19 | @@ -327,6 +327,7 @@ install-files: |
20 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 | 20 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 |
21 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 | 21 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 |
22 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 | 22 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 |
diff --git a/debian/patches/control-persist-close-stderr.patch b/debian/patches/control-persist-close-stderr.patch deleted file mode 100644 index f800c0d13..000000000 --- a/debian/patches/control-persist-close-stderr.patch +++ /dev/null | |||
@@ -1,59 +0,0 @@ | |||
1 | From 751d1f6494fb3ffd75188de7390c28725a5b91a6 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 29 Apr 2016 08:07:53 +0000 | ||
4 | Subject: upstream commit | ||
5 | |||
6 | close ControlPersist background process stderr when not | ||
7 | in debug mode or when logging to a file or syslog. bz#1988 ok dtucker | ||
8 | |||
9 | Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 | ||
10 | |||
11 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=d2d6bf864e52af8491a60dd507f85b74361f5da3 | ||
12 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1988 | ||
13 | Bug-Debian: https://bugs.debian.org/714526 | ||
14 | Last-Update: 2016-07-22 | ||
15 | |||
16 | Patch-Name: control-persist-close-stderr.patch | ||
17 | --- | ||
18 | log.c | 2 +- | ||
19 | ssh.c | 6 ++++-- | ||
20 | 2 files changed, 5 insertions(+), 3 deletions(-) | ||
21 | |||
22 | diff --git a/log.c b/log.c | ||
23 | index e68b84a..6c59641 100644 | ||
24 | --- a/log.c | ||
25 | +++ b/log.c | ||
26 | @@ -343,7 +343,7 @@ log_change_level(LogLevel new_log_level) | ||
27 | int | ||
28 | log_is_on_stderr(void) | ||
29 | { | ||
30 | - return log_on_stderr; | ||
31 | + return log_on_stderr && log_stderr_fd == STDERR_FILENO; | ||
32 | } | ||
33 | |||
34 | /* redirect what would usually get written to stderr to specified file */ | ||
35 | diff --git a/ssh.c b/ssh.c | ||
36 | index 314dd52..af39e72 100644 | ||
37 | --- a/ssh.c | ||
38 | +++ b/ssh.c | ||
39 | @@ -1392,7 +1392,7 @@ static void | ||
40 | control_persist_detach(void) | ||
41 | { | ||
42 | pid_t pid; | ||
43 | - int devnull; | ||
44 | + int devnull, keep_stderr; | ||
45 | |||
46 | debug("%s: backgrounding master process", __func__); | ||
47 | |||
48 | @@ -1423,8 +1423,10 @@ control_persist_detach(void) | ||
49 | error("%s: open(\"/dev/null\"): %s", __func__, | ||
50 | strerror(errno)); | ||
51 | } else { | ||
52 | + keep_stderr = log_is_on_stderr() && debug_flag; | ||
53 | if (dup2(devnull, STDIN_FILENO) == -1 || | ||
54 | - dup2(devnull, STDOUT_FILENO) == -1) | ||
55 | + dup2(devnull, STDOUT_FILENO) == -1 || | ||
56 | + (!keep_stderr && dup2(devnull, STDERR_FILENO) == -1)) | ||
57 | error("%s: dup2: %s", __func__, strerror(errno)); | ||
58 | if (devnull > STDERR_FILENO) | ||
59 | close(devnull); | ||
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch index 4d60c3c01..cf4bfad50 100644 --- a/debian/patches/debian-banner.patch +++ b/debian/patches/debian-banner.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 1b9f8f458824d7e46f9f749c77f26016f2ea9967 Mon Sep 17 00:00:00 2001 | 1 | From 277ad2acedde81dce324e711da116d100b47f445 Mon Sep 17 00:00:00 2001 |
2 | From: Kees Cook <kees@debian.org> | 2 | From: Kees Cook <kees@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 |
4 | Subject: Add DebianBanner server configuration option | 4 | Subject: Add DebianBanner server configuration option |
@@ -19,7 +19,7 @@ Patch-Name: debian-banner.patch | |||
19 | 4 files changed, 18 insertions(+), 1 deletion(-) | 19 | 4 files changed, 18 insertions(+), 1 deletion(-) |
20 | 20 | ||
21 | diff --git a/servconf.c b/servconf.c | 21 | diff --git a/servconf.c b/servconf.c |
22 | index fad7c92..8ca9695 100644 | 22 | index bf9f8f7..a98b309 100644 |
23 | --- a/servconf.c | 23 | --- a/servconf.c |
24 | +++ b/servconf.c | 24 | +++ b/servconf.c |
25 | @@ -171,6 +171,7 @@ initialize_server_options(ServerOptions *options) | 25 | @@ -171,6 +171,7 @@ initialize_server_options(ServerOptions *options) |
@@ -39,7 +39,7 @@ index fad7c92..8ca9695 100644 | |||
39 | 39 | ||
40 | assemble_algorithms(options); | 40 | assemble_algorithms(options); |
41 | 41 | ||
42 | @@ -437,6 +440,7 @@ typedef enum { | 42 | @@ -445,6 +448,7 @@ typedef enum { |
43 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | 43 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
44 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 44 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
45 | sAllowStreamLocalForwarding, sFingerprintHash, | 45 | sAllowStreamLocalForwarding, sFingerprintHash, |
@@ -47,7 +47,7 @@ index fad7c92..8ca9695 100644 | |||
47 | sDeprecated, sUnsupported | 47 | sDeprecated, sUnsupported |
48 | } ServerOpCodes; | 48 | } ServerOpCodes; |
49 | 49 | ||
50 | @@ -588,6 +592,7 @@ static struct { | 50 | @@ -596,6 +600,7 @@ static struct { |
51 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | 51 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, |
52 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | 52 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, |
53 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, | 53 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, |
@@ -55,7 +55,7 @@ index fad7c92..8ca9695 100644 | |||
55 | { NULL, sBadOption, 0 } | 55 | { NULL, sBadOption, 0 } |
56 | }; | 56 | }; |
57 | 57 | ||
58 | @@ -1874,6 +1879,10 @@ process_server_config_line(ServerOptions *options, char *line, | 58 | @@ -1903,6 +1908,10 @@ process_server_config_line(ServerOptions *options, char *line, |
59 | options->fingerprint_hash = value; | 59 | options->fingerprint_hash = value; |
60 | break; | 60 | break; |
61 | 61 | ||
@@ -80,10 +80,10 @@ index 778ba17..161fa37 100644 | |||
80 | 80 | ||
81 | /* Information about the incoming connection as used by Match */ | 81 | /* Information about the incoming connection as used by Match */ |
82 | diff --git a/sshd.c b/sshd.c | 82 | diff --git a/sshd.c b/sshd.c |
83 | index c762190..57ae4ad 100644 | 83 | index e873557..71fad9e 100644 |
84 | --- a/sshd.c | 84 | --- a/sshd.c |
85 | +++ b/sshd.c | 85 | +++ b/sshd.c |
86 | @@ -442,7 +442,8 @@ sshd_exchange_identification(int sock_in, int sock_out) | 86 | @@ -443,7 +443,8 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) |
87 | } | 87 | } |
88 | 88 | ||
89 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", | 89 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", |
@@ -94,10 +94,10 @@ index c762190..57ae4ad 100644 | |||
94 | options.version_addendum, newline); | 94 | options.version_addendum, newline); |
95 | 95 | ||
96 | diff --git a/sshd_config.5 b/sshd_config.5 | 96 | diff --git a/sshd_config.5 b/sshd_config.5 |
97 | index bc79a66..b565640 100644 | 97 | index e05cdbe..ac9b1f0 100644 |
98 | --- a/sshd_config.5 | 98 | --- a/sshd_config.5 |
99 | +++ b/sshd_config.5 | 99 | +++ b/sshd_config.5 |
100 | @@ -534,6 +534,11 @@ or | 100 | @@ -541,6 +541,11 @@ or |
101 | .Dq no . | 101 | .Dq no . |
102 | The default is | 102 | The default is |
103 | .Dq delayed . | 103 | .Dq delayed . |
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index bb1728107..1d9efcbbf 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d888c9637031a93c13c168a35e99e9aa76c14a9a Mon Sep 17 00:00:00 2001 | 1 | From 4c914ccd85bbf391c4dc61b85e3c178fef465e3f Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 |
4 | Subject: Various Debian-specific configuration changes | 4 | Subject: Various Debian-specific configuration changes |
@@ -32,10 +32,10 @@ Patch-Name: debian-config.patch | |||
32 | 6 files changed, 72 insertions(+), 4 deletions(-) | 32 | 6 files changed, 72 insertions(+), 4 deletions(-) |
33 | 33 | ||
34 | diff --git a/readconf.c b/readconf.c | 34 | diff --git a/readconf.c b/readconf.c |
35 | index cc1a633..dc22360 100644 | 35 | index f6b4c8f..5cd51f3 100644 |
36 | --- a/readconf.c | 36 | --- a/readconf.c |
37 | +++ b/readconf.c | 37 | +++ b/readconf.c |
38 | @@ -1797,7 +1797,7 @@ fill_default_options(Options * options) | 38 | @@ -1928,7 +1928,7 @@ fill_default_options(Options * options) |
39 | if (options->forward_x11 == -1) | 39 | if (options->forward_x11 == -1) |
40 | options->forward_x11 = 0; | 40 | options->forward_x11 = 0; |
41 | if (options->forward_x11_trusted == -1) | 41 | if (options->forward_x11_trusted == -1) |
@@ -43,12 +43,12 @@ index cc1a633..dc22360 100644 | |||
43 | + options->forward_x11_trusted = 1; | 43 | + options->forward_x11_trusted = 1; |
44 | if (options->forward_x11_timeout == -1) | 44 | if (options->forward_x11_timeout == -1) |
45 | options->forward_x11_timeout = 1200; | 45 | options->forward_x11_timeout = 1200; |
46 | if (options->exit_on_forward_failure == -1) | 46 | /* |
47 | diff --git a/ssh.1 b/ssh.1 | 47 | diff --git a/ssh.1 b/ssh.1 |
48 | index 74d9655..7fb9d30 100644 | 48 | index 22e56a7..6aa57c4 100644 |
49 | --- a/ssh.1 | 49 | --- a/ssh.1 |
50 | +++ b/ssh.1 | 50 | +++ b/ssh.1 |
51 | @@ -760,6 +760,16 @@ directive in | 51 | @@ -785,6 +785,16 @@ directive in |
52 | .Xr ssh_config 5 | 52 | .Xr ssh_config 5 |
53 | for more information. | 53 | for more information. |
54 | .Pp | 54 | .Pp |
@@ -65,7 +65,7 @@ index 74d9655..7fb9d30 100644 | |||
65 | .It Fl x | 65 | .It Fl x |
66 | Disables X11 forwarding. | 66 | Disables X11 forwarding. |
67 | .Pp | 67 | .Pp |
68 | @@ -768,6 +778,17 @@ Enables trusted X11 forwarding. | 68 | @@ -793,6 +803,17 @@ Enables trusted X11 forwarding. |
69 | Trusted X11 forwardings are not subjected to the X11 SECURITY extension | 69 | Trusted X11 forwardings are not subjected to the X11 SECURITY extension |
70 | controls. | 70 | controls. |
71 | .Pp | 71 | .Pp |
@@ -108,7 +108,7 @@ index 4e879cd..5190b06 100644 | |||
108 | + GSSAPIAuthentication yes | 108 | + GSSAPIAuthentication yes |
109 | + GSSAPIDelegateCredentials no | 109 | + GSSAPIDelegateCredentials no |
110 | diff --git a/ssh_config.5 b/ssh_config.5 | 110 | diff --git a/ssh_config.5 b/ssh_config.5 |
111 | index 0f52d14..51765c9 100644 | 111 | index 30c97a9..c967258 100644 |
112 | --- a/ssh_config.5 | 112 | --- a/ssh_config.5 |
113 | +++ b/ssh_config.5 | 113 | +++ b/ssh_config.5 |
114 | @@ -74,6 +74,22 @@ Since the first obtained value for each parameter is used, more | 114 | @@ -74,6 +74,22 @@ Since the first obtained value for each parameter is used, more |
@@ -145,10 +145,10 @@ index 0f52d14..51765c9 100644 | |||
145 | See the X11 SECURITY extension specification for full details on | 145 | See the X11 SECURITY extension specification for full details on |
146 | the restrictions imposed on untrusted clients. | 146 | the restrictions imposed on untrusted clients. |
147 | diff --git a/sshd_config b/sshd_config | 147 | diff --git a/sshd_config b/sshd_config |
148 | index f103298..d103ac5 100644 | 148 | index 3fe3e01..ec8ff8f 100644 |
149 | --- a/sshd_config | 149 | --- a/sshd_config |
150 | +++ b/sshd_config | 150 | +++ b/sshd_config |
151 | @@ -125,7 +125,7 @@ AuthorizedKeysFile .ssh/authorized_keys | 151 | @@ -124,7 +124,7 @@ AuthorizedKeysFile .ssh/authorized_keys |
152 | #Banner none | 152 | #Banner none |
153 | 153 | ||
154 | # override default of no subsystems | 154 | # override default of no subsystems |
@@ -158,7 +158,7 @@ index f103298..d103ac5 100644 | |||
158 | # Example of overriding settings on a per-user basis | 158 | # Example of overriding settings on a per-user basis |
159 | #Match User anoncvs | 159 | #Match User anoncvs |
160 | diff --git a/sshd_config.5 b/sshd_config.5 | 160 | diff --git a/sshd_config.5 b/sshd_config.5 |
161 | index 4d255e5..2387b51 100644 | 161 | index b2b349e..79f2d61 100644 |
162 | --- a/sshd_config.5 | 162 | --- a/sshd_config.5 |
163 | +++ b/sshd_config.5 | 163 | +++ b/sshd_config.5 |
164 | @@ -57,6 +57,31 @@ Arguments may optionally be enclosed in double quotes | 164 | @@ -57,6 +57,31 @@ Arguments may optionally be enclosed in double quotes |
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch index a82a719b2..e4498fb48 100644 --- a/debian/patches/dnssec-sshfp.patch +++ b/debian/patches/dnssec-sshfp.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From ca8dd1a2520b4230dd97d8e4774426b756f16c42 Mon Sep 17 00:00:00 2001 | 1 | From 9d9a37bb0c2d7546253ff2b0b67e314d8475bfc7 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 |
4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf | 4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf |
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch index b0b7e5602..5f91cadfe 100644 --- a/debian/patches/doc-hash-tab-completion.patch +++ b/debian/patches/doc-hash-tab-completion.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 298a5e96571cbe9036a2445eecaca26d2aeade11 Mon Sep 17 00:00:00 2001 | 1 | From bfea780bba64294541d98efcc26b01392ff64c60 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 |
4 | Subject: Document that HashKnownHosts may break tab-completion | 4 | Subject: Document that HashKnownHosts may break tab-completion |
@@ -13,7 +13,7 @@ Patch-Name: doc-hash-tab-completion.patch | |||
13 | 1 file changed, 3 insertions(+) | 13 | 1 file changed, 3 insertions(+) |
14 | 14 | ||
15 | diff --git a/ssh_config.5 b/ssh_config.5 | 15 | diff --git a/ssh_config.5 b/ssh_config.5 |
16 | index ab8f271..0f52d14 100644 | 16 | index 5dd26bc..30c97a9 100644 |
17 | --- a/ssh_config.5 | 17 | --- a/ssh_config.5 |
18 | +++ b/ssh_config.5 | 18 | +++ b/ssh_config.5 |
19 | @@ -883,6 +883,9 @@ Note that existing names and addresses in known hosts files | 19 | @@ -883,6 +883,9 @@ Note that existing names and addresses in known hosts files |
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch index 5d52dcde6..8f093d80c 100644 --- a/debian/patches/doc-upstart.patch +++ b/debian/patches/doc-upstart.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From ceec3c2a41d87211d478fa6332137aad39dcd18a Mon Sep 17 00:00:00 2001 | 1 | From e4ba4e1616d372522de9e18f0973ed49a5521b95 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@ubuntu.com> | 2 | From: Colin Watson <cjwatson@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:12 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:12 +0000 |
4 | Subject: Refer to ssh's Upstart job as well as its init script | 4 | Subject: Refer to ssh's Upstart job as well as its init script |
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch index 36ed11962..c34441df3 100644 --- a/debian/patches/gnome-ssh-askpass2-icon.patch +++ b/debian/patches/gnome-ssh-askpass2-icon.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 067b8148b52fcf5de6e3bfa3a90ed8a2fa05d8e6 Mon Sep 17 00:00:00 2001 | 1 | From db85bf41862b80b0447777d942a091cd3ac5f1c1 Mon Sep 17 00:00:00 2001 |
2 | From: Vincent Untz <vuntz@ubuntu.com> | 2 | From: Vincent Untz <vuntz@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 |
4 | Subject: Give the ssh-askpass-gnome window a default icon | 4 | Subject: Give the ssh-askpass-gnome window a default icon |
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index fd3b9b630..8e946aa88 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 8c27af53099b50387dda97c0aae36194197186f6 Mon Sep 17 00:00:00 2001 | 1 | From eecddf8b72fcad83ccca43b1badb03782704f6b7 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Wilkinson <simon@sxw.org.uk> | 2 | From: Simon Wilkinson <simon@sxw.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 |
4 | Subject: GSSAPI key exchange support | 4 | Subject: GSSAPI key exchange support |
@@ -17,26 +17,28 @@ have it merged into the main openssh package rather than having separate | |||
17 | security history. | 17 | security history. |
18 | 18 | ||
19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 | 19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 |
20 | Last-Updated: 2016-03-21 | 20 | Last-Updated: 2016-08-07 |
21 | 21 | ||
22 | Patch-Name: gssapi.patch | 22 | Patch-Name: gssapi.patch |
23 | --- | 23 | --- |
24 | ChangeLog.gssapi | 113 +++++++++++++++++++ | 24 | ChangeLog.gssapi | 113 +++++++++++++++++++ |
25 | Makefile.in | 3 +- | 25 | Makefile.in | 3 +- |
26 | auth-krb5.c | 17 ++- | 26 | auth-krb5.c | 17 ++- |
27 | auth.c | 3 +- | 27 | auth.c | 96 +--------------- |
28 | auth2-gss.c | 48 +++++++- | 28 | auth2-gss.c | 48 +++++++- |
29 | auth2.c | 2 + | 29 | auth2.c | 2 + |
30 | canohost.c | 93 +++++++++++++++ | ||
31 | canohost.h | 3 + | ||
30 | clientloop.c | 15 ++- | 32 | clientloop.c | 15 ++- |
31 | config.h.in | 6 + | 33 | config.h.in | 6 + |
32 | configure.ac | 24 ++++ | 34 | configure.ac | 24 ++++ |
33 | gss-genr.c | 275 ++++++++++++++++++++++++++++++++++++++++++++- | 35 | gss-genr.c | 275 +++++++++++++++++++++++++++++++++++++++++++- |
34 | gss-serv-krb5.c | 85 ++++++++++++-- | 36 | gss-serv-krb5.c | 85 ++++++++++++-- |
35 | gss-serv.c | 185 +++++++++++++++++++++++++++--- | 37 | gss-serv.c | 185 +++++++++++++++++++++++++++--- |
36 | kex.c | 16 +++ | 38 | kex.c | 19 ++++ |
37 | kex.h | 14 +++ | 39 | kex.h | 14 +++ |
38 | kexgssc.c | 336 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ | 40 | kexgssc.c | 338 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
39 | kexgsss.c | 294 ++++++++++++++++++++++++++++++++++++++++++++++++ | 41 | kexgsss.c | 295 ++++++++++++++++++++++++++++++++++++++++++++++++ |
40 | monitor.c | 108 +++++++++++++++++- | 42 | monitor.c | 108 +++++++++++++++++- |
41 | monitor.h | 3 + | 43 | monitor.h | 3 + |
42 | monitor_wrap.c | 47 +++++++- | 44 | monitor_wrap.c | 47 +++++++- |
@@ -48,13 +50,13 @@ Patch-Name: gssapi.patch | |||
48 | ssh-gss.h | 41 ++++++- | 50 | ssh-gss.h | 41 ++++++- |
49 | ssh_config | 2 + | 51 | ssh_config | 2 + |
50 | ssh_config.5 | 32 ++++++ | 52 | ssh_config.5 | 32 ++++++ |
51 | sshconnect2.c | 120 +++++++++++++++++++- | 53 | sshconnect2.c | 122 +++++++++++++++++++- |
52 | sshd.c | 110 ++++++++++++++++++ | 54 | sshd.c | 110 ++++++++++++++++++ |
53 | sshd_config | 2 + | 55 | sshd_config | 2 + |
54 | sshd_config.5 | 10 ++ | 56 | sshd_config.5 | 10 ++ |
55 | sshkey.c | 3 +- | 57 | sshkey.c | 3 +- |
56 | sshkey.h | 1 + | 58 | sshkey.h | 1 + |
57 | 33 files changed, 1950 insertions(+), 46 deletions(-) | 59 | 35 files changed, 2054 insertions(+), 139 deletions(-) |
58 | create mode 100644 ChangeLog.gssapi | 60 | create mode 100644 ChangeLog.gssapi |
59 | create mode 100644 kexgssc.c | 61 | create mode 100644 kexgssc.c |
60 | create mode 100644 kexgsss.c | 62 | create mode 100644 kexgsss.c |
@@ -179,7 +181,7 @@ index 0000000..f117a33 | |||
179 | + (from jbasney AT ncsa.uiuc.edu) | 181 | + (from jbasney AT ncsa.uiuc.edu) |
180 | + <gssapi-with-mic support is Bugzilla #1008> | 182 | + <gssapi-with-mic support is Bugzilla #1008> |
181 | diff --git a/Makefile.in b/Makefile.in | 183 | diff --git a/Makefile.in b/Makefile.in |
182 | index d401787..0954c63 100644 | 184 | index 12991cd..51817df 100644 |
183 | --- a/Makefile.in | 185 | --- a/Makefile.in |
184 | +++ b/Makefile.in | 186 | +++ b/Makefile.in |
185 | @@ -92,6 +92,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | 187 | @@ -92,6 +92,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ |
@@ -187,7 +189,7 @@ index d401787..0954c63 100644 | |||
187 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ | 189 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ |
188 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ | 190 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ |
189 | + kexgssc.o \ | 191 | + kexgssc.o \ |
190 | platform-pledge.o | 192 | platform-pledge.o platform-tracing.o |
191 | 193 | ||
192 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ | 194 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ |
193 | @@ -105,7 +106,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ | 195 | @@ -105,7 +106,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ |
@@ -200,10 +202,10 @@ index d401787..0954c63 100644 | |||
200 | sftp-server.o sftp-common.o \ | 202 | sftp-server.o sftp-common.o \ |
201 | sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ | 203 | sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ |
202 | diff --git a/auth-krb5.c b/auth-krb5.c | 204 | diff --git a/auth-krb5.c b/auth-krb5.c |
203 | index d1c5a2f..f019fb1 100644 | 205 | index a5a81ed..38e7fee 100644 |
204 | --- a/auth-krb5.c | 206 | --- a/auth-krb5.c |
205 | +++ b/auth-krb5.c | 207 | +++ b/auth-krb5.c |
206 | @@ -183,8 +183,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | 208 | @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) |
207 | 209 | ||
208 | len = strlen(authctxt->krb5_ticket_file) + 6; | 210 | len = strlen(authctxt->krb5_ticket_file) + 6; |
209 | authctxt->krb5_ccname = xmalloc(len); | 211 | authctxt->krb5_ccname = xmalloc(len); |
@@ -217,7 +219,7 @@ index d1c5a2f..f019fb1 100644 | |||
217 | 219 | ||
218 | #ifdef USE_PAM | 220 | #ifdef USE_PAM |
219 | if (options.use_pam) | 221 | if (options.use_pam) |
220 | @@ -241,15 +246,22 @@ krb5_cleanup_proc(Authctxt *authctxt) | 222 | @@ -240,15 +245,22 @@ krb5_cleanup_proc(Authctxt *authctxt) |
221 | #ifndef HEIMDAL | 223 | #ifndef HEIMDAL |
222 | krb5_error_code | 224 | krb5_error_code |
223 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | 225 | ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { |
@@ -242,7 +244,7 @@ index d1c5a2f..f019fb1 100644 | |||
242 | old_umask = umask(0177); | 244 | old_umask = umask(0177); |
243 | tmpfd = mkstemp(ccname + strlen("FILE:")); | 245 | tmpfd = mkstemp(ccname + strlen("FILE:")); |
244 | oerrno = errno; | 246 | oerrno = errno; |
245 | @@ -266,6 +278,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { | 247 | @@ -265,6 +277,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { |
246 | return oerrno; | 248 | return oerrno; |
247 | } | 249 | } |
248 | close(tmpfd); | 250 | close(tmpfd); |
@@ -251,10 +253,10 @@ index d1c5a2f..f019fb1 100644 | |||
251 | return (krb5_cc_resolve(ctx, ccname, ccache)); | 253 | return (krb5_cc_resolve(ctx, ccname, ccache)); |
252 | } | 254 | } |
253 | diff --git a/auth.c b/auth.c | 255 | diff --git a/auth.c b/auth.c |
254 | index 214c2c7..bd6a026 100644 | 256 | index 24527dd..f56dcc6 100644 |
255 | --- a/auth.c | 257 | --- a/auth.c |
256 | +++ b/auth.c | 258 | +++ b/auth.c |
257 | @@ -354,7 +354,8 @@ auth_root_allowed(const char *method) | 259 | @@ -363,7 +363,8 @@ auth_root_allowed(const char *method) |
258 | case PERMIT_NO_PASSWD: | 260 | case PERMIT_NO_PASSWD: |
259 | if (strcmp(method, "publickey") == 0 || | 261 | if (strcmp(method, "publickey") == 0 || |
260 | strcmp(method, "hostbased") == 0 || | 262 | strcmp(method, "hostbased") == 0 || |
@@ -264,6 +266,106 @@ index 214c2c7..bd6a026 100644 | |||
264 | return 1; | 266 | return 1; |
265 | break; | 267 | break; |
266 | case PERMIT_FORCED_ONLY: | 268 | case PERMIT_FORCED_ONLY: |
269 | @@ -786,99 +787,6 @@ fakepw(void) | ||
270 | } | ||
271 | |||
272 | /* | ||
273 | - * Returns the remote DNS hostname as a string. The returned string must not | ||
274 | - * be freed. NB. this will usually trigger a DNS query the first time it is | ||
275 | - * called. | ||
276 | - * This function does additional checks on the hostname to mitigate some | ||
277 | - * attacks on legacy rhosts-style authentication. | ||
278 | - * XXX is RhostsRSAAuthentication vulnerable to these? | ||
279 | - * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?) | ||
280 | - */ | ||
281 | - | ||
282 | -static char * | ||
283 | -remote_hostname(struct ssh *ssh) | ||
284 | -{ | ||
285 | - struct sockaddr_storage from; | ||
286 | - socklen_t fromlen; | ||
287 | - struct addrinfo hints, *ai, *aitop; | ||
288 | - char name[NI_MAXHOST], ntop2[NI_MAXHOST]; | ||
289 | - const char *ntop = ssh_remote_ipaddr(ssh); | ||
290 | - | ||
291 | - /* Get IP address of client. */ | ||
292 | - fromlen = sizeof(from); | ||
293 | - memset(&from, 0, sizeof(from)); | ||
294 | - if (getpeername(ssh_packet_get_connection_in(ssh), | ||
295 | - (struct sockaddr *)&from, &fromlen) < 0) { | ||
296 | - debug("getpeername failed: %.100s", strerror(errno)); | ||
297 | - return strdup(ntop); | ||
298 | - } | ||
299 | - | ||
300 | - ipv64_normalise_mapped(&from, &fromlen); | ||
301 | - if (from.ss_family == AF_INET6) | ||
302 | - fromlen = sizeof(struct sockaddr_in6); | ||
303 | - | ||
304 | - debug3("Trying to reverse map address %.100s.", ntop); | ||
305 | - /* Map the IP address to a host name. */ | ||
306 | - if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), | ||
307 | - NULL, 0, NI_NAMEREQD) != 0) { | ||
308 | - /* Host name not found. Use ip address. */ | ||
309 | - return strdup(ntop); | ||
310 | - } | ||
311 | - | ||
312 | - /* | ||
313 | - * if reverse lookup result looks like a numeric hostname, | ||
314 | - * someone is trying to trick us by PTR record like following: | ||
315 | - * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 | ||
316 | - */ | ||
317 | - memset(&hints, 0, sizeof(hints)); | ||
318 | - hints.ai_socktype = SOCK_DGRAM; /*dummy*/ | ||
319 | - hints.ai_flags = AI_NUMERICHOST; | ||
320 | - if (getaddrinfo(name, NULL, &hints, &ai) == 0) { | ||
321 | - logit("Nasty PTR record \"%s\" is set up for %s, ignoring", | ||
322 | - name, ntop); | ||
323 | - freeaddrinfo(ai); | ||
324 | - return strdup(ntop); | ||
325 | - } | ||
326 | - | ||
327 | - /* Names are stored in lowercase. */ | ||
328 | - lowercase(name); | ||
329 | - | ||
330 | - /* | ||
331 | - * Map it back to an IP address and check that the given | ||
332 | - * address actually is an address of this host. This is | ||
333 | - * necessary because anyone with access to a name server can | ||
334 | - * define arbitrary names for an IP address. Mapping from | ||
335 | - * name to IP address can be trusted better (but can still be | ||
336 | - * fooled if the intruder has access to the name server of | ||
337 | - * the domain). | ||
338 | - */ | ||
339 | - memset(&hints, 0, sizeof(hints)); | ||
340 | - hints.ai_family = from.ss_family; | ||
341 | - hints.ai_socktype = SOCK_STREAM; | ||
342 | - if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { | ||
343 | - logit("reverse mapping checking getaddrinfo for %.700s " | ||
344 | - "[%s] failed.", name, ntop); | ||
345 | - return strdup(ntop); | ||
346 | - } | ||
347 | - /* Look for the address from the list of addresses. */ | ||
348 | - for (ai = aitop; ai; ai = ai->ai_next) { | ||
349 | - if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, | ||
350 | - sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && | ||
351 | - (strcmp(ntop, ntop2) == 0)) | ||
352 | - break; | ||
353 | - } | ||
354 | - freeaddrinfo(aitop); | ||
355 | - /* If we reached the end of the list, the address was not there. */ | ||
356 | - if (ai == NULL) { | ||
357 | - /* Address not found for the host name. */ | ||
358 | - logit("Address %.100s maps to %.600s, but this does not " | ||
359 | - "map back to the address.", ntop, name); | ||
360 | - return strdup(ntop); | ||
361 | - } | ||
362 | - return strdup(name); | ||
363 | -} | ||
364 | - | ||
365 | -/* | ||
366 | * Return the canonical name of the host in the other side of the current | ||
367 | * connection. The host name is cached, so it is efficient to call this | ||
368 | * several times. | ||
267 | diff --git a/auth2-gss.c b/auth2-gss.c | 369 | diff --git a/auth2-gss.c b/auth2-gss.c |
268 | index 1ca8357..3b5036d 100644 | 370 | index 1ca8357..3b5036d 100644 |
269 | --- a/auth2-gss.c | 371 | --- a/auth2-gss.c |
@@ -352,7 +454,7 @@ index 1ca8357..3b5036d 100644 | |||
352 | "gssapi-with-mic", | 454 | "gssapi-with-mic", |
353 | userauth_gssapi, | 455 | userauth_gssapi, |
354 | diff --git a/auth2.c b/auth2.c | 456 | diff --git a/auth2.c b/auth2.c |
355 | index 7177962..3f49bdc 100644 | 457 | index 9108b86..ce0d376 100644 |
356 | --- a/auth2.c | 458 | --- a/auth2.c |
357 | +++ b/auth2.c | 459 | +++ b/auth2.c |
358 | @@ -70,6 +70,7 @@ extern Authmethod method_passwd; | 460 | @@ -70,6 +70,7 @@ extern Authmethod method_passwd; |
@@ -371,8 +473,126 @@ index 7177962..3f49bdc 100644 | |||
371 | &method_gssapi, | 473 | &method_gssapi, |
372 | #endif | 474 | #endif |
373 | &method_passwd, | 475 | &method_passwd, |
476 | diff --git a/canohost.c b/canohost.c | ||
477 | index f71a085..404731d 100644 | ||
478 | --- a/canohost.c | ||
479 | +++ b/canohost.c | ||
480 | @@ -35,6 +35,99 @@ | ||
481 | #include "canohost.h" | ||
482 | #include "misc.h" | ||
483 | |||
484 | +/* | ||
485 | + * Returns the remote DNS hostname as a string. The returned string must not | ||
486 | + * be freed. NB. this will usually trigger a DNS query the first time it is | ||
487 | + * called. | ||
488 | + * This function does additional checks on the hostname to mitigate some | ||
489 | + * attacks on legacy rhosts-style authentication. | ||
490 | + * XXX is RhostsRSAAuthentication vulnerable to these? | ||
491 | + * XXX Can we remove these checks? (or if not, remove RhostsRSAAuthentication?) | ||
492 | + */ | ||
493 | + | ||
494 | +char * | ||
495 | +remote_hostname(struct ssh *ssh) | ||
496 | +{ | ||
497 | + struct sockaddr_storage from; | ||
498 | + socklen_t fromlen; | ||
499 | + struct addrinfo hints, *ai, *aitop; | ||
500 | + char name[NI_MAXHOST], ntop2[NI_MAXHOST]; | ||
501 | + const char *ntop = ssh_remote_ipaddr(ssh); | ||
502 | + | ||
503 | + /* Get IP address of client. */ | ||
504 | + fromlen = sizeof(from); | ||
505 | + memset(&from, 0, sizeof(from)); | ||
506 | + if (getpeername(ssh_packet_get_connection_in(ssh), | ||
507 | + (struct sockaddr *)&from, &fromlen) < 0) { | ||
508 | + debug("getpeername failed: %.100s", strerror(errno)); | ||
509 | + return strdup(ntop); | ||
510 | + } | ||
511 | + | ||
512 | + ipv64_normalise_mapped(&from, &fromlen); | ||
513 | + if (from.ss_family == AF_INET6) | ||
514 | + fromlen = sizeof(struct sockaddr_in6); | ||
515 | + | ||
516 | + debug3("Trying to reverse map address %.100s.", ntop); | ||
517 | + /* Map the IP address to a host name. */ | ||
518 | + if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), | ||
519 | + NULL, 0, NI_NAMEREQD) != 0) { | ||
520 | + /* Host name not found. Use ip address. */ | ||
521 | + return strdup(ntop); | ||
522 | + } | ||
523 | + | ||
524 | + /* | ||
525 | + * if reverse lookup result looks like a numeric hostname, | ||
526 | + * someone is trying to trick us by PTR record like following: | ||
527 | + * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 | ||
528 | + */ | ||
529 | + memset(&hints, 0, sizeof(hints)); | ||
530 | + hints.ai_socktype = SOCK_DGRAM; /*dummy*/ | ||
531 | + hints.ai_flags = AI_NUMERICHOST; | ||
532 | + if (getaddrinfo(name, NULL, &hints, &ai) == 0) { | ||
533 | + logit("Nasty PTR record \"%s\" is set up for %s, ignoring", | ||
534 | + name, ntop); | ||
535 | + freeaddrinfo(ai); | ||
536 | + return strdup(ntop); | ||
537 | + } | ||
538 | + | ||
539 | + /* Names are stored in lowercase. */ | ||
540 | + lowercase(name); | ||
541 | + | ||
542 | + /* | ||
543 | + * Map it back to an IP address and check that the given | ||
544 | + * address actually is an address of this host. This is | ||
545 | + * necessary because anyone with access to a name server can | ||
546 | + * define arbitrary names for an IP address. Mapping from | ||
547 | + * name to IP address can be trusted better (but can still be | ||
548 | + * fooled if the intruder has access to the name server of | ||
549 | + * the domain). | ||
550 | + */ | ||
551 | + memset(&hints, 0, sizeof(hints)); | ||
552 | + hints.ai_family = from.ss_family; | ||
553 | + hints.ai_socktype = SOCK_STREAM; | ||
554 | + if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { | ||
555 | + logit("reverse mapping checking getaddrinfo for %.700s " | ||
556 | + "[%s] failed.", name, ntop); | ||
557 | + return strdup(ntop); | ||
558 | + } | ||
559 | + /* Look for the address from the list of addresses. */ | ||
560 | + for (ai = aitop; ai; ai = ai->ai_next) { | ||
561 | + if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, | ||
562 | + sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && | ||
563 | + (strcmp(ntop, ntop2) == 0)) | ||
564 | + break; | ||
565 | + } | ||
566 | + freeaddrinfo(aitop); | ||
567 | + /* If we reached the end of the list, the address was not there. */ | ||
568 | + if (ai == NULL) { | ||
569 | + /* Address not found for the host name. */ | ||
570 | + logit("Address %.100s maps to %.600s, but this does not " | ||
571 | + "map back to the address.", ntop, name); | ||
572 | + return strdup(ntop); | ||
573 | + } | ||
574 | + return strdup(name); | ||
575 | +} | ||
576 | + | ||
577 | void | ||
578 | ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) | ||
579 | { | ||
580 | diff --git a/canohost.h b/canohost.h | ||
581 | index 26d6285..0cadc9f 100644 | ||
582 | --- a/canohost.h | ||
583 | +++ b/canohost.h | ||
584 | @@ -15,6 +15,9 @@ | ||
585 | #ifndef _CANOHOST_H | ||
586 | #define _CANOHOST_H | ||
587 | |||
588 | +struct ssh; | ||
589 | + | ||
590 | +char *remote_hostname(struct ssh *); | ||
591 | char *get_peer_ipaddr(int); | ||
592 | int get_peer_port(int); | ||
593 | char *get_local_ipaddr(int); | ||
374 | diff --git a/clientloop.c b/clientloop.c | 594 | diff --git a/clientloop.c b/clientloop.c |
375 | index 9820455..1567e4a 100644 | 595 | index 2c44f5d..421241f 100644 |
376 | --- a/clientloop.c | 596 | --- a/clientloop.c |
377 | +++ b/clientloop.c | 597 | +++ b/clientloop.c |
378 | @@ -114,6 +114,10 @@ | 598 | @@ -114,6 +114,10 @@ |
@@ -386,7 +606,7 @@ index 9820455..1567e4a 100644 | |||
386 | /* import options */ | 606 | /* import options */ |
387 | extern Options options; | 607 | extern Options options; |
388 | 608 | ||
389 | @@ -1662,9 +1666,18 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | 609 | @@ -1666,9 +1670,18 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) |
390 | break; | 610 | break; |
391 | 611 | ||
392 | /* Do channel operations unless rekeying in progress. */ | 612 | /* Do channel operations unless rekeying in progress. */ |
@@ -407,10 +627,10 @@ index 9820455..1567e4a 100644 | |||
407 | client_process_net_input(readset); | 627 | client_process_net_input(readset); |
408 | 628 | ||
409 | diff --git a/config.h.in b/config.h.in | 629 | diff --git a/config.h.in b/config.h.in |
410 | index 89bf1b0..621c139 100644 | 630 | index 39d018f..d7caf9a 100644 |
411 | --- a/config.h.in | 631 | --- a/config.h.in |
412 | +++ b/config.h.in | 632 | +++ b/config.h.in |
413 | @@ -1641,6 +1641,9 @@ | 633 | @@ -1668,6 +1668,9 @@ |
414 | /* Use btmp to log bad logins */ | 634 | /* Use btmp to log bad logins */ |
415 | #undef USE_BTMP | 635 | #undef USE_BTMP |
416 | 636 | ||
@@ -420,7 +640,7 @@ index 89bf1b0..621c139 100644 | |||
420 | /* Use libedit for sftp */ | 640 | /* Use libedit for sftp */ |
421 | #undef USE_LIBEDIT | 641 | #undef USE_LIBEDIT |
422 | 642 | ||
423 | @@ -1656,6 +1659,9 @@ | 643 | @@ -1683,6 +1686,9 @@ |
424 | /* Use PIPES instead of a socketpair() */ | 644 | /* Use PIPES instead of a socketpair() */ |
425 | #undef USE_PIPES | 645 | #undef USE_PIPES |
426 | 646 | ||
@@ -431,7 +651,7 @@ index 89bf1b0..621c139 100644 | |||
431 | #undef USE_SOLARIS_PRIVS | 651 | #undef USE_SOLARIS_PRIVS |
432 | 652 | ||
433 | diff --git a/configure.ac b/configure.ac | 653 | diff --git a/configure.ac b/configure.ac |
434 | index 7258cc0..5f1ff74 100644 | 654 | index 373d21b..894ec3b 100644 |
435 | --- a/configure.ac | 655 | --- a/configure.ac |
436 | +++ b/configure.ac | 656 | +++ b/configure.ac |
437 | @@ -632,6 +632,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | 657 | @@ -632,6 +632,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) |
@@ -463,7 +683,7 @@ index 7258cc0..5f1ff74 100644 | |||
463 | + [AC_MSG_RESULT([no])] | 683 | + [AC_MSG_RESULT([no])] |
464 | + ) | 684 | + ) |
465 | m4_pattern_allow([AU_IPv]) | 685 | m4_pattern_allow([AU_IPv]) |
466 | AC_CHECK_DECL([AU_IPv4], [], | 686 | AC_CHECK_DECL([AU_IPv4], [], |
467 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) | 687 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) |
468 | diff --git a/gss-genr.c b/gss-genr.c | 688 | diff --git a/gss-genr.c b/gss-genr.c |
469 | index d617d60..b4eca3f 100644 | 689 | index d617d60..b4eca3f 100644 |
@@ -1214,10 +1434,10 @@ index 53993d6..2f6baf7 100644 | |||
1214 | 1434 | ||
1215 | #endif | 1435 | #endif |
1216 | diff --git a/kex.c b/kex.c | 1436 | diff --git a/kex.c b/kex.c |
1217 | index d371f47..913e923 100644 | 1437 | index 50c7a0f..c17d652 100644 |
1218 | --- a/kex.c | 1438 | --- a/kex.c |
1219 | +++ b/kex.c | 1439 | +++ b/kex.c |
1220 | @@ -54,6 +54,10 @@ | 1440 | @@ -55,6 +55,10 @@ |
1221 | #include "sshbuf.h" | 1441 | #include "sshbuf.h" |
1222 | #include "digest.h" | 1442 | #include "digest.h" |
1223 | 1443 | ||
@@ -1228,7 +1448,7 @@ index d371f47..913e923 100644 | |||
1228 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L | 1448 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L |
1229 | # if defined(HAVE_EVP_SHA256) | 1449 | # if defined(HAVE_EVP_SHA256) |
1230 | # define evp_ssh_sha256 EVP_sha256 | 1450 | # define evp_ssh_sha256 EVP_sha256 |
1231 | @@ -109,6 +113,14 @@ static const struct kexalg kexalgs[] = { | 1451 | @@ -113,6 +117,14 @@ static const struct kexalg kexalgs[] = { |
1232 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ | 1452 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ |
1233 | { NULL, -1, -1, -1}, | 1453 | { NULL, -1, -1, -1}, |
1234 | }; | 1454 | }; |
@@ -1243,7 +1463,7 @@ index d371f47..913e923 100644 | |||
1243 | 1463 | ||
1244 | char * | 1464 | char * |
1245 | kex_alg_list(char sep) | 1465 | kex_alg_list(char sep) |
1246 | @@ -141,6 +153,10 @@ kex_alg_by_name(const char *name) | 1466 | @@ -145,6 +157,10 @@ kex_alg_by_name(const char *name) |
1247 | if (strcmp(k->name, name) == 0) | 1467 | if (strcmp(k->name, name) == 0) |
1248 | return k; | 1468 | return k; |
1249 | } | 1469 | } |
@@ -1254,11 +1474,21 @@ index d371f47..913e923 100644 | |||
1254 | return NULL; | 1474 | return NULL; |
1255 | } | 1475 | } |
1256 | 1476 | ||
1477 | @@ -587,6 +603,9 @@ kex_free(struct kex *kex) | ||
1478 | sshbuf_free(kex->peer); | ||
1479 | sshbuf_free(kex->my); | ||
1480 | free(kex->session_id); | ||
1481 | +#ifdef GSSAPI | ||
1482 | + free(kex->gss_host); | ||
1483 | +#endif /* GSSAPI */ | ||
1484 | free(kex->client_version_string); | ||
1485 | free(kex->server_version_string); | ||
1486 | free(kex->failed_choice); | ||
1257 | diff --git a/kex.h b/kex.h | 1487 | diff --git a/kex.h b/kex.h |
1258 | index 1c58966..123ef83 100644 | 1488 | index c351955..8ed459a 100644 |
1259 | --- a/kex.h | 1489 | --- a/kex.h |
1260 | +++ b/kex.h | 1490 | +++ b/kex.h |
1261 | @@ -92,6 +92,9 @@ enum kex_exchange { | 1491 | @@ -98,6 +98,9 @@ enum kex_exchange { |
1262 | KEX_DH_GEX_SHA256, | 1492 | KEX_DH_GEX_SHA256, |
1263 | KEX_ECDH_SHA2, | 1493 | KEX_ECDH_SHA2, |
1264 | KEX_C25519_SHA256, | 1494 | KEX_C25519_SHA256, |
@@ -1268,7 +1498,7 @@ index 1c58966..123ef83 100644 | |||
1268 | KEX_MAX | 1498 | KEX_MAX |
1269 | }; | 1499 | }; |
1270 | 1500 | ||
1271 | @@ -140,6 +143,12 @@ struct kex { | 1501 | @@ -146,6 +149,12 @@ struct kex { |
1272 | u_int flags; | 1502 | u_int flags; |
1273 | int hash_alg; | 1503 | int hash_alg; |
1274 | int ec_nid; | 1504 | int ec_nid; |
@@ -1281,7 +1511,7 @@ index 1c58966..123ef83 100644 | |||
1281 | char *client_version_string; | 1511 | char *client_version_string; |
1282 | char *server_version_string; | 1512 | char *server_version_string; |
1283 | char *failed_choice; | 1513 | char *failed_choice; |
1284 | @@ -190,6 +199,11 @@ int kexecdh_server(struct ssh *); | 1514 | @@ -196,6 +205,11 @@ int kexecdh_server(struct ssh *); |
1285 | int kexc25519_client(struct ssh *); | 1515 | int kexc25519_client(struct ssh *); |
1286 | int kexc25519_server(struct ssh *); | 1516 | int kexc25519_server(struct ssh *); |
1287 | 1517 | ||
@@ -1290,15 +1520,15 @@ index 1c58966..123ef83 100644 | |||
1290 | +int kexgss_server(struct ssh *); | 1520 | +int kexgss_server(struct ssh *); |
1291 | +#endif | 1521 | +#endif |
1292 | + | 1522 | + |
1293 | int kex_dh_hash(const char *, const char *, | 1523 | int kex_dh_hash(int, const char *, const char *, |
1294 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 1524 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
1295 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 1525 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); |
1296 | diff --git a/kexgssc.c b/kexgssc.c | 1526 | diff --git a/kexgssc.c b/kexgssc.c |
1297 | new file mode 100644 | 1527 | new file mode 100644 |
1298 | index 0000000..a49bac2 | 1528 | index 0000000..10447f2 |
1299 | --- /dev/null | 1529 | --- /dev/null |
1300 | +++ b/kexgssc.c | 1530 | +++ b/kexgssc.c |
1301 | @@ -0,0 +1,336 @@ | 1531 | @@ -0,0 +1,338 @@ |
1302 | +/* | 1532 | +/* |
1303 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. | 1533 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. |
1304 | + * | 1534 | + * |
@@ -1570,7 +1800,9 @@ index 0000000..a49bac2 | |||
1570 | + switch (ssh->kex->kex_type) { | 1800 | + switch (ssh->kex->kex_type) { |
1571 | + case KEX_GSS_GRP1_SHA1: | 1801 | + case KEX_GSS_GRP1_SHA1: |
1572 | + case KEX_GSS_GRP14_SHA1: | 1802 | + case KEX_GSS_GRP14_SHA1: |
1573 | + kex_dh_hash( ssh->kex->client_version_string, | 1803 | + kex_dh_hash( |
1804 | + ssh->kex->hash_alg, | ||
1805 | + ssh->kex->client_version_string, | ||
1574 | + ssh->kex->server_version_string, | 1806 | + ssh->kex->server_version_string, |
1575 | + buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), | 1807 | + buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), |
1576 | + buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), | 1808 | + buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), |
@@ -1637,10 +1869,10 @@ index 0000000..a49bac2 | |||
1637 | +#endif /* GSSAPI */ | 1869 | +#endif /* GSSAPI */ |
1638 | diff --git a/kexgsss.c b/kexgsss.c | 1870 | diff --git a/kexgsss.c b/kexgsss.c |
1639 | new file mode 100644 | 1871 | new file mode 100644 |
1640 | index 0000000..dd8ba1d | 1872 | index 0000000..38ca082 |
1641 | --- /dev/null | 1873 | --- /dev/null |
1642 | +++ b/kexgsss.c | 1874 | +++ b/kexgsss.c |
1643 | @@ -0,0 +1,294 @@ | 1875 | @@ -0,0 +1,295 @@ |
1644 | +/* | 1876 | +/* |
1645 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. | 1877 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. |
1646 | + * | 1878 | + * |
@@ -1861,6 +2093,7 @@ index 0000000..dd8ba1d | |||
1861 | + case KEX_GSS_GRP1_SHA1: | 2093 | + case KEX_GSS_GRP1_SHA1: |
1862 | + case KEX_GSS_GRP14_SHA1: | 2094 | + case KEX_GSS_GRP14_SHA1: |
1863 | + kex_dh_hash( | 2095 | + kex_dh_hash( |
2096 | + ssh->kex->hash_alg, | ||
1864 | + ssh->kex->client_version_string, ssh->kex->server_version_string, | 2097 | + ssh->kex->client_version_string, ssh->kex->server_version_string, |
1865 | + buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), | 2098 | + buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), |
1866 | + buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), | 2099 | + buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), |
@@ -1936,10 +2169,10 @@ index 0000000..dd8ba1d | |||
1936 | +} | 2169 | +} |
1937 | +#endif /* GSSAPI */ | 2170 | +#endif /* GSSAPI */ |
1938 | diff --git a/monitor.c b/monitor.c | 2171 | diff --git a/monitor.c b/monitor.c |
1939 | index ac7dd30..6c82023 100644 | 2172 | index cb57bd0..05bb48a 100644 |
1940 | --- a/monitor.c | 2173 | --- a/monitor.c |
1941 | +++ b/monitor.c | 2174 | +++ b/monitor.c |
1942 | @@ -156,6 +156,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *); | 2175 | @@ -158,6 +158,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *); |
1943 | int mm_answer_gss_accept_ctx(int, Buffer *); | 2176 | int mm_answer_gss_accept_ctx(int, Buffer *); |
1944 | int mm_answer_gss_userok(int, Buffer *); | 2177 | int mm_answer_gss_userok(int, Buffer *); |
1945 | int mm_answer_gss_checkmic(int, Buffer *); | 2178 | int mm_answer_gss_checkmic(int, Buffer *); |
@@ -1948,7 +2181,7 @@ index ac7dd30..6c82023 100644 | |||
1948 | #endif | 2181 | #endif |
1949 | 2182 | ||
1950 | #ifdef SSH_AUDIT_EVENTS | 2183 | #ifdef SSH_AUDIT_EVENTS |
1951 | @@ -233,11 +235,18 @@ struct mon_table mon_dispatch_proto20[] = { | 2184 | @@ -235,11 +237,18 @@ struct mon_table mon_dispatch_proto20[] = { |
1952 | {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, | 2185 | {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, |
1953 | {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, | 2186 | {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, |
1954 | {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, | 2187 | {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, |
@@ -1967,7 +2200,7 @@ index ac7dd30..6c82023 100644 | |||
1967 | #ifdef WITH_OPENSSL | 2200 | #ifdef WITH_OPENSSL |
1968 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, | 2201 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, |
1969 | #endif | 2202 | #endif |
1970 | @@ -352,6 +361,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | 2203 | @@ -354,6 +363,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) |
1971 | /* Permit requests for moduli and signatures */ | 2204 | /* Permit requests for moduli and signatures */ |
1972 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | 2205 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); |
1973 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | 2206 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); |
@@ -1978,7 +2211,7 @@ index ac7dd30..6c82023 100644 | |||
1978 | } else { | 2211 | } else { |
1979 | mon_dispatch = mon_dispatch_proto15; | 2212 | mon_dispatch = mon_dispatch_proto15; |
1980 | 2213 | ||
1981 | @@ -460,6 +473,10 @@ monitor_child_postauth(struct monitor *pmonitor) | 2214 | @@ -462,6 +475,10 @@ monitor_child_postauth(struct monitor *pmonitor) |
1982 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | 2215 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); |
1983 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | 2216 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); |
1984 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); | 2217 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); |
@@ -1989,7 +2222,7 @@ index ac7dd30..6c82023 100644 | |||
1989 | } else { | 2222 | } else { |
1990 | mon_dispatch = mon_dispatch_postauth15; | 2223 | mon_dispatch = mon_dispatch_postauth15; |
1991 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); | 2224 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); |
1992 | @@ -1861,6 +1878,13 @@ monitor_apply_keystate(struct monitor *pmonitor) | 2225 | @@ -1876,6 +1893,13 @@ monitor_apply_keystate(struct monitor *pmonitor) |
1993 | # endif | 2226 | # endif |
1994 | #endif /* WITH_OPENSSL */ | 2227 | #endif /* WITH_OPENSSL */ |
1995 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 2228 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
@@ -2003,7 +2236,7 @@ index ac7dd30..6c82023 100644 | |||
2003 | kex->load_host_public_key=&get_hostkey_public_by_type; | 2236 | kex->load_host_public_key=&get_hostkey_public_by_type; |
2004 | kex->load_host_private_key=&get_hostkey_private_by_type; | 2237 | kex->load_host_private_key=&get_hostkey_private_by_type; |
2005 | kex->host_key_index=&get_hostkey_index; | 2238 | kex->host_key_index=&get_hostkey_index; |
2006 | @@ -1960,6 +1984,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) | 2239 | @@ -1975,6 +1999,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) |
2007 | OM_uint32 major; | 2240 | OM_uint32 major; |
2008 | u_int len; | 2241 | u_int len; |
2009 | 2242 | ||
@@ -2013,7 +2246,7 @@ index ac7dd30..6c82023 100644 | |||
2013 | goid.elements = buffer_get_string(m, &len); | 2246 | goid.elements = buffer_get_string(m, &len); |
2014 | goid.length = len; | 2247 | goid.length = len; |
2015 | 2248 | ||
2016 | @@ -1987,6 +2014,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) | 2249 | @@ -2002,6 +2029,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) |
2017 | OM_uint32 flags = 0; /* GSI needs this */ | 2250 | OM_uint32 flags = 0; /* GSI needs this */ |
2018 | u_int len; | 2251 | u_int len; |
2019 | 2252 | ||
@@ -2023,7 +2256,7 @@ index ac7dd30..6c82023 100644 | |||
2023 | in.value = buffer_get_string(m, &len); | 2256 | in.value = buffer_get_string(m, &len); |
2024 | in.length = len; | 2257 | in.length = len; |
2025 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); | 2258 | major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); |
2026 | @@ -2004,6 +2034,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) | 2259 | @@ -2019,6 +2049,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) |
2027 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); | 2260 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); |
2028 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); | 2261 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); |
2029 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); | 2262 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); |
@@ -2031,7 +2264,7 @@ index ac7dd30..6c82023 100644 | |||
2031 | } | 2264 | } |
2032 | return (0); | 2265 | return (0); |
2033 | } | 2266 | } |
2034 | @@ -2015,6 +2046,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m) | 2267 | @@ -2030,6 +2061,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m) |
2035 | OM_uint32 ret; | 2268 | OM_uint32 ret; |
2036 | u_int len; | 2269 | u_int len; |
2037 | 2270 | ||
@@ -2041,7 +2274,7 @@ index ac7dd30..6c82023 100644 | |||
2041 | gssbuf.value = buffer_get_string(m, &len); | 2274 | gssbuf.value = buffer_get_string(m, &len); |
2042 | gssbuf.length = len; | 2275 | gssbuf.length = len; |
2043 | mic.value = buffer_get_string(m, &len); | 2276 | mic.value = buffer_get_string(m, &len); |
2044 | @@ -2041,7 +2075,11 @@ mm_answer_gss_userok(int sock, Buffer *m) | 2277 | @@ -2056,7 +2090,11 @@ mm_answer_gss_userok(int sock, Buffer *m) |
2045 | { | 2278 | { |
2046 | int authenticated; | 2279 | int authenticated; |
2047 | 2280 | ||
@@ -2054,7 +2287,7 @@ index ac7dd30..6c82023 100644 | |||
2054 | 2287 | ||
2055 | buffer_clear(m); | 2288 | buffer_clear(m); |
2056 | buffer_put_int(m, authenticated); | 2289 | buffer_put_int(m, authenticated); |
2057 | @@ -2054,5 +2092,73 @@ mm_answer_gss_userok(int sock, Buffer *m) | 2290 | @@ -2069,5 +2107,73 @@ mm_answer_gss_userok(int sock, Buffer *m) |
2058 | /* Monitor loop will terminate if authenticated */ | 2291 | /* Monitor loop will terminate if authenticated */ |
2059 | return (authenticated); | 2292 | return (authenticated); |
2060 | } | 2293 | } |
@@ -2143,10 +2376,10 @@ index 93b8b66..bc50ade 100644 | |||
2143 | 2376 | ||
2144 | struct mm_master; | 2377 | struct mm_master; |
2145 | diff --git a/monitor_wrap.c b/monitor_wrap.c | 2378 | diff --git a/monitor_wrap.c b/monitor_wrap.c |
2146 | index c5db6df..74fbd2e 100644 | 2379 | index 99dc13b..5a9f1b5 100644 |
2147 | --- a/monitor_wrap.c | 2380 | --- a/monitor_wrap.c |
2148 | +++ b/monitor_wrap.c | 2381 | +++ b/monitor_wrap.c |
2149 | @@ -1068,7 +1068,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) | 2382 | @@ -1073,7 +1073,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) |
2150 | } | 2383 | } |
2151 | 2384 | ||
2152 | int | 2385 | int |
@@ -2155,7 +2388,7 @@ index c5db6df..74fbd2e 100644 | |||
2155 | { | 2388 | { |
2156 | Buffer m; | 2389 | Buffer m; |
2157 | int authenticated = 0; | 2390 | int authenticated = 0; |
2158 | @@ -1085,5 +1085,50 @@ mm_ssh_gssapi_userok(char *user) | 2391 | @@ -1090,5 +1090,50 @@ mm_ssh_gssapi_userok(char *user) |
2159 | debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); | 2392 | debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); |
2160 | return (authenticated); | 2393 | return (authenticated); |
2161 | } | 2394 | } |
@@ -2207,10 +2440,10 @@ index c5db6df..74fbd2e 100644 | |||
2207 | #endif /* GSSAPI */ | 2440 | #endif /* GSSAPI */ |
2208 | 2441 | ||
2209 | diff --git a/monitor_wrap.h b/monitor_wrap.h | 2442 | diff --git a/monitor_wrap.h b/monitor_wrap.h |
2210 | index eb820ae..403f8d0 100644 | 2443 | index 9fd02b3..b5414c2 100644 |
2211 | --- a/monitor_wrap.h | 2444 | --- a/monitor_wrap.h |
2212 | +++ b/monitor_wrap.h | 2445 | +++ b/monitor_wrap.h |
2213 | @@ -58,8 +58,10 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *); | 2446 | @@ -60,8 +60,10 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *); |
2214 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 2447 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
2215 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, | 2448 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, |
2216 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); | 2449 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); |
@@ -2223,10 +2456,10 @@ index eb820ae..403f8d0 100644 | |||
2223 | 2456 | ||
2224 | #ifdef USE_PAM | 2457 | #ifdef USE_PAM |
2225 | diff --git a/readconf.c b/readconf.c | 2458 | diff --git a/readconf.c b/readconf.c |
2226 | index 69d4553..d2a3d4b 100644 | 2459 | index c177202..e019195 100644 |
2227 | --- a/readconf.c | 2460 | --- a/readconf.c |
2228 | +++ b/readconf.c | 2461 | +++ b/readconf.c |
2229 | @@ -148,6 +148,8 @@ typedef enum { | 2462 | @@ -160,6 +160,8 @@ typedef enum { |
2230 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 2463 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
2231 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 2464 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
2232 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 2465 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
@@ -2235,7 +2468,7 @@ index 69d4553..d2a3d4b 100644 | |||
2235 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 2468 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
2236 | oSendEnv, oControlPath, oControlMaster, oControlPersist, | 2469 | oSendEnv, oControlPath, oControlMaster, oControlPersist, |
2237 | oHashKnownHosts, | 2470 | oHashKnownHosts, |
2238 | @@ -193,10 +195,19 @@ static struct { | 2471 | @@ -205,10 +207,19 @@ static struct { |
2239 | { "afstokenpassing", oUnsupported }, | 2472 | { "afstokenpassing", oUnsupported }, |
2240 | #if defined(GSSAPI) | 2473 | #if defined(GSSAPI) |
2241 | { "gssapiauthentication", oGssAuthentication }, | 2474 | { "gssapiauthentication", oGssAuthentication }, |
@@ -2255,7 +2488,7 @@ index 69d4553..d2a3d4b 100644 | |||
2255 | #endif | 2488 | #endif |
2256 | { "fallbacktorsh", oDeprecated }, | 2489 | { "fallbacktorsh", oDeprecated }, |
2257 | { "usersh", oDeprecated }, | 2490 | { "usersh", oDeprecated }, |
2258 | @@ -926,10 +937,30 @@ parse_time: | 2491 | @@ -962,10 +973,30 @@ parse_time: |
2259 | intptr = &options->gss_authentication; | 2492 | intptr = &options->gss_authentication; |
2260 | goto parse_flag; | 2493 | goto parse_flag; |
2261 | 2494 | ||
@@ -2286,7 +2519,7 @@ index 69d4553..d2a3d4b 100644 | |||
2286 | case oBatchMode: | 2519 | case oBatchMode: |
2287 | intptr = &options->batch_mode; | 2520 | intptr = &options->batch_mode; |
2288 | goto parse_flag; | 2521 | goto parse_flag; |
2289 | @@ -1648,7 +1679,12 @@ initialize_options(Options * options) | 2522 | @@ -1777,7 +1808,12 @@ initialize_options(Options * options) |
2290 | options->pubkey_authentication = -1; | 2523 | options->pubkey_authentication = -1; |
2291 | options->challenge_response_authentication = -1; | 2524 | options->challenge_response_authentication = -1; |
2292 | options->gss_authentication = -1; | 2525 | options->gss_authentication = -1; |
@@ -2299,7 +2532,7 @@ index 69d4553..d2a3d4b 100644 | |||
2299 | options->password_authentication = -1; | 2532 | options->password_authentication = -1; |
2300 | options->kbd_interactive_authentication = -1; | 2533 | options->kbd_interactive_authentication = -1; |
2301 | options->kbd_interactive_devices = NULL; | 2534 | options->kbd_interactive_devices = NULL; |
2302 | @@ -1777,8 +1813,14 @@ fill_default_options(Options * options) | 2535 | @@ -1921,8 +1957,14 @@ fill_default_options(Options * options) |
2303 | options->challenge_response_authentication = 1; | 2536 | options->challenge_response_authentication = 1; |
2304 | if (options->gss_authentication == -1) | 2537 | if (options->gss_authentication == -1) |
2305 | options->gss_authentication = 0; | 2538 | options->gss_authentication = 0; |
@@ -2315,7 +2548,7 @@ index 69d4553..d2a3d4b 100644 | |||
2315 | options->password_authentication = 1; | 2548 | options->password_authentication = 1; |
2316 | if (options->kbd_interactive_authentication == -1) | 2549 | if (options->kbd_interactive_authentication == -1) |
2317 | diff --git a/readconf.h b/readconf.h | 2550 | diff --git a/readconf.h b/readconf.h |
2318 | index c84d068..37a0555 100644 | 2551 | index cef55f7..fd3d7c7 100644 |
2319 | --- a/readconf.h | 2552 | --- a/readconf.h |
2320 | +++ b/readconf.h | 2553 | +++ b/readconf.h |
2321 | @@ -45,7 +45,12 @@ typedef struct { | 2554 | @@ -45,7 +45,12 @@ typedef struct { |
@@ -2332,7 +2565,7 @@ index c84d068..37a0555 100644 | |||
2332 | * authentication. */ | 2565 | * authentication. */ |
2333 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ | 2566 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ |
2334 | diff --git a/servconf.c b/servconf.c | 2567 | diff --git a/servconf.c b/servconf.c |
2335 | index b19d30e..b8af6dd 100644 | 2568 | index 873b0d0..9b06281 100644 |
2336 | --- a/servconf.c | 2569 | --- a/servconf.c |
2337 | +++ b/servconf.c | 2570 | +++ b/servconf.c |
2338 | @@ -117,8 +117,10 @@ initialize_server_options(ServerOptions *options) | 2571 | @@ -117,8 +117,10 @@ initialize_server_options(ServerOptions *options) |
@@ -2362,7 +2595,7 @@ index b19d30e..b8af6dd 100644 | |||
2362 | if (options->password_authentication == -1) | 2595 | if (options->password_authentication == -1) |
2363 | options->password_authentication = 1; | 2596 | options->password_authentication = 1; |
2364 | if (options->kbd_interactive_authentication == -1) | 2597 | if (options->kbd_interactive_authentication == -1) |
2365 | @@ -419,6 +425,7 @@ typedef enum { | 2598 | @@ -427,6 +433,7 @@ typedef enum { |
2366 | sHostKeyAlgorithms, | 2599 | sHostKeyAlgorithms, |
2367 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, | 2600 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
2368 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, | 2601 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
@@ -2370,7 +2603,7 @@ index b19d30e..b8af6dd 100644 | |||
2370 | sAcceptEnv, sPermitTunnel, | 2603 | sAcceptEnv, sPermitTunnel, |
2371 | sMatch, sPermitOpen, sForceCommand, sChrootDirectory, | 2604 | sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
2372 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 2605 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
2373 | @@ -492,12 +499,20 @@ static struct { | 2606 | @@ -500,12 +507,20 @@ static struct { |
2374 | #ifdef GSSAPI | 2607 | #ifdef GSSAPI |
2375 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, | 2608 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, |
2376 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, | 2609 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, |
@@ -2391,7 +2624,7 @@ index b19d30e..b8af6dd 100644 | |||
2391 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, | 2624 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, |
2392 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, | 2625 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
2393 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, | 2626 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
2394 | @@ -1242,6 +1257,10 @@ process_server_config_line(ServerOptions *options, char *line, | 2627 | @@ -1251,6 +1266,10 @@ process_server_config_line(ServerOptions *options, char *line, |
2395 | intptr = &options->gss_authentication; | 2628 | intptr = &options->gss_authentication; |
2396 | goto parse_flag; | 2629 | goto parse_flag; |
2397 | 2630 | ||
@@ -2402,7 +2635,7 @@ index b19d30e..b8af6dd 100644 | |||
2402 | case sGssCleanupCreds: | 2635 | case sGssCleanupCreds: |
2403 | intptr = &options->gss_cleanup_creds; | 2636 | intptr = &options->gss_cleanup_creds; |
2404 | goto parse_flag; | 2637 | goto parse_flag; |
2405 | @@ -1250,6 +1269,10 @@ process_server_config_line(ServerOptions *options, char *line, | 2638 | @@ -1259,6 +1278,10 @@ process_server_config_line(ServerOptions *options, char *line, |
2406 | intptr = &options->gss_strict_acceptor; | 2639 | intptr = &options->gss_strict_acceptor; |
2407 | goto parse_flag; | 2640 | goto parse_flag; |
2408 | 2641 | ||
@@ -2413,7 +2646,7 @@ index b19d30e..b8af6dd 100644 | |||
2413 | case sPasswordAuthentication: | 2646 | case sPasswordAuthentication: |
2414 | intptr = &options->password_authentication; | 2647 | intptr = &options->password_authentication; |
2415 | goto parse_flag; | 2648 | goto parse_flag; |
2416 | @@ -2265,7 +2288,10 @@ dump_config(ServerOptions *o) | 2649 | @@ -2308,7 +2331,10 @@ dump_config(ServerOptions *o) |
2417 | #endif | 2650 | #endif |
2418 | #ifdef GSSAPI | 2651 | #ifdef GSSAPI |
2419 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); | 2652 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
@@ -2556,7 +2789,7 @@ index 90fb63f..4e879cd 100644 | |||
2556 | # CheckHostIP yes | 2789 | # CheckHostIP yes |
2557 | # AddressFamily any | 2790 | # AddressFamily any |
2558 | diff --git a/ssh_config.5 b/ssh_config.5 | 2791 | diff --git a/ssh_config.5 b/ssh_config.5 |
2559 | index caf13a6..9060d5b 100644 | 2792 | index 7630e7b..707d0e1 100644 |
2560 | --- a/ssh_config.5 | 2793 | --- a/ssh_config.5 |
2561 | +++ b/ssh_config.5 | 2794 | +++ b/ssh_config.5 |
2562 | @@ -826,10 +826,42 @@ The default is | 2795 | @@ -826,10 +826,42 @@ The default is |
@@ -2603,10 +2836,10 @@ index caf13a6..9060d5b 100644 | |||
2603 | Indicates that | 2836 | Indicates that |
2604 | .Xr ssh 1 | 2837 | .Xr ssh 1 |
2605 | diff --git a/sshconnect2.c b/sshconnect2.c | 2838 | diff --git a/sshconnect2.c b/sshconnect2.c |
2606 | index f79c96b..b452eae 100644 | 2839 | index fae8b0f..34b9d30 100644 |
2607 | --- a/sshconnect2.c | 2840 | --- a/sshconnect2.c |
2608 | +++ b/sshconnect2.c | 2841 | +++ b/sshconnect2.c |
2609 | @@ -161,6 +161,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 2842 | @@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
2610 | struct kex *kex; | 2843 | struct kex *kex; |
2611 | int r; | 2844 | int r; |
2612 | 2845 | ||
@@ -2618,7 +2851,7 @@ index f79c96b..b452eae 100644 | |||
2618 | xxx_host = host; | 2851 | xxx_host = host; |
2619 | xxx_hostaddr = hostaddr; | 2852 | xxx_hostaddr = hostaddr; |
2620 | 2853 | ||
2621 | @@ -195,6 +200,33 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 2854 | @@ -192,6 +197,36 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
2622 | order_hostkeyalgs(host, hostaddr, port)); | 2855 | order_hostkeyalgs(host, hostaddr, port)); |
2623 | } | 2856 | } |
2624 | 2857 | ||
@@ -2628,12 +2861,15 @@ index f79c96b..b452eae 100644 | |||
2628 | + * client to the key exchange algorithm proposal */ | 2861 | + * client to the key exchange algorithm proposal */ |
2629 | + orig = myproposal[PROPOSAL_KEX_ALGS]; | 2862 | + orig = myproposal[PROPOSAL_KEX_ALGS]; |
2630 | + | 2863 | + |
2631 | + if (options.gss_trust_dns) | 2864 | + if (options.gss_server_identity) |
2632 | + gss_host = (char *)get_canonical_hostname(1); | 2865 | + gss_host = xstrdup(options.gss_server_identity); |
2866 | + else if (options.gss_trust_dns) | ||
2867 | + gss_host = remote_hostname(active_state); | ||
2633 | + else | 2868 | + else |
2634 | + gss_host = host; | 2869 | + gss_host = xstrdup(host); |
2635 | + | 2870 | + |
2636 | + gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity); | 2871 | + gss = ssh_gssapi_client_mechanisms(gss_host, |
2872 | + options.gss_client_identity); | ||
2637 | + if (gss) { | 2873 | + if (gss) { |
2638 | + debug("Offering GSSAPI proposal: %s", gss); | 2874 | + debug("Offering GSSAPI proposal: %s", gss); |
2639 | + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], | 2875 | + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], |
@@ -2652,7 +2888,7 @@ index f79c96b..b452eae 100644 | |||
2652 | if (options.rekey_limit || options.rekey_interval) | 2888 | if (options.rekey_limit || options.rekey_interval) |
2653 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, | 2889 | packet_set_rekey_limits((u_int32_t)options.rekey_limit, |
2654 | (time_t)options.rekey_interval); | 2890 | (time_t)options.rekey_interval); |
2655 | @@ -213,10 +245,30 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 2891 | @@ -213,10 +248,26 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) |
2656 | # endif | 2892 | # endif |
2657 | #endif | 2893 | #endif |
2658 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 2894 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; |
@@ -2672,18 +2908,14 @@ index f79c96b..b452eae 100644 | |||
2672 | + kex->gss_deleg_creds = options.gss_deleg_creds; | 2908 | + kex->gss_deleg_creds = options.gss_deleg_creds; |
2673 | + kex->gss_trust_dns = options.gss_trust_dns; | 2909 | + kex->gss_trust_dns = options.gss_trust_dns; |
2674 | + kex->gss_client = options.gss_client_identity; | 2910 | + kex->gss_client = options.gss_client_identity; |
2675 | + if (options.gss_server_identity) { | 2911 | + kex->gss_host = gss_host; |
2676 | + kex->gss_host = options.gss_server_identity; | ||
2677 | + } else { | ||
2678 | + kex->gss_host = gss_host; | ||
2679 | + } | ||
2680 | + } | 2912 | + } |
2681 | +#endif | 2913 | +#endif |
2682 | + | 2914 | + |
2683 | dispatch_run(DISPATCH_BLOCK, &kex->done, active_state); | 2915 | dispatch_run(DISPATCH_BLOCK, &kex->done, active_state); |
2684 | 2916 | ||
2685 | /* remove ext-info from the KEX proposals for rekeying */ | 2917 | /* remove ext-info from the KEX proposals for rekeying */ |
2686 | @@ -311,6 +363,7 @@ int input_gssapi_token(int type, u_int32_t, void *); | 2918 | @@ -311,6 +362,7 @@ int input_gssapi_token(int type, u_int32_t, void *); |
2687 | int input_gssapi_hash(int type, u_int32_t, void *); | 2919 | int input_gssapi_hash(int type, u_int32_t, void *); |
2688 | int input_gssapi_error(int, u_int32_t, void *); | 2920 | int input_gssapi_error(int, u_int32_t, void *); |
2689 | int input_gssapi_errtok(int, u_int32_t, void *); | 2921 | int input_gssapi_errtok(int, u_int32_t, void *); |
@@ -2691,7 +2923,7 @@ index f79c96b..b452eae 100644 | |||
2691 | #endif | 2923 | #endif |
2692 | 2924 | ||
2693 | void userauth(Authctxt *, char *); | 2925 | void userauth(Authctxt *, char *); |
2694 | @@ -326,6 +379,11 @@ static char *authmethods_get(void); | 2926 | @@ -326,6 +378,11 @@ static char *authmethods_get(void); |
2695 | 2927 | ||
2696 | Authmethod authmethods[] = { | 2928 | Authmethod authmethods[] = { |
2697 | #ifdef GSSAPI | 2929 | #ifdef GSSAPI |
@@ -2703,18 +2935,18 @@ index f79c96b..b452eae 100644 | |||
2703 | {"gssapi-with-mic", | 2935 | {"gssapi-with-mic", |
2704 | userauth_gssapi, | 2936 | userauth_gssapi, |
2705 | NULL, | 2937 | NULL, |
2706 | @@ -656,19 +714,31 @@ userauth_gssapi(Authctxt *authctxt) | 2938 | @@ -650,25 +707,40 @@ userauth_gssapi(Authctxt *authctxt) |
2707 | static u_int mech = 0; | 2939 | static u_int mech = 0; |
2708 | OM_uint32 min; | 2940 | OM_uint32 min; |
2709 | int ok = 0; | 2941 | int ok = 0; |
2710 | + const char *gss_host; | 2942 | + char *gss_host; |
2711 | + | 2943 | + |
2712 | + if (options.gss_server_identity) | 2944 | + if (options.gss_server_identity) |
2713 | + gss_host = options.gss_server_identity; | 2945 | + gss_host = xstrdup(options.gss_server_identity); |
2714 | + else if (options.gss_trust_dns) | 2946 | + else if (options.gss_trust_dns) |
2715 | + gss_host = get_canonical_hostname(1); | 2947 | + gss_host = remote_hostname(active_state); |
2716 | + else | 2948 | + else |
2717 | + gss_host = authctxt->host; | 2949 | + gss_host = xstrdup(authctxt->host); |
2718 | 2950 | ||
2719 | /* Try one GSSAPI method at a time, rather than sending them all at | 2951 | /* Try one GSSAPI method at a time, rather than sending them all at |
2720 | * once. */ | 2952 | * once. */ |
@@ -2723,6 +2955,7 @@ index f79c96b..b452eae 100644 | |||
2723 | - gss_indicate_mechs(&min, &gss_supported); | 2955 | - gss_indicate_mechs(&min, &gss_supported); |
2724 | + if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { | 2956 | + if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { |
2725 | + gss_supported = NULL; | 2957 | + gss_supported = NULL; |
2958 | + free(gss_host); | ||
2726 | + return 0; | 2959 | + return 0; |
2727 | + } | 2960 | + } |
2728 | 2961 | ||
@@ -2737,7 +2970,15 @@ index f79c96b..b452eae 100644 | |||
2737 | ok = 1; /* Mechanism works */ | 2970 | ok = 1; /* Mechanism works */ |
2738 | } else { | 2971 | } else { |
2739 | mech++; | 2972 | mech++; |
2740 | @@ -765,8 +835,8 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) | 2973 | } |
2974 | } | ||
2975 | |||
2976 | + free(gss_host); | ||
2977 | + | ||
2978 | if (!ok) | ||
2979 | return 0; | ||
2980 | |||
2981 | @@ -759,8 +831,8 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) | ||
2741 | { | 2982 | { |
2742 | Authctxt *authctxt = ctxt; | 2983 | Authctxt *authctxt = ctxt; |
2743 | Gssctxt *gssctxt; | 2984 | Gssctxt *gssctxt; |
@@ -2748,7 +2989,7 @@ index f79c96b..b452eae 100644 | |||
2748 | 2989 | ||
2749 | if (authctxt == NULL) | 2990 | if (authctxt == NULL) |
2750 | fatal("input_gssapi_response: no authentication context"); | 2991 | fatal("input_gssapi_response: no authentication context"); |
2751 | @@ -879,6 +949,48 @@ input_gssapi_error(int type, u_int32_t plen, void *ctxt) | 2992 | @@ -873,6 +945,48 @@ input_gssapi_error(int type, u_int32_t plen, void *ctxt) |
2752 | free(lang); | 2993 | free(lang); |
2753 | return 0; | 2994 | return 0; |
2754 | } | 2995 | } |
@@ -2798,7 +3039,7 @@ index f79c96b..b452eae 100644 | |||
2798 | 3039 | ||
2799 | int | 3040 | int |
2800 | diff --git a/sshd.c b/sshd.c | 3041 | diff --git a/sshd.c b/sshd.c |
2801 | index 430569c..5cd9129 100644 | 3042 | index 799c771..ebb88c7 100644 |
2802 | --- a/sshd.c | 3043 | --- a/sshd.c |
2803 | +++ b/sshd.c | 3044 | +++ b/sshd.c |
2804 | @@ -125,6 +125,10 @@ | 3045 | @@ -125,6 +125,10 @@ |
@@ -2812,7 +3053,7 @@ index 430569c..5cd9129 100644 | |||
2812 | #ifndef O_NOCTTY | 3053 | #ifndef O_NOCTTY |
2813 | #define O_NOCTTY 0 | 3054 | #define O_NOCTTY 0 |
2814 | #endif | 3055 | #endif |
2815 | @@ -1833,10 +1837,13 @@ main(int ac, char **av) | 3056 | @@ -1892,10 +1896,13 @@ main(int ac, char **av) |
2816 | logit("Disabling protocol version 1. Could not load host key"); | 3057 | logit("Disabling protocol version 1. Could not load host key"); |
2817 | options.protocol &= ~SSH_PROTO_1; | 3058 | options.protocol &= ~SSH_PROTO_1; |
2818 | } | 3059 | } |
@@ -2826,8 +3067,8 @@ index 430569c..5cd9129 100644 | |||
2826 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { | 3067 | if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { |
2827 | logit("sshd: no hostkeys available -- exiting."); | 3068 | logit("sshd: no hostkeys available -- exiting."); |
2828 | exit(1); | 3069 | exit(1); |
2829 | @@ -2151,6 +2158,60 @@ main(int ac, char **av) | 3070 | @@ -2207,6 +2214,60 @@ main(int ac, char **av) |
2830 | remote_ip, remote_port, laddr, get_local_port()); | 3071 | remote_ip, remote_port, laddr, ssh_local_port(ssh)); |
2831 | free(laddr); | 3072 | free(laddr); |
2832 | 3073 | ||
2833 | +#ifdef USE_SECURITY_SESSION_API | 3074 | +#ifdef USE_SECURITY_SESSION_API |
@@ -2887,7 +3128,7 @@ index 430569c..5cd9129 100644 | |||
2887 | /* | 3128 | /* |
2888 | * We don't want to listen forever unless the other side | 3129 | * We don't want to listen forever unless the other side |
2889 | * successfully authenticates itself. So we set up an alarm which is | 3130 | * successfully authenticates itself. So we set up an alarm which is |
2890 | @@ -2571,6 +2632,48 @@ do_ssh2_kex(void) | 3131 | @@ -2631,6 +2692,48 @@ do_ssh2_kex(void) |
2891 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( | 3132 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |
2892 | list_hostkey_types()); | 3133 | list_hostkey_types()); |
2893 | 3134 | ||
@@ -2936,7 +3177,7 @@ index 430569c..5cd9129 100644 | |||
2936 | /* start key exchange */ | 3177 | /* start key exchange */ |
2937 | if ((r = kex_setup(active_state, myproposal)) != 0) | 3178 | if ((r = kex_setup(active_state, myproposal)) != 0) |
2938 | fatal("kex_setup: %s", ssh_err(r)); | 3179 | fatal("kex_setup: %s", ssh_err(r)); |
2939 | @@ -2585,6 +2688,13 @@ do_ssh2_kex(void) | 3180 | @@ -2648,6 +2751,13 @@ do_ssh2_kex(void) |
2940 | # endif | 3181 | # endif |
2941 | #endif | 3182 | #endif |
2942 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 3183 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; |
@@ -2951,10 +3192,10 @@ index 430569c..5cd9129 100644 | |||
2951 | kex->client_version_string=client_version_string; | 3192 | kex->client_version_string=client_version_string; |
2952 | kex->server_version_string=server_version_string; | 3193 | kex->server_version_string=server_version_string; |
2953 | diff --git a/sshd_config b/sshd_config | 3194 | diff --git a/sshd_config b/sshd_config |
2954 | index a848d73..f103298 100644 | 3195 | index 75ae8e7..3fe3e01 100644 |
2955 | --- a/sshd_config | 3196 | --- a/sshd_config |
2956 | +++ b/sshd_config | 3197 | +++ b/sshd_config |
2957 | @@ -84,6 +84,8 @@ AuthorizedKeysFile .ssh/authorized_keys | 3198 | @@ -83,6 +83,8 @@ AuthorizedKeysFile .ssh/authorized_keys |
2958 | # GSSAPI options | 3199 | # GSSAPI options |
2959 | #GSSAPIAuthentication no | 3200 | #GSSAPIAuthentication no |
2960 | #GSSAPICleanupCredentials yes | 3201 | #GSSAPICleanupCredentials yes |
@@ -2964,10 +3205,10 @@ index a848d73..f103298 100644 | |||
2964 | # Set this to 'yes' to enable PAM authentication, account processing, | 3205 | # Set this to 'yes' to enable PAM authentication, account processing, |
2965 | # and session processing. If this is enabled, PAM authentication will | 3206 | # and session processing. If this is enabled, PAM authentication will |
2966 | diff --git a/sshd_config.5 b/sshd_config.5 | 3207 | diff --git a/sshd_config.5 b/sshd_config.5 |
2967 | index a37a3ac..c6d6858 100644 | 3208 | index 1bc26ec..3b4cba9 100644 |
2968 | --- a/sshd_config.5 | 3209 | --- a/sshd_config.5 |
2969 | +++ b/sshd_config.5 | 3210 | +++ b/sshd_config.5 |
2970 | @@ -623,6 +623,11 @@ The default is | 3211 | @@ -632,6 +632,11 @@ The default is |
2971 | Specifies whether user authentication based on GSSAPI is allowed. | 3212 | Specifies whether user authentication based on GSSAPI is allowed. |
2972 | The default is | 3213 | The default is |
2973 | .Dq no . | 3214 | .Dq no . |
@@ -2979,7 +3220,7 @@ index a37a3ac..c6d6858 100644 | |||
2979 | .It Cm GSSAPICleanupCredentials | 3220 | .It Cm GSSAPICleanupCredentials |
2980 | Specifies whether to automatically destroy the user's credentials cache | 3221 | Specifies whether to automatically destroy the user's credentials cache |
2981 | on logout. | 3222 | on logout. |
2982 | @@ -643,6 +648,11 @@ machine's default store. | 3223 | @@ -652,6 +657,11 @@ machine's default store. |
2983 | This facility is provided to assist with operation on multi homed machines. | 3224 | This facility is provided to assist with operation on multi homed machines. |
2984 | The default is | 3225 | The default is |
2985 | .Dq yes . | 3226 | .Dq yes . |
@@ -2992,7 +3233,7 @@ index a37a3ac..c6d6858 100644 | |||
2992 | Specifies the key types that will be accepted for hostbased authentication | 3233 | Specifies the key types that will be accepted for hostbased authentication |
2993 | as a comma-separated pattern list. | 3234 | as a comma-separated pattern list. |
2994 | diff --git a/sshkey.c b/sshkey.c | 3235 | diff --git a/sshkey.c b/sshkey.c |
2995 | index 87b093e..e595b11 100644 | 3236 | index c9f04cd..558bbbe 100644 |
2996 | --- a/sshkey.c | 3237 | --- a/sshkey.c |
2997 | +++ b/sshkey.c | 3238 | +++ b/sshkey.c |
2998 | @@ -115,6 +115,7 @@ static const struct keytype keytypes[] = { | 3239 | @@ -115,6 +115,7 @@ static const struct keytype keytypes[] = { |
@@ -3013,7 +3254,7 @@ index 87b093e..e595b11 100644 | |||
3013 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) | 3254 | if ((certs_only && !kt->cert) || (plain_only && kt->cert)) |
3014 | continue; | 3255 | continue; |
3015 | diff --git a/sshkey.h b/sshkey.h | 3256 | diff --git a/sshkey.h b/sshkey.h |
3016 | index a20a14f..2259cbb 100644 | 3257 | index 8c3d866..e0caa37 100644 |
3017 | --- a/sshkey.h | 3258 | --- a/sshkey.h |
3018 | +++ b/sshkey.h | 3259 | +++ b/sshkey.h |
3019 | @@ -62,6 +62,7 @@ enum sshkey_types { | 3260 | @@ -62,6 +62,7 @@ enum sshkey_types { |
diff --git a/debian/patches/helpful-wait-terminate.patch b/debian/patches/helpful-wait-terminate.patch index 8ebbf1fbc..a990ca1ea 100644 --- a/debian/patches/helpful-wait-terminate.patch +++ b/debian/patches/helpful-wait-terminate.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 2b2c5ff34efa305e141130466260ca97f3a429ff Mon Sep 17 00:00:00 2001 | 1 | From 173d65e72989cba82502604da3f1336766c0cf0f Mon Sep 17 00:00:00 2001 |
2 | From: Matthew Vernon <matthew@debian.org> | 2 | From: Matthew Vernon <matthew@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:56 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:56 +0000 |
4 | Subject: Mention ~& when waiting for forwarded connections to terminate | 4 | Subject: Mention ~& when waiting for forwarded connections to terminate |
@@ -12,10 +12,10 @@ Patch-Name: helpful-wait-terminate.patch | |||
12 | 1 file changed, 1 insertion(+), 1 deletion(-) | 12 | 1 file changed, 1 insertion(+), 1 deletion(-) |
13 | 13 | ||
14 | diff --git a/serverloop.c b/serverloop.c | 14 | diff --git a/serverloop.c b/serverloop.c |
15 | index 80d1db5..830f885 100644 | 15 | index 3563e5d..c4e1d1d 100644 |
16 | --- a/serverloop.c | 16 | --- a/serverloop.c |
17 | +++ b/serverloop.c | 17 | +++ b/serverloop.c |
18 | @@ -683,7 +683,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) | 18 | @@ -687,7 +687,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) |
19 | if (!channel_still_open()) | 19 | if (!channel_still_open()) |
20 | break; | 20 | break; |
21 | if (!waiting_termination) { | 21 | if (!waiting_termination) { |
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch index bc798582d..14ab7d34f 100644 --- a/debian/patches/keepalive-extensions.patch +++ b/debian/patches/keepalive-extensions.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From c7c5d5805bd2a58fcab69da87daa53259db06d81 Mon Sep 17 00:00:00 2001 | 1 | From 67c34f23edbcd0f39ebc2aadae9d33950bd1f98a Mon Sep 17 00:00:00 2001 |
2 | From: Richard Kettlewell <rjk@greenend.org.uk> | 2 | From: Richard Kettlewell <rjk@greenend.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 |
4 | Subject: Various keepalive extensions | 4 | Subject: Various keepalive extensions |
@@ -26,27 +26,27 @@ Patch-Name: keepalive-extensions.patch | |||
26 | 3 files changed, 34 insertions(+), 4 deletions(-) | 26 | 3 files changed, 34 insertions(+), 4 deletions(-) |
27 | 27 | ||
28 | diff --git a/readconf.c b/readconf.c | 28 | diff --git a/readconf.c b/readconf.c |
29 | index 559e4c7..fde6b41 100644 | 29 | index c0b7822..3a6c67b 100644 |
30 | --- a/readconf.c | 30 | --- a/readconf.c |
31 | +++ b/readconf.c | 31 | +++ b/readconf.c |
32 | @@ -161,6 +161,7 @@ typedef enum { | 32 | @@ -173,6 +173,7 @@ typedef enum { |
33 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, | 33 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
34 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, | 34 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
35 | oPubkeyAcceptedKeyTypes, | 35 | oPubkeyAcceptedKeyTypes, oProxyJump, |
36 | + oProtocolKeepAlives, oSetupTimeOut, | 36 | + oProtocolKeepAlives, oSetupTimeOut, |
37 | oIgnoredUnknownOption, oDeprecated, oUnsupported | 37 | oIgnoredUnknownOption, oDeprecated, oUnsupported |
38 | } OpCodes; | 38 | } OpCodes; |
39 | 39 | ||
40 | @@ -293,6 +294,8 @@ static struct { | 40 | @@ -308,6 +309,8 @@ static struct { |
41 | { "hostbasedkeytypes", oHostbasedKeyTypes }, | ||
42 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, | 41 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, |
43 | { "ignoreunknown", oIgnoreUnknown }, | 42 | { "ignoreunknown", oIgnoreUnknown }, |
43 | { "proxyjump", oProxyJump }, | ||
44 | + { "protocolkeepalives", oProtocolKeepAlives }, | 44 | + { "protocolkeepalives", oProtocolKeepAlives }, |
45 | + { "setuptimeout", oSetupTimeOut }, | 45 | + { "setuptimeout", oSetupTimeOut }, |
46 | 46 | ||
47 | { NULL, oBadOption } | 47 | { NULL, oBadOption } |
48 | }; | 48 | }; |
49 | @@ -1350,6 +1353,8 @@ parse_keytypes: | 49 | @@ -1403,6 +1406,8 @@ parse_keytypes: |
50 | goto parse_flag; | 50 | goto parse_flag; |
51 | 51 | ||
52 | case oServerAliveInterval: | 52 | case oServerAliveInterval: |
@@ -55,7 +55,7 @@ index 559e4c7..fde6b41 100644 | |||
55 | intptr = &options->server_alive_interval; | 55 | intptr = &options->server_alive_interval; |
56 | goto parse_time; | 56 | goto parse_time; |
57 | 57 | ||
58 | @@ -1906,8 +1911,13 @@ fill_default_options(Options * options) | 58 | @@ -2048,8 +2053,13 @@ fill_default_options(Options * options) |
59 | options->rekey_interval = 0; | 59 | options->rekey_interval = 0; |
60 | if (options->verify_host_key_dns == -1) | 60 | if (options->verify_host_key_dns == -1) |
61 | options->verify_host_key_dns = 0; | 61 | options->verify_host_key_dns = 0; |
@@ -72,7 +72,7 @@ index 559e4c7..fde6b41 100644 | |||
72 | options->server_alive_count_max = 3; | 72 | options->server_alive_count_max = 3; |
73 | if (options->control_master == -1) | 73 | if (options->control_master == -1) |
74 | diff --git a/ssh_config.5 b/ssh_config.5 | 74 | diff --git a/ssh_config.5 b/ssh_config.5 |
75 | index 9060d5b..bbf638b 100644 | 75 | index 707d0e1..efc265a 100644 |
76 | --- a/ssh_config.5 | 76 | --- a/ssh_config.5 |
77 | +++ b/ssh_config.5 | 77 | +++ b/ssh_config.5 |
78 | @@ -268,8 +268,12 @@ The default is | 78 | @@ -268,8 +268,12 @@ The default is |
@@ -89,7 +89,7 @@ index 9060d5b..bbf638b 100644 | |||
89 | The argument must be | 89 | The argument must be |
90 | .Dq yes | 90 | .Dq yes |
91 | or | 91 | or |
92 | @@ -1551,7 +1555,14 @@ from the server, | 92 | @@ -1624,7 +1628,14 @@ from the server, |
93 | will send a message through the encrypted | 93 | will send a message through the encrypted |
94 | channel to request a response from the server. | 94 | channel to request a response from the server. |
95 | The default | 95 | The default |
@@ -105,7 +105,7 @@ index 9060d5b..bbf638b 100644 | |||
105 | .It Cm StreamLocalBindMask | 105 | .It Cm StreamLocalBindMask |
106 | Sets the octal file creation mode mask | 106 | Sets the octal file creation mode mask |
107 | .Pq umask | 107 | .Pq umask |
108 | @@ -1617,6 +1628,12 @@ Specifies whether the system should send TCP keepalive messages to the | 108 | @@ -1690,6 +1701,12 @@ Specifies whether the system should send TCP keepalive messages to the |
109 | other side. | 109 | other side. |
110 | If they are sent, death of the connection or crash of one | 110 | If they are sent, death of the connection or crash of one |
111 | of the machines will be properly noticed. | 111 | of the machines will be properly noticed. |
@@ -119,10 +119,10 @@ index 9060d5b..bbf638b 100644 | |||
119 | connections will die if the route is down temporarily, and some people | 119 | connections will die if the route is down temporarily, and some people |
120 | find it annoying. | 120 | find it annoying. |
121 | diff --git a/sshd_config.5 b/sshd_config.5 | 121 | diff --git a/sshd_config.5 b/sshd_config.5 |
122 | index c6d6858..bc79a66 100644 | 122 | index 3b4cba9..e05cdbe 100644 |
123 | --- a/sshd_config.5 | 123 | --- a/sshd_config.5 |
124 | +++ b/sshd_config.5 | 124 | +++ b/sshd_config.5 |
125 | @@ -1518,6 +1518,9 @@ This avoids infinitely hanging sessions. | 125 | @@ -1530,6 +1530,9 @@ This avoids infinitely hanging sessions. |
126 | .Pp | 126 | .Pp |
127 | To disable TCP keepalive messages, the value should be set to | 127 | To disable TCP keepalive messages, the value should be set to |
128 | .Dq no . | 128 | .Dq no . |
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch index 80f9b78e0..12dbaf853 100644 --- a/debian/patches/mention-ssh-keygen-on-keychange.patch +++ b/debian/patches/mention-ssh-keygen-on-keychange.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 4dc338b2703dd6169cecdbe3388c92f4cc2fc119 Mon Sep 17 00:00:00 2001 | 1 | From 6a1979d97fbde734a745b5123130fed669bfb145 Mon Sep 17 00:00:00 2001 |
2 | From: Scott Moser <smoser@ubuntu.com> | 2 | From: Scott Moser <smoser@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 |
4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning | 4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning |
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch index a53f6dee1..8503c5854 100644 --- a/debian/patches/no-openssl-version-status.patch +++ b/debian/patches/no-openssl-version-status.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d3362ea5419b16b81eb171436b95b51beedb9242 Mon Sep 17 00:00:00 2001 | 1 | From e7d4050d9077603c20a93bdfd6b99cd419d69f1c Mon Sep 17 00:00:00 2001 |
2 | From: Kurt Roeckx <kurt@roeckx.be> | 2 | From: Kurt Roeckx <kurt@roeckx.be> |
3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 |
4 | Subject: Don't check the status field of the OpenSSL version | 4 | Subject: Don't check the status field of the OpenSSL version |
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch index 6027ca645..771e77216 100644 --- a/debian/patches/openbsd-docs.patch +++ b/debian/patches/openbsd-docs.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9d764f08fd01fa5c62a7cbff66165bc5d5ffb637 Mon Sep 17 00:00:00 2001 | 1 | From ab7ae820a882c8a51b06ec0b3522813b4e90eeff Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 |
4 | Subject: Adjust various OpenBSD-specific references in manual pages | 4 | Subject: Adjust various OpenBSD-specific references in manual pages |
@@ -44,7 +44,7 @@ index ef0de08..149846c 100644 | |||
44 | .Sh SEE ALSO | 44 | .Sh SEE ALSO |
45 | .Xr ssh-keygen 1 , | 45 | .Xr ssh-keygen 1 , |
46 | diff --git a/ssh-keygen.1 b/ssh-keygen.1 | 46 | diff --git a/ssh-keygen.1 b/ssh-keygen.1 |
47 | index 37a4fc2..24bed5f 100644 | 47 | index ce2213c..01711df 100644 |
48 | --- a/ssh-keygen.1 | 48 | --- a/ssh-keygen.1 |
49 | +++ b/ssh-keygen.1 | 49 | +++ b/ssh-keygen.1 |
50 | @@ -178,9 +178,7 @@ key in | 50 | @@ -178,9 +178,7 @@ key in |
@@ -69,7 +69,7 @@ index 37a4fc2..24bed5f 100644 | |||
69 | .It Fl a Ar rounds | 69 | .It Fl a Ar rounds |
70 | When saving a new-format private key (i.e. an ed25519 key or any SSH protocol | 70 | When saving a new-format private key (i.e. an ed25519 key or any SSH protocol |
71 | 2 key when the | 71 | 2 key when the |
72 | @@ -642,7 +638,7 @@ option. | 72 | @@ -644,7 +640,7 @@ option. |
73 | Valid generator values are 2, 3, and 5. | 73 | Valid generator values are 2, 3, and 5. |
74 | .Pp | 74 | .Pp |
75 | Screened DH groups may be installed in | 75 | Screened DH groups may be installed in |
@@ -78,7 +78,7 @@ index 37a4fc2..24bed5f 100644 | |||
78 | It is important that this file contains moduli of a range of bit lengths and | 78 | It is important that this file contains moduli of a range of bit lengths and |
79 | that both ends of a connection share common moduli. | 79 | that both ends of a connection share common moduli. |
80 | .Sh CERTIFICATES | 80 | .Sh CERTIFICATES |
81 | @@ -841,7 +837,7 @@ on all machines | 81 | @@ -843,7 +839,7 @@ on all machines |
82 | where the user wishes to log in using public key authentication. | 82 | where the user wishes to log in using public key authentication. |
83 | There is no need to keep the contents of this file secret. | 83 | There is no need to keep the contents of this file secret. |
84 | .Pp | 84 | .Pp |
@@ -88,10 +88,10 @@ index 37a4fc2..24bed5f 100644 | |||
88 | The file format is described in | 88 | The file format is described in |
89 | .Xr moduli 5 . | 89 | .Xr moduli 5 . |
90 | diff --git a/ssh.1 b/ssh.1 | 90 | diff --git a/ssh.1 b/ssh.1 |
91 | index feb0e89..41e0aab 100644 | 91 | index feef81a..b1f128c 100644 |
92 | --- a/ssh.1 | 92 | --- a/ssh.1 |
93 | +++ b/ssh.1 | 93 | +++ b/ssh.1 |
94 | @@ -852,6 +852,10 @@ implements public key authentication protocol automatically, | 94 | @@ -877,6 +877,10 @@ implements public key authentication protocol automatically, |
95 | using one of the DSA, ECDSA, Ed25519 or RSA algorithms. | 95 | using one of the DSA, ECDSA, Ed25519 or RSA algorithms. |
96 | The HISTORY section of | 96 | The HISTORY section of |
97 | .Xr ssl 8 | 97 | .Xr ssl 8 |
@@ -133,10 +133,10 @@ index 589841f..58eefe9 100644 | |||
133 | .Xr sshd_config 5 , | 133 | .Xr sshd_config 5 , |
134 | .Xr inetd 8 , | 134 | .Xr inetd 8 , |
135 | diff --git a/sshd_config.5 b/sshd_config.5 | 135 | diff --git a/sshd_config.5 b/sshd_config.5 |
136 | index b565640..4d255e5 100644 | 136 | index ac9b1f0..b2b349e 100644 |
137 | --- a/sshd_config.5 | 137 | --- a/sshd_config.5 |
138 | +++ b/sshd_config.5 | 138 | +++ b/sshd_config.5 |
139 | @@ -375,8 +375,7 @@ then no banner is displayed. | 139 | @@ -382,8 +382,7 @@ then no banner is displayed. |
140 | By default, no banner is displayed. | 140 | By default, no banner is displayed. |
141 | .It Cm ChallengeResponseAuthentication | 141 | .It Cm ChallengeResponseAuthentication |
142 | Specifies whether challenge-response authentication is allowed (e.g. via | 142 | Specifies whether challenge-response authentication is allowed (e.g. via |
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch index 58c57dbac..efc629b71 100644 --- a/debian/patches/package-versioning.patch +++ b/debian/patches/package-versioning.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 81e52d59797c24edadc36f0f90f96387976a82c0 Mon Sep 17 00:00:00 2001 | 1 | From c8105413361d3c97b6a2f72c9f1c85da830bed2c Mon Sep 17 00:00:00 2001 |
2 | From: Matthew Vernon <matthew@debian.org> | 2 | From: Matthew Vernon <matthew@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 |
4 | Subject: Include the Debian version in our identification | 4 | Subject: Include the Debian version in our identification |
@@ -36,10 +36,10 @@ index fd67727..07dfc9d 100644 | |||
36 | if (atomicio(vwrite, connection_out, client_version_string, | 36 | if (atomicio(vwrite, connection_out, client_version_string, |
37 | strlen(client_version_string)) != strlen(client_version_string)) | 37 | strlen(client_version_string)) != strlen(client_version_string)) |
38 | diff --git a/sshd.c b/sshd.c | 38 | diff --git a/sshd.c b/sshd.c |
39 | index bb093cc..c762190 100644 | 39 | index 76306da..e873557 100644 |
40 | --- a/sshd.c | 40 | --- a/sshd.c |
41 | +++ b/sshd.c | 41 | +++ b/sshd.c |
42 | @@ -442,7 +442,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | 42 | @@ -443,7 +443,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) |
43 | } | 43 | } |
44 | 44 | ||
45 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", | 45 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", |
@@ -49,13 +49,13 @@ index bb093cc..c762190 100644 | |||
49 | options.version_addendum, newline); | 49 | options.version_addendum, newline); |
50 | 50 | ||
51 | diff --git a/version.h b/version.h | 51 | diff --git a/version.h b/version.h |
52 | index eb4e948..0840a1a 100644 | 52 | index 617ab62..fb81655 100644 |
53 | --- a/version.h | 53 | --- a/version.h |
54 | +++ b/version.h | 54 | +++ b/version.h |
55 | @@ -3,4 +3,9 @@ | 55 | @@ -3,4 +3,9 @@ |
56 | #define SSH_VERSION "OpenSSH_7.2" | 56 | #define SSH_VERSION "OpenSSH_7.3" |
57 | 57 | ||
58 | #define SSH_PORTABLE "p2" | 58 | #define SSH_PORTABLE "p1" |
59 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE | 59 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE |
60 | +#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE | 60 | +#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE |
61 | +#ifdef SSH_EXTRAVERSION | 61 | +#ifdef SSH_EXTRAVERSION |
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch index b085e5e08..36c366d95 100644 --- a/debian/patches/quieter-signals.patch +++ b/debian/patches/quieter-signals.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From f1e898fb6e470f99c3e64313c6f9fce08eb94e80 Mon Sep 17 00:00:00 2001 | 1 | From 8eeec10866f78acd021824225e9d62e4a18fc2c3 Mon Sep 17 00:00:00 2001 |
2 | From: Peter Samuelson <peter@p12n.org> | 2 | From: Peter Samuelson <peter@p12n.org> |
3 | Date: Sun, 9 Feb 2014 16:09:55 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:55 +0000 |
4 | Subject: Reduce severity of "Killed by signal %d" | 4 | Subject: Reduce severity of "Killed by signal %d" |
@@ -22,10 +22,10 @@ Patch-Name: quieter-signals.patch | |||
22 | 1 file changed, 4 insertions(+), 2 deletions(-) | 22 | 1 file changed, 4 insertions(+), 2 deletions(-) |
23 | 23 | ||
24 | diff --git a/clientloop.c b/clientloop.c | 24 | diff --git a/clientloop.c b/clientloop.c |
25 | index 1567e4a..3b6cacb 100644 | 25 | index 421241f..e5cc3f8 100644 |
26 | --- a/clientloop.c | 26 | --- a/clientloop.c |
27 | +++ b/clientloop.c | 27 | +++ b/clientloop.c |
28 | @@ -1753,8 +1753,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | 28 | @@ -1757,8 +1757,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) |
29 | exit_status = 0; | 29 | exit_status = 0; |
30 | } | 30 | } |
31 | 31 | ||
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch index 4607d5f53..bf3a575ad 100644 --- a/debian/patches/restore-tcp-wrappers.patch +++ b/debian/patches/restore-tcp-wrappers.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 0031968609564a15294c39d2519201741664905d Mon Sep 17 00:00:00 2001 | 1 | From c027de5eb3e6cb1718990841c2a9cbc89fd53151 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 | 3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 |
4 | Subject: Restore TCP wrappers support | 4 | Subject: Restore TCP wrappers support |
@@ -28,10 +28,10 @@ Patch-Name: restore-tcp-wrappers.patch | |||
28 | 3 files changed, 89 insertions(+) | 28 | 3 files changed, 89 insertions(+) |
29 | 29 | ||
30 | diff --git a/configure.ac b/configure.ac | 30 | diff --git a/configure.ac b/configure.ac |
31 | index 5f1ff74..5d720f7 100644 | 31 | index 894ec3b..f822fb3 100644 |
32 | --- a/configure.ac | 32 | --- a/configure.ac |
33 | +++ b/configure.ac | 33 | +++ b/configure.ac |
34 | @@ -1481,6 +1481,62 @@ AC_ARG_WITH([skey], | 34 | @@ -1510,6 +1510,62 @@ AC_ARG_WITH([skey], |
35 | ] | 35 | ] |
36 | ) | 36 | ) |
37 | 37 | ||
@@ -94,7 +94,7 @@ index 5f1ff74..5d720f7 100644 | |||
94 | # Check whether user wants to use ldns | 94 | # Check whether user wants to use ldns |
95 | LDNS_MSG="no" | 95 | LDNS_MSG="no" |
96 | AC_ARG_WITH(ldns, | 96 | AC_ARG_WITH(ldns, |
97 | @@ -5003,6 +5059,7 @@ echo " KerberosV support: $KRB5_MSG" | 97 | @@ -5059,6 +5115,7 @@ echo " KerberosV support: $KRB5_MSG" |
98 | echo " SELinux support: $SELINUX_MSG" | 98 | echo " SELinux support: $SELINUX_MSG" |
99 | echo " Smartcard support: $SCARD_MSG" | 99 | echo " Smartcard support: $SCARD_MSG" |
100 | echo " S/KEY support: $SKEY_MSG" | 100 | echo " S/KEY support: $SKEY_MSG" |
@@ -128,7 +128,7 @@ index 6c521f2..589841f 100644 | |||
128 | .Xr moduli 5 , | 128 | .Xr moduli 5 , |
129 | .Xr sshd_config 5 , | 129 | .Xr sshd_config 5 , |
130 | diff --git a/sshd.c b/sshd.c | 130 | diff --git a/sshd.c b/sshd.c |
131 | index 5cd9129..d1dd711 100644 | 131 | index ebb88c7..982e545 100644 |
132 | --- a/sshd.c | 132 | --- a/sshd.c |
133 | +++ b/sshd.c | 133 | +++ b/sshd.c |
134 | @@ -129,6 +129,13 @@ | 134 | @@ -129,6 +129,13 @@ |
@@ -145,7 +145,7 @@ index 5cd9129..d1dd711 100644 | |||
145 | #ifndef O_NOCTTY | 145 | #ifndef O_NOCTTY |
146 | #define O_NOCTTY 0 | 146 | #define O_NOCTTY 0 |
147 | #endif | 147 | #endif |
148 | @@ -2151,6 +2158,24 @@ main(int ac, char **av) | 148 | @@ -2207,6 +2214,24 @@ main(int ac, char **av) |
149 | #ifdef SSH_AUDIT_EVENTS | 149 | #ifdef SSH_AUDIT_EVENTS |
150 | audit_connection_from(remote_ip, remote_port); | 150 | audit_connection_from(remote_ip, remote_port); |
151 | #endif | 151 | #endif |
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch index 1ad0d11e2..2efc40e07 100644 --- a/debian/patches/scp-quoting.patch +++ b/debian/patches/scp-quoting.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From eca335b47f5cf4adfc64cd17096f83d546fa91da Mon Sep 17 00:00:00 2001 | 1 | From 119936d7b64829f81cbc84c2e81bf23373c6ed37 Mon Sep 17 00:00:00 2001 |
2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> | 2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 |
4 | Subject: Adjust scp quoting in verbose mode | 4 | Subject: Adjust scp quoting in verbose mode |
@@ -17,24 +17,24 @@ Patch-Name: scp-quoting.patch | |||
17 | 1 file changed, 10 insertions(+), 2 deletions(-) | 17 | 1 file changed, 10 insertions(+), 2 deletions(-) |
18 | 18 | ||
19 | diff --git a/scp.c b/scp.c | 19 | diff --git a/scp.c b/scp.c |
20 | index 0bdd7cb..51bc2b7 100644 | 20 | index 43ca3fa..4a7f73a 100644 |
21 | --- a/scp.c | 21 | --- a/scp.c |
22 | +++ b/scp.c | 22 | +++ b/scp.c |
23 | @@ -190,8 +190,16 @@ do_local_cmd(arglist *a) | 23 | @@ -192,8 +192,16 @@ do_local_cmd(arglist *a) |
24 | 24 | ||
25 | if (verbose_mode) { | 25 | if (verbose_mode) { |
26 | fprintf(stderr, "Executing:"); | 26 | fprintf(stderr, "Executing:"); |
27 | - for (i = 0; i < a->num; i++) | 27 | - for (i = 0; i < a->num; i++) |
28 | - fprintf(stderr, " %s", a->list[i]); | 28 | - fmprintf(stderr, " %s", a->list[i]); |
29 | + for (i = 0; i < a->num; i++) { | 29 | + for (i = 0; i < a->num; i++) { |
30 | + if (i == 0) | 30 | + if (i == 0) |
31 | + fprintf(stderr, " %s", a->list[i]); | 31 | + fmprintf(stderr, " %s", a->list[i]); |
32 | + else | 32 | + else |
33 | + /* | 33 | + /* |
34 | + * TODO: misbehaves if a->list[i] contains a | 34 | + * TODO: misbehaves if a->list[i] contains a |
35 | + * single quote | 35 | + * single quote |
36 | + */ | 36 | + */ |
37 | + fprintf(stderr, " '%s'", a->list[i]); | 37 | + fmprintf(stderr, " '%s'", a->list[i]); |
38 | + } | 38 | + } |
39 | fprintf(stderr, "\n"); | 39 | fprintf(stderr, "\n"); |
40 | } | 40 | } |
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index fea289291..bcb61480d 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 206bdbf6bcc95e589effa11695aff2c6b9327e11 Mon Sep 17 00:00:00 2001 | 1 | From 7a7851c903e5dbb58a85014deb2c88cb718068c9 Mon Sep 17 00:00:00 2001 |
2 | From: Manoj Srivastava <srivasta@debian.org> | 2 | From: Manoj Srivastava <srivasta@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 |
4 | Subject: Handle SELinux authorisation roles | 4 | Subject: Handle SELinux authorisation roles |
@@ -32,7 +32,7 @@ Patch-Name: selinux-role.patch | |||
32 | 16 files changed, 104 insertions(+), 31 deletions(-) | 32 | 16 files changed, 104 insertions(+), 31 deletions(-) |
33 | 33 | ||
34 | diff --git a/auth.h b/auth.h | 34 | diff --git a/auth.h b/auth.h |
35 | index 2160154..3b3a085 100644 | 35 | index 55170af..50baeaa 100644 |
36 | --- a/auth.h | 36 | --- a/auth.h |
37 | +++ b/auth.h | 37 | +++ b/auth.h |
38 | @@ -62,6 +62,7 @@ struct Authctxt { | 38 | @@ -62,6 +62,7 @@ struct Authctxt { |
@@ -75,7 +75,7 @@ index 5073c49..dd00648 100644 | |||
75 | /* Verify that the user is a valid user. */ | 75 | /* Verify that the user is a valid user. */ |
76 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) | 76 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) |
77 | diff --git a/auth2.c b/auth2.c | 77 | diff --git a/auth2.c b/auth2.c |
78 | index 3f49bdc..6eb3cc7 100644 | 78 | index ce0d376..461311b 100644 |
79 | --- a/auth2.c | 79 | --- a/auth2.c |
80 | +++ b/auth2.c | 80 | +++ b/auth2.c |
81 | @@ -216,7 +216,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | 81 | @@ -216,7 +216,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) |
@@ -113,10 +113,10 @@ index 3f49bdc..6eb3cc7 100644 | |||
113 | if (auth2_setup_methods_lists(authctxt) != 0) | 113 | if (auth2_setup_methods_lists(authctxt) != 0) |
114 | packet_disconnect("no authentication methods enabled"); | 114 | packet_disconnect("no authentication methods enabled"); |
115 | diff --git a/monitor.c b/monitor.c | 115 | diff --git a/monitor.c b/monitor.c |
116 | index 6c82023..5be3fbf 100644 | 116 | index 05bb48a..e91054e 100644 |
117 | --- a/monitor.c | 117 | --- a/monitor.c |
118 | +++ b/monitor.c | 118 | +++ b/monitor.c |
119 | @@ -126,6 +126,7 @@ int mm_answer_sign(int, Buffer *); | 119 | @@ -128,6 +128,7 @@ int mm_answer_sign(int, Buffer *); |
120 | int mm_answer_pwnamallow(int, Buffer *); | 120 | int mm_answer_pwnamallow(int, Buffer *); |
121 | int mm_answer_auth2_read_banner(int, Buffer *); | 121 | int mm_answer_auth2_read_banner(int, Buffer *); |
122 | int mm_answer_authserv(int, Buffer *); | 122 | int mm_answer_authserv(int, Buffer *); |
@@ -124,7 +124,7 @@ index 6c82023..5be3fbf 100644 | |||
124 | int mm_answer_authpassword(int, Buffer *); | 124 | int mm_answer_authpassword(int, Buffer *); |
125 | int mm_answer_bsdauthquery(int, Buffer *); | 125 | int mm_answer_bsdauthquery(int, Buffer *); |
126 | int mm_answer_bsdauthrespond(int, Buffer *); | 126 | int mm_answer_bsdauthrespond(int, Buffer *); |
127 | @@ -207,6 +208,7 @@ struct mon_table mon_dispatch_proto20[] = { | 127 | @@ -209,6 +210,7 @@ struct mon_table mon_dispatch_proto20[] = { |
128 | {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, | 128 | {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, |
129 | {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, | 129 | {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, |
130 | {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, | 130 | {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, |
@@ -132,7 +132,7 @@ index 6c82023..5be3fbf 100644 | |||
132 | {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, | 132 | {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, |
133 | {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, | 133 | {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, |
134 | #ifdef USE_PAM | 134 | #ifdef USE_PAM |
135 | @@ -875,6 +877,7 @@ mm_answer_pwnamallow(int sock, Buffer *m) | 135 | @@ -880,6 +882,7 @@ mm_answer_pwnamallow(int sock, Buffer *m) |
136 | else { | 136 | else { |
137 | /* Allow service/style information on the auth context */ | 137 | /* Allow service/style information on the auth context */ |
138 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); | 138 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); |
@@ -140,7 +140,7 @@ index 6c82023..5be3fbf 100644 | |||
140 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); | 140 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); |
141 | } | 141 | } |
142 | #ifdef USE_PAM | 142 | #ifdef USE_PAM |
143 | @@ -905,14 +908,37 @@ mm_answer_authserv(int sock, Buffer *m) | 143 | @@ -910,14 +913,37 @@ mm_answer_authserv(int sock, Buffer *m) |
144 | 144 | ||
145 | authctxt->service = buffer_get_string(m, NULL); | 145 | authctxt->service = buffer_get_string(m, NULL); |
146 | authctxt->style = buffer_get_string(m, NULL); | 146 | authctxt->style = buffer_get_string(m, NULL); |
@@ -180,7 +180,7 @@ index 6c82023..5be3fbf 100644 | |||
180 | return (0); | 180 | return (0); |
181 | } | 181 | } |
182 | 182 | ||
183 | @@ -1541,7 +1567,7 @@ mm_answer_pty(int sock, Buffer *m) | 183 | @@ -1553,7 +1579,7 @@ mm_answer_pty(int sock, Buffer *m) |
184 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); | 184 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); |
185 | if (res == 0) | 185 | if (res == 0) |
186 | goto error; | 186 | goto error; |
@@ -203,10 +203,10 @@ index bc50ade..2d82b8b 100644 | |||
203 | 203 | ||
204 | struct mm_master; | 204 | struct mm_master; |
205 | diff --git a/monitor_wrap.c b/monitor_wrap.c | 205 | diff --git a/monitor_wrap.c b/monitor_wrap.c |
206 | index 74fbd2e..eaf0a12 100644 | 206 | index 5a9f1b5..11e3a69 100644 |
207 | --- a/monitor_wrap.c | 207 | --- a/monitor_wrap.c |
208 | +++ b/monitor_wrap.c | 208 | +++ b/monitor_wrap.c |
209 | @@ -327,10 +327,10 @@ mm_auth2_read_banner(void) | 209 | @@ -328,10 +328,10 @@ mm_auth2_read_banner(void) |
210 | return (banner); | 210 | return (banner); |
211 | } | 211 | } |
212 | 212 | ||
@@ -219,7 +219,7 @@ index 74fbd2e..eaf0a12 100644 | |||
219 | { | 219 | { |
220 | Buffer m; | 220 | Buffer m; |
221 | 221 | ||
222 | @@ -339,12 +339,30 @@ mm_inform_authserv(char *service, char *style) | 222 | @@ -340,12 +340,30 @@ mm_inform_authserv(char *service, char *style) |
223 | buffer_init(&m); | 223 | buffer_init(&m); |
224 | buffer_put_cstring(&m, service); | 224 | buffer_put_cstring(&m, service); |
225 | buffer_put_cstring(&m, style ? style : ""); | 225 | buffer_put_cstring(&m, style ? style : ""); |
@@ -251,7 +251,7 @@ index 74fbd2e..eaf0a12 100644 | |||
251 | int | 251 | int |
252 | mm_auth_password(Authctxt *authctxt, char *password) | 252 | mm_auth_password(Authctxt *authctxt, char *password) |
253 | diff --git a/monitor_wrap.h b/monitor_wrap.h | 253 | diff --git a/monitor_wrap.h b/monitor_wrap.h |
254 | index 403f8d0..d9de551 100644 | 254 | index b5414c2..d5b3334 100644 |
255 | --- a/monitor_wrap.h | 255 | --- a/monitor_wrap.h |
256 | +++ b/monitor_wrap.h | 256 | +++ b/monitor_wrap.h |
257 | @@ -41,7 +41,8 @@ void mm_log_handler(LogLevel, const char *, void *); | 257 | @@ -41,7 +41,8 @@ void mm_log_handler(LogLevel, const char *, void *); |
@@ -361,10 +361,10 @@ index e3d1004..80ce13a 100644 | |||
361 | void ssh_selinux_setfscreatecon(const char *); | 361 | void ssh_selinux_setfscreatecon(const char *); |
362 | #endif | 362 | #endif |
363 | diff --git a/platform.c b/platform.c | 363 | diff --git a/platform.c b/platform.c |
364 | index ee313da..f35ec39 100644 | 364 | index acf8554..4831706 100644 |
365 | --- a/platform.c | 365 | --- a/platform.c |
366 | +++ b/platform.c | 366 | +++ b/platform.c |
367 | @@ -143,7 +143,7 @@ platform_setusercontext(struct passwd *pw) | 367 | @@ -145,7 +145,7 @@ platform_setusercontext(struct passwd *pw) |
368 | * called if sshd is running as root. | 368 | * called if sshd is running as root. |
369 | */ | 369 | */ |
370 | void | 370 | void |
@@ -373,7 +373,7 @@ index ee313da..f35ec39 100644 | |||
373 | { | 373 | { |
374 | #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) | 374 | #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) |
375 | /* | 375 | /* |
376 | @@ -184,7 +184,7 @@ platform_setusercontext_post_groups(struct passwd *pw) | 376 | @@ -186,7 +186,7 @@ platform_setusercontext_post_groups(struct passwd *pw) |
377 | } | 377 | } |
378 | #endif /* HAVE_SETPCRED */ | 378 | #endif /* HAVE_SETPCRED */ |
379 | #ifdef WITH_SELINUX | 379 | #ifdef WITH_SELINUX |
@@ -383,7 +383,7 @@ index ee313da..f35ec39 100644 | |||
383 | } | 383 | } |
384 | 384 | ||
385 | diff --git a/platform.h b/platform.h | 385 | diff --git a/platform.h b/platform.h |
386 | index e687c99..823901b 100644 | 386 | index e97ecd9..5b72304 100644 |
387 | --- a/platform.h | 387 | --- a/platform.h |
388 | +++ b/platform.h | 388 | +++ b/platform.h |
389 | @@ -27,7 +27,7 @@ void platform_post_fork_parent(pid_t child_pid); | 389 | @@ -27,7 +27,7 @@ void platform_post_fork_parent(pid_t child_pid); |
@@ -396,10 +396,10 @@ index e687c99..823901b 100644 | |||
396 | char *platform_krb5_get_principal_name(const char *); | 396 | char *platform_krb5_get_principal_name(const char *); |
397 | int platform_sys_dir_uid(uid_t); | 397 | int platform_sys_dir_uid(uid_t); |
398 | diff --git a/session.c b/session.c | 398 | diff --git a/session.c b/session.c |
399 | index 87fddfc..f246b8a 100644 | 399 | index 2235f26..6dfcf84 100644 |
400 | --- a/session.c | 400 | --- a/session.c |
401 | +++ b/session.c | 401 | +++ b/session.c |
402 | @@ -1511,7 +1511,7 @@ safely_chroot(const char *path, uid_t uid) | 402 | @@ -1517,7 +1517,7 @@ safely_chroot(const char *path, uid_t uid) |
403 | 403 | ||
404 | /* Set login name, uid, gid, and groups. */ | 404 | /* Set login name, uid, gid, and groups. */ |
405 | void | 405 | void |
@@ -408,7 +408,7 @@ index 87fddfc..f246b8a 100644 | |||
408 | { | 408 | { |
409 | char *chroot_path, *tmp; | 409 | char *chroot_path, *tmp; |
410 | 410 | ||
411 | @@ -1539,7 +1539,7 @@ do_setusercontext(struct passwd *pw) | 411 | @@ -1545,7 +1545,7 @@ do_setusercontext(struct passwd *pw) |
412 | endgrent(); | 412 | endgrent(); |
413 | #endif | 413 | #endif |
414 | 414 | ||
@@ -417,7 +417,7 @@ index 87fddfc..f246b8a 100644 | |||
417 | 417 | ||
418 | if (!in_chroot && options.chroot_directory != NULL && | 418 | if (!in_chroot && options.chroot_directory != NULL && |
419 | strcasecmp(options.chroot_directory, "none") != 0) { | 419 | strcasecmp(options.chroot_directory, "none") != 0) { |
420 | @@ -1696,7 +1696,7 @@ do_child(Session *s, const char *command) | 420 | @@ -1703,7 +1703,7 @@ do_child(Session *s, const char *command) |
421 | 421 | ||
422 | /* Force a password change */ | 422 | /* Force a password change */ |
423 | if (s->authctxt->force_pwchange) { | 423 | if (s->authctxt->force_pwchange) { |
@@ -426,7 +426,7 @@ index 87fddfc..f246b8a 100644 | |||
426 | child_close_fds(); | 426 | child_close_fds(); |
427 | do_pwchange(s); | 427 | do_pwchange(s); |
428 | exit(1); | 428 | exit(1); |
429 | @@ -1723,7 +1723,7 @@ do_child(Session *s, const char *command) | 429 | @@ -1730,7 +1730,7 @@ do_child(Session *s, const char *command) |
430 | /* When PAM is enabled we rely on it to do the nologin check */ | 430 | /* When PAM is enabled we rely on it to do the nologin check */ |
431 | if (!options.use_pam) | 431 | if (!options.use_pam) |
432 | do_nologin(pw); | 432 | do_nologin(pw); |
@@ -435,7 +435,7 @@ index 87fddfc..f246b8a 100644 | |||
435 | /* | 435 | /* |
436 | * PAM session modules in do_setusercontext may have | 436 | * PAM session modules in do_setusercontext may have |
437 | * generated messages, so if this in an interactive | 437 | * generated messages, so if this in an interactive |
438 | @@ -2134,7 +2134,7 @@ session_pty_req(Session *s) | 438 | @@ -2141,7 +2141,7 @@ session_pty_req(Session *s) |
439 | tty_parse_modes(s->ttyfd, &n_bytes); | 439 | tty_parse_modes(s->ttyfd, &n_bytes); |
440 | 440 | ||
441 | if (!use_privsep) | 441 | if (!use_privsep) |
@@ -445,7 +445,7 @@ index 87fddfc..f246b8a 100644 | |||
445 | /* Set window size from the packet. */ | 445 | /* Set window size from the packet. */ |
446 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 446 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
447 | diff --git a/session.h b/session.h | 447 | diff --git a/session.h b/session.h |
448 | index 6a2f35e..ef6593c 100644 | 448 | index f18eaf3..2b7d939 100644 |
449 | --- a/session.h | 449 | --- a/session.h |
450 | +++ b/session.h | 450 | +++ b/session.h |
451 | @@ -77,7 +77,7 @@ void session_pty_cleanup2(Session *); | 451 | @@ -77,7 +77,7 @@ void session_pty_cleanup2(Session *); |
@@ -458,10 +458,10 @@ index 6a2f35e..ef6593c 100644 | |||
458 | const char *value); | 458 | const char *value); |
459 | 459 | ||
460 | diff --git a/sshd.c b/sshd.c | 460 | diff --git a/sshd.c b/sshd.c |
461 | index d1dd711..bb093cc 100644 | 461 | index 982e545..76306da 100644 |
462 | --- a/sshd.c | 462 | --- a/sshd.c |
463 | +++ b/sshd.c | 463 | +++ b/sshd.c |
464 | @@ -781,7 +781,7 @@ privsep_postauth(Authctxt *authctxt) | 464 | @@ -787,7 +787,7 @@ privsep_postauth(Authctxt *authctxt) |
465 | explicit_bzero(rnd, sizeof(rnd)); | 465 | explicit_bzero(rnd, sizeof(rnd)); |
466 | 466 | ||
467 | /* Drop privileges */ | 467 | /* Drop privileges */ |
diff --git a/debian/patches/series b/debian/patches/series index d8ea2890b..e5821f627 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -25,9 +25,3 @@ gnome-ssh-askpass2-icon.patch | |||
25 | sigstop.patch | 25 | sigstop.patch |
26 | systemd-readiness.patch | 26 | systemd-readiness.patch |
27 | debian-config.patch | 27 | debian-config.patch |
28 | CVE-2015-8325.patch | ||
29 | unbreak-certificate-auth.patch | ||
30 | CVE-2016-6210-1.patch | ||
31 | CVE-2016-6210-2.patch | ||
32 | CVE-2016-6210-3.patch | ||
33 | control-persist-close-stderr.patch | ||
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch index 95ff21814..506ba3f7a 100644 --- a/debian/patches/shell-path.patch +++ b/debian/patches/shell-path.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From cfcbb82102babef6affeec3b8373f5811d82d065 Mon Sep 17 00:00:00 2001 | 1 | From ac283605e244f9dab676b039986f137f86284291 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 |
4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand | 4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand |
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch index b17176db8..7ae7f3558 100644 --- a/debian/patches/sigstop.patch +++ b/debian/patches/sigstop.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 803865858838e2ccf1fa885ba14b9a11c4a3153e Mon Sep 17 00:00:00 2001 | 1 | From 8d765e441787d024e76369496316105fe736d3ba Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:17 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:17 +0000 |
4 | Subject: Support synchronisation with service supervisor using SIGSTOP | 4 | Subject: Support synchronisation with service supervisor using SIGSTOP |
@@ -13,10 +13,10 @@ Patch-Name: sigstop.patch | |||
13 | 1 file changed, 10 insertions(+) | 13 | 1 file changed, 10 insertions(+) |
14 | 14 | ||
15 | diff --git a/sshd.c b/sshd.c | 15 | diff --git a/sshd.c b/sshd.c |
16 | index 57ae4ad..c2d42f5 100644 | 16 | index 71fad9e..837409b 100644 |
17 | --- a/sshd.c | 17 | --- a/sshd.c |
18 | +++ b/sshd.c | 18 | +++ b/sshd.c |
19 | @@ -2048,6 +2048,16 @@ main(int ac, char **av) | 19 | @@ -2107,6 +2107,16 @@ main(int ac, char **av) |
20 | } | 20 | } |
21 | } | 21 | } |
22 | 22 | ||
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch index 0a8180056..2d1dabfd3 100644 --- a/debian/patches/ssh-agent-setgid.patch +++ b/debian/patches/ssh-agent-setgid.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From c13ebec3d0989b374bef99d2d1f2a3bcc3c62aa8 Mon Sep 17 00:00:00 2001 | 1 | From 172bb48ec4cb3b65d26d4f3bd8bc0e82ddaf6ca1 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 |
4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) | 4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) |
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch index 51cdfde48..614ed8195 100644 --- a/debian/patches/ssh-argv0.patch +++ b/debian/patches/ssh-argv0.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 22585509beb1efc6a3a58c8ff714211043325201 Mon Sep 17 00:00:00 2001 | 1 | From ccfb71ca70b73f6d5a2873b31d0140c7cb5f4430 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 |
4 | Subject: ssh(1): Refer to ssh-argv0(1) | 4 | Subject: ssh(1): Refer to ssh-argv0(1) |
@@ -18,10 +18,10 @@ Patch-Name: ssh-argv0.patch | |||
18 | 1 file changed, 1 insertion(+) | 18 | 1 file changed, 1 insertion(+) |
19 | 19 | ||
20 | diff --git a/ssh.1 b/ssh.1 | 20 | diff --git a/ssh.1 b/ssh.1 |
21 | index 41e0aab..74d9655 100644 | 21 | index b1f128c..22e56a7 100644 |
22 | --- a/ssh.1 | 22 | --- a/ssh.1 |
23 | +++ b/ssh.1 | 23 | +++ b/ssh.1 |
24 | @@ -1561,6 +1561,7 @@ if an error occurred. | 24 | @@ -1586,6 +1586,7 @@ if an error occurred. |
25 | .Xr sftp 1 , | 25 | .Xr sftp 1 , |
26 | .Xr ssh-add 1 , | 26 | .Xr ssh-add 1 , |
27 | .Xr ssh-agent 1 , | 27 | .Xr ssh-agent 1 , |
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch index b909e6ddb..0492c84fe 100644 --- a/debian/patches/ssh-vulnkey-compat.patch +++ b/debian/patches/ssh-vulnkey-compat.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From ceebe313c4b094557bda974d274a6e7b5b33e3f9 Mon Sep 17 00:00:00 2001 | 1 | From e35c0bb4c3997b8ef885c6afdcc600b403eb878b Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@ubuntu.com> | 2 | From: Colin Watson <cjwatson@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 |
4 | Subject: Accept obsolete ssh-vulnkey configuration options | 4 | Subject: Accept obsolete ssh-vulnkey configuration options |
@@ -17,10 +17,10 @@ Patch-Name: ssh-vulnkey-compat.patch | |||
17 | 2 files changed, 2 insertions(+) | 17 | 2 files changed, 2 insertions(+) |
18 | 18 | ||
19 | diff --git a/readconf.c b/readconf.c | 19 | diff --git a/readconf.c b/readconf.c |
20 | index d2a3d4b..559e4c7 100644 | 20 | index e019195..c0b7822 100644 |
21 | --- a/readconf.c | 21 | --- a/readconf.c |
22 | +++ b/readconf.c | 22 | +++ b/readconf.c |
23 | @@ -182,6 +182,7 @@ static struct { | 23 | @@ -194,6 +194,7 @@ static struct { |
24 | { "passwordauthentication", oPasswordAuthentication }, | 24 | { "passwordauthentication", oPasswordAuthentication }, |
25 | { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, | 25 | { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, |
26 | { "kbdinteractivedevices", oKbdInteractiveDevices }, | 26 | { "kbdinteractivedevices", oKbdInteractiveDevices }, |
@@ -29,10 +29,10 @@ index d2a3d4b..559e4c7 100644 | |||
29 | { "pubkeyauthentication", oPubkeyAuthentication }, | 29 | { "pubkeyauthentication", oPubkeyAuthentication }, |
30 | { "dsaauthentication", oPubkeyAuthentication }, /* alias */ | 30 | { "dsaauthentication", oPubkeyAuthentication }, /* alias */ |
31 | diff --git a/servconf.c b/servconf.c | 31 | diff --git a/servconf.c b/servconf.c |
32 | index b8af6dd..fad7c92 100644 | 32 | index 9b06281..bf9f8f7 100644 |
33 | --- a/servconf.c | 33 | --- a/servconf.c |
34 | +++ b/servconf.c | 34 | +++ b/servconf.c |
35 | @@ -533,6 +533,7 @@ static struct { | 35 | @@ -541,6 +541,7 @@ static struct { |
36 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, | 36 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, |
37 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, | 37 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, |
38 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, | 38 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, |
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 6bc3911f7..3e46d03c8 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 68388fa20403834f5559486542b1baf4ad36141a Mon Sep 17 00:00:00 2001 | 1 | From 21fb55231ad0422fa0e5f0c2f67093cb5f29dd47 Mon Sep 17 00:00:00 2001 |
2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> | 2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> |
3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 |
4 | Subject: "LogLevel SILENT" compatibility | 4 | Subject: "LogLevel SILENT" compatibility |
@@ -21,7 +21,7 @@ Patch-Name: syslog-level-silent.patch | |||
21 | 2 files changed, 2 insertions(+), 1 deletion(-) | 21 | 2 files changed, 2 insertions(+), 1 deletion(-) |
22 | 22 | ||
23 | diff --git a/log.c b/log.c | 23 | diff --git a/log.c b/log.c |
24 | index ad12930..e68b84a 100644 | 24 | index 2b59c42..ffc8ffb 100644 |
25 | --- a/log.c | 25 | --- a/log.c |
26 | +++ b/log.c | 26 | +++ b/log.c |
27 | @@ -93,6 +93,7 @@ static struct { | 27 | @@ -93,6 +93,7 @@ static struct { |
@@ -33,10 +33,10 @@ index ad12930..e68b84a 100644 | |||
33 | { "FATAL", SYSLOG_LEVEL_FATAL }, | 33 | { "FATAL", SYSLOG_LEVEL_FATAL }, |
34 | { "ERROR", SYSLOG_LEVEL_ERROR }, | 34 | { "ERROR", SYSLOG_LEVEL_ERROR }, |
35 | diff --git a/ssh.c b/ssh.c | 35 | diff --git a/ssh.c b/ssh.c |
36 | index f9ff91f..314dd52 100644 | 36 | index 03a23fb..1febb04 100644 |
37 | --- a/ssh.c | 37 | --- a/ssh.c |
38 | +++ b/ssh.c | 38 | +++ b/ssh.c |
39 | @@ -1119,7 +1119,7 @@ main(int ac, char **av) | 39 | @@ -1167,7 +1167,7 @@ main(int ac, char **av) |
40 | /* Do not allocate a tty if stdin is not a tty. */ | 40 | /* Do not allocate a tty if stdin is not a tty. */ |
41 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && | 41 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && |
42 | options.request_tty != REQUEST_TTY_FORCE) { | 42 | options.request_tty != REQUEST_TTY_FORCE) { |
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch index ab3445fcc..deee48460 100644 --- a/debian/patches/systemd-readiness.patch +++ b/debian/patches/systemd-readiness.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 643bc17ada741a9ee5b86170ad313f83278e1f72 Mon Sep 17 00:00:00 2001 | 1 | From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001 |
2 | From: Michael Biebl <biebl@debian.org> | 2 | From: Michael Biebl <biebl@debian.org> |
3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 | 3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 |
4 | Subject: Add systemd readiness notification support | 4 | Subject: Add systemd readiness notification support |
@@ -14,10 +14,10 @@ Patch-Name: systemd-readiness.patch | |||
14 | 2 files changed, 33 insertions(+) | 14 | 2 files changed, 33 insertions(+) |
15 | 15 | ||
16 | diff --git a/configure.ac b/configure.ac | 16 | diff --git a/configure.ac b/configure.ac |
17 | index 5d720f7..c978c11 100644 | 17 | index f822fb3..6cafb15 100644 |
18 | --- a/configure.ac | 18 | --- a/configure.ac |
19 | +++ b/configure.ac | 19 | +++ b/configure.ac |
20 | @@ -4263,6 +4263,29 @@ AC_ARG_WITH([kerberos5], | 20 | @@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5], |
21 | AC_SUBST([GSSLIBS]) | 21 | AC_SUBST([GSSLIBS]) |
22 | AC_SUBST([K5LIBS]) | 22 | AC_SUBST([K5LIBS]) |
23 | 23 | ||
@@ -47,7 +47,7 @@ index 5d720f7..c978c11 100644 | |||
47 | # Looking for programs, paths and files | 47 | # Looking for programs, paths and files |
48 | 48 | ||
49 | PRIVSEP_PATH=/var/empty | 49 | PRIVSEP_PATH=/var/empty |
50 | @@ -5065,6 +5088,7 @@ echo " libedit support: $LIBEDIT_MSG" | 50 | @@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG" |
51 | echo " Solaris process contract support: $SPC_MSG" | 51 | echo " Solaris process contract support: $SPC_MSG" |
52 | echo " Solaris project support: $SP_MSG" | 52 | echo " Solaris project support: $SP_MSG" |
53 | echo " Solaris privilege support: $SPP_MSG" | 53 | echo " Solaris privilege support: $SPP_MSG" |
@@ -56,7 +56,7 @@ index 5d720f7..c978c11 100644 | |||
56 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" | 56 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" |
57 | echo " BSD Auth support: $BSD_AUTH_MSG" | 57 | echo " BSD Auth support: $BSD_AUTH_MSG" |
58 | diff --git a/sshd.c b/sshd.c | 58 | diff --git a/sshd.c b/sshd.c |
59 | index c2d42f5..8802d18 100644 | 59 | index 837409b..868df9e 100644 |
60 | --- a/sshd.c | 60 | --- a/sshd.c |
61 | +++ b/sshd.c | 61 | +++ b/sshd.c |
62 | @@ -85,6 +85,10 @@ | 62 | @@ -85,6 +85,10 @@ |
@@ -70,7 +70,7 @@ index c2d42f5..8802d18 100644 | |||
70 | #include "xmalloc.h" | 70 | #include "xmalloc.h" |
71 | #include "ssh.h" | 71 | #include "ssh.h" |
72 | #include "ssh1.h" | 72 | #include "ssh1.h" |
73 | @@ -2058,6 +2062,11 @@ main(int ac, char **av) | 73 | @@ -2117,6 +2121,11 @@ main(int ac, char **av) |
74 | unsetenv("SSH_SIGSTOP"); | 74 | unsetenv("SSH_SIGSTOP"); |
75 | } | 75 | } |
76 | 76 | ||
diff --git a/debian/patches/unbreak-certificate-auth.patch b/debian/patches/unbreak-certificate-auth.patch deleted file mode 100644 index cbf7c1800..000000000 --- a/debian/patches/unbreak-certificate-auth.patch +++ /dev/null | |||
@@ -1,46 +0,0 @@ | |||
1 | From 43a633de1cabe77e652125dac394a99ad9cac3b4 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Mon, 14 Mar 2016 16:20:54 +0000 | ||
4 | Subject: upstream commit | ||
5 | |||
6 | unbreak authentication using lone certificate keys in | ||
7 | ssh-agent: when attempting pubkey auth with a certificate, if no separate | ||
8 | private key is found among the keys then try with the certificate key itself. | ||
9 | |||
10 | bz#2550 reported by Peter Moody | ||
11 | |||
12 | Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966 | ||
13 | |||
14 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=c38905ba391434834da86abfc988a2b8b9b62477 | ||
15 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/1575961 | ||
16 | Last-Update: 2016-04-28 | ||
17 | |||
18 | Patch-Name: unbreak-certificate-auth.patch | ||
19 | --- | ||
20 | sshconnect2.c | 8 ++------ | ||
21 | 1 file changed, 2 insertions(+), 6 deletions(-) | ||
22 | |||
23 | diff --git a/sshconnect2.c b/sshconnect2.c | ||
24 | index b452eae..40facda 100644 | ||
25 | --- a/sshconnect2.c | ||
26 | +++ b/sshconnect2.c | ||
27 | @@ -1,4 +1,4 @@ | ||
28 | -/* $OpenBSD: sshconnect2.c,v 1.239 2016/02/23 01:34:14 djm Exp $ */ | ||
29 | +/* $OpenBSD: sshconnect2.c,v 1.240 2016/03/14 16:20:54 djm Exp $ */ | ||
30 | /* | ||
31 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | ||
32 | * Copyright (c) 2008 Damien Miller. All rights reserved. | ||
33 | @@ -1224,12 +1224,8 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) | ||
34 | "certificate", __func__, id->filename, | ||
35 | id->agent_fd != -1 ? " from agent" : ""); | ||
36 | } else { | ||
37 | - /* XXX maybe verbose/error? */ | ||
38 | - debug("%s: no private key for certificate " | ||
39 | + debug("%s: no separate private key for certificate " | ||
40 | "\"%s\"", __func__, id->filename); | ||
41 | - free(blob); | ||
42 | - buffer_free(&b); | ||
43 | - return 0; | ||
44 | } | ||
45 | } | ||
46 | |||
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index c64e141f8..3bd2fd91f 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From bf0d87583a842b9e8aaf2a9cd9dbc3e976df2af4 Mon Sep 17 00:00:00 2001 | 1 | From 563974a78e937c4844e1198b5f6d79b8b2b5c600 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 |
4 | Subject: Allow harmless group-writability | 4 | Subject: Allow harmless group-writability |
@@ -22,16 +22,16 @@ Patch-Name: user-group-modes.patch | |||
22 | misc.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- | 22 | misc.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- |
23 | misc.h | 2 ++ | 23 | misc.h | 2 ++ |
24 | platform.c | 16 -------------- | 24 | platform.c | 16 -------------- |
25 | readconf.c | 5 +++-- | 25 | readconf.c | 3 +-- |
26 | ssh.1 | 2 ++ | 26 | ssh.1 | 2 ++ |
27 | ssh_config.5 | 2 ++ | 27 | ssh_config.5 | 2 ++ |
28 | 8 files changed, 82 insertions(+), 29 deletions(-) | 28 | 8 files changed, 80 insertions(+), 29 deletions(-) |
29 | 29 | ||
30 | diff --git a/auth-rhosts.c b/auth-rhosts.c | 30 | diff --git a/auth-rhosts.c b/auth-rhosts.c |
31 | index ee9e827..2ff2cff 100644 | 31 | index 0ef3447..c17c13c 100644 |
32 | --- a/auth-rhosts.c | 32 | --- a/auth-rhosts.c |
33 | +++ b/auth-rhosts.c | 33 | +++ b/auth-rhosts.c |
34 | @@ -271,8 +271,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam | 34 | @@ -273,8 +273,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam |
35 | return 0; | 35 | return 0; |
36 | } | 36 | } |
37 | if (options.strict_modes && | 37 | if (options.strict_modes && |
@@ -41,7 +41,7 @@ index ee9e827..2ff2cff 100644 | |||
41 | logit("Rhosts authentication refused for %.100s: " | 41 | logit("Rhosts authentication refused for %.100s: " |
42 | "bad ownership or modes for home directory.", pw->pw_name); | 42 | "bad ownership or modes for home directory.", pw->pw_name); |
43 | auth_debug_add("Rhosts authentication refused for %.100s: " | 43 | auth_debug_add("Rhosts authentication refused for %.100s: " |
44 | @@ -298,8 +297,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam | 44 | @@ -300,8 +299,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam |
45 | * allowing access to their account by anyone. | 45 | * allowing access to their account by anyone. |
46 | */ | 46 | */ |
47 | if (options.strict_modes && | 47 | if (options.strict_modes && |
@@ -52,10 +52,10 @@ index ee9e827..2ff2cff 100644 | |||
52 | pw->pw_name, buf); | 52 | pw->pw_name, buf); |
53 | auth_debug_add("Bad file modes for %.200s", buf); | 53 | auth_debug_add("Bad file modes for %.200s", buf); |
54 | diff --git a/auth.c b/auth.c | 54 | diff --git a/auth.c b/auth.c |
55 | index bd6a026..782b7f8 100644 | 55 | index f56dcc6..3f8b348 100644 |
56 | --- a/auth.c | 56 | --- a/auth.c |
57 | +++ b/auth.c | 57 | +++ b/auth.c |
58 | @@ -425,8 +425,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | 58 | @@ -435,8 +435,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, |
59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); | 59 | user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); |
60 | if (options.strict_modes && | 60 | if (options.strict_modes && |
61 | (stat(user_hostfile, &st) == 0) && | 61 | (stat(user_hostfile, &st) == 0) && |
@@ -65,7 +65,7 @@ index bd6a026..782b7f8 100644 | |||
65 | logit("Authentication refused for %.100s: " | 65 | logit("Authentication refused for %.100s: " |
66 | "bad owner or modes for %.200s", | 66 | "bad owner or modes for %.200s", |
67 | pw->pw_name, user_hostfile); | 67 | pw->pw_name, user_hostfile); |
68 | @@ -488,8 +487,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 68 | @@ -498,8 +497,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
69 | snprintf(err, errlen, "%s is not a regular file", buf); | 69 | snprintf(err, errlen, "%s is not a regular file", buf); |
70 | return -1; | 70 | return -1; |
71 | } | 71 | } |
@@ -75,7 +75,7 @@ index bd6a026..782b7f8 100644 | |||
75 | snprintf(err, errlen, "bad ownership or modes for file %s", | 75 | snprintf(err, errlen, "bad ownership or modes for file %s", |
76 | buf); | 76 | buf); |
77 | return -1; | 77 | return -1; |
78 | @@ -504,8 +502,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, | 78 | @@ -514,8 +512,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, |
79 | strlcpy(buf, cp, sizeof(buf)); | 79 | strlcpy(buf, cp, sizeof(buf)); |
80 | 80 | ||
81 | if (stat(buf, &st) < 0 || | 81 | if (stat(buf, &st) < 0 || |
@@ -86,7 +86,7 @@ index bd6a026..782b7f8 100644 | |||
86 | "bad ownership or modes for directory %s", buf); | 86 | "bad ownership or modes for directory %s", buf); |
87 | return -1; | 87 | return -1; |
88 | diff --git a/misc.c b/misc.c | 88 | diff --git a/misc.c b/misc.c |
89 | index de7e1fa..5704fa6 100644 | 89 | index 9421b4d..68efb2b 100644 |
90 | --- a/misc.c | 90 | --- a/misc.c |
91 | +++ b/misc.c | 91 | +++ b/misc.c |
92 | @@ -51,8 +51,9 @@ | 92 | @@ -51,8 +51,9 @@ |
@@ -108,7 +108,7 @@ index de7e1fa..5704fa6 100644 | |||
108 | 108 | ||
109 | /* remove newline at end of string */ | 109 | /* remove newline at end of string */ |
110 | char * | 110 | char * |
111 | @@ -647,6 +649,71 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, | 111 | @@ -708,6 +710,71 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, |
112 | return -1; | 112 | return -1; |
113 | } | 113 | } |
114 | 114 | ||
@@ -181,10 +181,10 @@ index de7e1fa..5704fa6 100644 | |||
181 | tun_open(int tun, int mode) | 181 | tun_open(int tun, int mode) |
182 | { | 182 | { |
183 | diff --git a/misc.h b/misc.h | 183 | diff --git a/misc.h b/misc.h |
184 | index 374c33c..89e1f75 100644 | 184 | index 7c76a6a..42cd95e 100644 |
185 | --- a/misc.h | 185 | --- a/misc.h |
186 | +++ b/misc.h | 186 | +++ b/misc.h |
187 | @@ -135,4 +135,6 @@ char *read_passphrase(const char *, int); | 187 | @@ -139,4 +139,6 @@ char *read_passphrase(const char *, int); |
188 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); | 188 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); |
189 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); | 189 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); |
190 | 190 | ||
@@ -192,10 +192,10 @@ index 374c33c..89e1f75 100644 | |||
192 | + | 192 | + |
193 | #endif /* _MISC_H */ | 193 | #endif /* _MISC_H */ |
194 | diff --git a/platform.c b/platform.c | 194 | diff --git a/platform.c b/platform.c |
195 | index f35ec39..9a23e6e 100644 | 195 | index 4831706..2ce4dbf 100644 |
196 | --- a/platform.c | 196 | --- a/platform.c |
197 | +++ b/platform.c | 197 | +++ b/platform.c |
198 | @@ -197,19 +197,3 @@ platform_krb5_get_principal_name(const char *pw_name) | 198 | @@ -199,19 +199,3 @@ platform_krb5_get_principal_name(const char *pw_name) |
199 | return NULL; | 199 | return NULL; |
200 | #endif | 200 | #endif |
201 | } | 201 | } |
@@ -216,19 +216,10 @@ index f35ec39..9a23e6e 100644 | |||
216 | - return 0; | 216 | - return 0; |
217 | -} | 217 | -} |
218 | diff --git a/readconf.c b/readconf.c | 218 | diff --git a/readconf.c b/readconf.c |
219 | index fde6b41..cc1a633 100644 | 219 | index 3a6c67b..f6b4c8f 100644 |
220 | --- a/readconf.c | 220 | --- a/readconf.c |
221 | +++ b/readconf.c | 221 | +++ b/readconf.c |
222 | @@ -39,6 +39,8 @@ | 222 | @@ -1753,8 +1753,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, |
223 | #include <stdio.h> | ||
224 | #include <string.h> | ||
225 | #include <unistd.h> | ||
226 | +#include <pwd.h> | ||
227 | +#include <grp.h> | ||
228 | #ifdef HAVE_UTIL_H | ||
229 | #include <util.h> | ||
230 | #endif | ||
231 | @@ -1626,8 +1628,7 @@ read_config_file(const char *filename, struct passwd *pw, const char *host, | ||
232 | 223 | ||
233 | if (fstat(fileno(f), &sb) == -1) | 224 | if (fstat(fileno(f), &sb) == -1) |
234 | fatal("fstat %s: %s", filename, strerror(errno)); | 225 | fatal("fstat %s: %s", filename, strerror(errno)); |
@@ -239,10 +230,10 @@ index fde6b41..cc1a633 100644 | |||
239 | } | 230 | } |
240 | 231 | ||
241 | diff --git a/ssh.1 b/ssh.1 | 232 | diff --git a/ssh.1 b/ssh.1 |
242 | index cc53343..feb0e89 100644 | 233 | index 4011c65..feef81a 100644 |
243 | --- a/ssh.1 | 234 | --- a/ssh.1 |
244 | +++ b/ssh.1 | 235 | +++ b/ssh.1 |
245 | @@ -1459,6 +1459,8 @@ The file format and configuration options are described in | 236 | @@ -1484,6 +1484,8 @@ The file format and configuration options are described in |
246 | .Xr ssh_config 5 . | 237 | .Xr ssh_config 5 . |
247 | Because of the potential for abuse, this file must have strict permissions: | 238 | Because of the potential for abuse, this file must have strict permissions: |
248 | read/write for the user, and not writable by others. | 239 | read/write for the user, and not writable by others. |
@@ -252,10 +243,10 @@ index cc53343..feb0e89 100644 | |||
252 | .It Pa ~/.ssh/environment | 243 | .It Pa ~/.ssh/environment |
253 | Contains additional definitions for environment variables; see | 244 | Contains additional definitions for environment variables; see |
254 | diff --git a/ssh_config.5 b/ssh_config.5 | 245 | diff --git a/ssh_config.5 b/ssh_config.5 |
255 | index bbf638b..ab8f271 100644 | 246 | index efc265a..5dd26bc 100644 |
256 | --- a/ssh_config.5 | 247 | --- a/ssh_config.5 |
257 | +++ b/ssh_config.5 | 248 | +++ b/ssh_config.5 |
258 | @@ -1830,6 +1830,8 @@ The format of this file is described above. | 249 | @@ -1903,6 +1903,8 @@ The format of this file is described above. |
259 | This file is used by the SSH client. | 250 | This file is used by the SSH client. |
260 | Because of the potential for abuse, this file must have strict permissions: | 251 | Because of the potential for abuse, this file must have strict permissions: |
261 | read/write for the user, and not accessible by others. | 252 | read/write for the user, and not accessible by others. |
@@ -43,6 +43,19 @@ enum | |||
43 | #endif | 43 | #endif |
44 | 44 | ||
45 | /* | 45 | /* |
46 | * Cygwin doesn't really have a notion of reserved ports. It is still | ||
47 | * is useful on the client side so for compatibility it defines as 1024 via | ||
48 | * netinet/in.h inside an enum. We * don't actually want that restriction | ||
49 | * so we want to set that to zero, but we can't do it direct in config.h | ||
50 | * because it'll cause a conflicting definition the first time we include | ||
51 | * netinet/in.h. | ||
52 | */ | ||
53 | |||
54 | #ifdef HAVE_CYGWIN | ||
55 | #define IPPORT_RESERVED 0 | ||
56 | #endif | ||
57 | |||
58 | /* | ||
46 | * Definitions for IP type of service (ip_tos) | 59 | * Definitions for IP type of service (ip_tos) |
47 | */ | 60 | */ |
48 | #include <netinet/in_systm.h> | 61 | #include <netinet/in_systm.h> |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.c,v 1.57 2015/05/27 23:39:18 dtucker Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.60 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * | 4 | * |
@@ -30,6 +30,7 @@ | |||
30 | #include <openssl/bn.h> | 30 | #include <openssl/bn.h> |
31 | #include <openssl/dh.h> | 31 | #include <openssl/dh.h> |
32 | 32 | ||
33 | #include <errno.h> | ||
33 | #include <stdarg.h> | 34 | #include <stdarg.h> |
34 | #include <stdio.h> | 35 | #include <stdio.h> |
35 | #include <stdlib.h> | 36 | #include <stdlib.h> |
@@ -151,10 +152,9 @@ choose_dh(int min, int wantbits, int max) | |||
151 | int linenum; | 152 | int linenum; |
152 | struct dhgroup dhg; | 153 | struct dhgroup dhg; |
153 | 154 | ||
154 | if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && | 155 | if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { |
155 | (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { | 156 | logit("WARNING: could open open %s (%s), using fixed modulus", |
156 | logit("WARNING: %s does not exist, using fixed modulus", | 157 | _PATH_DH_MODULI, strerror(errno)); |
157 | _PATH_DH_MODULI); | ||
158 | return (dh_new_group_fallback(max)); | 158 | return (dh_new_group_fallback(max)); |
159 | } | 159 | } |
160 | 160 | ||
@@ -182,7 +182,7 @@ choose_dh(int min, int wantbits, int max) | |||
182 | 182 | ||
183 | if (bestcount == 0) { | 183 | if (bestcount == 0) { |
184 | fclose(f); | 184 | fclose(f); |
185 | logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); | 185 | logit("WARNING: no suitable primes in %s", _PATH_DH_MODULI); |
186 | return (dh_new_group_fallback(max)); | 186 | return (dh_new_group_fallback(max)); |
187 | } | 187 | } |
188 | 188 | ||
@@ -203,7 +203,7 @@ choose_dh(int min, int wantbits, int max) | |||
203 | fclose(f); | 203 | fclose(f); |
204 | if (linenum != which+1) { | 204 | if (linenum != which+1) { |
205 | logit("WARNING: line %d disappeared in %s, giving up", | 205 | logit("WARNING: line %d disappeared in %s, giving up", |
206 | which, _PATH_DH_PRIMES); | 206 | which, _PATH_DH_MODULI); |
207 | return (dh_new_group_fallback(max)); | 207 | return (dh_new_group_fallback(max)); |
208 | } | 208 | } |
209 | 209 | ||
@@ -246,12 +246,15 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) | |||
246 | bits_set++; | 246 | bits_set++; |
247 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); | 247 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); |
248 | 248 | ||
249 | /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ | 249 | /* |
250 | if (bits_set > 1) | 250 | * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial |
251 | return 1; | 251 | */ |
252 | 252 | if (bits_set < 4) { | |
253 | logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); | 253 | logit("invalid public DH value (%d/%d)", |
254 | return 0; | 254 | bits_set, BN_num_bits(dh->p)); |
255 | return 0; | ||
256 | } | ||
257 | return 1; | ||
255 | } | 258 | } |
256 | 259 | ||
257 | int | 260 | int |
@@ -263,6 +266,12 @@ dh_gen_key(DH *dh, int need) | |||
263 | (pbits = BN_num_bits(dh->p)) <= 0 || | 266 | (pbits = BN_num_bits(dh->p)) <= 0 || |
264 | need > INT_MAX / 2 || 2 * need > pbits) | 267 | need > INT_MAX / 2 || 2 * need > pbits) |
265 | return SSH_ERR_INVALID_ARGUMENT; | 268 | return SSH_ERR_INVALID_ARGUMENT; |
269 | if (need < 256) | ||
270 | need = 256; | ||
271 | /* | ||
272 | * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)), | ||
273 | * so double requested need here. | ||
274 | */ | ||
266 | dh->length = MIN(need * 2, pbits - 1); | 275 | dh->length = MIN(need * 2, pbits - 1); |
267 | if (DH_generate_key(dh) == 0 || | 276 | if (DH_generate_key(dh) == 0 || |
268 | !dh_pub_is_valid(dh, dh->pub_key)) { | 277 | !dh_pub_is_valid(dh, dh->pub_key)) { |
@@ -305,6 +314,7 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus) | |||
305 | return (dh); | 314 | return (dh); |
306 | } | 315 | } |
307 | 316 | ||
317 | /* rfc2409 "Second Oakley Group" (1024 bits) */ | ||
308 | DH * | 318 | DH * |
309 | dh_new_group1(void) | 319 | dh_new_group1(void) |
310 | { | 320 | { |
@@ -319,6 +329,7 @@ dh_new_group1(void) | |||
319 | return (dh_new_group_asc(gen, group1)); | 329 | return (dh_new_group_asc(gen, group1)); |
320 | } | 330 | } |
321 | 331 | ||
332 | /* rfc3526 group 14 "2048-bit MODP Group" */ | ||
322 | DH * | 333 | DH * |
323 | dh_new_group14(void) | 334 | dh_new_group14(void) |
324 | { | 335 | { |
@@ -338,12 +349,9 @@ dh_new_group14(void) | |||
338 | return (dh_new_group_asc(gen, group14)); | 349 | return (dh_new_group_asc(gen, group14)); |
339 | } | 350 | } |
340 | 351 | ||
341 | /* | 352 | /* rfc3526 group 16 "4096-bit MODP Group" */ |
342 | * 4k bit fallback group used by DH-GEX if moduli file cannot be read. | ||
343 | * Source: MODP group 16 from RFC3526. | ||
344 | */ | ||
345 | DH * | 353 | DH * |
346 | dh_new_group_fallback(int max) | 354 | dh_new_group16(void) |
347 | { | 355 | { |
348 | static char *gen = "2", *group16 = | 356 | static char *gen = "2", *group16 = |
349 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" | 357 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" |
@@ -369,12 +377,75 @@ dh_new_group_fallback(int max) | |||
369 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199" | 377 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199" |
370 | "FFFFFFFF" "FFFFFFFF"; | 378 | "FFFFFFFF" "FFFFFFFF"; |
371 | 379 | ||
372 | if (max < 4096) { | 380 | return (dh_new_group_asc(gen, group16)); |
373 | debug3("requested max size %d, using 2k bit group 14", max); | 381 | } |
382 | |||
383 | /* rfc3526 group 18 "8192-bit MODP Group" */ | ||
384 | DH * | ||
385 | dh_new_group18(void) | ||
386 | { | ||
387 | static char *gen = "2", *group16 = | ||
388 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" | ||
389 | "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" | ||
390 | "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" | ||
391 | "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" | ||
392 | "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" | ||
393 | "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" | ||
394 | "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" | ||
395 | "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" | ||
396 | "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" | ||
397 | "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" | ||
398 | "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64" | ||
399 | "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7" | ||
400 | "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B" | ||
401 | "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C" | ||
402 | "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" | ||
403 | "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" | ||
404 | "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA" | ||
405 | "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6" | ||
406 | "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED" | ||
407 | "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9" | ||
408 | "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34028492" | ||
409 | "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD" | ||
410 | "F8FF9406" "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831" | ||
411 | "179727B0" "865A8918" "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B" | ||
412 | "DB7F1447" "E6CC254B" "33205151" "2BD7AF42" "6FB8F401" "378CD2BF" | ||
413 | "5983CA01" "C64B92EC" "F032EA15" "D1721D03" "F482D7CE" "6E74FEF6" | ||
414 | "D55E702F" "46980C82" "B5A84031" "900B1C9E" "59E7C97F" "BEC7E8F3" | ||
415 | "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2" "2B4154AA" | ||
416 | "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328" | ||
417 | "06A1D58B" "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C" | ||
418 | "DA56C9EC" "2EF29632" "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE" | ||
419 | "12BF2D5B" "0B7474D6" "E694F91E" "6DBE1159" "74A3926F" "12FEE5E4" | ||
420 | "38777CB6" "A932DF8C" "D8BEC4D0" "73B931BA" "3BC832B6" "8D9DD300" | ||
421 | "741FA7BF" "8AFC47ED" "2576F693" "6BA42466" "3AAB639C" "5AE4F568" | ||
422 | "3423B474" "2BF1C978" "238F16CB" "E39D652D" "E3FDB8BE" "FC848AD9" | ||
423 | "22222E04" "A4037C07" "13EB57A8" "1A23F0C7" "3473FC64" "6CEA306B" | ||
424 | "4BCBC886" "2F8385DD" "FA9D4B7F" "A2C087E8" "79683303" "ED5BDD3A" | ||
425 | "062B3CF5" "B3A278A6" "6D2A13F8" "3F44F82D" "DF310EE0" "74AB6A36" | ||
426 | "4597E899" "A0255DC1" "64F31CC5" "0846851D" "F9AB4819" "5DED7EA1" | ||
427 | "B1D510BD" "7EE74D73" "FAF36BC3" "1ECFA268" "359046F4" "EB879F92" | ||
428 | "4009438B" "481C6CD7" "889A002E" "D5EE382B" "C9190DA6" "FC026E47" | ||
429 | "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71" | ||
430 | "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF"; | ||
431 | |||
432 | return (dh_new_group_asc(gen, group16)); | ||
433 | } | ||
434 | |||
435 | /* Select fallback group used by DH-GEX if moduli file cannot be read. */ | ||
436 | DH * | ||
437 | dh_new_group_fallback(int max) | ||
438 | { | ||
439 | debug3("%s: requested max size %d", __func__, max); | ||
440 | if (max < 3072) { | ||
441 | debug3("using 2k bit group 14"); | ||
374 | return dh_new_group14(); | 442 | return dh_new_group14(); |
443 | } else if (max < 6144) { | ||
444 | debug3("using 4k bit group 16"); | ||
445 | return dh_new_group16(); | ||
375 | } | 446 | } |
376 | debug3("using 4k bit group 16"); | 447 | debug3("using 8k bit group 18"); |
377 | return (dh_new_group_asc(gen, group16)); | 448 | return dh_new_group18(); |
378 | } | 449 | } |
379 | 450 | ||
380 | /* | 451 | /* |
@@ -384,7 +455,6 @@ dh_new_group_fallback(int max) | |||
384 | * Management Part 1 (rev 3) limited by the recommended maximum value | 455 | * Management Part 1 (rev 3) limited by the recommended maximum value |
385 | * from RFC4419 section 3. | 456 | * from RFC4419 section 3. |
386 | */ | 457 | */ |
387 | |||
388 | u_int | 458 | u_int |
389 | dh_estimate(int bits) | 459 | dh_estimate(int bits) |
390 | { | 460 | { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.h,v 1.14 2015/10/16 22:32:22 djm Exp $ */ | 1 | /* $OpenBSD: dh.h,v 1.15 2016/05/02 10:26:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 4 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
@@ -37,6 +37,8 @@ DH *dh_new_group_asc(const char *, const char *); | |||
37 | DH *dh_new_group(BIGNUM *, BIGNUM *); | 37 | DH *dh_new_group(BIGNUM *, BIGNUM *); |
38 | DH *dh_new_group1(void); | 38 | DH *dh_new_group1(void); |
39 | DH *dh_new_group14(void); | 39 | DH *dh_new_group14(void); |
40 | DH *dh_new_group16(void); | ||
41 | DH *dh_new_group18(void); | ||
40 | DH *dh_new_group_fallback(int); | 42 | DH *dh_new_group_fallback(int); |
41 | 43 | ||
42 | int dh_gen_key(DH *, int); | 44 | int dh_gen_key(DH *, int); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.117 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.118 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -35,6 +35,7 @@ | |||
35 | 35 | ||
36 | #ifdef WITH_OPENSSL | 36 | #ifdef WITH_OPENSSL |
37 | #include <openssl/crypto.h> | 37 | #include <openssl/crypto.h> |
38 | #include <openssl/dh.h> | ||
38 | #endif | 39 | #endif |
39 | 40 | ||
40 | #include "ssh2.h" | 41 | #include "ssh2.h" |
@@ -92,7 +93,10 @@ struct kexalg { | |||
92 | static const struct kexalg kexalgs[] = { | 93 | static const struct kexalg kexalgs[] = { |
93 | #ifdef WITH_OPENSSL | 94 | #ifdef WITH_OPENSSL |
94 | { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, | 95 | { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
95 | { KEX_DH14, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, | 96 | { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, |
97 | { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
98 | { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
99 | { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
96 | { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, | 100 | { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, |
97 | #ifdef HAVE_EVP_SHA256 | 101 | #ifdef HAVE_EVP_SHA256 |
98 | { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, | 102 | { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, |
@@ -599,6 +603,9 @@ kex_free(struct kex *kex) | |||
599 | sshbuf_free(kex->peer); | 603 | sshbuf_free(kex->peer); |
600 | sshbuf_free(kex->my); | 604 | sshbuf_free(kex->my); |
601 | free(kex->session_id); | 605 | free(kex->session_id); |
606 | #ifdef GSSAPI | ||
607 | free(kex->gss_host); | ||
608 | #endif /* GSSAPI */ | ||
602 | free(kex->client_version_string); | 609 | free(kex->client_version_string); |
603 | free(kex->server_version_string); | 610 | free(kex->server_version_string); |
604 | free(kex->failed_choice); | 611 | free(kex->failed_choice); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.76 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.78 2016/05/02 10:26:04 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -51,7 +51,10 @@ | |||
51 | #define KEX_COOKIE_LEN 16 | 51 | #define KEX_COOKIE_LEN 16 |
52 | 52 | ||
53 | #define KEX_DH1 "diffie-hellman-group1-sha1" | 53 | #define KEX_DH1 "diffie-hellman-group1-sha1" |
54 | #define KEX_DH14 "diffie-hellman-group14-sha1" | 54 | #define KEX_DH14_SHA1 "diffie-hellman-group14-sha1" |
55 | #define KEX_DH14_SHA256 "diffie-hellman-group14-sha256" | ||
56 | #define KEX_DH16_SHA512 "diffie-hellman-group16-sha512" | ||
57 | #define KEX_DH18_SHA512 "diffie-hellman-group18-sha512" | ||
55 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" | 58 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" |
56 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" | 59 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" |
57 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" | 60 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
@@ -88,6 +91,9 @@ enum kex_modes { | |||
88 | enum kex_exchange { | 91 | enum kex_exchange { |
89 | KEX_DH_GRP1_SHA1, | 92 | KEX_DH_GRP1_SHA1, |
90 | KEX_DH_GRP14_SHA1, | 93 | KEX_DH_GRP14_SHA1, |
94 | KEX_DH_GRP14_SHA256, | ||
95 | KEX_DH_GRP16_SHA512, | ||
96 | KEX_DH_GRP18_SHA512, | ||
91 | KEX_DH_GEX_SHA1, | 97 | KEX_DH_GEX_SHA1, |
92 | KEX_DH_GEX_SHA256, | 98 | KEX_DH_GEX_SHA256, |
93 | KEX_ECDH_SHA2, | 99 | KEX_ECDH_SHA2, |
@@ -204,7 +210,7 @@ int kexgss_client(struct ssh *); | |||
204 | int kexgss_server(struct ssh *); | 210 | int kexgss_server(struct ssh *); |
205 | #endif | 211 | #endif |
206 | 212 | ||
207 | int kex_dh_hash(const char *, const char *, | 213 | int kex_dh_hash(int, const char *, const char *, |
208 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 214 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
209 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 215 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); |
210 | 216 | ||
@@ -219,8 +225,9 @@ int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *, | |||
219 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 225 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
220 | const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); | 226 | const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); |
221 | 227 | ||
222 | int kex_c25519_hash(int, const char *, const char *, const char *, size_t, | 228 | int kex_c25519_hash(int, const char *, const char *, |
223 | const char *, size_t, const u_char *, size_t, const u_char *, const u_char *, | 229 | const u_char *, size_t, const u_char *, size_t, |
230 | const u_char *, size_t, const u_char *, const u_char *, | ||
224 | const u_char *, size_t, u_char *, size_t *); | 231 | const u_char *, size_t, u_char *, size_t *); |
225 | 232 | ||
226 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | 233 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
diff --git a/kexc25519.c b/kexc25519.c index 8d8cd4a2b..0897b8c51 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.9 2015/03/26 07:00:04 djm Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -86,8 +86,8 @@ kex_c25519_hash( | |||
86 | int hash_alg, | 86 | int hash_alg, |
87 | const char *client_version_string, | 87 | const char *client_version_string, |
88 | const char *server_version_string, | 88 | const char *server_version_string, |
89 | const char *ckexinit, size_t ckexinitlen, | 89 | const u_char *ckexinit, size_t ckexinitlen, |
90 | const char *skexinit, size_t skexinitlen, | 90 | const u_char *skexinit, size_t skexinitlen, |
91 | const u_char *serverhostkeyblob, size_t sbloblen, | 91 | const u_char *serverhostkeyblob, size_t sbloblen, |
92 | const u_char client_dh_pub[CURVE25519_SIZE], | 92 | const u_char client_dh_pub[CURVE25519_SIZE], |
93 | const u_char server_dh_pub[CURVE25519_SIZE], | 93 | const u_char server_dh_pub[CURVE25519_SIZE], |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdh.c,v 1.25 2015/01/19 20:16:15 markus Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -43,6 +43,7 @@ | |||
43 | 43 | ||
44 | int | 44 | int |
45 | kex_dh_hash( | 45 | kex_dh_hash( |
46 | int hash_alg, | ||
46 | const char *client_version_string, | 47 | const char *client_version_string, |
47 | const char *server_version_string, | 48 | const char *server_version_string, |
48 | const u_char *ckexinit, size_t ckexinitlen, | 49 | const u_char *ckexinit, size_t ckexinitlen, |
@@ -56,7 +57,7 @@ kex_dh_hash( | |||
56 | struct sshbuf *b; | 57 | struct sshbuf *b; |
57 | int r; | 58 | int r; |
58 | 59 | ||
59 | if (*hashlen < ssh_digest_bytes(SSH_DIGEST_SHA1)) | 60 | if (*hashlen < ssh_digest_bytes(hash_alg)) |
60 | return SSH_ERR_INVALID_ARGUMENT; | 61 | return SSH_ERR_INVALID_ARGUMENT; |
61 | if ((b = sshbuf_new()) == NULL) | 62 | if ((b = sshbuf_new()) == NULL) |
62 | return SSH_ERR_ALLOC_FAIL; | 63 | return SSH_ERR_ALLOC_FAIL; |
@@ -79,12 +80,12 @@ kex_dh_hash( | |||
79 | #ifdef DEBUG_KEX | 80 | #ifdef DEBUG_KEX |
80 | sshbuf_dump(b, stderr); | 81 | sshbuf_dump(b, stderr); |
81 | #endif | 82 | #endif |
82 | if (ssh_digest_buffer(SSH_DIGEST_SHA1, b, hash, *hashlen) != 0) { | 83 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { |
83 | sshbuf_free(b); | 84 | sshbuf_free(b); |
84 | return SSH_ERR_LIBCRYPTO_ERROR; | 85 | return SSH_ERR_LIBCRYPTO_ERROR; |
85 | } | 86 | } |
86 | sshbuf_free(b); | 87 | sshbuf_free(b); |
87 | *hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1); | 88 | *hashlen = ssh_digest_bytes(hash_alg); |
88 | #ifdef DEBUG_KEX | 89 | #ifdef DEBUG_KEX |
89 | dump_digest("hash", hash, *hashlen); | 90 | dump_digest("hash", hash, *hashlen); |
90 | #endif | 91 | #endif |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdhc.c,v 1.18 2015/01/26 06:10:03 djm Exp $ */ | 1 | /* $OpenBSD: kexdhc.c,v 1.19 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -63,8 +63,15 @@ kexdh_client(struct ssh *ssh) | |||
63 | kex->dh = dh_new_group1(); | 63 | kex->dh = dh_new_group1(); |
64 | break; | 64 | break; |
65 | case KEX_DH_GRP14_SHA1: | 65 | case KEX_DH_GRP14_SHA1: |
66 | case KEX_DH_GRP14_SHA256: | ||
66 | kex->dh = dh_new_group14(); | 67 | kex->dh = dh_new_group14(); |
67 | break; | 68 | break; |
69 | case KEX_DH_GRP16_SHA512: | ||
70 | kex->dh = dh_new_group16(); | ||
71 | break; | ||
72 | case KEX_DH_GRP18_SHA512: | ||
73 | kex->dh = dh_new_group18(); | ||
74 | break; | ||
68 | default: | 75 | default: |
69 | r = SSH_ERR_INVALID_ARGUMENT; | 76 | r = SSH_ERR_INVALID_ARGUMENT; |
70 | goto out; | 77 | goto out; |
@@ -164,6 +171,7 @@ input_kex_dh(int type, u_int32_t seq, void *ctxt) | |||
164 | /* calc and verify H */ | 171 | /* calc and verify H */ |
165 | hashlen = sizeof(hash); | 172 | hashlen = sizeof(hash); |
166 | if ((r = kex_dh_hash( | 173 | if ((r = kex_dh_hash( |
174 | kex->hash_alg, | ||
167 | kex->client_version_string, | 175 | kex->client_version_string, |
168 | kex->server_version_string, | 176 | kex->server_version_string, |
169 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 177 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexdhs.c,v 1.23 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: kexdhs.c,v 1.24 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -63,8 +63,15 @@ kexdh_server(struct ssh *ssh) | |||
63 | kex->dh = dh_new_group1(); | 63 | kex->dh = dh_new_group1(); |
64 | break; | 64 | break; |
65 | case KEX_DH_GRP14_SHA1: | 65 | case KEX_DH_GRP14_SHA1: |
66 | case KEX_DH_GRP14_SHA256: | ||
66 | kex->dh = dh_new_group14(); | 67 | kex->dh = dh_new_group14(); |
67 | break; | 68 | break; |
69 | case KEX_DH_GRP16_SHA512: | ||
70 | kex->dh = dh_new_group16(); | ||
71 | break; | ||
72 | case KEX_DH_GRP18_SHA512: | ||
73 | kex->dh = dh_new_group18(); | ||
74 | break; | ||
68 | default: | 75 | default: |
69 | r = SSH_ERR_INVALID_ARGUMENT; | 76 | r = SSH_ERR_INVALID_ARGUMENT; |
70 | goto out; | 77 | goto out; |
@@ -158,6 +165,7 @@ input_kex_dh_init(int type, u_int32_t seq, void *ctxt) | |||
158 | /* calc H */ | 165 | /* calc H */ |
159 | hashlen = sizeof(hash); | 166 | hashlen = sizeof(hash); |
160 | if ((r = kex_dh_hash( | 167 | if ((r = kex_dh_hash( |
168 | kex->hash_alg, | ||
161 | kex->client_version_string, | 169 | kex->client_version_string, |
162 | kex->server_version_string, | 170 | kex->server_version_string, |
163 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 171 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexgexs.c,v 1.26 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: kexgexs.c,v 1.29 2016/06/08 02:13:01 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
@@ -89,7 +89,7 @@ input_kex_dh_gex_request(int type, u_int32_t seq, void *ctxt) | |||
89 | nbits = MIN(DH_GRP_MAX, nbits); | 89 | nbits = MIN(DH_GRP_MAX, nbits); |
90 | 90 | ||
91 | if (kex->max < kex->min || kex->nbits < kex->min || | 91 | if (kex->max < kex->min || kex->nbits < kex->min || |
92 | kex->max < kex->nbits) { | 92 | kex->max < kex->nbits || kex->max < DH_GRP_MIN) { |
93 | r = SSH_ERR_DH_GEX_OUT_OF_RANGE; | 93 | r = SSH_ERR_DH_GEX_OUT_OF_RANGE; |
94 | goto out; | 94 | goto out; |
95 | } | 95 | } |
@@ -269,7 +269,9 @@ kexgss_client(struct ssh *ssh) { | |||
269 | switch (ssh->kex->kex_type) { | 269 | switch (ssh->kex->kex_type) { |
270 | case KEX_GSS_GRP1_SHA1: | 270 | case KEX_GSS_GRP1_SHA1: |
271 | case KEX_GSS_GRP14_SHA1: | 271 | case KEX_GSS_GRP14_SHA1: |
272 | kex_dh_hash( ssh->kex->client_version_string, | 272 | kex_dh_hash( |
273 | ssh->kex->hash_alg, | ||
274 | ssh->kex->client_version_string, | ||
273 | ssh->kex->server_version_string, | 275 | ssh->kex->server_version_string, |
274 | buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), | 276 | buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), |
275 | buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), | 277 | buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), |
@@ -218,6 +218,7 @@ kexgss_server(struct ssh *ssh) | |||
218 | case KEX_GSS_GRP1_SHA1: | 218 | case KEX_GSS_GRP1_SHA1: |
219 | case KEX_GSS_GRP14_SHA1: | 219 | case KEX_GSS_GRP14_SHA1: |
220 | kex_dh_hash( | 220 | kex_dh_hash( |
221 | ssh->kex->hash_alg, | ||
221 | ssh->kex->client_version_string, ssh->kex->server_version_string, | 222 | ssh->kex->client_version_string, ssh->kex->server_version_string, |
222 | buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), | 223 | buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), |
223 | buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), | 224 | buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.c,v 1.129 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * placed in the public domain | 3 | * placed in the public domain |
4 | */ | 4 | */ |
@@ -214,7 +214,7 @@ key_certify(Key *k, Key *ca) | |||
214 | { | 214 | { |
215 | int r; | 215 | int r; |
216 | 216 | ||
217 | if ((r = sshkey_certify(k, ca)) != 0) { | 217 | if ((r = sshkey_certify(k, ca, NULL)) != 0) { |
218 | fatal_on_fatal_errors(r, __func__, 0); | 218 | fatal_on_fatal_errors(r, __func__, 0); |
219 | error("%s: %s", __func__, ssh_err(r)); | 219 | error("%s: %s", __func__, ssh_err(r)); |
220 | return -1; | 220 | return -1; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: log.c,v 1.46 2015/07/08 19:04:21 markus Exp $ */ | 1 | /* $OpenBSD: log.c,v 1.48 2016/07/15 05:01:58 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -177,6 +177,16 @@ sigdie(const char *fmt,...) | |||
177 | _exit(1); | 177 | _exit(1); |
178 | } | 178 | } |
179 | 179 | ||
180 | void | ||
181 | logdie(const char *fmt,...) | ||
182 | { | ||
183 | va_list args; | ||
184 | |||
185 | va_start(args, fmt); | ||
186 | do_log(SYSLOG_LEVEL_INFO, fmt, args); | ||
187 | va_end(args); | ||
188 | cleanup_exit(255); | ||
189 | } | ||
180 | 190 | ||
181 | /* Log this message (information that usually should go to the log). */ | 191 | /* Log this message (information that usually should go to the log). */ |
182 | 192 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */ | 1 | /* $OpenBSD: log.h,v 1.21 2016/07/15 05:01:58 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -63,6 +63,8 @@ void fatal(const char *, ...) __attribute__((noreturn)) | |||
63 | void error(const char *, ...) __attribute__((format(printf, 1, 2))); | 63 | void error(const char *, ...) __attribute__((format(printf, 1, 2))); |
64 | void sigdie(const char *, ...) __attribute__((noreturn)) | 64 | void sigdie(const char *, ...) __attribute__((noreturn)) |
65 | __attribute__((format(printf, 1, 2))); | 65 | __attribute__((format(printf, 1, 2))); |
66 | void logdie(const char *, ...) __attribute__((noreturn)) | ||
67 | __attribute__((format(printf, 1, 2))); | ||
66 | void logit(const char *, ...) __attribute__((format(printf, 1, 2))); | 68 | void logit(const char *, ...) __attribute__((format(printf, 1, 2))); |
67 | void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); | 69 | void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); |
68 | void debug(const char *, ...) __attribute__((format(printf, 1, 2))); | 70 | void debug(const char *, ...) __attribute__((format(printf, 1, 2))); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.c,v 1.32 2015/01/15 18:32:54 naddy Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.33 2016/07/08 03:44:42 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -167,7 +167,8 @@ mac_init(struct sshmac *mac) | |||
167 | } | 167 | } |
168 | 168 | ||
169 | int | 169 | int |
170 | mac_compute(struct sshmac *mac, u_int32_t seqno, const u_char *data, int datalen, | 170 | mac_compute(struct sshmac *mac, u_int32_t seqno, |
171 | const u_char *data, int datalen, | ||
171 | u_char *digest, size_t dlen) | 172 | u_char *digest, size_t dlen) |
172 | { | 173 | { |
173 | static union { | 174 | static union { |
@@ -211,6 +212,24 @@ mac_compute(struct sshmac *mac, u_int32_t seqno, const u_char *data, int datalen | |||
211 | return 0; | 212 | return 0; |
212 | } | 213 | } |
213 | 214 | ||
215 | int | ||
216 | mac_check(struct sshmac *mac, u_int32_t seqno, | ||
217 | const u_char *data, size_t dlen, | ||
218 | const u_char *theirmac, size_t mlen) | ||
219 | { | ||
220 | u_char ourmac[SSH_DIGEST_MAX_LENGTH]; | ||
221 | int r; | ||
222 | |||
223 | if (mac->mac_len > mlen) | ||
224 | return SSH_ERR_INVALID_ARGUMENT; | ||
225 | if ((r = mac_compute(mac, seqno, data, dlen, | ||
226 | ourmac, sizeof(ourmac))) != 0) | ||
227 | return r; | ||
228 | if (timingsafe_bcmp(ourmac, theirmac, mac->mac_len) != 0) | ||
229 | return SSH_ERR_MAC_INVALID; | ||
230 | return 0; | ||
231 | } | ||
232 | |||
214 | void | 233 | void |
215 | mac_clear(struct sshmac *mac) | 234 | mac_clear(struct sshmac *mac) |
216 | { | 235 | { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.h,v 1.9 2015/01/13 19:31:40 markus Exp $ */ | 1 | /* $OpenBSD: mac.h,v 1.10 2016/07/08 03:44:42 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -46,6 +46,8 @@ int mac_setup(struct sshmac *, char *); | |||
46 | int mac_init(struct sshmac *); | 46 | int mac_init(struct sshmac *); |
47 | int mac_compute(struct sshmac *, u_int32_t, const u_char *, int, | 47 | int mac_compute(struct sshmac *, u_int32_t, const u_char *, int, |
48 | u_char *, size_t); | 48 | u_char *, size_t); |
49 | int mac_check(struct sshmac *, u_int32_t, const u_char *, size_t, | ||
50 | const u_char *, size_t); | ||
49 | void mac_clear(struct sshmac *); | 51 | void mac_clear(struct sshmac *); |
50 | 52 | ||
51 | #endif /* SSHMAC_H */ | 53 | #endif /* SSHMAC_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.c,v 1.101 2016/01/20 09:22:39 dtucker Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.105 2016/07/15 00:24:30 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
@@ -86,9 +86,9 @@ set_nonblock(int fd) | |||
86 | { | 86 | { |
87 | int val; | 87 | int val; |
88 | 88 | ||
89 | val = fcntl(fd, F_GETFL, 0); | 89 | val = fcntl(fd, F_GETFL); |
90 | if (val < 0) { | 90 | if (val < 0) { |
91 | error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); | 91 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); |
92 | return (-1); | 92 | return (-1); |
93 | } | 93 | } |
94 | if (val & O_NONBLOCK) { | 94 | if (val & O_NONBLOCK) { |
@@ -110,9 +110,9 @@ unset_nonblock(int fd) | |||
110 | { | 110 | { |
111 | int val; | 111 | int val; |
112 | 112 | ||
113 | val = fcntl(fd, F_GETFL, 0); | 113 | val = fcntl(fd, F_GETFL); |
114 | if (val < 0) { | 114 | if (val < 0) { |
115 | error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); | 115 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); |
116 | return (-1); | 116 | return (-1); |
117 | } | 117 | } |
118 | if (!(val & O_NONBLOCK)) { | 118 | if (!(val & O_NONBLOCK)) { |
@@ -453,6 +453,67 @@ colon(char *cp) | |||
453 | return NULL; | 453 | return NULL; |
454 | } | 454 | } |
455 | 455 | ||
456 | /* | ||
457 | * Parse a [user@]host[:port] string. | ||
458 | * Caller must free returned user and host. | ||
459 | * Any of the pointer return arguments may be NULL (useful for syntax checking). | ||
460 | * If user was not specified then *userp will be set to NULL. | ||
461 | * If port was not specified then *portp will be -1. | ||
462 | * Returns 0 on success, -1 on failure. | ||
463 | */ | ||
464 | int | ||
465 | parse_user_host_port(const char *s, char **userp, char **hostp, int *portp) | ||
466 | { | ||
467 | char *sdup, *cp, *tmp; | ||
468 | char *user = NULL, *host = NULL; | ||
469 | int port = -1, ret = -1; | ||
470 | |||
471 | if (userp != NULL) | ||
472 | *userp = NULL; | ||
473 | if (hostp != NULL) | ||
474 | *hostp = NULL; | ||
475 | if (portp != NULL) | ||
476 | *portp = -1; | ||
477 | |||
478 | if ((sdup = tmp = strdup(s)) == NULL) | ||
479 | return -1; | ||
480 | /* Extract optional username */ | ||
481 | if ((cp = strchr(tmp, '@')) != NULL) { | ||
482 | *cp = '\0'; | ||
483 | if (*tmp == '\0') | ||
484 | goto out; | ||
485 | if ((user = strdup(tmp)) == NULL) | ||
486 | goto out; | ||
487 | tmp = cp + 1; | ||
488 | } | ||
489 | /* Extract mandatory hostname */ | ||
490 | if ((cp = hpdelim(&tmp)) == NULL || *cp == '\0') | ||
491 | goto out; | ||
492 | host = xstrdup(cleanhostname(cp)); | ||
493 | /* Convert and verify optional port */ | ||
494 | if (tmp != NULL && *tmp != '\0') { | ||
495 | if ((port = a2port(tmp)) <= 0) | ||
496 | goto out; | ||
497 | } | ||
498 | /* Success */ | ||
499 | if (userp != NULL) { | ||
500 | *userp = user; | ||
501 | user = NULL; | ||
502 | } | ||
503 | if (hostp != NULL) { | ||
504 | *hostp = host; | ||
505 | host = NULL; | ||
506 | } | ||
507 | if (portp != NULL) | ||
508 | *portp = port; | ||
509 | ret = 0; | ||
510 | out: | ||
511 | free(sdup); | ||
512 | free(user); | ||
513 | free(host); | ||
514 | return ret; | ||
515 | } | ||
516 | |||
456 | /* function to assist building execv() arguments */ | 517 | /* function to assist building execv() arguments */ |
457 | void | 518 | void |
458 | addargs(arglist *args, char *fmt, ...) | 519 | addargs(arglist *args, char *fmt, ...) |
@@ -796,16 +857,16 @@ sanitise_stdfd(void) | |||
796 | strerror(errno)); | 857 | strerror(errno)); |
797 | exit(1); | 858 | exit(1); |
798 | } | 859 | } |
799 | while (++dupfd <= 2) { | 860 | while (++dupfd <= STDERR_FILENO) { |
800 | /* Only clobber closed fds */ | 861 | /* Only populate closed fds. */ |
801 | if (fcntl(dupfd, F_GETFL, 0) >= 0) | 862 | if (fcntl(dupfd, F_GETFL) == -1 && errno == EBADF) { |
802 | continue; | 863 | if (dup2(nullfd, dupfd) == -1) { |
803 | if (dup2(nullfd, dupfd) == -1) { | 864 | fprintf(stderr, "dup2: %s\n", strerror(errno)); |
804 | fprintf(stderr, "dup2: %s\n", strerror(errno)); | 865 | exit(1); |
805 | exit(1); | 866 | } |
806 | } | 867 | } |
807 | } | 868 | } |
808 | if (nullfd > 2) | 869 | if (nullfd > STDERR_FILENO) |
809 | close(nullfd); | 870 | close(nullfd); |
810 | } | 871 | } |
811 | 872 | ||
@@ -976,6 +1037,31 @@ monotime(void) | |||
976 | return time(NULL); | 1037 | return time(NULL); |
977 | } | 1038 | } |
978 | 1039 | ||
1040 | double | ||
1041 | monotime_double(void) | ||
1042 | { | ||
1043 | #if defined(HAVE_CLOCK_GETTIME) && \ | ||
1044 | (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME)) | ||
1045 | struct timespec ts; | ||
1046 | static int gettime_failed = 0; | ||
1047 | |||
1048 | if (!gettime_failed) { | ||
1049 | #if defined(CLOCK_BOOTTIME) | ||
1050 | if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) | ||
1051 | return (ts.tv_sec + (double)ts.tv_nsec / 1000000000); | ||
1052 | #endif | ||
1053 | #if defined(CLOCK_MONOTONIC) | ||
1054 | if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) | ||
1055 | return (ts.tv_sec + (double)ts.tv_nsec / 1000000000); | ||
1056 | #endif | ||
1057 | debug3("clock_gettime: %s", strerror(errno)); | ||
1058 | gettime_failed = 1; | ||
1059 | } | ||
1060 | #endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */ | ||
1061 | |||
1062 | return (double)time(NULL); | ||
1063 | } | ||
1064 | |||
979 | void | 1065 | void |
980 | bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) | 1066 | bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) |
981 | { | 1067 | { |
@@ -1186,3 +1272,41 @@ sock_set_v6only(int s) | |||
1186 | error("setsockopt IPV6_V6ONLY: %s", strerror(errno)); | 1272 | error("setsockopt IPV6_V6ONLY: %s", strerror(errno)); |
1187 | #endif | 1273 | #endif |
1188 | } | 1274 | } |
1275 | |||
1276 | /* | ||
1277 | * Compares two strings that maybe be NULL. Returns non-zero if strings | ||
1278 | * are both NULL or are identical, returns zero otherwise. | ||
1279 | */ | ||
1280 | static int | ||
1281 | strcmp_maybe_null(const char *a, const char *b) | ||
1282 | { | ||
1283 | if ((a == NULL && b != NULL) || (a != NULL && b == NULL)) | ||
1284 | return 0; | ||
1285 | if (a != NULL && strcmp(a, b) != 0) | ||
1286 | return 0; | ||
1287 | return 1; | ||
1288 | } | ||
1289 | |||
1290 | /* | ||
1291 | * Compare two forwards, returning non-zero if they are identical or | ||
1292 | * zero otherwise. | ||
1293 | */ | ||
1294 | int | ||
1295 | forward_equals(const struct Forward *a, const struct Forward *b) | ||
1296 | { | ||
1297 | if (strcmp_maybe_null(a->listen_host, b->listen_host) == 0) | ||
1298 | return 0; | ||
1299 | if (a->listen_port != b->listen_port) | ||
1300 | return 0; | ||
1301 | if (strcmp_maybe_null(a->listen_path, b->listen_path) == 0) | ||
1302 | return 0; | ||
1303 | if (strcmp_maybe_null(a->connect_host, b->connect_host) == 0) | ||
1304 | return 0; | ||
1305 | if (a->connect_port != b->connect_port) | ||
1306 | return 0; | ||
1307 | if (strcmp_maybe_null(a->connect_path, b->connect_path) == 0) | ||
1308 | return 0; | ||
1309 | /* allocated_port and handle are not checked */ | ||
1310 | return 1; | ||
1311 | } | ||
1312 | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.54 2014/07/15 15:54:14 millert Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.57 2016/07/15 00:24:30 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -27,6 +27,8 @@ struct Forward { | |||
27 | int handle; /* Handle for dynamic listen ports */ | 27 | int handle; /* Handle for dynamic listen ports */ |
28 | }; | 28 | }; |
29 | 29 | ||
30 | int forward_equals(const struct Forward *, const struct Forward *); | ||
31 | |||
30 | /* Common server and client forwarding options. */ | 32 | /* Common server and client forwarding options. */ |
31 | struct ForwardOptions { | 33 | struct ForwardOptions { |
32 | int gateway_ports; /* Allow remote connects to forwarded ports. */ | 34 | int gateway_ports; /* Allow remote connects to forwarded ports. */ |
@@ -47,6 +49,7 @@ char *put_host_port(const char *, u_short); | |||
47 | char *hpdelim(char **); | 49 | char *hpdelim(char **); |
48 | char *cleanhostname(char *); | 50 | char *cleanhostname(char *); |
49 | char *colon(char *); | 51 | char *colon(char *); |
52 | int parse_user_host_port(const char *, char **, char **, int *); | ||
50 | long convtime(const char *); | 53 | long convtime(const char *); |
51 | char *tilde_expand_filename(const char *, uid_t); | 54 | char *tilde_expand_filename(const char *, uid_t); |
52 | char *percent_expand(const char *, ...) __attribute__((__sentinel__)); | 55 | char *percent_expand(const char *, ...) __attribute__((__sentinel__)); |
@@ -55,6 +58,7 @@ void sanitise_stdfd(void); | |||
55 | void ms_subtract_diff(struct timeval *, int *); | 58 | void ms_subtract_diff(struct timeval *, int *); |
56 | void ms_to_timeval(struct timeval *, int); | 59 | void ms_to_timeval(struct timeval *, int); |
57 | time_t monotime(void); | 60 | time_t monotime(void); |
61 | double monotime_double(void); | ||
58 | void lowercase(char *s); | 62 | void lowercase(char *s); |
59 | int unix_listener(const char *, int, int); | 63 | int unix_listener(const char *, int, int); |
60 | 64 | ||
@@ -1,268 +1,208 @@ | |||
1 | # $OpenBSD: moduli,v 1.14 2015/07/22 02:34:59 dtucker Exp $ | 1 | # $OpenBSD: moduli,v 1.17 2016/03/01 04:23:08 dtucker Exp $ |
2 | # Time Type Tests Tries Size Generator Modulus | 2 | # Time Type Tests Tries Size Generator Modulus |
3 | 20150522025931 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD18DA1F | 3 | 20150520235007 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9A9C5F7 |
4 | 20150522025936 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD3763B3 | 4 | 20150520235015 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9CBB21F |
5 | 20150522025942 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD702B8B | 5 | 20150520235039 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA2E9623 |
6 | 20150522025943 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD77C283 | 6 | 20150520235043 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA33E3DF |
7 | 20150522025947 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD96C25B | 7 | 20150520235057 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA68038B |
8 | 20150522025953 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADD9B3DB | 8 | 20150520235114 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAAB0717 |
9 | 20150522025956 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADE84F07 | 9 | 20150520235122 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC2A7FB |
10 | 20150522025957 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADEC1DB3 | 10 | 20150520235125 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC82DD3 |
11 | 20150522030001 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE0E297F | 11 | 20150520235154 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB40583F |
12 | 20150522030004 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2A1E23 | 12 | 20150520235214 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB94F247 |
13 | 20150522030005 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2ADE53 | 13 | 20150520235218 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB9DF49F |
14 | 20150522030008 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE47B9F7 | 14 | 20150520235239 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EBF7BE27 |
15 | 20150522030009 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE4E1343 | 15 | 20150520235244 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC0B4F4F |
16 | 20150522030014 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE715CBB | 16 | 20150520235250 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC21070F |
17 | 20150522030016 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE7BC9EF | 17 | 20150520235256 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC36541F |
18 | 20150522030018 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE84579B | 18 | 20150520235307 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC5FE22B |
19 | 20150522030019 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE8A564B | 19 | 20150520235322 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECA1FB57 |
20 | 20150522030023 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEAF7AD7 | 20 | 20150520235331 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECC3C823 |
21 | 20150522030025 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEB9DC53 | 21 | 20150520235349 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED035187 |
22 | 20150522030027 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAECD976F | 22 | 20150520235400 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED2F07DB |
23 | 20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF07F063 | 23 | 20150520235407 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED4620CF |
24 | 20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF08ACBB | 24 | 20150520235422 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86D39F |
25 | 20150522030037 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF192C07 | 25 | 20150520235424 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86E683 |
26 | 20150522030039 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF241333 | 26 | 20150520235427 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED8C3073 |
27 | 20150522030040 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF255B3B | 27 | 20150520235443 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDCB1F63 |
28 | 20150522030044 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF3DEC37 | 28 | 20150520235450 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE00B77 |
29 | 20150522030048 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF60F05B | 29 | 20150520235452 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE42247 |
30 | 20150522030049 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF6255DF | 30 | 20150520235458 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDF8F493 |
31 | 20150522030055 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF8EE01F | 31 | 20150520235503 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE04D69F |
32 | 20150522030059 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFAD237B | 32 | 20150520235508 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE14B92B |
33 | 20150522030104 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD13587 | 33 | 20150520235510 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE167933 |
34 | 20150522030105 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD2BE6F | 34 | 20150520235517 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE2DC63B |
35 | 20150522030108 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFECF32F | 35 | 20150520235527 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE52259F |
36 | 20150522030112 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFFDEED7 | 36 | 20150520235539 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE829247 |
37 | 20150522030115 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01CAA63 | 37 | 20150520235557 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EED044BF |
38 | 20150522030116 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01F3647 | 38 | 20150520235608 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EEFD34CF |
39 | 20150522030119 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB034B30F | 39 | 20150520235614 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF0F709F |
40 | 20150522030122 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB04822EF | 40 | 20150520235616 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF12110B |
41 | 20150522030124 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0528867 | 41 | 20150520235622 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF25FE1F |
42 | 20150522030131 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB08D3CAB | 42 | 20150520235637 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF6BF4D3 |
43 | 20150522030136 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0B10C6F | 43 | 20150520235654 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFAF28BF |
44 | 20150522030138 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0C688A7 | 44 | 20150520235701 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFBFB8BB |
45 | 20150522030140 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CCDF9B | 45 | 20150520235704 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFC7A62F |
46 | 20150522030141 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CFD81B | 46 | 20150520235710 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFD79323 |
47 | 20150522030145 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0F59763 | 47 | 20150520235725 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0158F1F |
48 | 20150522030148 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10339FB | 48 | 20150520235728 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F01A9E6B |
49 | 20150522030149 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10E3ACB | 49 | 20150520235743 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F055798B |
50 | 20150522030150 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB11127F3 | 50 | 20150520235752 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0730BC3 |
51 | 20150522030159 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB15B8BDB | 51 | 20150520235757 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F08283FF |
52 | 20150522030634 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8ADB54257 | 52 | 20150520235825 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0F451E3 |
53 | 20150522030715 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AE6EF847 | 53 | 20150520235830 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0FDEFB7 |
54 | 20150522030737 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AEC5D76B | 54 | 20150520235901 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F1828ECF |
55 | 20150522030739 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECB604F | 55 | 20150521000008 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F185D7BF |
56 | 20150522030742 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECF538B | 56 | 20150521000011 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F18C58FB |
57 | 20150522030756 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF04851B | 57 | 20150521000014 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F191F757 |
58 | 20150522030828 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF867683 | 58 | 20150521000841 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CC7F06BB |
59 | 20150522030905 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B01F7E27 | 59 | 20150521001025 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD1057AB |
60 | 20150522030909 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B02AFB8F | 60 | 20150521001131 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD717D6F |
61 | 20150522030918 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B048739F | 61 | 20150521001248 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CDDA85F7 |
62 | 20150522030930 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B07661CB | 62 | 20150521001453 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE8959BF |
63 | 20150522030938 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B091EC43 | 63 | 20150521001510 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE98227B |
64 | 20150522030955 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B0D50D0F | 64 | 20150521001623 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CEF967BF |
65 | 20150522031007 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1023673 | 65 | 20150521001651 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF18156B |
66 | 20150522031015 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B119500F | 66 | 20150521001758 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF717197 |
67 | 20150522031036 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B177EE9F | 67 | 20150521001924 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CFE1507B |
68 | 20150522031056 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1D0030B | 68 | 20150521002244 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D0F75427 |
69 | 20150522031103 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1ECC193 | 69 | 20150521002509 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D1BD2823 |
70 | 20150522031125 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B24C9CF7 | 70 | 20150521002808 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2B4950F |
71 | 20150522031136 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2774773 | 71 | 20150521002846 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2E6D6D7 |
72 | 20150522031208 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2FC9617 | 72 | 20150521003203 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D3F5D0D3 |
73 | 20150522031220 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B32FE6CF | 73 | 20150521003322 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D45851E3 |
74 | 20150522031228 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B345AC93 | 74 | 20150521003430 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D4AEE517 |
75 | 20150522031248 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B392E18F | 75 | 20150521003629 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5538E0B |
76 | 20150522031256 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3B32FCF | 76 | 20150521003714 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D58BAFCF |
77 | 20150522031300 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3BF5B2B | 77 | 20150521003722 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5916FC7 |
78 | 20150522031311 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3E840CB | 78 | 20150521003739 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5A378F7 |
79 | 20150522031316 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3F5F9D7 | 79 | 20150521004506 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D82B5113 |
80 | 20150522031334 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B439F28B | 80 | 20150521004613 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D880CB43 |
81 | 20150522031337 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B44025D3 | 81 | 20150521004753 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D909305B |
82 | 20150522031339 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B442AC0B | 82 | 20150521004802 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D90DBDC3 |
83 | 20150522031353 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4788613 | 83 | 20150521005025 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9CBF44F |
84 | 20150522031356 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B47F8FDB | 84 | 20150521005051 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9E89DA7 |
85 | 20150522031401 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B48EAEFB | 85 | 20150521005252 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DA8BA403 |
86 | 20150522031407 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4A1CE0B | 86 | 20150521005347 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DAD07F73 |
87 | 20150522031420 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4D73D93 | 87 | 20150521005825 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC5CE5A3 |
88 | 20150522031425 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4E9937F | 88 | 20150521005858 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC84A597 |
89 | 20150522031428 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4EFD4BF | 89 | 20150521010014 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DCE62957 |
90 | 20150522031436 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B507149B | 90 | 20150521010219 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DD9517D7 |
91 | 20150522031452 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B54A3243 | 91 | 20150521011229 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F951FEB83 |
92 | 20150522032348 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98368C951B | 92 | 20150521011834 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F960399B7 |
93 | 20150522033023 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9838C4B4F7 | 93 | 20150521012438 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F96EE7973 |
94 | 20150522033224 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839729F67 | 94 | 20150521014010 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F99453213 |
95 | 20150522033330 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839CF938B | 95 | 20150521015607 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B549727 |
96 | 20150522033506 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A5AA27B | 96 | 20150521015640 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B600A7B |
97 | 20150522033539 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A849987 | 97 | 20150521020946 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9D5299DF |
98 | 20150522033610 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983AAC8A5F | 98 | 20150521021536 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9E2793D3 |
99 | 20150522033839 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983B7F9067 | 99 | 20150521022706 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9FE131CB |
100 | 20150522033952 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BE385D7 | 100 | 20150521023922 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA1BAC073 |
101 | 20150522034001 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BEA4367 | 101 | 20150521025234 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3BC9483 |
102 | 20150522034055 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C305BC3 | 102 | 20150521025424 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3FB3513 |
103 | 20150522034123 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C516EB3 | 103 | 20150521032445 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA87E0FAB |
104 | 20150522034146 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C6D1017 | 104 | 20150521032932 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA929F00F |
105 | 20150522034241 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983CB6A553 | 105 | 20150521032947 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA92B272B |
106 | 20150522034528 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DA8F54F | 106 | 20150521033245 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA9953D0B |
107 | 20150522034544 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DB92AEB | 107 | 20150521034828 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FABDD4AEF |
108 | 20150522034719 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E32A87B | 108 | 20150521035044 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC298C7F |
109 | 20150522034748 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E589F5B | 109 | 20150521035111 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC31F17B |
110 | 20150522035227 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983FE4EA2B | 110 | 20150521035749 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD250357 |
111 | 20150522035328 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840340683 | 111 | 20150521040009 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD788A73 |
112 | 20150522035522 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840D77183 | 112 | 20150521040220 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADC5F173 |
113 | 20150522035721 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98417632BF | 113 | 20150521040316 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADDFFC03 |
114 | 20150522035808 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841B795AB | 114 | 20150521041042 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAEEBDEB3 |
115 | 20150522035847 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841E9F357 | 115 | 20150521041443 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAF7AD7BB |
116 | 20150522040046 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842863803 | 116 | 20150521041831 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB007D653 |
117 | 20150522040057 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98428F98CF | 117 | 20150521041928 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB025C91B |
118 | 20150522040128 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842B68EA3 | 118 | 20150521042301 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB0A4C143 |
119 | 20150522040136 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842BA209B | 119 | 20150521042631 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB12009F7 |
120 | 20150522040232 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984303E883 | 120 | 20150521042740 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB145360F |
121 | 20150522040546 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844117EF3 | 121 | 20150521043358 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB22FAE93 |
122 | 20150522040607 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844276407 | 122 | 20150521044013 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB31527AF |
123 | 20150522040733 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984499981B | 123 | 20150521044543 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB3DDFBB7 |
124 | 20150522040850 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984502ECCF | 124 | 20150521004745 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F52665F2B |
125 | 20150522041059 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845BB3AD7 | 125 | 20150521003352 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F57C7B577 |
126 | 20150522041141 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845F34747 | 126 | 20150521005557 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F591BBC57 |
127 | 20150522041538 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98473F522B | 127 | 20150521014228 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5BDF5CE7 |
128 | 20150522041645 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98479B35EB | 128 | 20150521015455 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5C9CFD1F |
129 | 20150522043157 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379177A90103 | 129 | 20150521001701 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5CF6FF9B |
130 | 20150522044043 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379178F7604B | 130 | 20150521002558 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5D7C4FE3 |
131 | 20150522044434 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917986809B | 131 | 20150521003319 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5DE41DFB |
132 | 20150522044641 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379179D34D9F | 132 | 20150521003721 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5E1B5FAF |
133 | 20150522045152 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917A93F48B | 133 | 20150521010943 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F600B866F |
134 | 20150522045648 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917B4FEA03 | 134 | 20150521014141 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F61F01EC3 |
135 | 20150522051224 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917DA8111B | 135 | 20150521010312 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F65EAB753 |
136 | 20150522051844 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917E9226DB | 136 | 20150521002914 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F69FD9357 |
137 | 20150522052054 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917EDC16FB | 137 | 20150521011058 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6C6B8513 |
138 | 20150522052204 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F0058A7 | 138 | 20150521013628 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6DE7D9EF |
139 | 20150522052248 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F16842F | 139 | 20150521015040 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6EB0C897 |
140 | 20150522052650 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FA2234F | 140 | 20150521001307 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6F15473B |
141 | 20150522052821 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FD2EA1B | 141 | 20150521012712 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7377044B |
142 | 20150522054416 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791823EE827 | 142 | 20150521005218 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7767DEA3 |
143 | 20150522054652 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182978693 | 143 | 20150521003512 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7C5546F7 |
144 | 20150522054912 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182E6E57B | 144 | 20150521005420 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7D68EDC3 |
145 | 20150522054941 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182F0448B | 145 | 20150521011347 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7E859CF3 |
146 | 20150522055008 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182FA0E27 | 146 | 20150521002429 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F819A93E7 |
147 | 20150522060835 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379185801F93 | 147 | 20150521004826 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F88D91A57 |
148 | 20150522062202 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379187943813 | 148 | 20150521010541 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F89D29B9F |
149 | 20150522062512 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791880945B7 | 149 | 20150521012418 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8ADC38F7 |
150 | 20150522063933 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A32FF83 | 150 | 20150521015506 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8C91980B |
151 | 20150522064222 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A910AB3 | 151 | 20150521004000 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8E369B97 |
152 | 20150522064452 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918AE83E73 | 152 | 20150521005659 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F2B1BEB |
153 | 20150522065035 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918BBA1623 | 153 | 20150521010328 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F7DD1D3 |
154 | 20150522065634 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918C920633 | 154 | 20150521011152 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8FF052BB |
155 | 20150522070134 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D471AAB | 155 | 20150521001457 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F92940463 |
156 | 20150522070306 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D7B1063 | 156 | 20150521011129 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F95C47DCB |
157 | 20150522070332 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D838D0B | 157 | 20150521013515 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9710A103 |
158 | 20150522070807 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918E2B8B67 | 158 | 20150521013841 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9733A497 |
159 | 20150522071420 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F0C3653 | 159 | 20150521041810 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BE934407F |
160 | 20150522071508 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F1EFFFB | 160 | 20150521070624 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BEEB1E407 |
161 | 20150522071555 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F35E697 | 161 | 20150521051555 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BF50EEEC3 |
162 | 20150522071903 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918FA47DEB | 162 | 20150521061258 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C00AF225F |
163 | 20150522074443 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37919363872B | 163 | 20150521034225 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C058D5963 |
164 | 20150522075339 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379194BA4383 | 164 | 20150521035956 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C0616723F |
165 | 20150522080128 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379195DB3C5F | 165 | 20150521054248 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C12F16C3F |
166 | 20150522080506 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791965094C7 | 166 | 20150521060112 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1379EA23 |
167 | 20150522083733 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C514C4F88F | 167 | 20150521023340 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C165F2773 |
168 | 20150522093608 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517A26827 | 168 | 20150521043505 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1A3EC717 |
169 | 20150522094040 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517D03757 | 169 | 20150521024626 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C202ABED3 |
170 | 20150522095314 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C518686A8B | 170 | 20150521064303 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C27790087 |
171 | 20150522101845 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C519A641F3 | 171 | 20150521060604 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C2F9DF583 |
172 | 20150522103233 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51A4A87B7 | 172 | 20150521062143 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3003EEAB |
173 | 20150522111208 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51C3A7B9B | 173 | 20150521044311 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C363D0A77 |
174 | 20150522120305 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51EB16CF7 | 174 | 20150521053731 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C37D6EFCF |
175 | 20150522122813 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51FE5C353 | 175 | 20150521065640 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3A20A2DF |
176 | 20150522132032 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5226F04CB | 176 | 20150521044717 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3F622E8B |
177 | 20150522141054 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C524EBC207 | 177 | 20150521065426 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C430ED7CB |
178 | 20150522153656 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529553A9F | 178 | 20150521023632 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C445E575B |
179 | 20150522154114 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5298632F7 | 179 | 20150521032945 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C45EEE643 |
180 | 20150522154826 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529DCC5D7 | 180 | 20150521054538 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C49FB77CB |
181 | 20150522163842 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52C78C8C3 | 181 | 20150521024620 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C4D86D0FB |
182 | 20150522165625 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52D5A1C27 | 182 | 20150521042108 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C505E524B |
183 | 20150522172408 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52EBD88E3 | 183 | 20150521041835 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD3703FA7 |
184 | 20150522173745 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52F69630B | 184 | 20150521051726 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD4CEF96F |
185 | 20150522184340 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5327AFF1B | 185 | 20150521074626 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD86439C3 |
186 | 20150522190348 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5336CDC63 | 186 | 20150521082439 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD947F7F3 |
187 | 20150522200705 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5366C1207 | 187 | 20150521012012 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE0694343 |
188 | 20150522201200 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5369D0A6B | 188 | 20150521073153 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE93D436F |
189 | 20150522202855 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5375B287F | 189 | 20150521094433 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CEC4EE993 |
190 | 20150522204401 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5380EDB4B | 190 | 20150521074128 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CFA190CE3 |
191 | 20150522205115 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5385D084B | 191 | 20150521014004 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0235296F |
192 | 20150522210056 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C538CEBB3B | 192 | 20150521014736 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D025961EB |
193 | 20150522212110 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C539B27FE3 | 193 | 20150521065737 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0961218F |
194 | 20150522215602 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53B4E825B | 194 | 20150521043653 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D163706C7 |
195 | 20150522222840 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53CD37713 | 195 | 20150521085322 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1BC6858F |
196 | 20150522224719 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53DAAAE07 | 196 | 20150521093922 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1CC27FE3 |
197 | 20150523005800 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C543D2802B | 197 | 20150521120407 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1FE2874F |
198 | 20150523110456 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C549CAF02F | 198 | 20150521124157 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D20A8A19B |
199 | 20150523111755 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C54A5BCB0B | 199 | 20150521035417 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D24E0665B |
200 | 20150523135850 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551C0E2B7 | 200 | 20150521062806 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2828F7AB |
201 | 20150523140345 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551F4D6B3 | 201 | 20150521074218 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D29B42017 |
202 | 20150523153045 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5561141EB | 202 | 20150521114937 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2F027D3F |
203 | 20150523170349 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C55A59DCDF | 203 | 20150521073847 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D3905A9FF |
204 | 20150523191201 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB470CDA3203 | 204 | 20150521024512 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41DB2FFB |
205 | 20150523215157 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4711A72AAB | 205 | 20150521024827 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41E2852F |
206 | 20150523231527 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47141BE273 | 206 | 20150521042402 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D43D9B0E3 |
207 | 20150523235422 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47153C4A8F | 207 | 20150521083756 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D491D852F |
208 | 20150524010823 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47174C4663 | 208 | 20150521113241 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D4CAD7D8B |
209 | 20150524013736 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471810100B | ||
210 | 20150524040115 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471BEA9823 | ||
211 | 20150524051719 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471DEF42C3 | ||
212 | 20150524055417 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471EE81B27 | ||
213 | 20150524104925 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726B43323 | ||
214 | 20150524105636 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726DBBBDF | ||
215 | 20150524130121 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472A1294AB | ||
216 | 20150524163025 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FBAE453 | ||
217 | 20150524163715 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FE1144B | ||
218 | 20150524173410 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47315B458F | ||
219 | 20150524181655 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473268D4BB | ||
220 | 20150524223625 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473917D17B | ||
221 | 20150525001303 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473B95BAC3 | ||
222 | 20150525011252 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473D16F0B3 | ||
223 | 20150525020522 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473E60DDB7 | ||
224 | 20150525061910 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4744D20B9F | ||
225 | 20150525092924 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47499CAF77 | ||
226 | 20150525124039 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474E6A2CEB | ||
227 | 20150525132602 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474F854D7B | ||
228 | 20150525170642 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4755495933 | ||
229 | 20150525201019 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4759D07FB7 | ||
230 | 20150525223942 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475D6E1C07 | ||
231 | 20150525230547 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475E0B3487 | ||
232 | 20150525234905 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475F115D93 | ||
233 | 20150526002510 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475FE94D13 | ||
234 | 20150526014857 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4761E82A83 | ||
235 | 20150526045853 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47667CBC4F | ||
236 | 20150605090211 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB476DA5F0B7 | ||
237 | 20150605145212 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4776229827 | ||
238 | 20150605174343 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477A770453 | ||
239 | 20150605182015 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477B32F0B3 | ||
240 | 20150526114135 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C238093 | ||
241 | 20150526114600 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C32EEF7 | ||
242 | 20150526134901 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95F067BA3 | ||
243 | 20150526153127 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96179B9CB | ||
244 | 20150526164245 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96332D5AF | ||
245 | 20150526174513 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9649A719B | ||
246 | 20150527035812 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97262B7F7 | ||
247 | 20150527075726 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE977B43343 | ||
248 | 20150527112120 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97C1F6EA7 | ||
249 | 20150528010450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98E4FBCCB | ||
250 | 20150528020450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98F884B93 | ||
251 | 20150528024708 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE990692277 | ||
252 | 20150605205801 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE994DC793F | ||
253 | 20150606012116 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE99A681C6B | ||
254 | 20150606055158 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A0264EE7 | ||
255 | 20150606071549 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A1DB0223 | ||
256 | 20150606132241 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A644DC6B | ||
257 | 20150606164856 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9AAAAEE73 | ||
258 | 20150606183208 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9ACEEACDB | ||
259 | 20150607015742 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B6ADF38F | ||
260 | 20150607022317 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B733A2AB | ||
261 | 20150607051100 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BAB79D47 | ||
262 | 20150607064815 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BCBC8A17 | ||
263 | 20150607120629 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C355FA5B | ||
264 | 20150607121012 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3600A83 | ||
265 | 20150607123508 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3DCB093 | ||
266 | 20150607144400 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C680E5AB | ||
267 | 20150607145646 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C6BC5BC3 | ||
268 | 20150607201140 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9CD3C4A03 | ||
@@ -71,4 +71,4 @@ STANDARDS | |||
71 | the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, | 71 | the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, |
72 | 2006. | 72 | 2006. |
73 | 73 | ||
74 | OpenBSD 5.9 September 26, 2012 OpenBSD 5.9 | 74 | OpenBSD 6.0 September 26, 2012 OpenBSD 6.0 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.157 2016/02/15 23:32:37 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.161 2016/07/22 03:39:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -34,6 +34,7 @@ | |||
34 | 34 | ||
35 | #include <errno.h> | 35 | #include <errno.h> |
36 | #include <fcntl.h> | 36 | #include <fcntl.h> |
37 | #include <limits.h> | ||
37 | #ifdef HAVE_PATHS_H | 38 | #ifdef HAVE_PATHS_H |
38 | #include <paths.h> | 39 | #include <paths.h> |
39 | #endif | 40 | #endif |
@@ -74,6 +75,7 @@ | |||
74 | #include "cipher.h" | 75 | #include "cipher.h" |
75 | #include "kex.h" | 76 | #include "kex.h" |
76 | #include "dh.h" | 77 | #include "dh.h" |
78 | #include "auth-pam.h" | ||
77 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ | 79 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ |
78 | #undef TARGET_OS_MAC | 80 | #undef TARGET_OS_MAC |
79 | #include "zlib.h" | 81 | #include "zlib.h" |
@@ -707,7 +709,8 @@ mm_answer_sign(int sock, Buffer *m) | |||
707 | u_char *p = NULL, *signature = NULL; | 709 | u_char *p = NULL, *signature = NULL; |
708 | char *alg = NULL; | 710 | char *alg = NULL; |
709 | size_t datlen, siglen, alglen; | 711 | size_t datlen, siglen, alglen; |
710 | int r, keyid, is_proof = 0; | 712 | int r, is_proof = 0; |
713 | u_int keyid; | ||
711 | const char proof_req[] = "hostkeys-prove-00@openssh.com"; | 714 | const char proof_req[] = "hostkeys-prove-00@openssh.com"; |
712 | 715 | ||
713 | debug3("%s", __func__); | 716 | debug3("%s", __func__); |
@@ -716,6 +719,8 @@ mm_answer_sign(int sock, Buffer *m) | |||
716 | (r = sshbuf_get_string(m, &p, &datlen)) != 0 || | 719 | (r = sshbuf_get_string(m, &p, &datlen)) != 0 || |
717 | (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) | 720 | (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) |
718 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 721 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
722 | if (keyid > INT_MAX) | ||
723 | fatal("%s: invalid key ID", __func__); | ||
719 | 724 | ||
720 | /* | 725 | /* |
721 | * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes), | 726 | * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes), |
@@ -959,6 +964,9 @@ mm_answer_authpassword(int sock, Buffer *m) | |||
959 | 964 | ||
960 | buffer_clear(m); | 965 | buffer_clear(m); |
961 | buffer_put_int(m, authenticated); | 966 | buffer_put_int(m, authenticated); |
967 | #ifdef USE_PAM | ||
968 | buffer_put_int(m, sshpam_get_maxtries_reached()); | ||
969 | #endif | ||
962 | 970 | ||
963 | debug3("%s: sending result %d", __func__, authenticated); | 971 | debug3("%s: sending result %d", __func__, authenticated); |
964 | mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); | 972 | mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); |
@@ -1158,6 +1166,7 @@ mm_answer_pam_query(int sock, Buffer *m) | |||
1158 | free(name); | 1166 | free(name); |
1159 | buffer_put_cstring(m, info); | 1167 | buffer_put_cstring(m, info); |
1160 | free(info); | 1168 | free(info); |
1169 | buffer_put_int(m, sshpam_get_maxtries_reached()); | ||
1161 | buffer_put_int(m, num); | 1170 | buffer_put_int(m, num); |
1162 | for (i = 0; i < num; ++i) { | 1171 | for (i = 0; i < num; ++i) { |
1163 | buffer_put_cstring(m, prompts[i]); | 1172 | buffer_put_cstring(m, prompts[i]); |
@@ -1292,6 +1301,10 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
1292 | break; | 1301 | break; |
1293 | } | 1302 | } |
1294 | } | 1303 | } |
1304 | |||
1305 | debug3("%s: key %p is %s", | ||
1306 | __func__, key, allowed ? "allowed" : "not allowed"); | ||
1307 | |||
1295 | if (key != NULL) | 1308 | if (key != NULL) |
1296 | key_free(key); | 1309 | key_free(key); |
1297 | 1310 | ||
@@ -1313,9 +1326,6 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
1313 | free(chost); | 1326 | free(chost); |
1314 | } | 1327 | } |
1315 | 1328 | ||
1316 | debug3("%s: key %p is %s", | ||
1317 | __func__, key, allowed ? "allowed" : "not allowed"); | ||
1318 | |||
1319 | buffer_clear(m); | 1329 | buffer_clear(m); |
1320 | buffer_put_int(m, allowed); | 1330 | buffer_put_int(m, allowed); |
1321 | buffer_put_int(m, forced_command != NULL); | 1331 | buffer_put_int(m, forced_command != NULL); |
@@ -1332,7 +1342,8 @@ static int | |||
1332 | monitor_valid_userblob(u_char *data, u_int datalen) | 1342 | monitor_valid_userblob(u_char *data, u_int datalen) |
1333 | { | 1343 | { |
1334 | Buffer b; | 1344 | Buffer b; |
1335 | char *p, *userstyle; | 1345 | u_char *p; |
1346 | char *userstyle, *cp; | ||
1336 | u_int len; | 1347 | u_int len; |
1337 | int fail = 0; | 1348 | int fail = 0; |
1338 | 1349 | ||
@@ -1357,26 +1368,26 @@ monitor_valid_userblob(u_char *data, u_int datalen) | |||
1357 | } | 1368 | } |
1358 | if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) | 1369 | if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) |
1359 | fail++; | 1370 | fail++; |
1360 | p = buffer_get_cstring(&b, NULL); | 1371 | cp = buffer_get_cstring(&b, NULL); |
1361 | xasprintf(&userstyle, "%s%s%s", authctxt->user, | 1372 | xasprintf(&userstyle, "%s%s%s", authctxt->user, |
1362 | authctxt->style ? ":" : "", | 1373 | authctxt->style ? ":" : "", |
1363 | authctxt->style ? authctxt->style : ""); | 1374 | authctxt->style ? authctxt->style : ""); |
1364 | if (strcmp(userstyle, p) != 0) { | 1375 | if (strcmp(userstyle, cp) != 0) { |
1365 | logit("wrong user name passed to monitor: expected %s != %.100s", | 1376 | logit("wrong user name passed to monitor: " |
1366 | userstyle, p); | 1377 | "expected %s != %.100s", userstyle, cp); |
1367 | fail++; | 1378 | fail++; |
1368 | } | 1379 | } |
1369 | free(userstyle); | 1380 | free(userstyle); |
1370 | free(p); | 1381 | free(cp); |
1371 | buffer_skip_string(&b); | 1382 | buffer_skip_string(&b); |
1372 | if (datafellows & SSH_BUG_PKAUTH) { | 1383 | if (datafellows & SSH_BUG_PKAUTH) { |
1373 | if (!buffer_get_char(&b)) | 1384 | if (!buffer_get_char(&b)) |
1374 | fail++; | 1385 | fail++; |
1375 | } else { | 1386 | } else { |
1376 | p = buffer_get_cstring(&b, NULL); | 1387 | cp = buffer_get_cstring(&b, NULL); |
1377 | if (strcmp("publickey", p) != 0) | 1388 | if (strcmp("publickey", cp) != 0) |
1378 | fail++; | 1389 | fail++; |
1379 | free(p); | 1390 | free(cp); |
1380 | if (!buffer_get_char(&b)) | 1391 | if (!buffer_get_char(&b)) |
1381 | fail++; | 1392 | fail++; |
1382 | buffer_skip_string(&b); | 1393 | buffer_skip_string(&b); |
@@ -1512,6 +1523,7 @@ mm_answer_keyverify(int sock, Buffer *m) | |||
1512 | static void | 1523 | static void |
1513 | mm_record_login(Session *s, struct passwd *pw) | 1524 | mm_record_login(Session *s, struct passwd *pw) |
1514 | { | 1525 | { |
1526 | struct ssh *ssh = active_state; /* XXX */ | ||
1515 | socklen_t fromlen; | 1527 | socklen_t fromlen; |
1516 | struct sockaddr_storage from; | 1528 | struct sockaddr_storage from; |
1517 | 1529 | ||
@@ -1533,7 +1545,7 @@ mm_record_login(Session *s, struct passwd *pw) | |||
1533 | } | 1545 | } |
1534 | /* Record that there was a login on that tty from the remote host. */ | 1546 | /* Record that there was a login on that tty from the remote host. */ |
1535 | record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, | 1547 | record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid, |
1536 | get_remote_name_or_ip(utmp_len, options.use_dns), | 1548 | session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns), |
1537 | (struct sockaddr *)&from, fromlen); | 1549 | (struct sockaddr *)&from, fromlen); |
1538 | } | 1550 | } |
1539 | 1551 | ||
@@ -1897,6 +1909,9 @@ monitor_apply_keystate(struct monitor *pmonitor) | |||
1897 | #ifdef WITH_OPENSSL | 1909 | #ifdef WITH_OPENSSL |
1898 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 1910 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
1899 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 1911 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
1912 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
1913 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
1914 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
1900 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1915 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
1901 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 1916 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
1902 | # ifdef OPENSSL_HAS_ECC | 1917 | # ifdef OPENSSL_HAS_ECC |
diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 2ddd80732..d766edcf1 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_fdpass.c,v 1.20 2015/02/25 23:05:47 djm Exp $ */ | 1 | /* $OpenBSD: monitor_fdpass.c,v 1.21 2016/02/29 20:22:36 jca Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2001 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2001 Niels Provos <provos@citi.umich.edu> |
4 | * All rights reserved. | 4 | * All rights reserved. |
@@ -99,8 +99,7 @@ mm_send_fd(int sock, int fd) | |||
99 | } | 99 | } |
100 | 100 | ||
101 | if (n != 1) { | 101 | if (n != 1) { |
102 | error("%s: sendmsg: expected sent 1 got %ld", | 102 | error("%s: sendmsg: expected sent 1 got %zd", __func__, n); |
103 | __func__, (long)n); | ||
104 | return -1; | 103 | return -1; |
105 | } | 104 | } |
106 | return 0; | 105 | return 0; |
@@ -155,8 +154,7 @@ mm_receive_fd(int sock) | |||
155 | } | 154 | } |
156 | 155 | ||
157 | if (n != 1) { | 156 | if (n != 1) { |
158 | error("%s: recvmsg: expected received 1 got %ld", | 157 | error("%s: recvmsg: expected received 1 got %zd", __func__, n); |
159 | __func__, (long)n); | ||
160 | return -1; | 158 | return -1; |
161 | } | 159 | } |
162 | 160 | ||
diff --git a/monitor_wrap.c b/monitor_wrap.c index eaf0a1294..11e3a6956 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.87 2016/01/14 16:17:40 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.88 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -60,6 +60,7 @@ | |||
60 | #include "packet.h" | 60 | #include "packet.h" |
61 | #include "mac.h" | 61 | #include "mac.h" |
62 | #include "log.h" | 62 | #include "log.h" |
63 | #include "auth-pam.h" | ||
63 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ | 64 | #ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */ |
64 | #undef TARGET_OS_MAC | 65 | #undef TARGET_OS_MAC |
65 | #include "zlib.h" | 66 | #include "zlib.h" |
@@ -380,6 +381,9 @@ mm_auth_password(Authctxt *authctxt, char *password) | |||
380 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); | 381 | mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); |
381 | 382 | ||
382 | authenticated = buffer_get_int(&m); | 383 | authenticated = buffer_get_int(&m); |
384 | #ifdef USE_PAM | ||
385 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
386 | #endif | ||
383 | 387 | ||
384 | buffer_free(&m); | 388 | buffer_free(&m); |
385 | 389 | ||
@@ -396,15 +400,15 @@ mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) | |||
396 | } | 400 | } |
397 | 401 | ||
398 | int | 402 | int |
399 | mm_hostbased_key_allowed(struct passwd *pw, char *user, char *host, | 403 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, |
400 | Key *key) | 404 | Key *key) |
401 | { | 405 | { |
402 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); | 406 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); |
403 | } | 407 | } |
404 | 408 | ||
405 | int | 409 | int |
406 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | 410 | mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *user, |
407 | char *host, Key *key) | 411 | const char *host, Key *key) |
408 | { | 412 | { |
409 | int ret; | 413 | int ret; |
410 | 414 | ||
@@ -415,8 +419,8 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user, | |||
415 | } | 419 | } |
416 | 420 | ||
417 | int | 421 | int |
418 | mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key, | 422 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, |
419 | int pubkey_auth_attempt) | 423 | Key *key, int pubkey_auth_attempt) |
420 | { | 424 | { |
421 | Buffer m; | 425 | Buffer m; |
422 | u_char *blob; | 426 | u_char *blob; |
@@ -662,6 +666,7 @@ mm_sshpam_query(void *ctx, char **name, char **info, | |||
662 | debug3("%s: pam_query returned %d", __func__, ret); | 666 | debug3("%s: pam_query returned %d", __func__, ret); |
663 | *name = buffer_get_string(&m, NULL); | 667 | *name = buffer_get_string(&m, NULL); |
664 | *info = buffer_get_string(&m, NULL); | 668 | *info = buffer_get_string(&m, NULL); |
669 | sshpam_set_maxtries_reached(buffer_get_int(&m)); | ||
665 | *num = buffer_get_int(&m); | 670 | *num = buffer_get_int(&m); |
666 | if (*num > PAM_MAX_NUM_MSG) | 671 | if (*num > PAM_MAX_NUM_MSG) |
667 | fatal("%s: recieved %u PAM messages, expected <= %u", | 672 | fatal("%s: recieved %u PAM messages, expected <= %u", |
diff --git a/monitor_wrap.h b/monitor_wrap.h index d9de551c2..d5b3334dc 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.h,v 1.29 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.h,v 1.30 2016/03/07 19:02:43 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
@@ -46,10 +46,12 @@ void mm_inform_authrole(char *); | |||
46 | struct passwd *mm_getpwnamallow(const char *); | 46 | struct passwd *mm_getpwnamallow(const char *); |
47 | char *mm_auth2_read_banner(void); | 47 | char *mm_auth2_read_banner(void); |
48 | int mm_auth_password(struct Authctxt *, char *); | 48 | int mm_auth_password(struct Authctxt *, char *); |
49 | int mm_key_allowed(enum mm_keytype, char *, char *, Key *, int); | 49 | int mm_key_allowed(enum mm_keytype, const char *, const char *, Key *, int); |
50 | int mm_user_key_allowed(struct passwd *, Key *, int); | 50 | int mm_user_key_allowed(struct passwd *, Key *, int); |
51 | int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *); | 51 | int mm_hostbased_key_allowed(struct passwd *, const char *, |
52 | int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); | 52 | const char *, Key *); |
53 | int mm_auth_rhosts_rsa_key_allowed(struct passwd *, const char *, | ||
54 | const char *, Key *); | ||
53 | int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int); | 55 | int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int); |
54 | int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); | 56 | int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); |
55 | int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *); | 57 | int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.58 2016/01/13 23:04:47 djm Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.60 2016/06/03 03:14:41 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -88,8 +88,6 @@ extern char *host; | |||
88 | extern int subsystem_flag; | 88 | extern int subsystem_flag; |
89 | extern Buffer command; | 89 | extern Buffer command; |
90 | extern volatile sig_atomic_t quit_pending; | 90 | extern volatile sig_atomic_t quit_pending; |
91 | extern char *stdio_forward_host; | ||
92 | extern int stdio_forward_port; | ||
93 | 91 | ||
94 | /* Context for session open confirmation callback */ | 92 | /* Context for session open confirmation callback */ |
95 | struct mux_session_confirm_ctx { | 93 | struct mux_session_confirm_ctx { |
@@ -1297,7 +1295,7 @@ muxserver_listen(void) | |||
1297 | /* Now atomically "move" the mux socket into position */ | 1295 | /* Now atomically "move" the mux socket into position */ |
1298 | if (link(options.control_path, orig_control_path) != 0) { | 1296 | if (link(options.control_path, orig_control_path) != 0) { |
1299 | if (errno != EEXIST) { | 1297 | if (errno != EEXIST) { |
1300 | fatal("%s: link mux listener %s => %s: %s", __func__, | 1298 | fatal("%s: link mux listener %s => %s: %s", __func__, |
1301 | options.control_path, orig_control_path, | 1299 | options.control_path, orig_control_path, |
1302 | strerror(errno)); | 1300 | strerror(errno)); |
1303 | } | 1301 | } |
@@ -1991,8 +1989,8 @@ mux_client_request_stdio_fwd(int fd) | |||
1991 | buffer_put_int(&m, MUX_C_NEW_STDIO_FWD); | 1989 | buffer_put_int(&m, MUX_C_NEW_STDIO_FWD); |
1992 | buffer_put_int(&m, muxclient_request_id); | 1990 | buffer_put_int(&m, muxclient_request_id); |
1993 | buffer_put_cstring(&m, ""); /* reserved */ | 1991 | buffer_put_cstring(&m, ""); /* reserved */ |
1994 | buffer_put_cstring(&m, stdio_forward_host); | 1992 | buffer_put_cstring(&m, options.stdio_forward_host); |
1995 | buffer_put_int(&m, stdio_forward_port); | 1993 | buffer_put_int(&m, options.stdio_forward_port); |
1996 | 1994 | ||
1997 | if (mux_client_write_packet(fd, &m) != 0) | 1995 | if (mux_client_write_packet(fd, &m) != 0) |
1998 | fatal("%s: write packet: %s", __func__, strerror(errno)); | 1996 | fatal("%s: write packet: %s", __func__, strerror(errno)); |
@@ -2116,7 +2114,7 @@ muxclient(const char *path) | |||
2116 | u_int pid; | 2114 | u_int pid; |
2117 | 2115 | ||
2118 | if (muxclient_command == 0) { | 2116 | if (muxclient_command == 0) { |
2119 | if (stdio_forward_host != NULL) | 2117 | if (options.stdio_forward_host != NULL) |
2120 | muxclient_command = SSHMUX_COMMAND_STDIO_FWD; | 2118 | muxclient_command = SSHMUX_COMMAND_STDIO_FWD; |
2121 | else | 2119 | else |
2122 | muxclient_command = SSHMUX_COMMAND_OPEN; | 2120 | muxclient_command = SSHMUX_COMMAND_OPEN; |
diff --git a/myproposal.h b/myproposal.h index bdd05966f..597090164 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -67,13 +67,18 @@ | |||
67 | #endif | 67 | #endif |
68 | 68 | ||
69 | #ifdef HAVE_EVP_SHA256 | 69 | #ifdef HAVE_EVP_SHA256 |
70 | # define KEX_SHA256_METHODS \ | 70 | # define KEX_SHA2_METHODS \ |
71 | "diffie-hellman-group-exchange-sha256," | 71 | "diffie-hellman-group-exchange-sha256," \ |
72 | "diffie-hellman-group16-sha512," \ | ||
73 | "diffie-hellman-group18-sha512," | ||
74 | # define KEX_SHA2_GROUP14 \ | ||
75 | "diffie-hellman-group14-sha256," | ||
72 | #define SHA2_HMAC_MODES \ | 76 | #define SHA2_HMAC_MODES \ |
73 | "hmac-sha2-256," \ | 77 | "hmac-sha2-256," \ |
74 | "hmac-sha2-512," | 78 | "hmac-sha2-512," |
75 | #else | 79 | #else |
76 | # define KEX_SHA256_METHODS | 80 | # define KEX_SHA2_METHODS |
81 | # define KEX_SHA2_GROUP14 | ||
77 | # define SHA2_HMAC_MODES | 82 | # define SHA2_HMAC_MODES |
78 | #endif | 83 | #endif |
79 | 84 | ||
@@ -86,13 +91,15 @@ | |||
86 | #define KEX_COMMON_KEX \ | 91 | #define KEX_COMMON_KEX \ |
87 | KEX_CURVE25519_METHODS \ | 92 | KEX_CURVE25519_METHODS \ |
88 | KEX_ECDH_METHODS \ | 93 | KEX_ECDH_METHODS \ |
89 | KEX_SHA256_METHODS | 94 | KEX_SHA2_METHODS |
90 | 95 | ||
91 | #define KEX_SERVER_KEX KEX_COMMON_KEX \ | 96 | #define KEX_SERVER_KEX KEX_COMMON_KEX \ |
97 | KEX_SHA2_GROUP14 \ | ||
92 | "diffie-hellman-group14-sha1" \ | 98 | "diffie-hellman-group14-sha1" \ |
93 | 99 | ||
94 | #define KEX_CLIENT_KEX KEX_COMMON_KEX \ | 100 | #define KEX_CLIENT_KEX KEX_COMMON_KEX \ |
95 | "diffie-hellman-group-exchange-sha1," \ | 101 | "diffie-hellman-group-exchange-sha1," \ |
102 | KEX_SHA2_GROUP14 \ | ||
96 | "diffie-hellman-group14-sha1" | 103 | "diffie-hellman-group14-sha1" |
97 | 104 | ||
98 | #define KEX_DEFAULT_PK_ALG \ | 105 | #define KEX_DEFAULT_PK_ALG \ |
@@ -144,10 +144,6 @@ void packet_disconnect(const char *, ...) | |||
144 | ssh_packet_get_state(active_state, m) | 144 | ssh_packet_get_state(active_state, m) |
145 | #define packet_set_state(m) \ | 145 | #define packet_set_state(m) \ |
146 | ssh_packet_set_state(active_state, m) | 146 | ssh_packet_set_state(active_state, m) |
147 | #if 0 | ||
148 | #define get_remote_ipaddr() \ | ||
149 | ssh_remote_ipaddr(active_state) | ||
150 | #endif | ||
151 | #define packet_get_raw(lenp) \ | 147 | #define packet_get_raw(lenp) \ |
152 | sshpkt_ptr(active_state, lenp) | 148 | sshpkt_ptr(active_state, lenp) |
153 | #define packet_get_ecpoint(c,p) \ | 149 | #define packet_get_ecpoint(c,p) \ |
diff --git a/openbsd-compat/.cvsignore b/openbsd-compat/.cvsignore deleted file mode 100644 index f3c7a7c5d..000000000 --- a/openbsd-compat/.cvsignore +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | Makefile | ||
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 3c5e3b7f7..aca9eba75 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in | |||
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ | |||
18 | 18 | ||
19 | OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o | 19 | OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o |
20 | 20 | ||
21 | COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o | 21 | COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-err.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o |
22 | 22 | ||
23 | PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o | 23 | PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o |
24 | 24 | ||
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c index 046f57e61..b6256b4f8 100644 --- a/openbsd-compat/arc4random.c +++ b/openbsd-compat/arc4random.c | |||
@@ -110,8 +110,8 @@ _rs_stir(void) | |||
110 | 110 | ||
111 | #ifdef WITH_OPENSSL | 111 | #ifdef WITH_OPENSSL |
112 | if (RAND_bytes(rnd, sizeof(rnd)) <= 0) | 112 | if (RAND_bytes(rnd, sizeof(rnd)) <= 0) |
113 | fatal("Couldn't obtain random bytes (error %ld)", | 113 | fatal("Couldn't obtain random bytes (error 0x%lx)", |
114 | ERR_get_error()); | 114 | (unsigned long)ERR_get_error()); |
115 | #else | 115 | #else |
116 | getrnd(rnd, sizeof(rnd)); | 116 | getrnd(rnd, sizeof(rnd)); |
117 | #endif | 117 | #endif |
diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c index c89f21403..eeb269d59 100644 --- a/openbsd-compat/bindresvport.c +++ b/openbsd-compat/bindresvport.c | |||
@@ -64,6 +64,7 @@ bindresvport_sa(int sd, struct sockaddr *sa) | |||
64 | if (sa == NULL) { | 64 | if (sa == NULL) { |
65 | memset(&myaddr, 0, sizeof(myaddr)); | 65 | memset(&myaddr, 0, sizeof(myaddr)); |
66 | sa = (struct sockaddr *)&myaddr; | 66 | sa = (struct sockaddr *)&myaddr; |
67 | salen = sizeof(myaddr); | ||
67 | 68 | ||
68 | if (getsockname(sd, sa, &salen) == -1) | 69 | if (getsockname(sd, sa, &salen) == -1) |
69 | return -1; /* errno is correctly set */ | 70 | return -1; /* errno is correctly set */ |
diff --git a/openbsd-compat/bsd-asprintf.c b/openbsd-compat/bsd-asprintf.c index 3368195d4..7b83448ca 100644 --- a/openbsd-compat/bsd-asprintf.c +++ b/openbsd-compat/bsd-asprintf.c | |||
@@ -25,18 +25,6 @@ | |||
25 | #include <stdarg.h> | 25 | #include <stdarg.h> |
26 | #include <stdlib.h> | 26 | #include <stdlib.h> |
27 | 27 | ||
28 | #ifndef VA_COPY | ||
29 | # ifdef HAVE_VA_COPY | ||
30 | # define VA_COPY(dest, src) va_copy(dest, src) | ||
31 | # else | ||
32 | # ifdef HAVE___VA_COPY | ||
33 | # define VA_COPY(dest, src) __va_copy(dest, src) | ||
34 | # else | ||
35 | # define VA_COPY(dest, src) (dest) = (src) | ||
36 | # endif | ||
37 | # endif | ||
38 | #endif | ||
39 | |||
40 | #define INIT_SZ 128 | 28 | #define INIT_SZ 128 |
41 | 29 | ||
42 | int | 30 | int |
diff --git a/openbsd-compat/bsd-err.c b/openbsd-compat/bsd-err.c new file mode 100644 index 000000000..ab10646f0 --- /dev/null +++ b/openbsd-compat/bsd-err.c | |||
@@ -0,0 +1,71 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2015 Tim Rice <tim@multitalents.net> | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * 3. The name of the author may not be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | #include "includes.h" | ||
29 | |||
30 | #ifndef HAVE_ERR | ||
31 | void | ||
32 | err(int r, const char *fmt, ...) | ||
33 | { | ||
34 | va_list args; | ||
35 | |||
36 | va_start(args, fmt); | ||
37 | fprintf(stderr, "%s: ", strerror(errno)); | ||
38 | vfprintf(stderr, fmt, args); | ||
39 | fputc('\n', stderr); | ||
40 | va_end(args); | ||
41 | exit(r); | ||
42 | } | ||
43 | #endif | ||
44 | |||
45 | #ifndef HAVE_ERRX | ||
46 | void | ||
47 | errx(int r, const char *fmt, ...) | ||
48 | { | ||
49 | va_list args; | ||
50 | |||
51 | va_start(args, fmt); | ||
52 | vfprintf(stderr, fmt, args); | ||
53 | fputc('\n', stderr); | ||
54 | va_end(args); | ||
55 | exit(r); | ||
56 | } | ||
57 | #endif | ||
58 | |||
59 | #ifndef HAVE_WARN | ||
60 | void | ||
61 | warn(const char *fmt, ...) | ||
62 | { | ||
63 | va_list args; | ||
64 | |||
65 | va_start(args, fmt); | ||
66 | fprintf(stderr, "%s: ", strerror(errno)); | ||
67 | vfprintf(stderr, fmt, args); | ||
68 | fputc('\n', stderr); | ||
69 | va_end(args); | ||
70 | } | ||
71 | #endif | ||
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 2a788e47f..18bf62dd8 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c | |||
@@ -284,3 +284,20 @@ pledge(const char *promises, const char *paths[]) | |||
284 | return 0; | 284 | return 0; |
285 | } | 285 | } |
286 | #endif | 286 | #endif |
287 | |||
288 | #ifndef HAVE_MBTOWC | ||
289 | /* a mbtowc that only supports ASCII */ | ||
290 | int | ||
291 | mbtowc(wchar_t *pwc, const char *s, size_t n) | ||
292 | { | ||
293 | if (s == NULL || *s == '\0') | ||
294 | return 0; /* ASCII is not state-dependent */ | ||
295 | if (*s < 0 || *s > 0x7f || n < 1) { | ||
296 | errno = EOPNOTSUPP; | ||
297 | return -1; | ||
298 | } | ||
299 | if (pwc != NULL) | ||
300 | *pwc = *s; | ||
301 | return 1; | ||
302 | } | ||
303 | #endif | ||
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 0d81d1735..27abb2e92 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h | |||
@@ -126,4 +126,15 @@ pid_t getpgid(pid_t); | |||
126 | int pledge(const char *promises, const char *paths[]); | 126 | int pledge(const char *promises, const char *paths[]); |
127 | #endif | 127 | #endif |
128 | 128 | ||
129 | /* bsd-err.h */ | ||
130 | #ifndef HAVE_ERR | ||
131 | void err(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
132 | #endif | ||
133 | #ifndef HAVE_ERRX | ||
134 | void errx(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
135 | #endif | ||
136 | #ifndef HAVE_WARN | ||
137 | void warn(const char *, ...) __attribute__((format(printf, 1, 2))); | ||
138 | #endif | ||
139 | |||
129 | #endif /* _BSD_MISC_H */ | 140 | #endif /* _BSD_MISC_H */ |
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c index 23a635989..d95b6a401 100644 --- a/openbsd-compat/bsd-snprintf.c +++ b/openbsd-compat/bsd-snprintf.c | |||
@@ -99,18 +99,6 @@ | |||
99 | # undef HAVE_VSNPRINTF | 99 | # undef HAVE_VSNPRINTF |
100 | #endif | 100 | #endif |
101 | 101 | ||
102 | #ifndef VA_COPY | ||
103 | # ifdef HAVE_VA_COPY | ||
104 | # define VA_COPY(dest, src) va_copy(dest, src) | ||
105 | # else | ||
106 | # ifdef HAVE___VA_COPY | ||
107 | # define VA_COPY(dest, src) __va_copy(dest, src) | ||
108 | # else | ||
109 | # define VA_COPY(dest, src) (dest) = (src) | ||
110 | # endif | ||
111 | # endif | ||
112 | #endif | ||
113 | |||
114 | #if !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) | 102 | #if !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) |
115 | 103 | ||
116 | #include <ctype.h> | 104 | #include <ctype.h> |
diff --git a/openbsd-compat/inet_aton.c b/openbsd-compat/inet_aton.c index 130597e14..093a17203 100644 --- a/openbsd-compat/inet_aton.c +++ b/openbsd-compat/inet_aton.c | |||
@@ -3,7 +3,7 @@ | |||
3 | /* | 3 | /* |
4 | * Copyright (c) 1983, 1990, 1993 | 4 | * Copyright (c) 1983, 1990, 1993 |
5 | * The Regents of the University of California. All rights reserved. | 5 | * The Regents of the University of California. All rights reserved. |
6 | * | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | 9 | * are met: |
@@ -15,7 +15,7 @@ | |||
15 | * 3. Neither the name of the University nor the names of its contributors | 15 | * 3. Neither the name of the University nor the names of its contributors |
16 | * may be used to endorse or promote products derived from this software | 16 | * may be used to endorse or promote products derived from this software |
17 | * without specific prior written permission. | 17 | * without specific prior written permission. |
18 | * | 18 | * |
19 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | 19 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
@@ -29,14 +29,14 @@ | |||
29 | * SUCH DAMAGE. | 29 | * SUCH DAMAGE. |
30 | * - | 30 | * - |
31 | * Portions Copyright (c) 1993 by Digital Equipment Corporation. | 31 | * Portions Copyright (c) 1993 by Digital Equipment Corporation. |
32 | * | 32 | * |
33 | * Permission to use, copy, modify, and distribute this software for any | 33 | * Permission to use, copy, modify, and distribute this software for any |
34 | * purpose with or without fee is hereby granted, provided that the above | 34 | * purpose with or without fee is hereby granted, provided that the above |
35 | * copyright notice and this permission notice appear in all copies, and that | 35 | * copyright notice and this permission notice appear in all copies, and that |
36 | * the name of Digital Equipment Corporation not be used in advertising or | 36 | * the name of Digital Equipment Corporation not be used in advertising or |
37 | * publicity pertaining to distribution of the document or software without | 37 | * publicity pertaining to distribution of the document or software without |
38 | * specific, written prior permission. | 38 | * specific, written prior permission. |
39 | * | 39 | * |
40 | * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL | 40 | * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL |
41 | * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES | 41 | * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES |
42 | * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT | 42 | * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT |
@@ -77,7 +77,7 @@ inet_addr(const char *cp) | |||
77 | } | 77 | } |
78 | #endif | 78 | #endif |
79 | 79 | ||
80 | /* | 80 | /* |
81 | * Check whether "cp" is a valid ascii representation | 81 | * Check whether "cp" is a valid ascii representation |
82 | * of an Internet address and convert to a binary address. | 82 | * of an Internet address and convert to a binary address. |
83 | * Returns 1 if the address is valid, 0 if not. | 83 | * Returns 1 if the address is valid, 0 if not. |
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index 8cc8a11b7..37d2064cd 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h | |||
@@ -36,6 +36,8 @@ | |||
36 | 36 | ||
37 | #include <sys/socket.h> | 37 | #include <sys/socket.h> |
38 | 38 | ||
39 | #include <stddef.h> /* for wchar_t */ | ||
40 | |||
39 | /* OpenBSD function replacements */ | 41 | /* OpenBSD function replacements */ |
40 | #include "base64.h" | 42 | #include "base64.h" |
41 | #include "sigact.h" | 43 | #include "sigact.h" |
@@ -231,10 +233,43 @@ long long strtonum(const char *, long long, long long, const char **); | |||
231 | # define mblen(x, y) (1) | 233 | # define mblen(x, y) (1) |
232 | #endif | 234 | #endif |
233 | 235 | ||
236 | #ifndef HAVE_WCWIDTH | ||
237 | # define wcwidth(x) (((x) >= 0x20 && (x) <= 0x7e) ? 1 : -1) | ||
238 | /* force our no-op nl_langinfo and mbtowc */ | ||
239 | # undef HAVE_NL_LANGINFO | ||
240 | # undef HAVE_MBTOWC | ||
241 | # undef HAVE_LANGINFO_H | ||
242 | #endif | ||
243 | |||
244 | #ifndef HAVE_NL_LANGINFO | ||
245 | # define nl_langinfo(x) "" | ||
246 | #endif | ||
247 | |||
248 | #ifndef HAVE_MBTOWC | ||
249 | int mbtowc(wchar_t *, const char*, size_t); | ||
250 | #endif | ||
251 | |||
234 | #if !defined(HAVE_VASPRINTF) || !defined(HAVE_VSNPRINTF) | 252 | #if !defined(HAVE_VASPRINTF) || !defined(HAVE_VSNPRINTF) |
235 | # include <stdarg.h> | 253 | # include <stdarg.h> |
236 | #endif | 254 | #endif |
237 | 255 | ||
256 | /* | ||
257 | * Some platforms unconditionally undefine va_copy() so we define VA_COPY() | ||
258 | * instead. This is known to be the case on at least some configurations of | ||
259 | * AIX with the xlc compiler. | ||
260 | */ | ||
261 | #ifndef VA_COPY | ||
262 | # ifdef HAVE_VA_COPY | ||
263 | # define VA_COPY(dest, src) va_copy(dest, src) | ||
264 | # else | ||
265 | # ifdef HAVE___VA_COPY | ||
266 | # define VA_COPY(dest, src) __va_copy(dest, src) | ||
267 | # else | ||
268 | # define VA_COPY(dest, src) (dest) = (src) | ||
269 | # endif | ||
270 | # endif | ||
271 | #endif | ||
272 | |||
238 | #ifndef HAVE_VASPRINTF | 273 | #ifndef HAVE_VASPRINTF |
239 | int vasprintf(char **, const char *, va_list); | 274 | int vasprintf(char **, const char *, va_list); |
240 | #endif | 275 | #endif |
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h index 3a41ea8cd..a7cb5eb30 100644 --- a/openbsd-compat/port-solaris.h +++ b/openbsd-compat/port-solaris.h | |||
@@ -27,6 +27,7 @@ void solaris_contract_post_fork_child(void); | |||
27 | void solaris_contract_post_fork_parent(pid_t pid); | 27 | void solaris_contract_post_fork_parent(pid_t pid); |
28 | void solaris_set_default_project(struct passwd *); | 28 | void solaris_set_default_project(struct passwd *); |
29 | # ifdef USE_SOLARIS_PRIVS | 29 | # ifdef USE_SOLARIS_PRIVS |
30 | #include <priv.h> | ||
30 | priv_set_t *solaris_basic_privset(void); | 31 | priv_set_t *solaris_basic_privset(void); |
31 | void solaris_drop_privs_pinfo_net_fork_exec(void); | 32 | void solaris_drop_privs_pinfo_net_fork_exec(void); |
32 | void solaris_drop_privs_root_pinfo_net(void); | 33 | void solaris_drop_privs_root_pinfo_net(void); |
diff --git a/openbsd-compat/regress/.cvsignore b/openbsd-compat/regress/.cvsignore deleted file mode 100644 index 33074f4a3..000000000 --- a/openbsd-compat/regress/.cvsignore +++ /dev/null | |||
@@ -1,6 +0,0 @@ | |||
1 | Makefile | ||
2 | snprintftest | ||
3 | strduptest | ||
4 | strtonumtest | ||
5 | closefromtest | ||
6 | opensslvertest | ||
diff --git a/openbsd-compat/vis.c b/openbsd-compat/vis.c index f6f5665c1..3cef6bafd 100644 --- a/openbsd-compat/vis.c +++ b/openbsd-compat/vis.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: vis.c,v 1.19 2005/09/01 17:15:49 millert Exp $ */ | 1 | /* $OpenBSD: vis.c,v 1.25 2015/09/13 11:32:51 guenther Exp $ */ |
2 | /*- | 2 | /*- |
3 | * Copyright (c) 1989, 1993 | 3 | * Copyright (c) 1989, 1993 |
4 | * The Regents of the University of California. All rights reserved. | 4 | * The Regents of the University of California. All rights reserved. |
@@ -33,13 +33,24 @@ | |||
33 | #include "includes.h" | 33 | #include "includes.h" |
34 | #if !defined(HAVE_STRNVIS) || defined(BROKEN_STRNVIS) | 34 | #if !defined(HAVE_STRNVIS) || defined(BROKEN_STRNVIS) |
35 | 35 | ||
36 | /* | ||
37 | * We want these to override in the BROKEN_STRNVIS case. TO avoid future sync | ||
38 | * problems no-op out the weak symbol definition rather than remove it. | ||
39 | */ | ||
40 | #define DEF_WEAK(x) | ||
41 | |||
42 | #include <sys/types.h> | ||
43 | #include <errno.h> | ||
36 | #include <ctype.h> | 44 | #include <ctype.h> |
45 | #include <limits.h> | ||
37 | #include <string.h> | 46 | #include <string.h> |
47 | #include <stdlib.h> | ||
38 | 48 | ||
39 | #include "vis.h" | 49 | #include "vis.h" |
40 | 50 | ||
41 | #define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') | 51 | #define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') |
42 | #define isvisible(c) \ | 52 | #define isvisible(c,flag) \ |
53 | (((c) == '\\' || (flag & VIS_ALL) == 0) && \ | ||
43 | (((u_int)(c) <= UCHAR_MAX && isascii((u_char)(c)) && \ | 54 | (((u_int)(c) <= UCHAR_MAX && isascii((u_char)(c)) && \ |
44 | (((c) != '*' && (c) != '?' && (c) != '[' && (c) != '#') || \ | 55 | (((c) != '*' && (c) != '?' && (c) != '[' && (c) != '#') || \ |
45 | (flag & VIS_GLOB) == 0) && isgraph((u_char)(c))) || \ | 56 | (flag & VIS_GLOB) == 0) && isgraph((u_char)(c))) || \ |
@@ -48,7 +59,7 @@ | |||
48 | ((flag & VIS_NL) == 0 && (c) == '\n') || \ | 59 | ((flag & VIS_NL) == 0 && (c) == '\n') || \ |
49 | ((flag & VIS_SAFE) && ((c) == '\b' || \ | 60 | ((flag & VIS_SAFE) && ((c) == '\b' || \ |
50 | (c) == '\007' || (c) == '\r' || \ | 61 | (c) == '\007' || (c) == '\r' || \ |
51 | isgraph((u_char)(c))))) | 62 | isgraph((u_char)(c)))))) |
52 | 63 | ||
53 | /* | 64 | /* |
54 | * vis - visually encode characters | 65 | * vis - visually encode characters |
@@ -56,10 +67,11 @@ | |||
56 | char * | 67 | char * |
57 | vis(char *dst, int c, int flag, int nextc) | 68 | vis(char *dst, int c, int flag, int nextc) |
58 | { | 69 | { |
59 | if (isvisible(c)) { | 70 | if (isvisible(c, flag)) { |
60 | *dst++ = c; | 71 | if ((c == '"' && (flag & VIS_DQ) != 0) || |
61 | if (c == '\\' && (flag & VIS_NOSLASH) == 0) | 72 | (c == '\\' && (flag & VIS_NOSLASH) == 0)) |
62 | *dst++ = '\\'; | 73 | *dst++ = '\\'; |
74 | *dst++ = c; | ||
63 | *dst = '\0'; | 75 | *dst = '\0'; |
64 | return (dst); | 76 | return (dst); |
65 | } | 77 | } |
@@ -136,6 +148,7 @@ done: | |||
136 | *dst = '\0'; | 148 | *dst = '\0'; |
137 | return (dst); | 149 | return (dst); |
138 | } | 150 | } |
151 | DEF_WEAK(vis); | ||
139 | 152 | ||
140 | /* | 153 | /* |
141 | * strvis, strnvis, strvisx - visually encode characters from src into dst | 154 | * strvis, strnvis, strvisx - visually encode characters from src into dst |
@@ -161,6 +174,7 @@ strvis(char *dst, const char *src, int flag) | |||
161 | *dst = '\0'; | 174 | *dst = '\0'; |
162 | return (dst - start); | 175 | return (dst - start); |
163 | } | 176 | } |
177 | DEF_WEAK(strvis); | ||
164 | 178 | ||
165 | int | 179 | int |
166 | strnvis(char *dst, const char *src, size_t siz, int flag) | 180 | strnvis(char *dst, const char *src, size_t siz, int flag) |
@@ -171,19 +185,18 @@ strnvis(char *dst, const char *src, size_t siz, int flag) | |||
171 | 185 | ||
172 | i = 0; | 186 | i = 0; |
173 | for (start = dst, end = start + siz - 1; (c = *src) && dst < end; ) { | 187 | for (start = dst, end = start + siz - 1; (c = *src) && dst < end; ) { |
174 | if (isvisible(c)) { | 188 | if (isvisible(c, flag)) { |
175 | i = 1; | 189 | if ((c == '"' && (flag & VIS_DQ) != 0) || |
176 | *dst++ = c; | 190 | (c == '\\' && (flag & VIS_NOSLASH) == 0)) { |
177 | if (c == '\\' && (flag & VIS_NOSLASH) == 0) { | ||
178 | /* need space for the extra '\\' */ | 191 | /* need space for the extra '\\' */ |
179 | if (dst < end) | 192 | if (dst + 1 >= end) { |
180 | *dst++ = '\\'; | ||
181 | else { | ||
182 | dst--; | ||
183 | i = 2; | 193 | i = 2; |
184 | break; | 194 | break; |
185 | } | 195 | } |
196 | *dst++ = '\\'; | ||
186 | } | 197 | } |
198 | i = 1; | ||
199 | *dst++ = c; | ||
187 | src++; | 200 | src++; |
188 | } else { | 201 | } else { |
189 | i = vis(tbuf, c, flag, *++src) - tbuf; | 202 | i = vis(tbuf, c, flag, *++src) - tbuf; |
@@ -207,6 +220,25 @@ strnvis(char *dst, const char *src, size_t siz, int flag) | |||
207 | } | 220 | } |
208 | 221 | ||
209 | int | 222 | int |
223 | stravis(char **outp, const char *src, int flag) | ||
224 | { | ||
225 | char *buf; | ||
226 | int len, serrno; | ||
227 | |||
228 | buf = reallocarray(NULL, 4, strlen(src) + 1); | ||
229 | if (buf == NULL) | ||
230 | return -1; | ||
231 | len = strvis(buf, src, flag); | ||
232 | serrno = errno; | ||
233 | *outp = realloc(buf, len + 1); | ||
234 | if (*outp == NULL) { | ||
235 | *outp = buf; | ||
236 | errno = serrno; | ||
237 | } | ||
238 | return (len); | ||
239 | } | ||
240 | |||
241 | int | ||
210 | strvisx(char *dst, const char *src, size_t len, int flag) | 242 | strvisx(char *dst, const char *src, size_t len, int flag) |
211 | { | 243 | { |
212 | char c; | 244 | char c; |
diff --git a/openbsd-compat/vis.h b/openbsd-compat/vis.h index d1286c99d..2cdfd364b 100644 --- a/openbsd-compat/vis.h +++ b/openbsd-compat/vis.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: vis.h,v 1.11 2005/08/09 19:38:31 millert Exp $ */ | 1 | /* $OpenBSD: vis.h,v 1.15 2015/07/20 01:52:27 millert Exp $ */ |
2 | /* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */ | 2 | /* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */ |
3 | 3 | ||
4 | /*- | 4 | /*- |
@@ -58,6 +58,8 @@ | |||
58 | #define VIS_NL 0x10 /* also encode newline */ | 58 | #define VIS_NL 0x10 /* also encode newline */ |
59 | #define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) | 59 | #define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) |
60 | #define VIS_SAFE 0x20 /* only encode "unsafe" characters */ | 60 | #define VIS_SAFE 0x20 /* only encode "unsafe" characters */ |
61 | #define VIS_DQ 0x200 /* backslash-escape double quotes */ | ||
62 | #define VIS_ALL 0x400 /* encode all characters */ | ||
61 | 63 | ||
62 | /* | 64 | /* |
63 | * other | 65 | * other |
@@ -81,6 +83,7 @@ | |||
81 | 83 | ||
82 | char *vis(char *, int, int, int); | 84 | char *vis(char *, int, int, int); |
83 | int strvis(char *, const char *, int); | 85 | int strvis(char *, const char *, int); |
86 | int stravis(char **, const char *, int); | ||
84 | int strnvis(char *, const char *, size_t, int) | 87 | int strnvis(char *, const char *, size_t, int) |
85 | __attribute__ ((__bounded__(__string__,1,3))); | 88 | __attribute__ ((__bounded__(__string__,1,3))); |
86 | int strvisx(char *, const char *, size_t, int) | 89 | int strvisx(char *, const char *, size_t, int) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.229 2016/02/17 22:20:14 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.234 2016/07/18 11:35:33 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -52,6 +52,7 @@ | |||
52 | #include <arpa/inet.h> | 52 | #include <arpa/inet.h> |
53 | 53 | ||
54 | #include <errno.h> | 54 | #include <errno.h> |
55 | #include <netdb.h> | ||
55 | #include <stdarg.h> | 56 | #include <stdarg.h> |
56 | #include <stdio.h> | 57 | #include <stdio.h> |
57 | #include <stdlib.h> | 58 | #include <stdlib.h> |
@@ -195,6 +196,7 @@ struct session_state { | |||
195 | 196 | ||
196 | /* XXX discard incoming data after MAC error */ | 197 | /* XXX discard incoming data after MAC error */ |
197 | u_int packet_discard; | 198 | u_int packet_discard; |
199 | size_t packet_discard_mac_already; | ||
198 | struct sshmac *packet_discard_mac; | 200 | struct sshmac *packet_discard_mac; |
199 | 201 | ||
200 | /* Used in packet_read_poll2() */ | 202 | /* Used in packet_read_poll2() */ |
@@ -296,7 +298,7 @@ ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) | |||
296 | (r = cipher_init(&state->receive_context, none, | 298 | (r = cipher_init(&state->receive_context, none, |
297 | (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT)) != 0) { | 299 | (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT)) != 0) { |
298 | error("%s: cipher_init failed: %s", __func__, ssh_err(r)); | 300 | error("%s: cipher_init failed: %s", __func__, ssh_err(r)); |
299 | free(ssh); | 301 | free(ssh); /* XXX need ssh_free_session_state? */ |
300 | return NULL; | 302 | return NULL; |
301 | } | 303 | } |
302 | state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL; | 304 | state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL; |
@@ -332,16 +334,18 @@ ssh_packet_stop_discard(struct ssh *ssh) | |||
332 | 334 | ||
333 | if (state->packet_discard_mac) { | 335 | if (state->packet_discard_mac) { |
334 | char buf[1024]; | 336 | char buf[1024]; |
337 | size_t dlen = PACKET_MAX_SIZE; | ||
335 | 338 | ||
339 | if (dlen > state->packet_discard_mac_already) | ||
340 | dlen -= state->packet_discard_mac_already; | ||
336 | memset(buf, 'a', sizeof(buf)); | 341 | memset(buf, 'a', sizeof(buf)); |
337 | while (sshbuf_len(state->incoming_packet) < | 342 | while (sshbuf_len(state->incoming_packet) < dlen) |
338 | PACKET_MAX_SIZE) | ||
339 | if ((r = sshbuf_put(state->incoming_packet, buf, | 343 | if ((r = sshbuf_put(state->incoming_packet, buf, |
340 | sizeof(buf))) != 0) | 344 | sizeof(buf))) != 0) |
341 | return r; | 345 | return r; |
342 | (void) mac_compute(state->packet_discard_mac, | 346 | (void) mac_compute(state->packet_discard_mac, |
343 | state->p_read.seqnr, | 347 | state->p_read.seqnr, |
344 | sshbuf_ptr(state->incoming_packet), PACKET_MAX_SIZE, | 348 | sshbuf_ptr(state->incoming_packet), dlen, |
345 | NULL, 0); | 349 | NULL, 0); |
346 | } | 350 | } |
347 | logit("Finished discarding for %.200s port %d", | 351 | logit("Finished discarding for %.200s port %d", |
@@ -351,7 +355,7 @@ ssh_packet_stop_discard(struct ssh *ssh) | |||
351 | 355 | ||
352 | static int | 356 | static int |
353 | ssh_packet_start_discard(struct ssh *ssh, struct sshenc *enc, | 357 | ssh_packet_start_discard(struct ssh *ssh, struct sshenc *enc, |
354 | struct sshmac *mac, u_int packet_length, u_int discard) | 358 | struct sshmac *mac, size_t mac_already, u_int discard) |
355 | { | 359 | { |
356 | struct session_state *state = ssh->state; | 360 | struct session_state *state = ssh->state; |
357 | int r; | 361 | int r; |
@@ -361,11 +365,16 @@ ssh_packet_start_discard(struct ssh *ssh, struct sshenc *enc, | |||
361 | return r; | 365 | return r; |
362 | return SSH_ERR_MAC_INVALID; | 366 | return SSH_ERR_MAC_INVALID; |
363 | } | 367 | } |
364 | if (packet_length != PACKET_MAX_SIZE && mac && mac->enabled) | 368 | /* |
369 | * Record number of bytes over which the mac has already | ||
370 | * been computed in order to minimize timing attacks. | ||
371 | */ | ||
372 | if (mac && mac->enabled) { | ||
365 | state->packet_discard_mac = mac; | 373 | state->packet_discard_mac = mac; |
366 | if (sshbuf_len(state->input) >= discard && | 374 | state->packet_discard_mac_already = mac_already; |
367 | (r = ssh_packet_stop_discard(ssh)) != 0) | 375 | } |
368 | return r; | 376 | if (sshbuf_len(state->input) >= discard) |
377 | return ssh_packet_stop_discard(ssh); | ||
369 | state->packet_discard = discard - sshbuf_len(state->input); | 378 | state->packet_discard = discard - sshbuf_len(state->input); |
370 | return 0; | 379 | return 0; |
371 | } | 380 | } |
@@ -379,6 +388,9 @@ ssh_packet_connection_is_on_socket(struct ssh *ssh) | |||
379 | struct sockaddr_storage from, to; | 388 | struct sockaddr_storage from, to; |
380 | socklen_t fromlen, tolen; | 389 | socklen_t fromlen, tolen; |
381 | 390 | ||
391 | if (state->connection_in == -1 || state->connection_out == -1) | ||
392 | return 0; | ||
393 | |||
382 | /* filedescriptors in and out are the same, so it's a socket */ | 394 | /* filedescriptors in and out are the same, so it's a socket */ |
383 | if (state->connection_in == state->connection_out) | 395 | if (state->connection_in == state->connection_out) |
384 | return 1; | 396 | return 1; |
@@ -468,10 +480,14 @@ ssh_remote_ipaddr(struct ssh *ssh) | |||
468 | if (ssh->remote_ipaddr == NULL) { | 480 | if (ssh->remote_ipaddr == NULL) { |
469 | if (ssh_packet_connection_is_on_socket(ssh)) { | 481 | if (ssh_packet_connection_is_on_socket(ssh)) { |
470 | ssh->remote_ipaddr = get_peer_ipaddr(sock); | 482 | ssh->remote_ipaddr = get_peer_ipaddr(sock); |
471 | ssh->remote_port = get_sock_port(sock, 0); | 483 | ssh->remote_port = get_peer_port(sock); |
484 | ssh->local_ipaddr = get_local_ipaddr(sock); | ||
485 | ssh->local_port = get_local_port(sock); | ||
472 | } else { | 486 | } else { |
473 | ssh->remote_ipaddr = strdup("UNKNOWN"); | 487 | ssh->remote_ipaddr = strdup("UNKNOWN"); |
474 | ssh->remote_port = 0; | 488 | ssh->remote_port = 65535; |
489 | ssh->local_ipaddr = strdup("UNKNOWN"); | ||
490 | ssh->local_port = 65535; | ||
475 | } | 491 | } |
476 | } | 492 | } |
477 | return ssh->remote_ipaddr; | 493 | return ssh->remote_ipaddr; |
@@ -486,6 +502,27 @@ ssh_remote_port(struct ssh *ssh) | |||
486 | return ssh->remote_port; | 502 | return ssh->remote_port; |
487 | } | 503 | } |
488 | 504 | ||
505 | /* | ||
506 | * Returns the IP-address of the local host as a string. The returned | ||
507 | * string must not be freed. | ||
508 | */ | ||
509 | |||
510 | const char * | ||
511 | ssh_local_ipaddr(struct ssh *ssh) | ||
512 | { | ||
513 | (void)ssh_remote_ipaddr(ssh); /* Will lookup and cache. */ | ||
514 | return ssh->local_ipaddr; | ||
515 | } | ||
516 | |||
517 | /* Returns the port number of the local host. */ | ||
518 | |||
519 | int | ||
520 | ssh_local_port(struct ssh *ssh) | ||
521 | { | ||
522 | (void)ssh_remote_ipaddr(ssh); /* Will lookup and cache. */ | ||
523 | return ssh->local_port; | ||
524 | } | ||
525 | |||
489 | /* Closes the connection and clears and frees internal data structures. */ | 526 | /* Closes the connection and clears and frees internal data structures. */ |
490 | 527 | ||
491 | void | 528 | void |
@@ -1142,7 +1179,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh) | |||
1142 | { | 1179 | { |
1143 | struct session_state *state = ssh->state; | 1180 | struct session_state *state = ssh->state; |
1144 | u_char type, *cp, macbuf[SSH_DIGEST_MAX_LENGTH]; | 1181 | u_char type, *cp, macbuf[SSH_DIGEST_MAX_LENGTH]; |
1145 | u_char padlen, pad = 0; | 1182 | u_char tmp, padlen, pad = 0; |
1146 | u_int authlen = 0, aadlen = 0; | 1183 | u_int authlen = 0, aadlen = 0; |
1147 | u_int len; | 1184 | u_int len; |
1148 | struct sshenc *enc = NULL; | 1185 | struct sshenc *enc = NULL; |
@@ -1200,14 +1237,24 @@ ssh_packet_send2_wrapped(struct ssh *ssh) | |||
1200 | if (padlen < 4) | 1237 | if (padlen < 4) |
1201 | padlen += block_size; | 1238 | padlen += block_size; |
1202 | if (state->extra_pad) { | 1239 | if (state->extra_pad) { |
1203 | /* will wrap if extra_pad+padlen > 255 */ | 1240 | tmp = state->extra_pad; |
1204 | state->extra_pad = | 1241 | state->extra_pad = |
1205 | roundup(state->extra_pad, block_size); | 1242 | roundup(state->extra_pad, block_size); |
1206 | pad = state->extra_pad - | 1243 | /* check if roundup overflowed */ |
1207 | ((len + padlen) % state->extra_pad); | 1244 | if (state->extra_pad < tmp) |
1245 | return SSH_ERR_INVALID_ARGUMENT; | ||
1246 | tmp = (len + padlen) % state->extra_pad; | ||
1247 | /* Check whether pad calculation below will underflow */ | ||
1248 | if (tmp > state->extra_pad) | ||
1249 | return SSH_ERR_INVALID_ARGUMENT; | ||
1250 | pad = state->extra_pad - tmp; | ||
1208 | DBG(debug3("%s: adding %d (len %d padlen %d extra_pad %d)", | 1251 | DBG(debug3("%s: adding %d (len %d padlen %d extra_pad %d)", |
1209 | __func__, pad, len, padlen, state->extra_pad)); | 1252 | __func__, pad, len, padlen, state->extra_pad)); |
1253 | tmp = padlen; | ||
1210 | padlen += pad; | 1254 | padlen += pad; |
1255 | /* Check whether padlen calculation overflowed */ | ||
1256 | if (padlen < tmp) | ||
1257 | return SSH_ERR_INVALID_ARGUMENT; /* overflow */ | ||
1211 | state->extra_pad = 0; | 1258 | state->extra_pad = 0; |
1212 | } | 1259 | } |
1213 | if ((r = sshbuf_reserve(state->outgoing_packet, padlen, &cp)) != 0) | 1260 | if ((r = sshbuf_reserve(state->outgoing_packet, padlen, &cp)) != 0) |
@@ -1661,7 +1708,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1661 | { | 1708 | { |
1662 | struct session_state *state = ssh->state; | 1709 | struct session_state *state = ssh->state; |
1663 | u_int padlen, need; | 1710 | u_int padlen, need; |
1664 | u_char *cp, macbuf[SSH_DIGEST_MAX_LENGTH]; | 1711 | u_char *cp; |
1665 | u_int maclen, aadlen = 0, authlen = 0, block_size; | 1712 | u_int maclen, aadlen = 0, authlen = 0, block_size; |
1666 | struct sshenc *enc = NULL; | 1713 | struct sshenc *enc = NULL; |
1667 | struct sshmac *mac = NULL; | 1714 | struct sshmac *mac = NULL; |
@@ -1726,8 +1773,8 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1726 | sshbuf_dump(state->incoming_packet, stderr); | 1773 | sshbuf_dump(state->incoming_packet, stderr); |
1727 | #endif | 1774 | #endif |
1728 | logit("Bad packet length %u.", state->packlen); | 1775 | logit("Bad packet length %u.", state->packlen); |
1729 | return ssh_packet_start_discard(ssh, enc, mac, | 1776 | return ssh_packet_start_discard(ssh, enc, mac, 0, |
1730 | state->packlen, PACKET_MAX_SIZE); | 1777 | PACKET_MAX_SIZE); |
1731 | } | 1778 | } |
1732 | if ((r = sshbuf_consume(state->input, block_size)) != 0) | 1779 | if ((r = sshbuf_consume(state->input, block_size)) != 0) |
1733 | goto out; | 1780 | goto out; |
@@ -1749,8 +1796,8 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1749 | if (need % block_size != 0) { | 1796 | if (need % block_size != 0) { |
1750 | logit("padding error: need %d block %d mod %d", | 1797 | logit("padding error: need %d block %d mod %d", |
1751 | need, block_size, need % block_size); | 1798 | need, block_size, need % block_size); |
1752 | return ssh_packet_start_discard(ssh, enc, mac, | 1799 | return ssh_packet_start_discard(ssh, enc, mac, 0, |
1753 | state->packlen, PACKET_MAX_SIZE - block_size); | 1800 | PACKET_MAX_SIZE - block_size); |
1754 | } | 1801 | } |
1755 | /* | 1802 | /* |
1756 | * check if the entire packet has been received and | 1803 | * check if the entire packet has been received and |
@@ -1761,17 +1808,21 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1761 | * 'maclen' bytes of message authentication code. | 1808 | * 'maclen' bytes of message authentication code. |
1762 | */ | 1809 | */ |
1763 | if (sshbuf_len(state->input) < aadlen + need + authlen + maclen) | 1810 | if (sshbuf_len(state->input) < aadlen + need + authlen + maclen) |
1764 | return 0; | 1811 | return 0; /* packet is incomplete */ |
1765 | #ifdef PACKET_DEBUG | 1812 | #ifdef PACKET_DEBUG |
1766 | fprintf(stderr, "read_poll enc/full: "); | 1813 | fprintf(stderr, "read_poll enc/full: "); |
1767 | sshbuf_dump(state->input, stderr); | 1814 | sshbuf_dump(state->input, stderr); |
1768 | #endif | 1815 | #endif |
1769 | /* EtM: compute mac over encrypted input */ | 1816 | /* EtM: check mac over encrypted input */ |
1770 | if (mac && mac->enabled && mac->etm) { | 1817 | if (mac && mac->enabled && mac->etm) { |
1771 | if ((r = mac_compute(mac, state->p_read.seqnr, | 1818 | if ((r = mac_check(mac, state->p_read.seqnr, |
1772 | sshbuf_ptr(state->input), aadlen + need, | 1819 | sshbuf_ptr(state->input), aadlen + need, |
1773 | macbuf, sizeof(macbuf))) != 0) | 1820 | sshbuf_ptr(state->input) + aadlen + need + authlen, |
1821 | maclen)) != 0) { | ||
1822 | if (r == SSH_ERR_MAC_INVALID) | ||
1823 | logit("Corrupted MAC on input."); | ||
1774 | goto out; | 1824 | goto out; |
1825 | } | ||
1775 | } | 1826 | } |
1776 | if ((r = sshbuf_reserve(state->incoming_packet, aadlen + need, | 1827 | if ((r = sshbuf_reserve(state->incoming_packet, aadlen + need, |
1777 | &cp)) != 0) | 1828 | &cp)) != 0) |
@@ -1781,26 +1832,22 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1781 | goto out; | 1832 | goto out; |
1782 | if ((r = sshbuf_consume(state->input, aadlen + need + authlen)) != 0) | 1833 | if ((r = sshbuf_consume(state->input, aadlen + need + authlen)) != 0) |
1783 | goto out; | 1834 | goto out; |
1784 | /* | ||
1785 | * compute MAC over seqnr and packet, | ||
1786 | * increment sequence number for incoming packet | ||
1787 | */ | ||
1788 | if (mac && mac->enabled) { | 1835 | if (mac && mac->enabled) { |
1789 | if (!mac->etm) | 1836 | /* Not EtM: check MAC over cleartext */ |
1790 | if ((r = mac_compute(mac, state->p_read.seqnr, | 1837 | if (!mac->etm && (r = mac_check(mac, state->p_read.seqnr, |
1791 | sshbuf_ptr(state->incoming_packet), | 1838 | sshbuf_ptr(state->incoming_packet), |
1792 | sshbuf_len(state->incoming_packet), | 1839 | sshbuf_len(state->incoming_packet), |
1793 | macbuf, sizeof(macbuf))) != 0) | 1840 | sshbuf_ptr(state->input), maclen)) != 0) { |
1841 | if (r != SSH_ERR_MAC_INVALID) | ||
1794 | goto out; | 1842 | goto out; |
1795 | if (timingsafe_bcmp(macbuf, sshbuf_ptr(state->input), | ||
1796 | mac->mac_len) != 0) { | ||
1797 | logit("Corrupted MAC on input."); | 1843 | logit("Corrupted MAC on input."); |
1798 | if (need > PACKET_MAX_SIZE) | 1844 | if (need > PACKET_MAX_SIZE) |
1799 | return SSH_ERR_INTERNAL_ERROR; | 1845 | return SSH_ERR_INTERNAL_ERROR; |
1800 | return ssh_packet_start_discard(ssh, enc, mac, | 1846 | return ssh_packet_start_discard(ssh, enc, mac, |
1801 | state->packlen, PACKET_MAX_SIZE - need); | 1847 | sshbuf_len(state->incoming_packet), |
1848 | PACKET_MAX_SIZE - need); | ||
1802 | } | 1849 | } |
1803 | 1850 | /* Remove MAC from input buffer */ | |
1804 | DBG(debug("MAC #%d ok", state->p_read.seqnr)); | 1851 | DBG(debug("MAC #%d ok", state->p_read.seqnr)); |
1805 | if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0) | 1852 | if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0) |
1806 | goto out; | 1853 | goto out; |
@@ -2045,24 +2092,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) | |||
2045 | { | 2092 | { |
2046 | switch (r) { | 2093 | switch (r) { |
2047 | case SSH_ERR_CONN_CLOSED: | 2094 | case SSH_ERR_CONN_CLOSED: |
2048 | logit("Connection closed by %.200s port %d", | 2095 | logdie("Connection closed by %.200s port %d", |
2049 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 2096 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
2050 | cleanup_exit(255); | ||
2051 | case SSH_ERR_CONN_TIMEOUT: | 2097 | case SSH_ERR_CONN_TIMEOUT: |
2052 | logit("Connection %s %.200s port %d timed out", | 2098 | logdie("Connection %s %.200s port %d timed out", |
2053 | ssh->state->server_side ? "from" : "to", | 2099 | ssh->state->server_side ? "from" : "to", |
2054 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 2100 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
2055 | cleanup_exit(255); | ||
2056 | case SSH_ERR_DISCONNECTED: | 2101 | case SSH_ERR_DISCONNECTED: |
2057 | logit("Disconnected from %.200s port %d", | 2102 | logdie("Disconnected from %.200s port %d", |
2058 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 2103 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
2059 | cleanup_exit(255); | ||
2060 | case SSH_ERR_SYSTEM_ERROR: | 2104 | case SSH_ERR_SYSTEM_ERROR: |
2061 | if (errno == ECONNRESET) { | 2105 | if (errno == ECONNRESET) |
2062 | logit("Connection reset by %.200s port %d", | 2106 | logdie("Connection reset by %.200s port %d", |
2063 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 2107 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
2064 | cleanup_exit(255); | ||
2065 | } | ||
2066 | /* FALLTHROUGH */ | 2108 | /* FALLTHROUGH */ |
2067 | case SSH_ERR_NO_CIPHER_ALG_MATCH: | 2109 | case SSH_ERR_NO_CIPHER_ALG_MATCH: |
2068 | case SSH_ERR_NO_MAC_ALG_MATCH: | 2110 | case SSH_ERR_NO_MAC_ALG_MATCH: |
@@ -2070,14 +2112,14 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) | |||
2070 | case SSH_ERR_NO_KEX_ALG_MATCH: | 2112 | case SSH_ERR_NO_KEX_ALG_MATCH: |
2071 | case SSH_ERR_NO_HOSTKEY_ALG_MATCH: | 2113 | case SSH_ERR_NO_HOSTKEY_ALG_MATCH: |
2072 | if (ssh && ssh->kex && ssh->kex->failed_choice) { | 2114 | if (ssh && ssh->kex && ssh->kex->failed_choice) { |
2073 | fatal("Unable to negotiate with %.200s port %d: %s. " | 2115 | logdie("Unable to negotiate with %.200s port %d: %s. " |
2074 | "Their offer: %s", ssh_remote_ipaddr(ssh), | 2116 | "Their offer: %s", ssh_remote_ipaddr(ssh), |
2075 | ssh_remote_port(ssh), ssh_err(r), | 2117 | ssh_remote_port(ssh), ssh_err(r), |
2076 | ssh->kex->failed_choice); | 2118 | ssh->kex->failed_choice); |
2077 | } | 2119 | } |
2078 | /* FALLTHROUGH */ | 2120 | /* FALLTHROUGH */ |
2079 | default: | 2121 | default: |
2080 | fatal("%s%sConnection %s %.200s port %d: %s", | 2122 | logdie("%s%sConnection %s %.200s port %d: %s", |
2081 | tag != NULL ? tag : "", tag != NULL ? ": " : "", | 2123 | tag != NULL ? tag : "", tag != NULL ? ": " : "", |
2082 | ssh->state->server_side ? "from" : "to", | 2124 | ssh->state->server_side ? "from" : "to", |
2083 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r)); | 2125 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r)); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.h,v 1.70 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: packet.h,v 1.71 2016/03/07 19:02:43 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -56,9 +56,11 @@ struct ssh { | |||
56 | /* Key exchange */ | 56 | /* Key exchange */ |
57 | struct kex *kex; | 57 | struct kex *kex; |
58 | 58 | ||
59 | /* cached remote ip address and port*/ | 59 | /* cached local and remote ip addresses and ports */ |
60 | char *remote_ipaddr; | 60 | char *remote_ipaddr; |
61 | int remote_port; | 61 | int remote_port; |
62 | char *local_ipaddr; | ||
63 | int local_port; | ||
62 | 64 | ||
63 | /* Dispatcher table */ | 65 | /* Dispatcher table */ |
64 | dispatch_fn *dispatch[DISPATCH_MAX]; | 66 | dispatch_fn *dispatch[DISPATCH_MAX]; |
@@ -145,6 +147,8 @@ int ssh_packet_set_state(struct ssh *, struct sshbuf *); | |||
145 | 147 | ||
146 | const char *ssh_remote_ipaddr(struct ssh *); | 148 | const char *ssh_remote_ipaddr(struct ssh *); |
147 | int ssh_remote_port(struct ssh *); | 149 | int ssh_remote_port(struct ssh *); |
150 | const char *ssh_local_ipaddr(struct ssh *); | ||
151 | int ssh_local_port(struct ssh *); | ||
148 | 152 | ||
149 | void ssh_packet_set_rekey_limits(struct ssh *, u_int64_t, time_t); | 153 | void ssh_packet_set_rekey_limits(struct ssh *, u_int64_t, time_t); |
150 | time_t ssh_packet_get_rekey_timeout(struct ssh *); | 154 | time_t ssh_packet_get_rekey_timeout(struct ssh *); |
diff --git a/pathnames.h b/pathnames.h index ec89fc666..f5e11ab15 100644 --- a/pathnames.h +++ b/pathnames.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */ | 1 | /* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -42,8 +42,6 @@ | |||
42 | #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" | 42 | #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" |
43 | #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" | 43 | #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" |
44 | #define _PATH_DH_MODULI SSHDIR "/moduli" | 44 | #define _PATH_DH_MODULI SSHDIR "/moduli" |
45 | /* Backwards compatibility */ | ||
46 | #define _PATH_DH_PRIMES SSHDIR "/primes" | ||
47 | 45 | ||
48 | #ifndef _PATH_SSH_PROGRAM | 46 | #ifndef _PATH_SSH_PROGRAM |
49 | #define _PATH_SSH_PROGRAM "/usr/bin/ssh" | 47 | #define _PATH_SSH_PROGRAM "/usr/bin/ssh" |
diff --git a/platform-tracing.c b/platform-tracing.c new file mode 100644 index 000000000..81020e7f7 --- /dev/null +++ b/platform-tracing.c | |||
@@ -0,0 +1,43 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2016 Darren Tucker. All rights reserved. | ||
3 | * | ||
4 | * Permission to use, copy, modify, and distribute this software for any | ||
5 | * purpose with or without fee is hereby granted, provided that the above | ||
6 | * copyright notice and this permission notice appear in all copies. | ||
7 | * | ||
8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
15 | */ | ||
16 | |||
17 | #include "includes.h" | ||
18 | |||
19 | #include <sys/types.h> | ||
20 | #if defined(HAVE_SYS_PRCTL_H) | ||
21 | #include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */ | ||
22 | #endif | ||
23 | #ifdef HAVE_PRIV_H | ||
24 | #include <priv.h> /* For setpflags() and __PROC_PROTECT */ | ||
25 | #endif | ||
26 | #include <stdarg.h> | ||
27 | |||
28 | #include "log.h" | ||
29 | |||
30 | void | ||
31 | platform_disable_tracing(int strict) | ||
32 | { | ||
33 | #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) | ||
34 | /* Disable ptrace on Linux without sgid bit */ | ||
35 | if (prctl(PR_SET_DUMPABLE, 0) != 0 && strict) | ||
36 | fatal("unable to make the process undumpable"); | ||
37 | #endif | ||
38 | #if defined(HAVE_SETPFLAGS) && defined(__PROC_PROTECT) | ||
39 | /* On Solaris, we should make this process untraceable */ | ||
40 | if (setpflags(__PROC_PROTECT, 1) != 0 && strict) | ||
41 | fatal("unable to make the process untraceable"); | ||
42 | #endif | ||
43 | } | ||
diff --git a/platform.c b/platform.c index 9a23e6e3e..2ce4dbf81 100644 --- a/platform.c +++ b/platform.c | |||
@@ -18,8 +18,6 @@ | |||
18 | 18 | ||
19 | #include "includes.h" | 19 | #include "includes.h" |
20 | 20 | ||
21 | #include <sys/types.h> | ||
22 | |||
23 | #include <stdarg.h> | 21 | #include <stdarg.h> |
24 | #include <unistd.h> | 22 | #include <unistd.h> |
25 | 23 | ||
@@ -107,8 +105,12 @@ platform_setusercontext(struct passwd *pw) | |||
107 | #endif | 105 | #endif |
108 | 106 | ||
109 | #ifdef USE_SOLARIS_PROJECTS | 107 | #ifdef USE_SOLARIS_PROJECTS |
110 | /* if solaris projects were detected, set the default now */ | 108 | /* |
111 | if (getuid() == 0 || geteuid() == 0) | 109 | * If solaris projects were detected, set the default now, unless |
110 | * we are using PAM in which case it is the responsibility of the | ||
111 | * PAM stack. | ||
112 | */ | ||
113 | if (!options.use_pam && (getuid() == 0 || geteuid() == 0)) | ||
112 | solaris_set_default_project(pw); | 114 | solaris_set_default_project(pw); |
113 | #endif | 115 | #endif |
114 | 116 | ||
diff --git a/platform.h b/platform.h index 823901b65..5b7230428 100644 --- a/platform.h +++ b/platform.h | |||
@@ -31,6 +31,7 @@ void platform_setusercontext_post_groups(struct passwd *, const char *); | |||
31 | char *platform_get_krb5_client(const char *); | 31 | char *platform_get_krb5_client(const char *); |
32 | char *platform_krb5_get_principal_name(const char *); | 32 | char *platform_krb5_get_principal_name(const char *); |
33 | int platform_sys_dir_uid(uid_t); | 33 | int platform_sys_dir_uid(uid_t); |
34 | void platform_disable_tracing(int); | ||
34 | 35 | ||
35 | /* in platform-pledge.c */ | 36 | /* in platform-pledge.c */ |
36 | void platform_pledge_agent(void); | 37 | void platform_pledge_agent(void); |
diff --git a/progressmeter.c b/progressmeter.c index 319b7470a..fe9bf52e4 100644 --- a/progressmeter.c +++ b/progressmeter.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: progressmeter.c,v 1.41 2015/01/14 13:54:13 djm Exp $ */ | 1 | /* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2003 Nils Nordman. All rights reserved. | 3 | * Copyright (c) 2003 Nils Nordman. All rights reserved. |
4 | * | 4 | * |
@@ -63,8 +63,8 @@ void refresh_progress_meter(void); | |||
63 | /* signal handler for updating the progress meter */ | 63 | /* signal handler for updating the progress meter */ |
64 | static void update_progress_meter(int); | 64 | static void update_progress_meter(int); |
65 | 65 | ||
66 | static time_t start; /* start progress */ | 66 | static double start; /* start progress */ |
67 | static time_t last_update; /* last progress update */ | 67 | static double last_update; /* last progress update */ |
68 | static const char *file; /* name of the file being transferred */ | 68 | static const char *file; /* name of the file being transferred */ |
69 | static off_t start_pos; /* initial position of transfer */ | 69 | static off_t start_pos; /* initial position of transfer */ |
70 | static off_t end_pos; /* ending position of transfer */ | 70 | static off_t end_pos; /* ending position of transfer */ |
@@ -120,9 +120,8 @@ void | |||
120 | refresh_progress_meter(void) | 120 | refresh_progress_meter(void) |
121 | { | 121 | { |
122 | char buf[MAX_WINSIZE + 1]; | 122 | char buf[MAX_WINSIZE + 1]; |
123 | time_t now; | ||
124 | off_t transferred; | 123 | off_t transferred; |
125 | double elapsed; | 124 | double elapsed, now; |
126 | int percent; | 125 | int percent; |
127 | off_t bytes_left; | 126 | off_t bytes_left; |
128 | int cur_speed; | 127 | int cur_speed; |
@@ -132,7 +131,7 @@ refresh_progress_meter(void) | |||
132 | 131 | ||
133 | transferred = *counter - (cur_pos ? cur_pos : start_pos); | 132 | transferred = *counter - (cur_pos ? cur_pos : start_pos); |
134 | cur_pos = *counter; | 133 | cur_pos = *counter; |
135 | now = monotime(); | 134 | now = monotime_double(); |
136 | bytes_left = end_pos - cur_pos; | 135 | bytes_left = end_pos - cur_pos; |
137 | 136 | ||
138 | if (bytes_left > 0) | 137 | if (bytes_left > 0) |
@@ -172,10 +171,10 @@ refresh_progress_meter(void) | |||
172 | } | 171 | } |
173 | 172 | ||
174 | /* percent of transfer done */ | 173 | /* percent of transfer done */ |
175 | if (end_pos != 0) | 174 | if (end_pos == 0 || cur_pos == end_pos) |
176 | percent = ((float)cur_pos / end_pos) * 100; | ||
177 | else | ||
178 | percent = 100; | 175 | percent = 100; |
176 | else | ||
177 | percent = ((float)cur_pos / end_pos) * 100; | ||
179 | snprintf(buf + strlen(buf), win_size - strlen(buf), | 178 | snprintf(buf + strlen(buf), win_size - strlen(buf), |
180 | " %3d%% ", percent); | 179 | " %3d%% ", percent); |
181 | 180 | ||
@@ -250,7 +249,7 @@ update_progress_meter(int ignore) | |||
250 | void | 249 | void |
251 | start_progress_meter(const char *f, off_t filesize, off_t *ctr) | 250 | start_progress_meter(const char *f, off_t filesize, off_t *ctr) |
252 | { | 251 | { |
253 | start = last_update = monotime(); | 252 | start = last_update = monotime_double(); |
254 | file = f; | 253 | file = f; |
255 | start_pos = *ctr; | 254 | start_pos = *ctr; |
256 | end_pos = filesize; | 255 | end_pos = filesize; |
diff --git a/readconf.c b/readconf.c index dc22360d1..5cd51f3e6 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.250 2016/02/08 23:40:12 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.259 2016/07/22 03:35:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -39,8 +39,11 @@ | |||
39 | #include <stdio.h> | 39 | #include <stdio.h> |
40 | #include <string.h> | 40 | #include <string.h> |
41 | #include <unistd.h> | 41 | #include <unistd.h> |
42 | #include <pwd.h> | 42 | #ifdef USE_SYSTEM_GLOB |
43 | #include <grp.h> | 43 | # include <glob.h> |
44 | #else | ||
45 | # include "openbsd-compat/glob.h" | ||
46 | #endif | ||
44 | #ifdef HAVE_UTIL_H | 47 | #ifdef HAVE_UTIL_H |
45 | #include <util.h> | 48 | #include <util.h> |
46 | #endif | 49 | #endif |
@@ -127,17 +130,24 @@ | |||
127 | 130 | ||
128 | */ | 131 | */ |
129 | 132 | ||
133 | static int read_config_file_depth(const char *filename, struct passwd *pw, | ||
134 | const char *host, const char *original_host, Options *options, | ||
135 | int flags, int *activep, int depth); | ||
136 | static int process_config_line_depth(Options *options, struct passwd *pw, | ||
137 | const char *host, const char *original_host, char *line, | ||
138 | const char *filename, int linenum, int *activep, int flags, int depth); | ||
139 | |||
130 | /* Keyword tokens. */ | 140 | /* Keyword tokens. */ |
131 | 141 | ||
132 | typedef enum { | 142 | typedef enum { |
133 | oBadOption, | 143 | oBadOption, |
134 | oHost, oMatch, | 144 | oHost, oMatch, oInclude, |
135 | oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, | 145 | oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, |
136 | oGatewayPorts, oExitOnForwardFailure, | 146 | oGatewayPorts, oExitOnForwardFailure, |
137 | oPasswordAuthentication, oRSAAuthentication, | 147 | oPasswordAuthentication, oRSAAuthentication, |
138 | oChallengeResponseAuthentication, oXAuthLocation, | 148 | oChallengeResponseAuthentication, oXAuthLocation, |
139 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, | 149 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
140 | oCertificateFile, oAddKeysToAgent, | 150 | oCertificateFile, oAddKeysToAgent, oIdentityAgent, |
141 | oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, | 151 | oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, |
142 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, | 152 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
143 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, | 153 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
@@ -162,7 +172,7 @@ typedef enum { | |||
162 | oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, | 172 | oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, |
163 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, | 173 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
164 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, | 174 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
165 | oPubkeyAcceptedKeyTypes, | 175 | oPubkeyAcceptedKeyTypes, oProxyJump, |
166 | oProtocolKeepAlives, oSetupTimeOut, | 176 | oProtocolKeepAlives, oSetupTimeOut, |
167 | oIgnoredUnknownOption, oDeprecated, oUnsupported | 177 | oIgnoredUnknownOption, oDeprecated, oUnsupported |
168 | } OpCodes; | 178 | } OpCodes; |
@@ -220,6 +230,7 @@ static struct { | |||
220 | { "identitiesonly", oIdentitiesOnly }, | 230 | { "identitiesonly", oIdentitiesOnly }, |
221 | { "certificatefile", oCertificateFile }, | 231 | { "certificatefile", oCertificateFile }, |
222 | { "addkeystoagent", oAddKeysToAgent }, | 232 | { "addkeystoagent", oAddKeysToAgent }, |
233 | { "identityagent", oIdentityAgent }, | ||
223 | { "hostname", oHostName }, | 234 | { "hostname", oHostName }, |
224 | { "hostkeyalias", oHostKeyAlias }, | 235 | { "hostkeyalias", oHostKeyAlias }, |
225 | { "proxycommand", oProxyCommand }, | 236 | { "proxycommand", oProxyCommand }, |
@@ -273,6 +284,7 @@ static struct { | |||
273 | { "controlmaster", oControlMaster }, | 284 | { "controlmaster", oControlMaster }, |
274 | { "controlpersist", oControlPersist }, | 285 | { "controlpersist", oControlPersist }, |
275 | { "hashknownhosts", oHashKnownHosts }, | 286 | { "hashknownhosts", oHashKnownHosts }, |
287 | { "include", oInclude }, | ||
276 | { "tunnel", oTunnel }, | 288 | { "tunnel", oTunnel }, |
277 | { "tunneldevice", oTunnelDevice }, | 289 | { "tunneldevice", oTunnelDevice }, |
278 | { "localcommand", oLocalCommand }, | 290 | { "localcommand", oLocalCommand }, |
@@ -296,6 +308,7 @@ static struct { | |||
296 | { "hostbasedkeytypes", oHostbasedKeyTypes }, | 308 | { "hostbasedkeytypes", oHostbasedKeyTypes }, |
297 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, | 309 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, |
298 | { "ignoreunknown", oIgnoreUnknown }, | 310 | { "ignoreunknown", oIgnoreUnknown }, |
311 | { "proxyjump", oProxyJump }, | ||
299 | { "protocolkeepalives", oProtocolKeepAlives }, | 312 | { "protocolkeepalives", oProtocolKeepAlives }, |
300 | { "setuptimeout", oSetupTimeOut }, | 313 | { "setuptimeout", oSetupTimeOut }, |
301 | 314 | ||
@@ -311,12 +324,17 @@ void | |||
311 | add_local_forward(Options *options, const struct Forward *newfwd) | 324 | add_local_forward(Options *options, const struct Forward *newfwd) |
312 | { | 325 | { |
313 | struct Forward *fwd; | 326 | struct Forward *fwd; |
314 | #ifndef NO_IPPORT_RESERVED_CONCEPT | ||
315 | extern uid_t original_real_uid; | 327 | extern uid_t original_real_uid; |
328 | int i; | ||
329 | |||
316 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 && | 330 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 && |
317 | newfwd->listen_path == NULL) | 331 | newfwd->listen_path == NULL) |
318 | fatal("Privileged ports can only be forwarded by root."); | 332 | fatal("Privileged ports can only be forwarded by root."); |
319 | #endif | 333 | /* Don't add duplicates */ |
334 | for (i = 0; i < options->num_local_forwards; i++) { | ||
335 | if (forward_equals(newfwd, options->local_forwards + i)) | ||
336 | return; | ||
337 | } | ||
320 | options->local_forwards = xreallocarray(options->local_forwards, | 338 | options->local_forwards = xreallocarray(options->local_forwards, |
321 | options->num_local_forwards + 1, | 339 | options->num_local_forwards + 1, |
322 | sizeof(*options->local_forwards)); | 340 | sizeof(*options->local_forwards)); |
@@ -339,7 +357,13 @@ void | |||
339 | add_remote_forward(Options *options, const struct Forward *newfwd) | 357 | add_remote_forward(Options *options, const struct Forward *newfwd) |
340 | { | 358 | { |
341 | struct Forward *fwd; | 359 | struct Forward *fwd; |
360 | int i; | ||
342 | 361 | ||
362 | /* Don't add duplicates */ | ||
363 | for (i = 0; i < options->num_remote_forwards; i++) { | ||
364 | if (forward_equals(newfwd, options->remote_forwards + i)) | ||
365 | return; | ||
366 | } | ||
343 | options->remote_forwards = xreallocarray(options->remote_forwards, | 367 | options->remote_forwards = xreallocarray(options->remote_forwards, |
344 | options->num_remote_forwards + 1, | 368 | options->num_remote_forwards + 1, |
345 | sizeof(*options->remote_forwards)); | 369 | sizeof(*options->remote_forwards)); |
@@ -789,22 +813,32 @@ static const struct multistate multistate_canonicalizehostname[] = { | |||
789 | * Processes a single option line as used in the configuration files. This | 813 | * Processes a single option line as used in the configuration files. This |
790 | * only sets those values that have not already been set. | 814 | * only sets those values that have not already been set. |
791 | */ | 815 | */ |
792 | #define WHITESPACE " \t\r\n" | ||
793 | int | 816 | int |
794 | process_config_line(Options *options, struct passwd *pw, const char *host, | 817 | process_config_line(Options *options, struct passwd *pw, const char *host, |
795 | const char *original_host, char *line, const char *filename, | 818 | const char *original_host, char *line, const char *filename, |
796 | int linenum, int *activep, int flags) | 819 | int linenum, int *activep, int flags) |
797 | { | 820 | { |
821 | return process_config_line_depth(options, pw, host, original_host, | ||
822 | line, filename, linenum, activep, flags, 0); | ||
823 | } | ||
824 | |||
825 | #define WHITESPACE " \t\r\n" | ||
826 | static int | ||
827 | process_config_line_depth(Options *options, struct passwd *pw, const char *host, | ||
828 | const char *original_host, char *line, const char *filename, | ||
829 | int linenum, int *activep, int flags, int depth) | ||
830 | { | ||
798 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; | 831 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; |
799 | char **cpptr, fwdarg[256]; | 832 | char **cpptr, fwdarg[256]; |
800 | u_int i, *uintptr, max_entries = 0; | 833 | u_int i, *uintptr, max_entries = 0; |
801 | int negated, opcode, *intptr, value, value2, cmdline = 0; | 834 | int r, oactive, negated, opcode, *intptr, value, value2, cmdline = 0; |
802 | LogLevel *log_level_ptr; | 835 | LogLevel *log_level_ptr; |
803 | long long val64; | 836 | long long val64; |
804 | size_t len; | 837 | size_t len; |
805 | struct Forward fwd; | 838 | struct Forward fwd; |
806 | const struct multistate *multistate_ptr; | 839 | const struct multistate *multistate_ptr; |
807 | struct allowed_cname *cname; | 840 | struct allowed_cname *cname; |
841 | glob_t gl; | ||
808 | 842 | ||
809 | if (activep == NULL) { /* We are processing a command line directive */ | 843 | if (activep == NULL) { /* We are processing a command line directive */ |
810 | cmdline = 1; | 844 | cmdline = 1; |
@@ -1123,6 +1157,9 @@ parse_char_array: | |||
1123 | 1157 | ||
1124 | case oProxyCommand: | 1158 | case oProxyCommand: |
1125 | charptr = &options->proxy_command; | 1159 | charptr = &options->proxy_command; |
1160 | /* Ignore ProxyCommand if ProxyJump already specified */ | ||
1161 | if (options->jump_host != NULL) | ||
1162 | charptr = &options->jump_host; /* Skip below */ | ||
1126 | parse_command: | 1163 | parse_command: |
1127 | if (s == NULL) | 1164 | if (s == NULL) |
1128 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 1165 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
@@ -1131,6 +1168,18 @@ parse_command: | |||
1131 | *charptr = xstrdup(s + len); | 1168 | *charptr = xstrdup(s + len); |
1132 | return 0; | 1169 | return 0; |
1133 | 1170 | ||
1171 | case oProxyJump: | ||
1172 | if (s == NULL) { | ||
1173 | fatal("%.200s line %d: Missing argument.", | ||
1174 | filename, linenum); | ||
1175 | } | ||
1176 | len = strspn(s, WHITESPACE "="); | ||
1177 | if (parse_jump(s + len, options, *activep) == -1) { | ||
1178 | fatal("%.200s line %d: Invalid ProxyJump \"%s\"", | ||
1179 | filename, linenum, s + len); | ||
1180 | } | ||
1181 | return 0; | ||
1182 | |||
1134 | case oPort: | 1183 | case oPort: |
1135 | intptr = &options->port; | 1184 | intptr = &options->port; |
1136 | parse_int: | 1185 | parse_int: |
@@ -1284,6 +1333,8 @@ parse_keytypes: | |||
1284 | *activep = 0; | 1333 | *activep = 0; |
1285 | arg2 = NULL; | 1334 | arg2 = NULL; |
1286 | while ((arg = strdelim(&s)) != NULL && *arg != '\0') { | 1335 | while ((arg = strdelim(&s)) != NULL && *arg != '\0') { |
1336 | if ((flags & SSHCONF_NEVERMATCH) != 0) | ||
1337 | break; | ||
1287 | negated = *arg == '!'; | 1338 | negated = *arg == '!'; |
1288 | if (negated) | 1339 | if (negated) |
1289 | arg++; | 1340 | arg++; |
@@ -1316,7 +1367,7 @@ parse_keytypes: | |||
1316 | if (value < 0) | 1367 | if (value < 0) |
1317 | fatal("%.200s line %d: Bad Match condition", filename, | 1368 | fatal("%.200s line %d: Bad Match condition", filename, |
1318 | linenum); | 1369 | linenum); |
1319 | *activep = value; | 1370 | *activep = (flags & SSHCONF_NEVERMATCH) ? 0 : value; |
1320 | break; | 1371 | break; |
1321 | 1372 | ||
1322 | case oEscapeChar: | 1373 | case oEscapeChar: |
@@ -1446,6 +1497,63 @@ parse_keytypes: | |||
1446 | intptr = &options->visual_host_key; | 1497 | intptr = &options->visual_host_key; |
1447 | goto parse_flag; | 1498 | goto parse_flag; |
1448 | 1499 | ||
1500 | case oInclude: | ||
1501 | if (cmdline) | ||
1502 | fatal("Include directive not supported as a " | ||
1503 | "command-line option"); | ||
1504 | value = 0; | ||
1505 | while ((arg = strdelim(&s)) != NULL && *arg != '\0') { | ||
1506 | /* | ||
1507 | * Ensure all paths are anchored. User configuration | ||
1508 | * files may begin with '~/' but system configurations | ||
1509 | * must not. If the path is relative, then treat it | ||
1510 | * as living in ~/.ssh for user configurations or | ||
1511 | * /etc/ssh for system ones. | ||
1512 | */ | ||
1513 | if (*arg == '~' && (flags & SSHCONF_USERCONF) == 0) | ||
1514 | fatal("%.200s line %d: bad include path %s.", | ||
1515 | filename, linenum, arg); | ||
1516 | if (*arg != '/' && *arg != '~') { | ||
1517 | xasprintf(&arg2, "%s/%s", | ||
1518 | (flags & SSHCONF_USERCONF) ? | ||
1519 | "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); | ||
1520 | } else | ||
1521 | arg2 = xstrdup(arg); | ||
1522 | memset(&gl, 0, sizeof(gl)); | ||
1523 | r = glob(arg2, GLOB_TILDE, NULL, &gl); | ||
1524 | if (r == GLOB_NOMATCH) { | ||
1525 | debug("%.200s line %d: include %s matched no " | ||
1526 | "files",filename, linenum, arg2); | ||
1527 | continue; | ||
1528 | } else if (r != 0 || gl.gl_pathc < 0) | ||
1529 | fatal("%.200s line %d: glob failed for %s.", | ||
1530 | filename, linenum, arg2); | ||
1531 | free(arg2); | ||
1532 | oactive = *activep; | ||
1533 | for (i = 0; i < (u_int)gl.gl_pathc; i++) { | ||
1534 | debug3("%.200s line %d: Including file %s " | ||
1535 | "depth %d%s", filename, linenum, | ||
1536 | gl.gl_pathv[i], depth, | ||
1537 | oactive ? "" : " (parse only)"); | ||
1538 | r = read_config_file_depth(gl.gl_pathv[i], | ||
1539 | pw, host, original_host, options, | ||
1540 | flags | SSHCONF_CHECKPERM | | ||
1541 | (oactive ? 0 : SSHCONF_NEVERMATCH), | ||
1542 | activep, depth + 1); | ||
1543 | /* | ||
1544 | * don't let Match in includes clobber the | ||
1545 | * containing file's Match state. | ||
1546 | */ | ||
1547 | *activep = oactive; | ||
1548 | if (r != 1) | ||
1549 | value = -1; | ||
1550 | } | ||
1551 | globfree(&gl); | ||
1552 | } | ||
1553 | if (value != 0) | ||
1554 | return value; | ||
1555 | break; | ||
1556 | |||
1449 | case oIPQoS: | 1557 | case oIPQoS: |
1450 | arg = strdelim(&s); | 1558 | arg = strdelim(&s); |
1451 | if ((value = parse_ipqos(arg)) == -1) | 1559 | if ((value = parse_ipqos(arg)) == -1) |
@@ -1582,6 +1690,10 @@ parse_keytypes: | |||
1582 | multistate_ptr = multistate_yesnoaskconfirm; | 1690 | multistate_ptr = multistate_yesnoaskconfirm; |
1583 | goto parse_multistate; | 1691 | goto parse_multistate; |
1584 | 1692 | ||
1693 | case oIdentityAgent: | ||
1694 | charptr = &options->identity_agent; | ||
1695 | goto parse_string; | ||
1696 | |||
1585 | case oDeprecated: | 1697 | case oDeprecated: |
1586 | debug("%s line %d: Deprecated option \"%s\"", | 1698 | debug("%s line %d: Deprecated option \"%s\"", |
1587 | filename, linenum, keyword); | 1699 | filename, linenum, keyword); |
@@ -1604,22 +1716,35 @@ parse_keytypes: | |||
1604 | return 0; | 1716 | return 0; |
1605 | } | 1717 | } |
1606 | 1718 | ||
1607 | |||
1608 | /* | 1719 | /* |
1609 | * Reads the config file and modifies the options accordingly. Options | 1720 | * Reads the config file and modifies the options accordingly. Options |
1610 | * should already be initialized before this call. This never returns if | 1721 | * should already be initialized before this call. This never returns if |
1611 | * there is an error. If the file does not exist, this returns 0. | 1722 | * there is an error. If the file does not exist, this returns 0. |
1612 | */ | 1723 | */ |
1613 | |||
1614 | int | 1724 | int |
1615 | read_config_file(const char *filename, struct passwd *pw, const char *host, | 1725 | read_config_file(const char *filename, struct passwd *pw, const char *host, |
1616 | const char *original_host, Options *options, int flags) | 1726 | const char *original_host, Options *options, int flags) |
1617 | { | 1727 | { |
1728 | int active = 1; | ||
1729 | |||
1730 | return read_config_file_depth(filename, pw, host, original_host, | ||
1731 | options, flags, &active, 0); | ||
1732 | } | ||
1733 | |||
1734 | #define READCONF_MAX_DEPTH 16 | ||
1735 | static int | ||
1736 | read_config_file_depth(const char *filename, struct passwd *pw, | ||
1737 | const char *host, const char *original_host, Options *options, | ||
1738 | int flags, int *activep, int depth) | ||
1739 | { | ||
1618 | FILE *f; | 1740 | FILE *f; |
1619 | char line[1024]; | 1741 | char line[1024]; |
1620 | int active, linenum; | 1742 | int linenum; |
1621 | int bad_options = 0; | 1743 | int bad_options = 0; |
1622 | 1744 | ||
1745 | if (depth < 0 || depth > READCONF_MAX_DEPTH) | ||
1746 | fatal("Too many recursive configuration includes"); | ||
1747 | |||
1623 | if ((f = fopen(filename, "r")) == NULL) | 1748 | if ((f = fopen(filename, "r")) == NULL) |
1624 | return 0; | 1749 | return 0; |
1625 | 1750 | ||
@@ -1638,13 +1763,12 @@ read_config_file(const char *filename, struct passwd *pw, const char *host, | |||
1638 | * Mark that we are now processing the options. This flag is turned | 1763 | * Mark that we are now processing the options. This flag is turned |
1639 | * on/off by Host specifications. | 1764 | * on/off by Host specifications. |
1640 | */ | 1765 | */ |
1641 | active = 1; | ||
1642 | linenum = 0; | 1766 | linenum = 0; |
1643 | while (fgets(line, sizeof(line), f)) { | 1767 | while (fgets(line, sizeof(line), f)) { |
1644 | /* Update line number counter. */ | 1768 | /* Update line number counter. */ |
1645 | linenum++; | 1769 | linenum++; |
1646 | if (process_config_line(options, pw, host, original_host, | 1770 | if (process_config_line_depth(options, pw, host, original_host, |
1647 | line, filename, linenum, &active, flags) != 0) | 1771 | line, filename, linenum, activep, flags, depth) != 0) |
1648 | bad_options++; | 1772 | bad_options++; |
1649 | } | 1773 | } |
1650 | fclose(f); | 1774 | fclose(f); |
@@ -1676,6 +1800,9 @@ initialize_options(Options * options) | |||
1676 | options->forward_x11 = -1; | 1800 | options->forward_x11 = -1; |
1677 | options->forward_x11_trusted = -1; | 1801 | options->forward_x11_trusted = -1; |
1678 | options->forward_x11_timeout = -1; | 1802 | options->forward_x11_timeout = -1; |
1803 | options->stdio_forward_host = NULL; | ||
1804 | options->stdio_forward_port = 0; | ||
1805 | options->clear_forwardings = -1; | ||
1679 | options->exit_on_forward_failure = -1; | 1806 | options->exit_on_forward_failure = -1; |
1680 | options->xauth_location = NULL; | 1807 | options->xauth_location = NULL; |
1681 | options->fwd_opts.gateway_ports = -1; | 1808 | options->fwd_opts.gateway_ports = -1; |
@@ -1719,6 +1846,10 @@ initialize_options(Options * options) | |||
1719 | options->hostname = NULL; | 1846 | options->hostname = NULL; |
1720 | options->host_key_alias = NULL; | 1847 | options->host_key_alias = NULL; |
1721 | options->proxy_command = NULL; | 1848 | options->proxy_command = NULL; |
1849 | options->jump_user = NULL; | ||
1850 | options->jump_host = NULL; | ||
1851 | options->jump_port = -1; | ||
1852 | options->jump_extra = NULL; | ||
1722 | options->user = NULL; | 1853 | options->user = NULL; |
1723 | options->escape_char = -1; | 1854 | options->escape_char = -1; |
1724 | options->num_system_hostfiles = 0; | 1855 | options->num_system_hostfiles = 0; |
@@ -1727,7 +1858,6 @@ initialize_options(Options * options) | |||
1727 | options->num_local_forwards = 0; | 1858 | options->num_local_forwards = 0; |
1728 | options->remote_forwards = NULL; | 1859 | options->remote_forwards = NULL; |
1729 | options->num_remote_forwards = 0; | 1860 | options->num_remote_forwards = 0; |
1730 | options->clear_forwardings = -1; | ||
1731 | options->log_level = SYSLOG_LEVEL_NOT_SET; | 1861 | options->log_level = SYSLOG_LEVEL_NOT_SET; |
1732 | options->preferred_authentications = NULL; | 1862 | options->preferred_authentications = NULL; |
1733 | options->bind_address = NULL; | 1863 | options->bind_address = NULL; |
@@ -1752,6 +1882,7 @@ initialize_options(Options * options) | |||
1752 | options->local_command = NULL; | 1882 | options->local_command = NULL; |
1753 | options->permit_local_command = -1; | 1883 | options->permit_local_command = -1; |
1754 | options->add_keys_to_agent = -1; | 1884 | options->add_keys_to_agent = -1; |
1885 | options->identity_agent = NULL; | ||
1755 | options->visual_host_key = -1; | 1886 | options->visual_host_key = -1; |
1756 | options->ip_qos_interactive = -1; | 1887 | options->ip_qos_interactive = -1; |
1757 | options->ip_qos_bulk = -1; | 1888 | options->ip_qos_bulk = -1; |
@@ -1800,8 +1931,19 @@ fill_default_options(Options * options) | |||
1800 | options->forward_x11_trusted = 1; | 1931 | options->forward_x11_trusted = 1; |
1801 | if (options->forward_x11_timeout == -1) | 1932 | if (options->forward_x11_timeout == -1) |
1802 | options->forward_x11_timeout = 1200; | 1933 | options->forward_x11_timeout = 1200; |
1934 | /* | ||
1935 | * stdio forwarding (-W) changes the default for these but we defer | ||
1936 | * setting the values so they can be overridden. | ||
1937 | */ | ||
1803 | if (options->exit_on_forward_failure == -1) | 1938 | if (options->exit_on_forward_failure == -1) |
1804 | options->exit_on_forward_failure = 0; | 1939 | options->exit_on_forward_failure = |
1940 | options->stdio_forward_host != NULL ? 1 : 0; | ||
1941 | if (options->clear_forwardings == -1) | ||
1942 | options->clear_forwardings = | ||
1943 | options->stdio_forward_host != NULL ? 1 : 0; | ||
1944 | if (options->clear_forwardings == 1) | ||
1945 | clear_forwardings(options); | ||
1946 | |||
1805 | if (options->xauth_location == NULL) | 1947 | if (options->xauth_location == NULL) |
1806 | options->xauth_location = _PATH_XAUTH; | 1948 | options->xauth_location = _PATH_XAUTH; |
1807 | if (options->fwd_opts.gateway_ports == -1) | 1949 | if (options->fwd_opts.gateway_ports == -1) |
@@ -1898,8 +2040,6 @@ fill_default_options(Options * options) | |||
1898 | } | 2040 | } |
1899 | if (options->log_level == SYSLOG_LEVEL_NOT_SET) | 2041 | if (options->log_level == SYSLOG_LEVEL_NOT_SET) |
1900 | options->log_level = SYSLOG_LEVEL_INFO; | 2042 | options->log_level = SYSLOG_LEVEL_INFO; |
1901 | if (options->clear_forwardings == 1) | ||
1902 | clear_forwardings(options); | ||
1903 | if (options->no_host_authentication_for_localhost == - 1) | 2043 | if (options->no_host_authentication_for_localhost == - 1) |
1904 | options->no_host_authentication_for_localhost = 0; | 2044 | options->no_host_authentication_for_localhost = 0; |
1905 | if (options->identities_only == -1) | 2045 | if (options->identities_only == -1) |
@@ -1977,6 +2117,7 @@ fill_default_options(Options * options) | |||
1977 | CLEAR_ON_NONE(options->proxy_command); | 2117 | CLEAR_ON_NONE(options->proxy_command); |
1978 | CLEAR_ON_NONE(options->control_path); | 2118 | CLEAR_ON_NONE(options->control_path); |
1979 | CLEAR_ON_NONE(options->revoked_host_keys); | 2119 | CLEAR_ON_NONE(options->revoked_host_keys); |
2120 | /* options->identity_agent distinguishes NULL from 'none' */ | ||
1980 | /* options->user will be set in the main program if appropriate */ | 2121 | /* options->user will be set in the main program if appropriate */ |
1981 | /* options->hostname will be set in the main program if appropriate */ | 2122 | /* options->hostname will be set in the main program if appropriate */ |
1982 | /* options->host_key_alias should not be set by default */ | 2123 | /* options->host_key_alias should not be set by default */ |
@@ -2192,6 +2333,54 @@ parse_forward(struct Forward *fwd, const char *fwdspec, int dynamicfwd, int remo | |||
2192 | return (0); | 2333 | return (0); |
2193 | } | 2334 | } |
2194 | 2335 | ||
2336 | int | ||
2337 | parse_jump(const char *s, Options *o, int active) | ||
2338 | { | ||
2339 | char *orig, *sdup, *cp; | ||
2340 | char *host = NULL, *user = NULL; | ||
2341 | int ret = -1, port = -1, first; | ||
2342 | |||
2343 | active &= o->proxy_command == NULL && o->jump_host == NULL; | ||
2344 | |||
2345 | orig = sdup = xstrdup(s); | ||
2346 | first = active; | ||
2347 | do { | ||
2348 | if ((cp = strrchr(sdup, ',')) == NULL) | ||
2349 | cp = sdup; /* last */ | ||
2350 | else | ||
2351 | *cp++ = '\0'; | ||
2352 | |||
2353 | if (first) { | ||
2354 | /* First argument and configuration is active */ | ||
2355 | if (parse_user_host_port(cp, &user, &host, &port) != 0) | ||
2356 | goto out; | ||
2357 | } else { | ||
2358 | /* Subsequent argument or inactive configuration */ | ||
2359 | if (parse_user_host_port(cp, NULL, NULL, NULL) != 0) | ||
2360 | goto out; | ||
2361 | } | ||
2362 | first = 0; /* only check syntax for subsequent hosts */ | ||
2363 | } while (cp != sdup); | ||
2364 | /* success */ | ||
2365 | if (active) { | ||
2366 | o->jump_user = user; | ||
2367 | o->jump_host = host; | ||
2368 | o->jump_port = port; | ||
2369 | o->proxy_command = xstrdup("none"); | ||
2370 | user = host = NULL; | ||
2371 | if ((cp = strrchr(s, ',')) != NULL && cp != s) { | ||
2372 | o->jump_extra = xstrdup(s); | ||
2373 | o->jump_extra[cp - s] = '\0'; | ||
2374 | } | ||
2375 | } | ||
2376 | ret = 0; | ||
2377 | out: | ||
2378 | free(orig); | ||
2379 | free(user); | ||
2380 | free(host); | ||
2381 | return ret; | ||
2382 | } | ||
2383 | |||
2195 | /* XXX the following is a near-vebatim copy from servconf.c; refactor */ | 2384 | /* XXX the following is a near-vebatim copy from servconf.c; refactor */ |
2196 | static const char * | 2385 | static const char * |
2197 | fmt_multistate_int(int val, const struct multistate *m) | 2386 | fmt_multistate_int(int val, const struct multistate *m) |
@@ -2343,7 +2532,7 @@ void | |||
2343 | dump_client_config(Options *o, const char *host) | 2532 | dump_client_config(Options *o, const char *host) |
2344 | { | 2533 | { |
2345 | int i; | 2534 | int i; |
2346 | char vbuf[5]; | 2535 | char buf[8]; |
2347 | 2536 | ||
2348 | /* This is normally prepared in ssh_kex2 */ | 2537 | /* This is normally prepared in ssh_kex2 */ |
2349 | if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0) | 2538 | if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0) |
@@ -2364,6 +2553,7 @@ dump_client_config(Options *o, const char *host) | |||
2364 | dump_cfg_fmtint(oCompression, o->compression); | 2553 | dump_cfg_fmtint(oCompression, o->compression); |
2365 | dump_cfg_fmtint(oControlMaster, o->control_master); | 2554 | dump_cfg_fmtint(oControlMaster, o->control_master); |
2366 | dump_cfg_fmtint(oEnableSSHKeysign, o->enable_ssh_keysign); | 2555 | dump_cfg_fmtint(oEnableSSHKeysign, o->enable_ssh_keysign); |
2556 | dump_cfg_fmtint(oClearAllForwardings, o->clear_forwardings); | ||
2367 | dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure); | 2557 | dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure); |
2368 | dump_cfg_fmtint(oFingerprintHash, o->fingerprint_hash); | 2558 | dump_cfg_fmtint(oFingerprintHash, o->fingerprint_hash); |
2369 | dump_cfg_fmtint(oForwardAgent, o->forward_agent); | 2559 | dump_cfg_fmtint(oForwardAgent, o->forward_agent); |
@@ -2412,6 +2602,7 @@ dump_client_config(Options *o, const char *host) | |||
2412 | dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); | 2602 | dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); |
2413 | dump_cfg_string(oHostKeyAlias, o->host_key_alias); | 2603 | dump_cfg_string(oHostKeyAlias, o->host_key_alias); |
2414 | dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types); | 2604 | dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types); |
2605 | dump_cfg_string(oIdentityAgent, o->identity_agent); | ||
2415 | dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); | 2606 | dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); |
2416 | dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); | 2607 | dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); |
2417 | dump_cfg_string(oLocalCommand, o->local_command); | 2608 | dump_cfg_string(oLocalCommand, o->local_command); |
@@ -2419,7 +2610,6 @@ dump_client_config(Options *o, const char *host) | |||
2419 | dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); | 2610 | dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); |
2420 | dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); | 2611 | dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); |
2421 | dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); | 2612 | dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); |
2422 | dump_cfg_string(oProxyCommand, o->proxy_command); | ||
2423 | dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types); | 2613 | dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types); |
2424 | dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); | 2614 | dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); |
2425 | dump_cfg_string(oXAuthLocation, o->xauth_location); | 2615 | dump_cfg_string(oXAuthLocation, o->xauth_location); |
@@ -2480,8 +2670,8 @@ dump_client_config(Options *o, const char *host) | |||
2480 | if (o->escape_char == SSH_ESCAPECHAR_NONE) | 2670 | if (o->escape_char == SSH_ESCAPECHAR_NONE) |
2481 | printf("escapechar none\n"); | 2671 | printf("escapechar none\n"); |
2482 | else { | 2672 | else { |
2483 | vis(vbuf, o->escape_char, VIS_WHITE, 0); | 2673 | vis(buf, o->escape_char, VIS_WHITE, 0); |
2484 | printf("escapechar %s\n", vbuf); | 2674 | printf("escapechar %s\n", buf); |
2485 | } | 2675 | } |
2486 | 2676 | ||
2487 | /* oIPQoS */ | 2677 | /* oIPQoS */ |
@@ -2495,4 +2685,30 @@ dump_client_config(Options *o, const char *host) | |||
2495 | /* oStreamLocalBindMask */ | 2685 | /* oStreamLocalBindMask */ |
2496 | printf("streamlocalbindmask 0%o\n", | 2686 | printf("streamlocalbindmask 0%o\n", |
2497 | o->fwd_opts.streamlocal_bind_mask); | 2687 | o->fwd_opts.streamlocal_bind_mask); |
2688 | |||
2689 | /* oProxyCommand / oProxyJump */ | ||
2690 | if (o->jump_host == NULL) | ||
2691 | dump_cfg_string(oProxyCommand, o->proxy_command); | ||
2692 | else { | ||
2693 | /* Check for numeric addresses */ | ||
2694 | i = strchr(o->jump_host, ':') != NULL || | ||
2695 | strspn(o->jump_host, "1234567890.") == strlen(o->jump_host); | ||
2696 | snprintf(buf, sizeof(buf), "%d", o->jump_port); | ||
2697 | printf("proxyjump %s%s%s%s%s%s%s%s%s\n", | ||
2698 | /* optional additional jump spec */ | ||
2699 | o->jump_extra == NULL ? "" : o->jump_extra, | ||
2700 | o->jump_extra == NULL ? "" : ",", | ||
2701 | /* optional user */ | ||
2702 | o->jump_user == NULL ? "" : o->jump_user, | ||
2703 | o->jump_user == NULL ? "" : "@", | ||
2704 | /* opening [ if hostname is numeric */ | ||
2705 | i ? "[" : "", | ||
2706 | /* mandatory hostname */ | ||
2707 | o->jump_host, | ||
2708 | /* closing ] if hostname is numeric */ | ||
2709 | i ? "]" : "", | ||
2710 | /* optional port number */ | ||
2711 | o->jump_port <= 0 ? "" : ":", | ||
2712 | o->jump_port <= 0 ? "" : buf); | ||
2713 | } | ||
2498 | } | 2714 | } |
diff --git a/readconf.h b/readconf.h index 37a055521..fd3d7c75d 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.113 2016/01/14 16:17:40 markus Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.117 2016/07/15 00:24:30 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -106,6 +106,7 @@ typedef struct { | |||
106 | struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; | 106 | struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; |
107 | 107 | ||
108 | int add_keys_to_agent; | 108 | int add_keys_to_agent; |
109 | char *identity_agent; /* Optional path to ssh-agent socket */ | ||
109 | 110 | ||
110 | /* Local TCP/IP forward requests. */ | 111 | /* Local TCP/IP forward requests. */ |
111 | int num_local_forwards; | 112 | int num_local_forwards; |
@@ -116,6 +117,10 @@ typedef struct { | |||
116 | struct Forward *remote_forwards; | 117 | struct Forward *remote_forwards; |
117 | int clear_forwardings; | 118 | int clear_forwardings; |
118 | 119 | ||
120 | /* stdio forwarding (-W) host and port */ | ||
121 | char *stdio_forward_host; | ||
122 | int stdio_forward_port; | ||
123 | |||
119 | int enable_ssh_keysign; | 124 | int enable_ssh_keysign; |
120 | int64_t rekey_limit; | 125 | int64_t rekey_limit; |
121 | int rekey_interval; | 126 | int rekey_interval; |
@@ -163,6 +168,11 @@ typedef struct { | |||
163 | char *hostbased_key_types; | 168 | char *hostbased_key_types; |
164 | char *pubkey_key_types; | 169 | char *pubkey_key_types; |
165 | 170 | ||
171 | char *jump_user; | ||
172 | char *jump_host; | ||
173 | int jump_port; | ||
174 | char *jump_extra; | ||
175 | |||
166 | char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ | 176 | char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ |
167 | } Options; | 177 | } Options; |
168 | 178 | ||
@@ -184,6 +194,7 @@ typedef struct { | |||
184 | #define SSHCONF_CHECKPERM 1 /* check permissions on config file */ | 194 | #define SSHCONF_CHECKPERM 1 /* check permissions on config file */ |
185 | #define SSHCONF_USERCONF 2 /* user provided config file not system */ | 195 | #define SSHCONF_USERCONF 2 /* user provided config file not system */ |
186 | #define SSHCONF_POSTCANON 4 /* After hostname canonicalisation */ | 196 | #define SSHCONF_POSTCANON 4 /* After hostname canonicalisation */ |
197 | #define SSHCONF_NEVERMATCH 8 /* Match/Host never matches; internal only */ | ||
187 | 198 | ||
188 | #define SSH_UPDATE_HOSTKEYS_NO 0 | 199 | #define SSH_UPDATE_HOSTKEYS_NO 0 |
189 | #define SSH_UPDATE_HOSTKEYS_YES 1 | 200 | #define SSH_UPDATE_HOSTKEYS_YES 1 |
@@ -197,6 +208,7 @@ int process_config_line(Options *, struct passwd *, const char *, | |||
197 | int read_config_file(const char *, struct passwd *, const char *, | 208 | int read_config_file(const char *, struct passwd *, const char *, |
198 | const char *, Options *, int); | 209 | const char *, Options *, int); |
199 | int parse_forward(struct Forward *, const char *, int, int); | 210 | int parse_forward(struct Forward *, const char *, int, int); |
211 | int parse_jump(const char *, Options *, int); | ||
200 | int default_ssh_port(void); | 212 | int default_ssh_port(void); |
201 | int option_clear_or_none(const char *); | 213 | int option_clear_or_none(const char *); |
202 | void dump_client_config(Options *o, const char *host); | 214 | void dump_client_config(Options *o, const char *host); |
diff --git a/regress/.cvsignore b/regress/.cvsignore deleted file mode 100644 index 3fd25b02e..000000000 --- a/regress/.cvsignore +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | *-agent | ||
2 | *.copy | ||
3 | *.log | ||
4 | *.prv | ||
5 | *.pub | ||
6 | actual | ||
7 | authorized_keys_* | ||
8 | batch | ||
9 | copy.dd* | ||
10 | data | ||
11 | expect | ||
12 | host.rsa* | ||
13 | key.* | ||
14 | known_hosts | ||
15 | krl-* | ||
16 | modpipe | ||
17 | remote_pid | ||
18 | revoked-* | ||
19 | revoked-ca | ||
20 | revoked-keyid | ||
21 | revoked-serials | ||
22 | rsa | ||
23 | rsa1 | ||
24 | sftp-server.sh | ||
25 | ssh-log-wrapper.sh | ||
26 | ssh_config | ||
27 | ssh_proxy* | ||
28 | sshd_config | ||
29 | sshd_proxy* | ||
30 | t*.out | ||
31 | t*.out[0-9] | ||
diff --git a/regress/Makefile b/regress/Makefile index 451909c1a..08fd82dbf 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.82 2015/09/24 06:16:53 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.88 2016/06/03 04:10:41 dtucker Exp $ |
2 | 2 | ||
3 | REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec | 3 | REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec |
4 | tests: prep $(REGRESS_TARGETS) | 4 | tests: prep $(REGRESS_TARGETS) |
@@ -54,6 +54,7 @@ LTESTS= connect \ | |||
54 | multiplex \ | 54 | multiplex \ |
55 | reexec \ | 55 | reexec \ |
56 | brokenkeys \ | 56 | brokenkeys \ |
57 | sshcfgparse \ | ||
57 | cfgparse \ | 58 | cfgparse \ |
58 | cfgmatch \ | 59 | cfgmatch \ |
59 | addrmatch \ | 60 | addrmatch \ |
@@ -75,7 +76,8 @@ LTESTS= connect \ | |||
75 | keygen-knownhosts \ | 76 | keygen-knownhosts \ |
76 | hostkey-rotate \ | 77 | hostkey-rotate \ |
77 | principals-command \ | 78 | principals-command \ |
78 | cert-file | 79 | cert-file \ |
80 | cfginclude | ||
79 | 81 | ||
80 | 82 | ||
81 | # dhgex \ | 83 | # dhgex \ |
@@ -86,27 +88,28 @@ INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers | |||
86 | #LTESTS= cipher-speed | 88 | #LTESTS= cipher-speed |
87 | 89 | ||
88 | USER!= id -un | 90 | USER!= id -un |
89 | CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ | 91 | CLEANFILES= *.core actual agent-key.* authorized_keys_${USER} \ |
90 | t8.out t8.out.pub t9.out t9.out.pub t10.out t10.out.pub \ | 92 | authorized_keys_${USER}.* authorized_principals_${USER} \ |
91 | t12.out t12.out.pub \ | 93 | banner.in banner.out cert_host_key* cert_user_key* \ |
92 | authorized_keys_${USER} known_hosts pidfile testdata \ | 94 | copy.1 copy.2 data ed25519-agent ed25519-agent* \ |
93 | ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \ | 95 | ed25519-agent.pub empty.in expect failed-regress.log \ |
94 | rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ | 96 | failed-ssh.log failed-sshd.log hkr.* host.rsa host.rsa1 \ |
95 | rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ | 97 | host_* host_ca_key* host_krl_* host_revoked_* key.* \ |
96 | ls.copy banner.in banner.out empty.in \ | 98 | key.dsa-* key.ecdsa-* key.ed25519-512 key.ed25519-512.pub \ |
97 | scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ | 99 | key.rsa-* keys-command-args kh.* known_hosts \ |
98 | sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \ | 100 | known_hosts-cert known_hosts.* krl-* ls.copy modpipe \ |
99 | known_hosts-cert host_ca_key* cert_host_key* cert_user_key* \ | 101 | netcat pidfile putty.rsa2 ready regress.log remote_pid \ |
100 | putty.rsa2 sshd_proxy_orig ssh_proxy_bak \ | 102 | revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa1 \ |
101 | key.rsa-* key.dsa-* key.ecdsa-* \ | 103 | rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \ |
102 | authorized_principals_${USER} expect actual ready \ | 104 | rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ |
103 | sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \ | 105 | scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ |
104 | ssh.log failed-ssh.log sshd.log failed-sshd.log \ | 106 | sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ |
105 | regress.log failed-regress.log ssh-log-wrapper.sh \ | 107 | ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ |
106 | sftp-server.sh sftp-server.log sftp.log setuid-allowed \ | 108 | ssh_proxy_envpass sshd.log sshd_config sshd_config.orig \ |
107 | data ed25519-agent ed25519-agent.pub key.ed25519-512 \ | 109 | sshd_proxy sshd_proxy.* sshd_proxy_bak sshd_proxy_orig \ |
108 | key.ed25519-512.pub netcat host_krl_* host_revoked_* \ | 110 | t10.out t10.out.pub t12.out t12.out.pub t2.out t3.out \ |
109 | kh.* user_*key* agent-key.* known_hosts.* hkr.* | 111 | t6.out1 t6.out2 t7.out t7.out.pub t8.out t8.out.pub \ |
112 | t9.out t9.out.pub testdata user_*key* user_ca* user_key* | ||
110 | 113 | ||
111 | SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER} | 114 | SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER} |
112 | 115 | ||
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh index d5ae2d6e2..24b71f458 100644 --- a/regress/agent-getpeereid.sh +++ b/regress/agent-getpeereid.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: agent-getpeereid.sh,v 1.5 2013/05/17 10:33:09 dtucker Exp $ | 1 | # $OpenBSD: agent-getpeereid.sh,v 1.6 2016/05/03 14:41:04 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="disallow agent attach from other uid" | 4 | tid="disallow agent attach from other uid" |
@@ -13,10 +13,16 @@ else | |||
13 | echo "skipped (not supported on this platform)" | 13 | echo "skipped (not supported on this platform)" |
14 | exit 0 | 14 | exit 0 |
15 | fi | 15 | fi |
16 | if [ -z "$SUDO" ]; then | 16 | case "x$SUDO" in |
17 | echo "skipped: need SUDO to switch to uid $UNPRIV" | 17 | xsudo) sudo=1;; |
18 | exit 0 | 18 | xdoas) ;; |
19 | fi | 19 | x) |
20 | echo "need SUDO to switch to uid $UNPRIV" | ||
21 | exit 0 ;; | ||
22 | *) | ||
23 | echo "unsupported $SUDO - "doas" and "sudo" are allowed" | ||
24 | exit 0 ;; | ||
25 | esac | ||
20 | 26 | ||
21 | trace "start agent" | 27 | trace "start agent" |
22 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null | 28 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null |
@@ -31,8 +37,13 @@ else | |||
31 | if [ $r -ne 1 ]; then | 37 | if [ $r -ne 1 ]; then |
32 | fail "ssh-add failed with $r != 1" | 38 | fail "ssh-add failed with $r != 1" |
33 | fi | 39 | fi |
34 | 40 | if test -z "$sudo" ; then | |
35 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null | 41 | # doas |
42 | ${SUDO} -n -u ${UNPRIV} ssh-add -l 2>/dev/null | ||
43 | else | ||
44 | # sudo | ||
45 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null | ||
46 | fi | ||
36 | r=$? | 47 | r=$? |
37 | if [ $r -lt 2 ]; then | 48 | if [ $r -lt 2 ]; then |
38 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" | 49 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" |
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index 3f53922c8..62261cf8b 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $ | 1 | # $OpenBSD: cert-hostkey.sh,v 1.14 2016/05/02 09:52:00 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified host keys" | 4 | tid="certified host keys" |
@@ -30,34 +30,51 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak | |||
30 | 30 | ||
31 | HOSTS='localhost-with-alias,127.0.0.1,::1' | 31 | HOSTS='localhost-with-alias,127.0.0.1,::1' |
32 | 32 | ||
33 | # Create a CA key and add it to known hosts. Ed25519 chosed for speed. | 33 | kh_ca() { |
34 | for k in "$@" ; do | ||
35 | printf "@cert-authority $HOSTS " | ||
36 | cat $OBJ/$k || fatal "couldn't cat $k" | ||
37 | done | ||
38 | } | ||
39 | kh_revoke() { | ||
40 | for k in "$@" ; do | ||
41 | printf "@revoked * " | ||
42 | cat $OBJ/$k || fatal "couldn't cat $k" | ||
43 | done | ||
44 | } | ||
45 | |||
46 | # Create a CA key and add it to known hosts. Ed25519 chosen for speed. | ||
47 | # RSA for testing RSA/SHA2 signatures. | ||
34 | ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/host_ca_key ||\ | 48 | ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/host_ca_key ||\ |
35 | fail "ssh-keygen of host_ca_key failed" | 49 | fail "ssh-keygen of host_ca_key failed" |
36 | ( | 50 | ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/host_ca_key2 ||\ |
37 | printf '@cert-authority ' | 51 | fail "ssh-keygen of host_ca_key failed" |
38 | printf "$HOSTS " | 52 | |
39 | cat $OBJ/host_ca_key.pub | 53 | kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig |
40 | ) > $OBJ/known_hosts-cert.orig | ||
41 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 54 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
42 | 55 | ||
43 | # Plain text revocation files | 56 | # Plain text revocation files |
44 | touch $OBJ/host_revoked_empty | 57 | touch $OBJ/host_revoked_empty |
45 | touch $OBJ/host_revoked_plain | 58 | touch $OBJ/host_revoked_plain |
46 | touch $OBJ/host_revoked_cert | 59 | touch $OBJ/host_revoked_cert |
47 | cp $OBJ/host_ca_key.pub $OBJ/host_revoked_ca | 60 | cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca |
48 | 61 | ||
49 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` | 62 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` |
50 | 63 | ||
64 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then | ||
65 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" | ||
66 | fi | ||
67 | |||
51 | # Prepare certificate, plain key and CA KRLs | 68 | # Prepare certificate, plain key and CA KRLs |
52 | ${SSHKEYGEN} -kf $OBJ/host_krl_empty || fatal "KRL init failed" | 69 | ${SSHKEYGEN} -kf $OBJ/host_krl_empty || fatal "KRL init failed" |
53 | ${SSHKEYGEN} -kf $OBJ/host_krl_plain || fatal "KRL init failed" | 70 | ${SSHKEYGEN} -kf $OBJ/host_krl_plain || fatal "KRL init failed" |
54 | ${SSHKEYGEN} -kf $OBJ/host_krl_cert || fatal "KRL init failed" | 71 | ${SSHKEYGEN} -kf $OBJ/host_krl_cert || fatal "KRL init failed" |
55 | ${SSHKEYGEN} -kf $OBJ/host_krl_ca $OBJ/host_ca_key.pub \ | 72 | ${SSHKEYGEN} -kf $OBJ/host_krl_ca $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub \ |
56 | || fatal "KRL init failed" | 73 | || fatal "KRL init failed" |
57 | 74 | ||
58 | # Generate and sign host keys | 75 | # Generate and sign host keys |
59 | serial=1 | 76 | serial=1 |
60 | for ktype in $PLAIN_TYPES ; do | 77 | for ktype in $PLAIN_TYPES ; do |
61 | verbose "$tid: sign host ${ktype} cert" | 78 | verbose "$tid: sign host ${ktype} cert" |
62 | # Generate and sign a host key | 79 | # Generate and sign a host key |
63 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ | 80 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ |
@@ -66,7 +83,11 @@ for ktype in $PLAIN_TYPES ; do | |||
66 | ${SSHKEYGEN} -ukf $OBJ/host_krl_plain \ | 83 | ${SSHKEYGEN} -ukf $OBJ/host_krl_plain \ |
67 | $OBJ/cert_host_key_${ktype}.pub || fatal "KRL update failed" | 84 | $OBJ/cert_host_key_${ktype}.pub || fatal "KRL update failed" |
68 | cat $OBJ/cert_host_key_${ktype}.pub >> $OBJ/host_revoked_plain | 85 | cat $OBJ/cert_host_key_${ktype}.pub >> $OBJ/host_revoked_plain |
69 | ${SSHKEYGEN} -h -q -s $OBJ/host_ca_key -z $serial \ | 86 | case $ktype in |
87 | rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;; | ||
88 | *) tflag=""; ca="$OBJ/host_ca_key" ;; | ||
89 | esac | ||
90 | ${SSHKEYGEN} -h -q -s $ca -z $serial $tflag \ | ||
70 | -I "regress host key for $USER" \ | 91 | -I "regress host key for $USER" \ |
71 | -n $HOSTS $OBJ/cert_host_key_${ktype} || | 92 | -n $HOSTS $OBJ/cert_host_key_${ktype} || |
72 | fatal "couldn't sign cert_host_key_${ktype}" | 93 | fatal "couldn't sign cert_host_key_${ktype}" |
@@ -100,7 +121,7 @@ attempt_connect() { | |||
100 | 121 | ||
101 | # Basic connect and revocation tests. | 122 | # Basic connect and revocation tests. |
102 | for privsep in yes no ; do | 123 | for privsep in yes no ; do |
103 | for ktype in $PLAIN_TYPES ; do | 124 | for ktype in $PLAIN_TYPES ; do |
104 | verbose "$tid: host ${ktype} cert connect privsep $privsep" | 125 | verbose "$tid: host ${ktype} cert connect privsep $privsep" |
105 | ( | 126 | ( |
106 | cat $OBJ/sshd_proxy_bak | 127 | cat $OBJ/sshd_proxy_bak |
@@ -131,18 +152,14 @@ for privsep in yes no ; do | |||
131 | done | 152 | done |
132 | 153 | ||
133 | # Revoked certificates with key present | 154 | # Revoked certificates with key present |
134 | ( | 155 | kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig |
135 | printf '@cert-authority ' | 156 | for ktype in $PLAIN_TYPES ; do |
136 | printf "$HOSTS " | 157 | test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey" |
137 | cat $OBJ/host_ca_key.pub | 158 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig |
138 | for ktype in $PLAIN_TYPES ; do | 159 | done |
139 | test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey" | ||
140 | printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n" | ||
141 | done | ||
142 | ) > $OBJ/known_hosts-cert.orig | ||
143 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 160 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
144 | for privsep in yes no ; do | 161 | for privsep in yes no ; do |
145 | for ktype in $PLAIN_TYPES ; do | 162 | for ktype in $PLAIN_TYPES ; do |
146 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" | 163 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" |
147 | ( | 164 | ( |
148 | cat $OBJ/sshd_proxy_bak | 165 | cat $OBJ/sshd_proxy_bak |
@@ -162,16 +179,10 @@ for privsep in yes no ; do | |||
162 | done | 179 | done |
163 | 180 | ||
164 | # Revoked CA | 181 | # Revoked CA |
165 | ( | 182 | kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig |
166 | printf '@cert-authority ' | 183 | kh_revoke host_ca_key.pub host_ca_key2.pub >> $OBJ/known_hosts-cert.orig |
167 | printf "$HOSTS " | ||
168 | cat $OBJ/host_ca_key.pub | ||
169 | printf '@revoked ' | ||
170 | printf "* " | ||
171 | cat $OBJ/host_ca_key.pub | ||
172 | ) > $OBJ/known_hosts-cert.orig | ||
173 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 184 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
174 | for ktype in $PLAIN_TYPES ; do | 185 | for ktype in $PLAIN_TYPES ; do |
175 | verbose "$tid: host ${ktype} revoked cert" | 186 | verbose "$tid: host ${ktype} revoked cert" |
176 | ( | 187 | ( |
177 | cat $OBJ/sshd_proxy_bak | 188 | cat $OBJ/sshd_proxy_bak |
@@ -188,11 +199,7 @@ for ktype in $PLAIN_TYPES ; do | |||
188 | done | 199 | done |
189 | 200 | ||
190 | # Create a CA key and add it to known hosts | 201 | # Create a CA key and add it to known hosts |
191 | ( | 202 | kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig |
192 | printf '@cert-authority ' | ||
193 | printf "$HOSTS " | ||
194 | cat $OBJ/host_ca_key.pub | ||
195 | ) > $OBJ/known_hosts-cert.orig | ||
196 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 203 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
197 | 204 | ||
198 | test_one() { | 205 | test_one() { |
@@ -201,16 +208,19 @@ test_one() { | |||
201 | sign_opts=$3 | 208 | sign_opts=$3 |
202 | 209 | ||
203 | for kt in rsa ed25519 ; do | 210 | for kt in rsa ed25519 ; do |
204 | ${SSHKEYGEN} -q -s $OBJ/host_ca_key \ | 211 | case $ktype in |
205 | -I "regress host key for $USER" \ | 212 | rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;; |
213 | *) tflag=""; ca="$OBJ/host_ca_key" ;; | ||
214 | esac | ||
215 | ${SSHKEYGEN} -q -s $ca $tflag -I "regress host key for $USER" \ | ||
206 | $sign_opts $OBJ/cert_host_key_${kt} || | 216 | $sign_opts $OBJ/cert_host_key_${kt} || |
207 | fail "couldn't sign cert_host_key_${kt}" | 217 | fatal "couldn't sign cert_host_key_${kt}" |
208 | ( | 218 | ( |
209 | cat $OBJ/sshd_proxy_bak | 219 | cat $OBJ/sshd_proxy_bak |
210 | echo HostKey $OBJ/cert_host_key_${kt} | 220 | echo HostKey $OBJ/cert_host_key_${kt} |
211 | echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub | 221 | echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub |
212 | ) > $OBJ/sshd_proxy | 222 | ) > $OBJ/sshd_proxy |
213 | 223 | ||
214 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 224 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
215 | ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ | 225 | ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ |
216 | -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ | 226 | -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ |
@@ -237,17 +247,20 @@ test_one "cert valid interval" success "-h -V-1w:+2w" | |||
237 | test_one "cert has constraints" failure "-h -Oforce-command=false" | 247 | test_one "cert has constraints" failure "-h -Oforce-command=false" |
238 | 248 | ||
239 | # Check downgrade of cert to raw key when no CA found | 249 | # Check downgrade of cert to raw key when no CA found |
240 | for ktype in $PLAIN_TYPES ; do | 250 | for ktype in $PLAIN_TYPES ; do |
241 | rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* | 251 | rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* |
242 | verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" | 252 | verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" |
243 | # Generate and sign a host key | 253 | # Generate and sign a host key |
244 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ | 254 | ${SSHKEYGEN} -q -N '' -t ${ktype} -f $OBJ/cert_host_key_${ktype} || \ |
245 | -f $OBJ/cert_host_key_${ktype} || \ | ||
246 | fail "ssh-keygen of cert_host_key_${ktype} failed" | 255 | fail "ssh-keygen of cert_host_key_${ktype} failed" |
247 | ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \ | 256 | case $ktype in |
257 | rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;; | ||
258 | *) tflag=""; ca="$OBJ/host_ca_key" ;; | ||
259 | esac | ||
260 | ${SSHKEYGEN} -h -q $tflag -s $ca $tflag \ | ||
248 | -I "regress host key for $USER" \ | 261 | -I "regress host key for $USER" \ |
249 | -n $HOSTS $OBJ/cert_host_key_${ktype} || | 262 | -n $HOSTS $OBJ/cert_host_key_${ktype} || |
250 | fail "couldn't sign cert_host_key_${ktype}" | 263 | fatal "couldn't sign cert_host_key_${ktype}" |
251 | ( | 264 | ( |
252 | printf "$HOSTS " | 265 | printf "$HOSTS " |
253 | cat $OBJ/cert_host_key_${ktype}.pub | 266 | cat $OBJ/cert_host_key_${ktype}.pub |
@@ -257,7 +270,7 @@ for ktype in $PLAIN_TYPES ; do | |||
257 | echo HostKey $OBJ/cert_host_key_${ktype} | 270 | echo HostKey $OBJ/cert_host_key_${ktype} |
258 | echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub | 271 | echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub |
259 | ) > $OBJ/sshd_proxy | 272 | ) > $OBJ/sshd_proxy |
260 | 273 | ||
261 | ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ | 274 | ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ |
262 | -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ | 275 | -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ |
263 | -F $OBJ/ssh_proxy somehost true | 276 | -F $OBJ/ssh_proxy somehost true |
@@ -267,23 +280,22 @@ for ktype in $PLAIN_TYPES ; do | |||
267 | done | 280 | done |
268 | 281 | ||
269 | # Wrong certificate | 282 | # Wrong certificate |
270 | ( | 283 | kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig |
271 | printf '@cert-authority ' | ||
272 | printf "$HOSTS " | ||
273 | cat $OBJ/host_ca_key.pub | ||
274 | ) > $OBJ/known_hosts-cert.orig | ||
275 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 284 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
276 | for kt in $PLAIN_TYPES ; do | 285 | for kt in $PLAIN_TYPES ; do |
286 | verbose "$tid: host ${kt} connect wrong cert" | ||
277 | rm -f $OBJ/cert_host_key* | 287 | rm -f $OBJ/cert_host_key* |
278 | # Self-sign key | 288 | # Self-sign key |
279 | ${SSHKEYGEN} -q -N '' -t ${kt} \ | 289 | ${SSHKEYGEN} -q -N '' -t ${kt} -f $OBJ/cert_host_key_${kt} || \ |
280 | -f $OBJ/cert_host_key_${kt} || \ | ||
281 | fail "ssh-keygen of cert_host_key_${kt} failed" | 290 | fail "ssh-keygen of cert_host_key_${kt} failed" |
282 | ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \ | 291 | case $kt in |
292 | rsa-sha2-*) tflag="-t $kt" ;; | ||
293 | *) tflag="" ;; | ||
294 | esac | ||
295 | ${SSHKEYGEN} $tflag -h -q -s $OBJ/cert_host_key_${kt} \ | ||
283 | -I "regress host key for $USER" \ | 296 | -I "regress host key for $USER" \ |
284 | -n $HOSTS $OBJ/cert_host_key_${kt} || | 297 | -n $HOSTS $OBJ/cert_host_key_${kt} || |
285 | fail "couldn't sign cert_host_key_${kt}" | 298 | fatal "couldn't sign cert_host_key_${kt}" |
286 | verbose "$tid: host ${kt} connect wrong cert" | ||
287 | ( | 299 | ( |
288 | cat $OBJ/sshd_proxy_bak | 300 | cat $OBJ/sshd_proxy_bak |
289 | echo HostKey $OBJ/cert_host_key_${kt} | 301 | echo HostKey $OBJ/cert_host_key_${kt} |
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index c38c00a02..319746395 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-userkey.sh,v 1.14 2015/07/10 06:23:25 markus Exp $ | 1 | # $OpenBSD: cert-userkey.sh,v 1.16 2016/05/03 12:15:49 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified user keys" | 4 | tid="certified user keys" |
@@ -9,8 +9,16 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak | |||
9 | 9 | ||
10 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` | 10 | PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` |
11 | 11 | ||
12 | if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then | ||
13 | PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512" | ||
14 | fi | ||
15 | |||
12 | kname() { | 16 | kname() { |
13 | n=`echo "$1" | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/'` | 17 | case $ktype in |
18 | rsa-sha2-*) ;; | ||
19 | # subshell because some seds will add a newline | ||
20 | *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;; | ||
21 | esac | ||
14 | echo "$n*,ssh-rsa*,ssh-ed25519*" | 22 | echo "$n*,ssh-rsa*,ssh-ed25519*" |
15 | } | 23 | } |
16 | 24 | ||
@@ -19,18 +27,24 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\ | |||
19 | fail "ssh-keygen of user_ca_key failed" | 27 | fail "ssh-keygen of user_ca_key failed" |
20 | 28 | ||
21 | # Generate and sign user keys | 29 | # Generate and sign user keys |
22 | for ktype in $PLAIN_TYPES ; do | 30 | for ktype in $PLAIN_TYPES $EXTRA_TYPES ; do |
23 | verbose "$tid: sign user ${ktype} cert" | 31 | verbose "$tid: sign user ${ktype} cert" |
24 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ | 32 | ${SSHKEYGEN} -q -N '' -t ${ktype} \ |
25 | -f $OBJ/cert_user_key_${ktype} || \ | 33 | -f $OBJ/cert_user_key_${ktype} || \ |
26 | fail "ssh-keygen of cert_user_key_${ktype} failed" | 34 | fatal "ssh-keygen of cert_user_key_${ktype} failed" |
27 | ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ | 35 | # Generate RSA/SHA2 certs for rsa-sha2* keys. |
28 | -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} || | 36 | case $ktype in |
29 | fail "couldn't sign cert_user_key_${ktype}" | 37 | rsa-sha2-*) tflag="-t $ktype" ;; |
38 | *) tflag="" ;; | ||
39 | esac | ||
40 | ${SSHKEYGEN} -q -s $OBJ/user_ca_key -z $$ \ | ||
41 | -I "regress user key for $USER" \ | ||
42 | -n ${USER},mekmitasdigoat $tflag $OBJ/cert_user_key_${ktype} || \ | ||
43 | fatal "couldn't sign cert_user_key_${ktype}" | ||
30 | done | 44 | done |
31 | 45 | ||
32 | # Test explicitly-specified principals | 46 | # Test explicitly-specified principals |
33 | for ktype in $PLAIN_TYPES ; do | 47 | for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do |
34 | t=$(kname $ktype) | 48 | t=$(kname $ktype) |
35 | for privsep in yes no ; do | 49 | for privsep in yes no ; do |
36 | _prefix="${ktype} privsep $privsep" | 50 | _prefix="${ktype} privsep $privsep" |
@@ -67,7 +81,7 @@ for ktype in $PLAIN_TYPES ; do | |||
67 | if [ $? -eq 0 ]; then | 81 | if [ $? -eq 0 ]; then |
68 | fail "ssh cert connect succeeded unexpectedly" | 82 | fail "ssh cert connect succeeded unexpectedly" |
69 | fi | 83 | fi |
70 | 84 | ||
71 | # Wrong authorized_principals | 85 | # Wrong authorized_principals |
72 | verbose "$tid: ${_prefix} wrong authorized_principals" | 86 | verbose "$tid: ${_prefix} wrong authorized_principals" |
73 | echo gregorsamsa > $OBJ/authorized_principals_$USER | 87 | echo gregorsamsa > $OBJ/authorized_principals_$USER |
@@ -166,8 +180,8 @@ basic_tests() { | |||
166 | echo > $OBJ/authorized_keys_$USER | 180 | echo > $OBJ/authorized_keys_$USER |
167 | extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" | 181 | extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" |
168 | fi | 182 | fi |
169 | 183 | ||
170 | for ktype in $PLAIN_TYPES ; do | 184 | for ktype in $PLAIN_TYPES ; do |
171 | t=$(kname $ktype) | 185 | t=$(kname $ktype) |
172 | for privsep in yes no ; do | 186 | for privsep in yes no ; do |
173 | _prefix="${ktype} privsep $privsep $auth" | 187 | _prefix="${ktype} privsep $privsep $auth" |
@@ -183,7 +197,7 @@ basic_tests() { | |||
183 | cat $OBJ/ssh_proxy_bak | 197 | cat $OBJ/ssh_proxy_bak |
184 | echo "PubkeyAcceptedKeyTypes ${t}" | 198 | echo "PubkeyAcceptedKeyTypes ${t}" |
185 | ) > $OBJ/ssh_proxy | 199 | ) > $OBJ/ssh_proxy |
186 | 200 | ||
187 | ${SSH} -2i $OBJ/cert_user_key_${ktype} \ | 201 | ${SSH} -2i $OBJ/cert_user_key_${ktype} \ |
188 | -F $OBJ/ssh_proxy somehost true | 202 | -F $OBJ/ssh_proxy somehost true |
189 | if [ $? -ne 0 ]; then | 203 | if [ $? -ne 0 ]; then |
@@ -223,7 +237,7 @@ basic_tests() { | |||
223 | fail "ssh cert connect failed" | 237 | fail "ssh cert connect failed" |
224 | fi | 238 | fi |
225 | done | 239 | done |
226 | 240 | ||
227 | # Revoked CA | 241 | # Revoked CA |
228 | verbose "$tid: ${ktype} $auth revoked CA key" | 242 | verbose "$tid: ${ktype} $auth revoked CA key" |
229 | ( | 243 | ( |
@@ -238,7 +252,7 @@ basic_tests() { | |||
238 | fail "ssh cert connect succeeded unexpecedly" | 252 | fail "ssh cert connect succeeded unexpecedly" |
239 | fi | 253 | fi |
240 | done | 254 | done |
241 | 255 | ||
242 | verbose "$tid: $auth CA does not authenticate" | 256 | verbose "$tid: $auth CA does not authenticate" |
243 | ( | 257 | ( |
244 | cat $OBJ/sshd_proxy_bak | 258 | cat $OBJ/sshd_proxy_bak |
@@ -286,7 +300,7 @@ test_one() { | |||
286 | echo $auth_opt >> $OBJ/sshd_proxy | 300 | echo $auth_opt >> $OBJ/sshd_proxy |
287 | fi | 301 | fi |
288 | fi | 302 | fi |
289 | 303 | ||
290 | verbose "$tid: $ident auth $auth expect $result $ktype" | 304 | verbose "$tid: $ident auth $auth expect $result $ktype" |
291 | ${SSHKEYGEN} -q -s $OBJ/user_ca_key \ | 305 | ${SSHKEYGEN} -q -s $OBJ/user_ca_key \ |
292 | -I "regress user key for $USER" \ | 306 | -I "regress user key for $USER" \ |
@@ -342,13 +356,13 @@ test_one "principals key option no principals" failure "" \ | |||
342 | 356 | ||
343 | # Wrong certificate | 357 | # Wrong certificate |
344 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy | 358 | cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy |
345 | for ktype in $PLAIN_TYPES ; do | 359 | for ktype in $PLAIN_TYPES ; do |
346 | t=$(kname $ktype) | 360 | t=$(kname $ktype) |
347 | # Self-sign | 361 | # Self-sign |
348 | ${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \ | 362 | ${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \ |
349 | "regress user key for $USER" \ | 363 | "regress user key for $USER" \ |
350 | -n $USER $OBJ/cert_user_key_${ktype} || | 364 | -n $USER $OBJ/cert_user_key_${ktype} || |
351 | fail "couldn't sign cert_user_key_${ktype}" | 365 | fatal "couldn't sign cert_user_key_${ktype}" |
352 | verbose "$tid: user ${ktype} connect wrong cert" | 366 | verbose "$tid: user ${ktype} connect wrong cert" |
353 | ${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \ | 367 | ${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \ |
354 | somehost true >/dev/null 2>&1 | 368 | somehost true >/dev/null 2>&1 |
diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh new file mode 100644 index 000000000..2fc39ce45 --- /dev/null +++ b/regress/cfginclude.sh | |||
@@ -0,0 +1,293 @@ | |||
1 | # $OpenBSD: cfginclude.sh,v 1.2 2016/05/03 15:30:46 dtucker Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="config include" | ||
5 | |||
6 | # to appease StrictModes | ||
7 | umask 022 | ||
8 | |||
9 | cat > $OBJ/ssh_config.i << _EOF | ||
10 | Match host a | ||
11 | Hostname aa | ||
12 | |||
13 | Match host b | ||
14 | Hostname bb | ||
15 | Include $OBJ/ssh_config.i.* | ||
16 | |||
17 | Match host c | ||
18 | Include $OBJ/ssh_config.i.* | ||
19 | Hostname cc | ||
20 | |||
21 | Match host m | ||
22 | Include $OBJ/ssh_config.i.* | ||
23 | |||
24 | Host d | ||
25 | Hostname dd | ||
26 | |||
27 | Host e | ||
28 | Hostname ee | ||
29 | Include $OBJ/ssh_config.i.* | ||
30 | |||
31 | Host f | ||
32 | Include $OBJ/ssh_config.i.* | ||
33 | Hostname ff | ||
34 | |||
35 | Host n | ||
36 | Include $OBJ/ssh_config.i.* | ||
37 | _EOF | ||
38 | |||
39 | cat > $OBJ/ssh_config.i.0 << _EOF | ||
40 | Match host xxxxxx | ||
41 | _EOF | ||
42 | |||
43 | cat > $OBJ/ssh_config.i.1 << _EOF | ||
44 | Match host a | ||
45 | Hostname aaa | ||
46 | |||
47 | Match host b | ||
48 | Hostname bbb | ||
49 | |||
50 | Match host c | ||
51 | Hostname ccc | ||
52 | |||
53 | Host d | ||
54 | Hostname ddd | ||
55 | |||
56 | Host e | ||
57 | Hostname eee | ||
58 | |||
59 | Host f | ||
60 | Hostname fff | ||
61 | _EOF | ||
62 | |||
63 | cat > $OBJ/ssh_config.i.2 << _EOF | ||
64 | Match host a | ||
65 | Hostname aaaa | ||
66 | |||
67 | Match host b | ||
68 | Hostname bbbb | ||
69 | |||
70 | Match host c | ||
71 | Hostname cccc | ||
72 | |||
73 | Host d | ||
74 | Hostname dddd | ||
75 | |||
76 | Host e | ||
77 | Hostname eeee | ||
78 | |||
79 | Host f | ||
80 | Hostname ffff | ||
81 | |||
82 | Match all | ||
83 | Hostname xxxx | ||
84 | _EOF | ||
85 | |||
86 | trial() { | ||
87 | _host="$1" | ||
88 | _exp="$2" | ||
89 | ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out || | ||
90 | fatal "ssh config parse failed" | ||
91 | _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'` | ||
92 | if test "x$_exp" != "x$_got" ; then | ||
93 | fail "host $_host include fail: expected $_exp got $_got" | ||
94 | fi | ||
95 | } | ||
96 | |||
97 | trial a aa | ||
98 | trial b bb | ||
99 | trial c ccc | ||
100 | trial d dd | ||
101 | trial e ee | ||
102 | trial f fff | ||
103 | trial m xxxx | ||
104 | trial n xxxx | ||
105 | trial x x | ||
106 | |||
107 | # Prepare an included config with an error. | ||
108 | |||
109 | cat > $OBJ/ssh_config.i.3 << _EOF | ||
110 | Hostname xxxx | ||
111 | Junk | ||
112 | _EOF | ||
113 | |||
114 | ${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \ | ||
115 | fail "ssh include allowed invalid config" | ||
116 | |||
117 | ${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \ | ||
118 | fail "ssh include allowed invalid config" | ||
119 | |||
120 | rm -f $OBJ/ssh_config.i.* | ||
121 | |||
122 | # Ensure that a missing include is not fatal. | ||
123 | cat > $OBJ/ssh_config.i << _EOF | ||
124 | Include $OBJ/ssh_config.i.* | ||
125 | Hostname aa | ||
126 | _EOF | ||
127 | |||
128 | trial a aa | ||
129 | |||
130 | # Ensure that Match/Host in an included config does not affect parent. | ||
131 | cat > $OBJ/ssh_config.i.x << _EOF | ||
132 | Match host x | ||
133 | _EOF | ||
134 | |||
135 | trial a aa | ||
136 | |||
137 | cat > $OBJ/ssh_config.i.x << _EOF | ||
138 | Host x | ||
139 | _EOF | ||
140 | |||
141 | trial a aa | ||
142 | |||
143 | # cleanup | ||
144 | rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out | ||
145 | # $OpenBSD: cfginclude.sh,v 1.2 2016/05/03 15:30:46 dtucker Exp $ | ||
146 | # Placed in the Public Domain. | ||
147 | |||
148 | tid="config include" | ||
149 | |||
150 | cat > $OBJ/ssh_config.i << _EOF | ||
151 | Match host a | ||
152 | Hostname aa | ||
153 | |||
154 | Match host b | ||
155 | Hostname bb | ||
156 | Include $OBJ/ssh_config.i.* | ||
157 | |||
158 | Match host c | ||
159 | Include $OBJ/ssh_config.i.* | ||
160 | Hostname cc | ||
161 | |||
162 | Match host m | ||
163 | Include $OBJ/ssh_config.i.* | ||
164 | |||
165 | Host d | ||
166 | Hostname dd | ||
167 | |||
168 | Host e | ||
169 | Hostname ee | ||
170 | Include $OBJ/ssh_config.i.* | ||
171 | |||
172 | Host f | ||
173 | Include $OBJ/ssh_config.i.* | ||
174 | Hostname ff | ||
175 | |||
176 | Host n | ||
177 | Include $OBJ/ssh_config.i.* | ||
178 | _EOF | ||
179 | |||
180 | cat > $OBJ/ssh_config.i.0 << _EOF | ||
181 | Match host xxxxxx | ||
182 | _EOF | ||
183 | |||
184 | cat > $OBJ/ssh_config.i.1 << _EOF | ||
185 | Match host a | ||
186 | Hostname aaa | ||
187 | |||
188 | Match host b | ||
189 | Hostname bbb | ||
190 | |||
191 | Match host c | ||
192 | Hostname ccc | ||
193 | |||
194 | Host d | ||
195 | Hostname ddd | ||
196 | |||
197 | Host e | ||
198 | Hostname eee | ||
199 | |||
200 | Host f | ||
201 | Hostname fff | ||
202 | _EOF | ||
203 | |||
204 | cat > $OBJ/ssh_config.i.2 << _EOF | ||
205 | Match host a | ||
206 | Hostname aaaa | ||
207 | |||
208 | Match host b | ||
209 | Hostname bbbb | ||
210 | |||
211 | Match host c | ||
212 | Hostname cccc | ||
213 | |||
214 | Host d | ||
215 | Hostname dddd | ||
216 | |||
217 | Host e | ||
218 | Hostname eeee | ||
219 | |||
220 | Host f | ||
221 | Hostname ffff | ||
222 | |||
223 | Match all | ||
224 | Hostname xxxx | ||
225 | _EOF | ||
226 | |||
227 | trial() { | ||
228 | _host="$1" | ||
229 | _exp="$2" | ||
230 | ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out || | ||
231 | fatal "ssh config parse failed" | ||
232 | _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'` | ||
233 | if test "x$_exp" != "x$_got" ; then | ||
234 | fail "host $_host include fail: expected $_exp got $_got" | ||
235 | fi | ||
236 | } | ||
237 | |||
238 | trial a aa | ||
239 | trial b bb | ||
240 | trial c ccc | ||
241 | trial d dd | ||
242 | trial e ee | ||
243 | trial f fff | ||
244 | trial m xxxx | ||
245 | trial n xxxx | ||
246 | trial x x | ||
247 | |||
248 | # Prepare an included config with an error. | ||
249 | |||
250 | cat > $OBJ/ssh_config.i.3 << _EOF | ||
251 | Hostname xxxx | ||
252 | Junk | ||
253 | _EOF | ||
254 | |||
255 | ${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \ | ||
256 | fail "ssh include allowed invalid config" | ||
257 | |||
258 | ${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \ | ||
259 | fail "ssh include allowed invalid config" | ||
260 | |||
261 | rm -f $OBJ/ssh_config.i.* | ||
262 | |||
263 | # Ensure that a missing include is not fatal. | ||
264 | cat > $OBJ/ssh_config.i << _EOF | ||
265 | Include $OBJ/ssh_config.i.* | ||
266 | Hostname aa | ||
267 | _EOF | ||
268 | |||
269 | trial a aa | ||
270 | |||
271 | # Ensure that Match/Host in an included config does not affect parent. | ||
272 | cat > $OBJ/ssh_config.i.x << _EOF | ||
273 | Match host x | ||
274 | _EOF | ||
275 | |||
276 | trial a aa | ||
277 | |||
278 | cat > $OBJ/ssh_config.i.x << _EOF | ||
279 | Host x | ||
280 | _EOF | ||
281 | |||
282 | trial a aa | ||
283 | |||
284 | # Ensure that recursive includes are bounded. | ||
285 | cat > $OBJ/ssh_config.i << _EOF | ||
286 | Include $OBJ/ssh_config.i | ||
287 | _EOF | ||
288 | |||
289 | ${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \ | ||
290 | fail "ssh include allowed infinite recursion?" # or hang... | ||
291 | |||
292 | # cleanup | ||
293 | rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out | ||
diff --git a/regress/cfgparse.sh b/regress/cfgparse.sh index 736f38976..ccf511f6b 100644 --- a/regress/cfgparse.sh +++ b/regress/cfgparse.sh | |||
@@ -1,7 +1,7 @@ | |||
1 | # $OpenBSD: cfgparse.sh,v 1.5 2015/05/29 03:05:13 djm Exp $ | 1 | # $OpenBSD: cfgparse.sh,v 1.6 2016/06/03 03:47:59 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="config parse" | 4 | tid="sshd config parse" |
5 | 5 | ||
6 | # This is a reasonable proxy for IPv6 support. | 6 | # This is a reasonable proxy for IPv6 support. |
7 | if ! config_defined HAVE_STRUCT_IN6_ADDR ; then | 7 | if ! config_defined HAVE_STRUCT_IN6_ADDR ; then |
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh index 9a51f5690..ea739f614 100644 --- a/regress/connect-privsep.sh +++ b/regress/connect-privsep.sh | |||
@@ -26,7 +26,12 @@ done | |||
26 | 26 | ||
27 | # Because sandbox is sensitive to changes in libc, especially malloc, retest | 27 | # Because sandbox is sensitive to changes in libc, especially malloc, retest |
28 | # with every malloc.conf option (and none). | 28 | # with every malloc.conf option (and none). |
29 | for m in '' A F G H J P R S X '<' '>'; do | 29 | if [ -z "TEST_MALLOC_OPTIONS" ]; then |
30 | mopts="A F G H J P R S X < >" | ||
31 | else | ||
32 | mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'` | ||
33 | fi | ||
34 | for m in '' $mopts ; do | ||
30 | for p in ${SSH_PROTOCOLS}; do | 35 | for p in ${SSH_PROTOCOLS}; do |
31 | env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true | 36 | env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true |
32 | if [ $? -ne 0 ]; then | 37 | if [ $? -ne 0 ]; then |
diff --git a/regress/forwarding.sh b/regress/forwarding.sh index fb4f35aff..2539db9b7 100644 --- a/regress/forwarding.sh +++ b/regress/forwarding.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: forwarding.sh,v 1.15 2015/03/03 22:35:19 markus Exp $ | 1 | # $OpenBSD: forwarding.sh,v 1.16 2016/04/14 23:57:17 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="local and remote forwarding" | 4 | tid="local and remote forwarding" |
@@ -59,7 +59,7 @@ for d in L R; do | |||
59 | -$d ${base}01:127.0.0.1:$PORT \ | 59 | -$d ${base}01:127.0.0.1:$PORT \ |
60 | -$d ${base}02:127.0.0.1:$PORT \ | 60 | -$d ${base}02:127.0.0.1:$PORT \ |
61 | -$d ${base}03:127.0.0.1:$PORT \ | 61 | -$d ${base}03:127.0.0.1:$PORT \ |
62 | -$d ${base}01:127.0.0.1:$PORT \ | 62 | -$d ${base}01:localhost:$PORT \ |
63 | -$d ${base}04:127.0.0.1:$PORT \ | 63 | -$d ${base}04:127.0.0.1:$PORT \ |
64 | -oExitOnForwardFailure=yes somehost true | 64 | -oExitOnForwardFailure=yes somehost true |
65 | r=$? | 65 | r=$? |
diff --git a/regress/integrity.sh b/regress/integrity.sh index 1d4976771..bfadc6b48 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: integrity.sh,v 1.16 2015/03/24 20:22:17 markus Exp $ | 1 | # $OpenBSD: integrity.sh,v 1.18 2016/03/04 02:48:06 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="integrity" | 4 | tid="integrity" |
@@ -54,7 +54,7 @@ for m in $macs; do | |||
54 | fail "ssh -m $m succeeds with bit-flip at $off" | 54 | fail "ssh -m $m succeeds with bit-flip at $off" |
55 | fi | 55 | fi |
56 | ecnt=`expr $ecnt + 1` | 56 | ecnt=`expr $ecnt + 1` |
57 | out=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \ | 57 | out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \ |
58 | tr -s '\r\n' '.') | 58 | tr -s '\r\n' '.') |
59 | case "$out" in | 59 | case "$out" in |
60 | Bad?packet*) elen=`expr $elen + 1`; skip=3;; | 60 | Bad?packet*) elen=`expr $elen + 1`; skip=3;; |
diff --git a/regress/misc/Makefile b/regress/misc/Makefile new file mode 100644 index 000000000..14c0c279f --- /dev/null +++ b/regress/misc/Makefile | |||
@@ -0,0 +1,3 @@ | |||
1 | SUBDIR= kexfuzz | ||
2 | |||
3 | .include <bsd.subdir.mk> | ||
diff --git a/regress/misc/kexfuzz/Makefile b/regress/misc/kexfuzz/Makefile new file mode 100644 index 000000000..3018b632f --- /dev/null +++ b/regress/misc/kexfuzz/Makefile | |||
@@ -0,0 +1,78 @@ | |||
1 | # $OpenBSD: Makefile,v 1.1 2016/03/04 02:30:37 djm Exp $ | ||
2 | |||
3 | .include <bsd.own.mk> | ||
4 | .include <bsd.obj.mk> | ||
5 | |||
6 | # XXX detect from ssh binary? | ||
7 | SSH1?= no | ||
8 | OPENSSL?= yes | ||
9 | |||
10 | PROG= kexfuzz | ||
11 | SRCS= kexfuzz.c | ||
12 | NOMAN= 1 | ||
13 | |||
14 | .if (${OPENSSL:L} == "yes") | ||
15 | CFLAGS+= -DWITH_OPENSSL | ||
16 | .else | ||
17 | # SSH v.1 requires OpenSSL. | ||
18 | SSH1= no | ||
19 | .endif | ||
20 | |||
21 | .if (${SSH1:L} == "yes") | ||
22 | CFLAGS+= -DWITH_SSH1 | ||
23 | .endif | ||
24 | |||
25 | # enable warnings | ||
26 | WARNINGS=Yes | ||
27 | |||
28 | DEBUG=-g | ||
29 | CFLAGS+= -fstack-protector-all | ||
30 | CDIAGFLAGS= -Wall | ||
31 | CDIAGFLAGS+= -Wextra | ||
32 | CDIAGFLAGS+= -Werror | ||
33 | CDIAGFLAGS+= -Wchar-subscripts | ||
34 | CDIAGFLAGS+= -Wcomment | ||
35 | CDIAGFLAGS+= -Wformat | ||
36 | CDIAGFLAGS+= -Wformat-security | ||
37 | CDIAGFLAGS+= -Wimplicit | ||
38 | CDIAGFLAGS+= -Winline | ||
39 | CDIAGFLAGS+= -Wmissing-declarations | ||
40 | CDIAGFLAGS+= -Wmissing-prototypes | ||
41 | CDIAGFLAGS+= -Wparentheses | ||
42 | CDIAGFLAGS+= -Wpointer-arith | ||
43 | CDIAGFLAGS+= -Wreturn-type | ||
44 | CDIAGFLAGS+= -Wshadow | ||
45 | CDIAGFLAGS+= -Wsign-compare | ||
46 | CDIAGFLAGS+= -Wstrict-aliasing | ||
47 | CDIAGFLAGS+= -Wstrict-prototypes | ||
48 | CDIAGFLAGS+= -Wswitch | ||
49 | CDIAGFLAGS+= -Wtrigraphs | ||
50 | CDIAGFLAGS+= -Wuninitialized | ||
51 | CDIAGFLAGS+= -Wunused | ||
52 | .if ${COMPILER_VERSION} == "gcc4" | ||
53 | CDIAGFLAGS+= -Wpointer-sign | ||
54 | CDIAGFLAGS+= -Wold-style-definition | ||
55 | .endif | ||
56 | |||
57 | SSHREL=../../../../../usr.bin/ssh | ||
58 | |||
59 | CFLAGS+=-I${.CURDIR}/${SSHREL} | ||
60 | |||
61 | .if exists(${.CURDIR}/${SSHREL}/lib/${__objdir}) | ||
62 | LDADD+=-L${.CURDIR}/${SSHREL}/lib/${__objdir} -lssh | ||
63 | DPADD+=${.CURDIR}/${SSHREL}/lib/${__objdir}/libssh.a | ||
64 | .else | ||
65 | LDADD+=-L${.CURDIR}/${SSHREL}/lib -lssh | ||
66 | DPADD+=${.CURDIR}/${SSHREL}/lib/libssh.a | ||
67 | .endif | ||
68 | |||
69 | LDADD+= -lutil -lz | ||
70 | DPADD+= ${LIBUTIL} ${LIBZ} | ||
71 | |||
72 | .if (${OPENSSL:L} == "yes") | ||
73 | LDADD+= -lcrypto | ||
74 | DPADD+= ${LIBCRYPTO} | ||
75 | .endif | ||
76 | |||
77 | .include <bsd.prog.mk> | ||
78 | |||
diff --git a/regress/misc/kexfuzz/README b/regress/misc/kexfuzz/README new file mode 100644 index 000000000..8b215b5bf --- /dev/null +++ b/regress/misc/kexfuzz/README | |||
@@ -0,0 +1,28 @@ | |||
1 | This is a harness to help with fuzzing KEX. | ||
2 | |||
3 | To use it, you first set it to count packets in each direction: | ||
4 | |||
5 | ./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key -c | ||
6 | S2C: 29 | ||
7 | C2S: 31 | ||
8 | |||
9 | Then get it to record a particular packet (in this case the 4th | ||
10 | packet from client->server): | ||
11 | |||
12 | ./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key \ | ||
13 | -d -D C2S -i 3 -f packet_3 | ||
14 | |||
15 | Fuzz the packet somehow: | ||
16 | |||
17 | dd if=/dev/urandom of=packet_3 bs=32 count=1 # Just for example | ||
18 | |||
19 | Then re-run the key exchange substituting the modified packet in | ||
20 | its original sequence: | ||
21 | |||
22 | ./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key \ | ||
23 | -r -D C2S -i 3 -f packet_3 | ||
24 | |||
25 | A comprehensive KEX fuzz run would fuzz every packet in both | ||
26 | directions for each key exchange type and every hostkey type. | ||
27 | This will take some time. | ||
28 | |||
diff --git a/regress/misc/kexfuzz/kexfuzz.c b/regress/misc/kexfuzz/kexfuzz.c new file mode 100644 index 000000000..2894d3a1e --- /dev/null +++ b/regress/misc/kexfuzz/kexfuzz.c | |||
@@ -0,0 +1,410 @@ | |||
1 | /* $OpenBSD: kexfuzz.c,v 1.1 2016/03/04 02:30:37 djm Exp $ */ | ||
2 | /* | ||
3 | * Fuzz harness for KEX code | ||
4 | * | ||
5 | * Placed in the public domain | ||
6 | */ | ||
7 | |||
8 | #include "includes.h" | ||
9 | |||
10 | #include <sys/types.h> | ||
11 | #include <sys/param.h> | ||
12 | #include <stdio.h> | ||
13 | #ifdef HAVE_STDINT_H | ||
14 | # include <stdint.h> | ||
15 | #endif | ||
16 | #include <stdlib.h> | ||
17 | #include <string.h> | ||
18 | #include <unistd.h> | ||
19 | #include <fcntl.h> | ||
20 | #ifdef HAVE_ERR_H | ||
21 | # include <err.h> | ||
22 | #endif | ||
23 | |||
24 | #include "ssherr.h" | ||
25 | #include "ssh_api.h" | ||
26 | #include "sshbuf.h" | ||
27 | #include "packet.h" | ||
28 | #include "myproposal.h" | ||
29 | #include "authfile.h" | ||
30 | |||
31 | struct ssh *active_state = NULL; /* XXX - needed for linking */ | ||
32 | |||
33 | void kex_tests(void); | ||
34 | static int do_debug = 0; | ||
35 | |||
36 | enum direction { S2C, C2S }; | ||
37 | |||
38 | static int | ||
39 | do_send_and_receive(struct ssh *from, struct ssh *to, int mydirection, | ||
40 | int *packet_count, int trigger_direction, int packet_index, | ||
41 | const char *dump_path, struct sshbuf *replace_data) | ||
42 | { | ||
43 | u_char type; | ||
44 | size_t len, olen; | ||
45 | const u_char *buf; | ||
46 | int r; | ||
47 | FILE *dumpfile; | ||
48 | |||
49 | for (;;) { | ||
50 | if ((r = ssh_packet_next(from, &type)) != 0) { | ||
51 | fprintf(stderr, "ssh_packet_next: %s\n", ssh_err(r)); | ||
52 | return r; | ||
53 | } | ||
54 | if (type != 0) | ||
55 | return 0; | ||
56 | buf = ssh_output_ptr(from, &len); | ||
57 | olen = len; | ||
58 | if (do_debug) { | ||
59 | printf("%s packet %d type %u len %zu:\n", | ||
60 | mydirection == S2C ? "s2c" : "c2s", | ||
61 | *packet_count, type, len); | ||
62 | sshbuf_dump_data(buf, len, stdout); | ||
63 | } | ||
64 | if (mydirection == trigger_direction && | ||
65 | packet_index == *packet_count) { | ||
66 | if (replace_data != NULL) { | ||
67 | buf = sshbuf_ptr(replace_data); | ||
68 | len = sshbuf_len(replace_data); | ||
69 | if (do_debug) { | ||
70 | printf("***** replaced packet " | ||
71 | "len %zu\n", len); | ||
72 | sshbuf_dump_data(buf, len, stdout); | ||
73 | } | ||
74 | } else if (dump_path != NULL) { | ||
75 | if ((dumpfile = fopen(dump_path, "w+")) == NULL) | ||
76 | err(1, "fopen %s", dump_path); | ||
77 | if (len != 0 && | ||
78 | fwrite(buf, len, 1, dumpfile) != 1) | ||
79 | err(1, "fwrite %s", dump_path); | ||
80 | if (do_debug) | ||
81 | printf("***** dumped packet " | ||
82 | "len %zu\n", len); | ||
83 | fclose(dumpfile); | ||
84 | exit(0); | ||
85 | } | ||
86 | } | ||
87 | (*packet_count)++; | ||
88 | if (len == 0) | ||
89 | return 0; | ||
90 | if ((r = ssh_input_append(to, buf, len)) != 0 || | ||
91 | (r = ssh_output_consume(from, olen)) != 0) | ||
92 | return r; | ||
93 | } | ||
94 | } | ||
95 | |||
96 | /* Minimal test_helper.c scaffholding to make this standalone */ | ||
97 | const char *in_test = NULL; | ||
98 | #define TEST_START(a) \ | ||
99 | do { \ | ||
100 | in_test = (a); \ | ||
101 | if (do_debug) \ | ||
102 | fprintf(stderr, "test %s starting\n", in_test); \ | ||
103 | } while (0) | ||
104 | #define TEST_DONE() \ | ||
105 | do { \ | ||
106 | if (do_debug) \ | ||
107 | fprintf(stderr, "test %s done\n", \ | ||
108 | in_test ? in_test : "???"); \ | ||
109 | in_test = NULL; \ | ||
110 | } while(0) | ||
111 | #define ASSERT_INT_EQ(a, b) \ | ||
112 | do { \ | ||
113 | if ((int)(a) != (int)(b)) { \ | ||
114 | fprintf(stderr, "%s %s:%d " \ | ||
115 | "%s (%d) != expected %s (%d)\n", \ | ||
116 | in_test ? in_test : "(none)", \ | ||
117 | __func__, __LINE__, #a, (int)(a), #b, (int)(b)); \ | ||
118 | exit(2); \ | ||
119 | } \ | ||
120 | } while (0) | ||
121 | #define ASSERT_INT_GE(a, b) \ | ||
122 | do { \ | ||
123 | if ((int)(a) < (int)(b)) { \ | ||
124 | fprintf(stderr, "%s %s:%d " \ | ||
125 | "%s (%d) < expected %s (%d)\n", \ | ||
126 | in_test ? in_test : "(none)", \ | ||
127 | __func__, __LINE__, #a, (int)(a), #b, (int)(b)); \ | ||
128 | exit(2); \ | ||
129 | } \ | ||
130 | } while (0) | ||
131 | #define ASSERT_PTR_NE(a, b) \ | ||
132 | do { \ | ||
133 | if ((a) == (b)) { \ | ||
134 | fprintf(stderr, "%s %s:%d " \ | ||
135 | "%s (%p) != expected %s (%p)\n", \ | ||
136 | in_test ? in_test : "(none)", \ | ||
137 | __func__, __LINE__, #a, (a), #b, (b)); \ | ||
138 | exit(2); \ | ||
139 | } \ | ||
140 | } while (0) | ||
141 | |||
142 | |||
143 | static void | ||
144 | run_kex(struct ssh *client, struct ssh *server, int *s2c, int *c2s, | ||
145 | int direction, int packet_index, | ||
146 | const char *dump_path, struct sshbuf *replace_data) | ||
147 | { | ||
148 | int r = 0; | ||
149 | |||
150 | while (!server->kex->done || !client->kex->done) { | ||
151 | if ((r = do_send_and_receive(server, client, S2C, s2c, | ||
152 | direction, packet_index, dump_path, replace_data))) | ||
153 | break; | ||
154 | if ((r = do_send_and_receive(client, server, C2S, c2s, | ||
155 | direction, packet_index, dump_path, replace_data))) | ||
156 | break; | ||
157 | } | ||
158 | if (do_debug) | ||
159 | printf("done: %s\n", ssh_err(r)); | ||
160 | ASSERT_INT_EQ(r, 0); | ||
161 | ASSERT_INT_EQ(server->kex->done, 1); | ||
162 | ASSERT_INT_EQ(client->kex->done, 1); | ||
163 | } | ||
164 | |||
165 | static void | ||
166 | do_kex_with_key(const char *kex, struct sshkey *prvkey, int *c2s, int *s2c, | ||
167 | int direction, int packet_index, | ||
168 | const char *dump_path, struct sshbuf *replace_data) | ||
169 | { | ||
170 | struct ssh *client = NULL, *server = NULL, *server2 = NULL; | ||
171 | struct sshkey *pubkey = NULL; | ||
172 | struct sshbuf *state; | ||
173 | struct kex_params kex_params; | ||
174 | char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; | ||
175 | char *keyname = NULL; | ||
176 | |||
177 | TEST_START("sshkey_from_private"); | ||
178 | ASSERT_INT_EQ(sshkey_from_private(prvkey, &pubkey), 0); | ||
179 | TEST_DONE(); | ||
180 | |||
181 | TEST_START("ssh_init"); | ||
182 | memcpy(kex_params.proposal, myproposal, sizeof(myproposal)); | ||
183 | if (kex != NULL) | ||
184 | kex_params.proposal[PROPOSAL_KEX_ALGS] = strdup(kex); | ||
185 | keyname = strdup(sshkey_ssh_name(prvkey)); | ||
186 | ASSERT_PTR_NE(keyname, NULL); | ||
187 | kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname; | ||
188 | ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0); | ||
189 | ASSERT_INT_EQ(ssh_init(&server, 1, &kex_params), 0); | ||
190 | ASSERT_PTR_NE(client, NULL); | ||
191 | ASSERT_PTR_NE(server, NULL); | ||
192 | TEST_DONE(); | ||
193 | |||
194 | TEST_START("ssh_add_hostkey"); | ||
195 | ASSERT_INT_EQ(ssh_add_hostkey(server, prvkey), 0); | ||
196 | ASSERT_INT_EQ(ssh_add_hostkey(client, pubkey), 0); | ||
197 | TEST_DONE(); | ||
198 | |||
199 | TEST_START("kex"); | ||
200 | run_kex(client, server, s2c, c2s, direction, packet_index, | ||
201 | dump_path, replace_data); | ||
202 | TEST_DONE(); | ||
203 | |||
204 | TEST_START("rekeying client"); | ||
205 | ASSERT_INT_EQ(kex_send_kexinit(client), 0); | ||
206 | run_kex(client, server, s2c, c2s, direction, packet_index, | ||
207 | dump_path, replace_data); | ||
208 | TEST_DONE(); | ||
209 | |||
210 | TEST_START("rekeying server"); | ||
211 | ASSERT_INT_EQ(kex_send_kexinit(server), 0); | ||
212 | run_kex(client, server, s2c, c2s, direction, packet_index, | ||
213 | dump_path, replace_data); | ||
214 | TEST_DONE(); | ||
215 | |||
216 | TEST_START("ssh_packet_get_state"); | ||
217 | state = sshbuf_new(); | ||
218 | ASSERT_PTR_NE(state, NULL); | ||
219 | ASSERT_INT_EQ(ssh_packet_get_state(server, state), 0); | ||
220 | ASSERT_INT_GE(sshbuf_len(state), 1); | ||
221 | TEST_DONE(); | ||
222 | |||
223 | TEST_START("ssh_packet_set_state"); | ||
224 | server2 = NULL; | ||
225 | ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0); | ||
226 | ASSERT_PTR_NE(server2, NULL); | ||
227 | ASSERT_INT_EQ(ssh_add_hostkey(server2, prvkey), 0); | ||
228 | kex_free(server2->kex); /* XXX or should ssh_packet_set_state()? */ | ||
229 | ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0); | ||
230 | ASSERT_INT_EQ(sshbuf_len(state), 0); | ||
231 | sshbuf_free(state); | ||
232 | ASSERT_PTR_NE(server2->kex, NULL); | ||
233 | /* XXX we need to set the callbacks */ | ||
234 | server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | ||
235 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | ||
236 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | ||
237 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | ||
238 | #ifdef OPENSSL_HAS_ECC | ||
239 | server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | ||
240 | #endif | ||
241 | server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; | ||
242 | server2->kex->load_host_public_key = server->kex->load_host_public_key; | ||
243 | server2->kex->load_host_private_key = server->kex->load_host_private_key; | ||
244 | server2->kex->sign = server->kex->sign; | ||
245 | TEST_DONE(); | ||
246 | |||
247 | TEST_START("rekeying server2"); | ||
248 | ASSERT_INT_EQ(kex_send_kexinit(server2), 0); | ||
249 | run_kex(client, server2, s2c, c2s, direction, packet_index, | ||
250 | dump_path, replace_data); | ||
251 | ASSERT_INT_EQ(kex_send_kexinit(client), 0); | ||
252 | run_kex(client, server2, s2c, c2s, direction, packet_index, | ||
253 | dump_path, replace_data); | ||
254 | TEST_DONE(); | ||
255 | |||
256 | TEST_START("cleanup"); | ||
257 | sshkey_free(pubkey); | ||
258 | ssh_free(client); | ||
259 | ssh_free(server); | ||
260 | ssh_free(server2); | ||
261 | free(keyname); | ||
262 | TEST_DONE(); | ||
263 | } | ||
264 | |||
265 | static void | ||
266 | usage(void) | ||
267 | { | ||
268 | fprintf(stderr, | ||
269 | "Usage: kexfuzz [-hcdrv] [-D direction] [-f data_file]\n" | ||
270 | " [-K kex_alg] [-k private_key] [-i packet_index]\n" | ||
271 | "\n" | ||
272 | "Options:\n" | ||
273 | " -h Display this help\n" | ||
274 | " -c Count packets sent during KEX\n" | ||
275 | " -d Dump mode: record KEX packet to data file\n" | ||
276 | " -r Replace mode: replace packet with data file\n" | ||
277 | " -v Turn on verbose logging\n" | ||
278 | " -D S2C|C2S Packet direction for replacement or dump\n" | ||
279 | " -f data_file Path to data file for replacement or dump\n" | ||
280 | " -K kex_alg Name of KEX algorithm to test (see below)\n" | ||
281 | " -k private_key Path to private key file\n" | ||
282 | " -i packet_index Index of packet to replace or dump (from 0)\n" | ||
283 | "\n" | ||
284 | "Available KEX algorithms: %s\n", kex_alg_list(' ')); | ||
285 | } | ||
286 | |||
287 | static void | ||
288 | badusage(const char *bad) | ||
289 | { | ||
290 | fprintf(stderr, "Invalid options\n"); | ||
291 | fprintf(stderr, "%s\n", bad); | ||
292 | usage(); | ||
293 | exit(1); | ||
294 | } | ||
295 | |||
296 | int | ||
297 | main(int argc, char **argv) | ||
298 | { | ||
299 | int ch, fd, r; | ||
300 | int count_flag = 0, dump_flag = 0, replace_flag = 0; | ||
301 | int packet_index = -1, direction = -1; | ||
302 | int s2c = 0, c2s = 0; /* packet counts */ | ||
303 | const char *kex = NULL, *kpath = NULL, *data_path = NULL; | ||
304 | struct sshkey *key = NULL; | ||
305 | struct sshbuf *replace_data = NULL; | ||
306 | |||
307 | setvbuf(stdout, NULL, _IONBF, 0); | ||
308 | while ((ch = getopt(argc, argv, "hcdrvD:f:K:k:i:")) != -1) { | ||
309 | switch (ch) { | ||
310 | case 'h': | ||
311 | usage(); | ||
312 | return 0; | ||
313 | case 'c': | ||
314 | count_flag = 1; | ||
315 | break; | ||
316 | case 'd': | ||
317 | dump_flag = 1; | ||
318 | break; | ||
319 | case 'r': | ||
320 | replace_flag = 1; | ||
321 | break; | ||
322 | case 'v': | ||
323 | do_debug = 1; | ||
324 | break; | ||
325 | |||
326 | case 'D': | ||
327 | if (strcasecmp(optarg, "s2c") == 0) | ||
328 | direction = S2C; | ||
329 | else if (strcasecmp(optarg, "c2s") == 0) | ||
330 | direction = C2S; | ||
331 | else | ||
332 | badusage("Invalid direction (-D)"); | ||
333 | break; | ||
334 | case 'f': | ||
335 | data_path = optarg; | ||
336 | break; | ||
337 | case 'K': | ||
338 | kex = optarg; | ||
339 | break; | ||
340 | case 'k': | ||
341 | kpath = optarg; | ||
342 | break; | ||
343 | case 'i': | ||
344 | packet_index = atoi(optarg); | ||
345 | if (packet_index < 0) | ||
346 | badusage("Invalid packet index"); | ||
347 | break; | ||
348 | default: | ||
349 | badusage("unsupported flag"); | ||
350 | } | ||
351 | } | ||
352 | argc -= optind; | ||
353 | argv += optind; | ||
354 | |||
355 | /* Must select a single mode */ | ||
356 | if ((count_flag + dump_flag + replace_flag) != 1) | ||
357 | badusage("Must select one mode: -c, -d or -r"); | ||
358 | /* KEX type is mandatory */ | ||
359 | if (kex == NULL || !kex_names_valid(kex) || strchr(kex, ',') != NULL) | ||
360 | badusage("Missing or invalid kex type (-K flag)"); | ||
361 | /* Valid key is mandatory */ | ||
362 | if (kpath == NULL) | ||
363 | badusage("Missing private key (-k flag)"); | ||
364 | if ((fd = open(kpath, O_RDONLY)) == -1) | ||
365 | err(1, "open %s", kpath); | ||
366 | if ((r = sshkey_load_private_type_fd(fd, KEY_UNSPEC, NULL, | ||
367 | &key, NULL)) != 0) | ||
368 | errx(1, "Unable to load key %s: %s", kpath, ssh_err(r)); | ||
369 | close(fd); | ||
370 | /* XXX check that it is a private key */ | ||
371 | /* XXX support certificates */ | ||
372 | if (key == NULL || key->type == KEY_UNSPEC || key->type == KEY_RSA1) | ||
373 | badusage("Invalid key file (-k flag)"); | ||
374 | |||
375 | /* Replace (fuzz) mode */ | ||
376 | if (replace_flag) { | ||
377 | if (packet_index == -1 || direction == -1 || data_path == NULL) | ||
378 | badusage("Replace (-r) mode must specify direction " | ||
379 | "(-D) packet index (-i) and data path (-f)"); | ||
380 | if ((fd = open(data_path, O_RDONLY)) == -1) | ||
381 | err(1, "open %s", data_path); | ||
382 | replace_data = sshbuf_new(); | ||
383 | if ((r = sshkey_load_file(fd, replace_data)) != 0) | ||
384 | errx(1, "read %s: %s", data_path, ssh_err(r)); | ||
385 | close(fd); | ||
386 | } | ||
387 | |||
388 | /* Dump mode */ | ||
389 | if (dump_flag) { | ||
390 | if (packet_index == -1 || direction == -1 || data_path == NULL) | ||
391 | badusage("Dump (-d) mode must specify direction " | ||
392 | "(-D), packet index (-i) and data path (-f)"); | ||
393 | } | ||
394 | |||
395 | /* Count mode needs no further flags */ | ||
396 | |||
397 | do_kex_with_key(kex, key, &c2s, &s2c, | ||
398 | direction, packet_index, | ||
399 | dump_flag ? data_path : NULL, | ||
400 | replace_flag ? replace_data : NULL); | ||
401 | sshkey_free(key); | ||
402 | sshbuf_free(replace_data); | ||
403 | |||
404 | if (count_flag) { | ||
405 | printf("S2C: %d\n", s2c); | ||
406 | printf("C2S: %d\n", c2s); | ||
407 | } | ||
408 | |||
409 | return 0; | ||
410 | } | ||
diff --git a/regress/modpipe.c b/regress/modpipe.c index e854f9e07..5f4824b51 100755 --- a/regress/modpipe.c +++ b/regress/modpipe.c | |||
@@ -25,36 +25,11 @@ | |||
25 | #include <stdarg.h> | 25 | #include <stdarg.h> |
26 | #include <stdlib.h> | 26 | #include <stdlib.h> |
27 | #include <errno.h> | 27 | #include <errno.h> |
28 | #ifdef HAVE_ERR_H | ||
29 | # include <err.h> | ||
30 | #endif | ||
28 | #include "openbsd-compat/getopt_long.c" | 31 | #include "openbsd-compat/getopt_long.c" |
29 | 32 | ||
30 | static void err(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
31 | static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
32 | |||
33 | static void | ||
34 | err(int r, const char *fmt, ...) | ||
35 | { | ||
36 | va_list args; | ||
37 | |||
38 | va_start(args, fmt); | ||
39 | fprintf(stderr, "%s: ", strerror(errno)); | ||
40 | vfprintf(stderr, fmt, args); | ||
41 | fputc('\n', stderr); | ||
42 | va_end(args); | ||
43 | exit(r); | ||
44 | } | ||
45 | |||
46 | static void | ||
47 | errx(int r, const char *fmt, ...) | ||
48 | { | ||
49 | va_list args; | ||
50 | |||
51 | va_start(args, fmt); | ||
52 | vfprintf(stderr, fmt, args); | ||
53 | fputc('\n', stderr); | ||
54 | va_end(args); | ||
55 | exit(r); | ||
56 | } | ||
57 | |||
58 | static void | 33 | static void |
59 | usage(void) | 34 | usage(void) |
60 | { | 35 | { |
diff --git a/regress/netcat.c b/regress/netcat.c index 6234ba019..98a08b1ec 100644 --- a/regress/netcat.c +++ b/regress/netcat.c | |||
@@ -61,6 +61,9 @@ | |||
61 | # include <sys/poll.h> | 61 | # include <sys/poll.h> |
62 | # endif | 62 | # endif |
63 | #endif | 63 | #endif |
64 | #ifdef HAVE_ERR_H | ||
65 | # include <err.h> | ||
66 | #endif | ||
64 | 67 | ||
65 | /* Telnet options from arpa/telnet.h */ | 68 | /* Telnet options from arpa/telnet.h */ |
66 | #define IAC 255 | 69 | #define IAC 255 |
@@ -134,46 +137,6 @@ void usage(int); | |||
134 | ssize_t drainbuf(int, unsigned char *, size_t *); | 137 | ssize_t drainbuf(int, unsigned char *, size_t *); |
135 | ssize_t fillbuf(int, unsigned char *, size_t *); | 138 | ssize_t fillbuf(int, unsigned char *, size_t *); |
136 | 139 | ||
137 | static void err(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
138 | static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3))); | ||
139 | static void warn(const char *, ...) __attribute__((format(printf, 1, 2))); | ||
140 | |||
141 | static void | ||
142 | err(int r, const char *fmt, ...) | ||
143 | { | ||
144 | va_list args; | ||
145 | |||
146 | va_start(args, fmt); | ||
147 | fprintf(stderr, "%s: ", strerror(errno)); | ||
148 | vfprintf(stderr, fmt, args); | ||
149 | fputc('\n', stderr); | ||
150 | va_end(args); | ||
151 | exit(r); | ||
152 | } | ||
153 | |||
154 | static void | ||
155 | errx(int r, const char *fmt, ...) | ||
156 | { | ||
157 | va_list args; | ||
158 | |||
159 | va_start(args, fmt); | ||
160 | vfprintf(stderr, fmt, args); | ||
161 | fputc('\n', stderr); | ||
162 | va_end(args); | ||
163 | exit(r); | ||
164 | } | ||
165 | |||
166 | static void | ||
167 | warn(const char *fmt, ...) | ||
168 | { | ||
169 | va_list args; | ||
170 | |||
171 | va_start(args, fmt); | ||
172 | fprintf(stderr, "%s: ", strerror(errno)); | ||
173 | vfprintf(stderr, fmt, args); | ||
174 | fputc('\n', stderr); | ||
175 | va_end(args); | ||
176 | } | ||
177 | 140 | ||
178 | int | 141 | int |
179 | main(int argc, char *argv[]) | 142 | main(int argc, char *argv[]) |
diff --git a/regress/sshcfgparse.sh b/regress/sshcfgparse.sh new file mode 100644 index 000000000..010e02865 --- /dev/null +++ b/regress/sshcfgparse.sh | |||
@@ -0,0 +1,29 @@ | |||
1 | # $OpenBSD: sshcfgparse.sh,v 1.2 2016/07/14 01:24:21 dtucker Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="ssh config parse" | ||
5 | |||
6 | verbose "reparse minimal config" | ||
7 | (${SSH} -G -F $OBJ/ssh_config somehost >$OBJ/ssh_config.1 && | ||
8 | ${SSH} -G -F $OBJ/ssh_config.1 somehost >$OBJ/ssh_config.2 && | ||
9 | diff $OBJ/ssh_config.1 $OBJ/ssh_config.2) || fail "reparse minimal config" | ||
10 | |||
11 | verbose "ssh -W opts" | ||
12 | f=`${SSH} -GF $OBJ/ssh_config host | awk '/exitonforwardfailure/{print $2}'` | ||
13 | test "$f" = "no" || fail "exitonforwardfailure default" | ||
14 | f=`${SSH} -GF $OBJ/ssh_config -W a:1 h | awk '/exitonforwardfailure/{print $2}'` | ||
15 | test "$f" = "yes" || fail "exitonforwardfailure enable" | ||
16 | f=`${SSH} -GF $OBJ/ssh_config -W a:1 -o exitonforwardfailure=no h | \ | ||
17 | awk '/exitonforwardfailure/{print $2}'` | ||
18 | test "$f" = "no" || fail "exitonforwardfailure override" | ||
19 | |||
20 | f=`${SSH} -GF $OBJ/ssh_config host | awk '/clearallforwardings/{print $2}'` | ||
21 | test "$f" = "no" || fail "clearallforwardings default" | ||
22 | f=`${SSH} -GF $OBJ/ssh_config -W a:1 h | awk '/clearallforwardings/{print $2}'` | ||
23 | test "$f" = "yes" || fail "clearallforwardings enable" | ||
24 | f=`${SSH} -GF $OBJ/ssh_config -W a:1 -o clearallforwardings=no h | \ | ||
25 | awk '/clearallforwardings/{print $2}'` | ||
26 | test "$f" = "no" || fail "clearallforwardings override" | ||
27 | |||
28 | # cleanup | ||
29 | rm -f $OBJ/ssh_config.[012] | ||
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 114e129f2..1b6526d0b 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $ | 1 | # $OpenBSD: test-exec.sh,v 1.53 2016/04/15 02:57:10 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | #SUDO=sudo | 4 | #SUDO=sudo |
@@ -221,6 +221,7 @@ echo "#!/bin/sh" > $SSHLOGWRAP | |||
221 | echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP | 221 | echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP |
222 | 222 | ||
223 | chmod a+rx $OBJ/ssh-log-wrapper.sh | 223 | chmod a+rx $OBJ/ssh-log-wrapper.sh |
224 | REAL_SSH="$SSH" | ||
224 | SSH="$SSHLOGWRAP" | 225 | SSH="$SSHLOGWRAP" |
225 | 226 | ||
226 | # Some test data. We make a copy because some tests will overwrite it. | 227 | # Some test data. We make a copy because some tests will overwrite it. |
@@ -411,6 +412,13 @@ cat << EOF > $OBJ/sshd_config | |||
411 | Subsystem sftp $SFTPSERVER | 412 | Subsystem sftp $SFTPSERVER |
412 | EOF | 413 | EOF |
413 | 414 | ||
415 | # This may be necessary if /usr/src and/or /usr/obj are group-writable, | ||
416 | # but if you aren't careful with permissions then the unit tests could | ||
417 | # be abused to locally escalate privileges. | ||
418 | if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then | ||
419 | echo "StrictModes no" >> $OBJ/sshd_config | ||
420 | fi | ||
421 | |||
414 | if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then | 422 | if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then |
415 | trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" | 423 | trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" |
416 | echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config | 424 | echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config |
diff --git a/regress/unittests/Makefile b/regress/unittests/Makefile index d3d90823f..0a95d4b20 100644 --- a/regress/unittests/Makefile +++ b/regress/unittests/Makefile | |||
@@ -1,5 +1,5 @@ | |||
1 | # $OpenBSD: Makefile,v 1.5 2015/02/16 22:21:03 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.6 2016/05/26 19:14:25 schwarze Exp $ |
2 | REGRESS_FAIL_EARLY= yes | 2 | REGRESS_FAIL_EARLY= yes |
3 | SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys | 3 | SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys utf8 |
4 | 4 | ||
5 | .include <bsd.subdir.mk> | 5 | .include <bsd.subdir.mk> |
diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c index f155491a0..762a6c31c 100644 --- a/regress/unittests/sshbuf/test_sshbuf_misc.c +++ b/regress/unittests/sshbuf/test_sshbuf_misc.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_sshbuf_misc.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */ | 1 | /* $OpenBSD: test_sshbuf_misc.c,v 1.2 2016/05/03 13:48:33 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test for sshbuf.h buffer API | 3 | * Regress test for sshbuf.h buffer API |
4 | * | 4 | * |
@@ -134,5 +134,34 @@ sshbuf_misc_tests(void) | |||
134 | ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), 0xd00fd00f); | 134 | ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), 0xd00fd00f); |
135 | sshbuf_free(p1); | 135 | sshbuf_free(p1); |
136 | TEST_DONE(); | 136 | TEST_DONE(); |
137 | |||
138 | TEST_START("sshbuf_dup_string"); | ||
139 | p1 = sshbuf_new(); | ||
140 | ASSERT_PTR_NE(p1, NULL); | ||
141 | /* Check empty buffer */ | ||
142 | p = sshbuf_dup_string(p1); | ||
143 | ASSERT_PTR_NE(p, NULL); | ||
144 | ASSERT_SIZE_T_EQ(strlen(p), 0); | ||
145 | free(p); | ||
146 | /* Check buffer with string */ | ||
147 | ASSERT_INT_EQ(sshbuf_put(p1, "quad1", strlen("quad1")), 0); | ||
148 | p = sshbuf_dup_string(p1); | ||
149 | ASSERT_PTR_NE(p, NULL); | ||
150 | ASSERT_SIZE_T_EQ(strlen(p), strlen("quad1")); | ||
151 | ASSERT_STRING_EQ(p, "quad1"); | ||
152 | free(p); | ||
153 | /* Check buffer with terminating nul */ | ||
154 | ASSERT_INT_EQ(sshbuf_put(p1, "\0", 1), 0); | ||
155 | p = sshbuf_dup_string(p1); | ||
156 | ASSERT_PTR_NE(p, NULL); | ||
157 | ASSERT_SIZE_T_EQ(strlen(p), strlen("quad1")); | ||
158 | ASSERT_STRING_EQ(p, "quad1"); | ||
159 | free(p); | ||
160 | /* Check buffer with data after nul (expect failure) */ | ||
161 | ASSERT_INT_EQ(sshbuf_put(p1, "quad2", strlen("quad2")), 0); | ||
162 | p = sshbuf_dup_string(p1); | ||
163 | ASSERT_PTR_EQ(p, NULL); | ||
164 | sshbuf_free(p1); | ||
165 | TEST_DONE(); | ||
137 | } | 166 | } |
138 | 167 | ||
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c index 1f160d1a7..1476dc2e3 100644 --- a/regress/unittests/sshkey/test_sshkey.c +++ b/regress/unittests/sshkey/test_sshkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_sshkey.c,v 1.9 2015/12/07 02:20:46 djm Exp $ */ | 1 | /* $OpenBSD: test_sshkey.c,v 1.10 2016/05/02 09:52:00 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test for sshkey.h key management API | 3 | * Regress test for sshkey.h key management API |
4 | * | 4 | * |
@@ -455,7 +455,7 @@ sshkey_tests(void) | |||
455 | put_opt(k1->cert->extensions, "permit-X11-forwarding", NULL); | 455 | put_opt(k1->cert->extensions, "permit-X11-forwarding", NULL); |
456 | put_opt(k1->cert->extensions, "permit-agent-forwarding", NULL); | 456 | put_opt(k1->cert->extensions, "permit-agent-forwarding", NULL); |
457 | ASSERT_INT_EQ(sshkey_from_private(k2, &k1->cert->signature_key), 0); | 457 | ASSERT_INT_EQ(sshkey_from_private(k2, &k1->cert->signature_key), 0); |
458 | ASSERT_INT_EQ(sshkey_certify(k1, k2), 0); | 458 | ASSERT_INT_EQ(sshkey_certify(k1, k2, NULL), 0); |
459 | b = sshbuf_new(); | 459 | b = sshbuf_new(); |
460 | ASSERT_PTR_NE(b, NULL); | 460 | ASSERT_PTR_NE(b, NULL); |
461 | ASSERT_INT_EQ(sshkey_putb(k1, b), 0); | 461 | ASSERT_INT_EQ(sshkey_putb(k1, b), 0); |
diff --git a/regress/unittests/test_helper/Makefile b/regress/unittests/test_helper/Makefile index 5b3894cbf..78026e653 100644 --- a/regress/unittests/test_helper/Makefile +++ b/regress/unittests/test_helper/Makefile | |||
@@ -1,9 +1,8 @@ | |||
1 | # $OpenBSD: Makefile,v 1.2 2015/01/20 22:58:57 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.3 2016/07/04 18:01:44 guenther Exp $ |
2 | 2 | ||
3 | LIB= test_helper | 3 | LIB= test_helper |
4 | SRCS= test_helper.c fuzz.c | 4 | SRCS= test_helper.c fuzz.c |
5 | 5 | ||
6 | DEBUGLIBS= no | ||
7 | NOPROFILE= yes | 6 | NOPROFILE= yes |
8 | NOPIC= yes | 7 | NOPIC= yes |
9 | 8 | ||
diff --git a/regress/unittests/utf8/Makefile b/regress/unittests/utf8/Makefile new file mode 100644 index 000000000..150ea2f2e --- /dev/null +++ b/regress/unittests/utf8/Makefile | |||
@@ -0,0 +1,12 @@ | |||
1 | # $OpenBSD: Makefile,v 1.2 2016/05/30 12:14:08 schwarze Exp $ | ||
2 | |||
3 | TEST_ENV= "MALLOC_OPTIONS=CFGJPRSUX" | ||
4 | |||
5 | PROG=test_utf8 | ||
6 | SRCS=tests.c | ||
7 | REGRESS_TARGETS=run-regress-${PROG} | ||
8 | |||
9 | run-regress-${PROG}: ${PROG} | ||
10 | env ${TEST_ENV} ./${PROG} | ||
11 | |||
12 | .include <bsd.regress.mk> | ||
diff --git a/regress/unittests/utf8/tests.c b/regress/unittests/utf8/tests.c new file mode 100644 index 000000000..fad2ec279 --- /dev/null +++ b/regress/unittests/utf8/tests.c | |||
@@ -0,0 +1,82 @@ | |||
1 | /* $OpenBSD: tests.c,v 1.2 2016/05/30 12:05:56 schwarze Exp $ */ | ||
2 | /* | ||
3 | * Regress test for the utf8.h *mprintf() API | ||
4 | * | ||
5 | * Written by Ingo Schwarze <schwarze@openbsd.org> in 2016 | ||
6 | * and placed in the public domain. | ||
7 | */ | ||
8 | |||
9 | #include <locale.h> | ||
10 | #include <string.h> | ||
11 | |||
12 | #include "test_helper.h" | ||
13 | |||
14 | #include "utf8.h" | ||
15 | |||
16 | void badarg(void); | ||
17 | void one(const char *, const char *, int, int, int, const char *); | ||
18 | |||
19 | void | ||
20 | badarg(void) | ||
21 | { | ||
22 | char buf[16]; | ||
23 | int len, width; | ||
24 | |||
25 | width = 1; | ||
26 | TEST_START("utf8_badarg"); | ||
27 | len = snmprintf(buf, sizeof(buf), &width, "\377"); | ||
28 | ASSERT_INT_EQ(len, -1); | ||
29 | ASSERT_STRING_EQ(buf, ""); | ||
30 | ASSERT_INT_EQ(width, 0); | ||
31 | TEST_DONE(); | ||
32 | } | ||
33 | |||
34 | void | ||
35 | one(const char *name, const char *mbs, int width, | ||
36 | int wantwidth, int wantlen, const char *wants) | ||
37 | { | ||
38 | char buf[16]; | ||
39 | int *wp; | ||
40 | int len; | ||
41 | |||
42 | if (wantlen == -2) | ||
43 | wantlen = strlen(wants); | ||
44 | (void)strlcpy(buf, "utf8_", sizeof(buf)); | ||
45 | (void)strlcat(buf, name, sizeof(buf)); | ||
46 | TEST_START(buf); | ||
47 | wp = wantwidth == -2 ? NULL : &width; | ||
48 | len = snmprintf(buf, sizeof(buf), wp, "%s", mbs); | ||
49 | ASSERT_INT_EQ(len, wantlen); | ||
50 | ASSERT_STRING_EQ(buf, wants); | ||
51 | ASSERT_INT_EQ(width, wantwidth); | ||
52 | TEST_DONE(); | ||
53 | } | ||
54 | |||
55 | void | ||
56 | tests(void) | ||
57 | { | ||
58 | char *loc; | ||
59 | |||
60 | TEST_START("utf8_setlocale"); | ||
61 | loc = setlocale(LC_CTYPE, "en_US.UTF-8"); | ||
62 | ASSERT_PTR_NE(loc, NULL); | ||
63 | TEST_DONE(); | ||
64 | |||
65 | badarg(); | ||
66 | one("null", NULL, 8, 6, 6, "(null)"); | ||
67 | one("empty", "", 2, 0, 0, ""); | ||
68 | one("ascii", "x", -2, -2, -2, "x"); | ||
69 | one("newline", "a\nb", -2, -2, -2, "a\nb"); | ||
70 | one("cr", "a\rb", -2, -2, -2, "a\rb"); | ||
71 | one("tab", "a\tb", -2, -2, -2, "a\tb"); | ||
72 | one("esc", "\033x", -2, -2, -2, "\\033x"); | ||
73 | one("inv_badbyte", "\377x", -2, -2, -2, "\\377x"); | ||
74 | one("inv_nocont", "\341x", -2, -2, -2, "\\341x"); | ||
75 | one("inv_nolead", "a\200b", -2, -2, -2, "a\\200b"); | ||
76 | one("sz_ascii", "1234567890123456", -2, -2, 16, "123456789012345"); | ||
77 | one("sz_esc", "123456789012\033", -2, -2, 16, "123456789012"); | ||
78 | one("width_ascii", "123", 2, 2, -1, "12"); | ||
79 | one("width_double", "a\343\201\201", 2, 1, -1, "a"); | ||
80 | one("double_fit", "a\343\201\201", 3, 3, 4, "a\343\201\201"); | ||
81 | one("double_spc", "a\343\201\201", 4, 3, 4, "a\343\201\201"); | ||
82 | } | ||
diff --git a/roaming.h b/roaming.h deleted file mode 100644 index e69de29bb..000000000 --- a/roaming.h +++ /dev/null | |||
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index d132e2646..2e1ed2c52 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c | |||
@@ -103,6 +103,12 @@ static const struct sock_filter preauth_insns[] = { | |||
103 | offsetof(struct seccomp_data, nr)), | 103 | offsetof(struct seccomp_data, nr)), |
104 | 104 | ||
105 | /* Syscalls to non-fatally deny */ | 105 | /* Syscalls to non-fatally deny */ |
106 | #ifdef __NR_lstat | ||
107 | SC_DENY(lstat, EACCES), | ||
108 | #endif | ||
109 | #ifdef __NR_lstat64 | ||
110 | SC_DENY(lstat64, EACCES), | ||
111 | #endif | ||
106 | #ifdef __NR_fstat | 112 | #ifdef __NR_fstat |
107 | SC_DENY(fstat, EACCES), | 113 | SC_DENY(fstat, EACCES), |
108 | #endif | 114 | #endif |
diff --git a/scard/.cvsignore b/scard/.cvsignore deleted file mode 100644 index 5349d34ae..000000000 --- a/scard/.cvsignore +++ /dev/null | |||
@@ -1,2 +0,0 @@ | |||
1 | Makefile | ||
2 | Ssh.bin | ||
@@ -94,8 +94,9 @@ DESCRIPTION | |||
94 | HostKeyAlgorithms | 94 | HostKeyAlgorithms |
95 | HostKeyAlias | 95 | HostKeyAlias |
96 | HostName | 96 | HostName |
97 | IdentityFile | ||
98 | IdentitiesOnly | 97 | IdentitiesOnly |
98 | IdentityAgent | ||
99 | IdentityFile | ||
99 | IPQoS | 100 | IPQoS |
100 | KbdInteractiveAuthentication | 101 | KbdInteractiveAuthentication |
101 | KbdInteractiveDevices | 102 | KbdInteractiveDevices |
@@ -110,6 +111,7 @@ DESCRIPTION | |||
110 | PreferredAuthentications | 111 | PreferredAuthentications |
111 | Protocol | 112 | Protocol |
112 | ProxyCommand | 113 | ProxyCommand |
114 | ProxyJump | ||
113 | PubkeyAcceptedKeyTypes | 115 | PubkeyAcceptedKeyTypes |
114 | PubkeyAuthentication | 116 | PubkeyAuthentication |
115 | RekeyLimit | 117 | RekeyLimit |
@@ -163,4 +165,4 @@ AUTHORS | |||
163 | Timo Rinne <tri@iki.fi> | 165 | Timo Rinne <tri@iki.fi> |
164 | Tatu Ylonen <ylo@cs.hut.fi> | 166 | Tatu Ylonen <ylo@cs.hut.fi> |
165 | 167 | ||
166 | OpenBSD 5.9 September 25, 2015 OpenBSD 5.9 | 168 | OpenBSD 6.0 July 16, 2016 OpenBSD 6.0 |
@@ -8,9 +8,9 @@ | |||
8 | .\" | 8 | .\" |
9 | .\" Created: Sun May 7 00:14:37 1995 ylo | 9 | .\" Created: Sun May 7 00:14:37 1995 ylo |
10 | .\" | 10 | .\" |
11 | .\" $OpenBSD: scp.1,v 1.68 2015/09/25 18:19:54 jmc Exp $ | 11 | .\" $OpenBSD: scp.1,v 1.71 2016/07/16 06:57:55 jmc Exp $ |
12 | .\" | 12 | .\" |
13 | .Dd $Mdocdate: September 25 2015 $ | 13 | .Dd $Mdocdate: July 16 2016 $ |
14 | .Dt SCP 1 | 14 | .Dt SCP 1 |
15 | .Os | 15 | .Os |
16 | .Sh NAME | 16 | .Sh NAME |
@@ -155,8 +155,9 @@ For full details of the options listed below, and their possible values, see | |||
155 | .It HostKeyAlgorithms | 155 | .It HostKeyAlgorithms |
156 | .It HostKeyAlias | 156 | .It HostKeyAlias |
157 | .It HostName | 157 | .It HostName |
158 | .It IdentityFile | ||
159 | .It IdentitiesOnly | 158 | .It IdentitiesOnly |
159 | .It IdentityAgent | ||
160 | .It IdentityFile | ||
160 | .It IPQoS | 161 | .It IPQoS |
161 | .It KbdInteractiveAuthentication | 162 | .It KbdInteractiveAuthentication |
162 | .It KbdInteractiveDevices | 163 | .It KbdInteractiveDevices |
@@ -171,6 +172,7 @@ For full details of the options listed below, and their possible values, see | |||
171 | .It PreferredAuthentications | 172 | .It PreferredAuthentications |
172 | .It Protocol | 173 | .It Protocol |
173 | .It ProxyCommand | 174 | .It ProxyCommand |
175 | .It ProxyJump | ||
174 | .It PubkeyAcceptedKeyTypes | 176 | .It PubkeyAcceptedKeyTypes |
175 | .It PubkeyAuthentication | 177 | .It PubkeyAuthentication |
176 | .It RekeyLimit | 178 | .It RekeyLimit |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.184 2015/11/27 00:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.186 2016/05/25 23:48:45 schwarze Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -96,6 +96,7 @@ | |||
96 | #include <errno.h> | 96 | #include <errno.h> |
97 | #include <fcntl.h> | 97 | #include <fcntl.h> |
98 | #include <limits.h> | 98 | #include <limits.h> |
99 | #include <locale.h> | ||
99 | #include <pwd.h> | 100 | #include <pwd.h> |
100 | #include <signal.h> | 101 | #include <signal.h> |
101 | #include <stdarg.h> | 102 | #include <stdarg.h> |
@@ -114,6 +115,7 @@ | |||
114 | #include "log.h" | 115 | #include "log.h" |
115 | #include "misc.h" | 116 | #include "misc.h" |
116 | #include "progressmeter.h" | 117 | #include "progressmeter.h" |
118 | #include "utf8.h" | ||
117 | 119 | ||
118 | extern char *__progname; | 120 | extern char *__progname; |
119 | 121 | ||
@@ -192,13 +194,13 @@ do_local_cmd(arglist *a) | |||
192 | fprintf(stderr, "Executing:"); | 194 | fprintf(stderr, "Executing:"); |
193 | for (i = 0; i < a->num; i++) { | 195 | for (i = 0; i < a->num; i++) { |
194 | if (i == 0) | 196 | if (i == 0) |
195 | fprintf(stderr, " %s", a->list[i]); | 197 | fmprintf(stderr, " %s", a->list[i]); |
196 | else | 198 | else |
197 | /* | 199 | /* |
198 | * TODO: misbehaves if a->list[i] contains a | 200 | * TODO: misbehaves if a->list[i] contains a |
199 | * single quote | 201 | * single quote |
200 | */ | 202 | */ |
201 | fprintf(stderr, " '%s'", a->list[i]); | 203 | fmprintf(stderr, " '%s'", a->list[i]); |
202 | } | 204 | } |
203 | fprintf(stderr, "\n"); | 205 | fprintf(stderr, "\n"); |
204 | } | 206 | } |
@@ -240,7 +242,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) | |||
240 | int pin[2], pout[2], reserved[2]; | 242 | int pin[2], pout[2], reserved[2]; |
241 | 243 | ||
242 | if (verbose_mode) | 244 | if (verbose_mode) |
243 | fprintf(stderr, | 245 | fmprintf(stderr, |
244 | "Executing: program %s host %s, user %s, command %s\n", | 246 | "Executing: program %s host %s, user %s, command %s\n", |
245 | ssh_program, host, | 247 | ssh_program, host, |
246 | remuser ? remuser : "(unspecified)", cmd); | 248 | remuser ? remuser : "(unspecified)", cmd); |
@@ -315,7 +317,7 @@ do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) | |||
315 | int status; | 317 | int status; |
316 | 318 | ||
317 | if (verbose_mode) | 319 | if (verbose_mode) |
318 | fprintf(stderr, | 320 | fmprintf(stderr, |
319 | "Executing: 2nd program %s host %s, user %s, command %s\n", | 321 | "Executing: 2nd program %s host %s, user %s, command %s\n", |
320 | ssh_program, host, | 322 | ssh_program, host, |
321 | remuser ? remuser : "(unspecified)", cmd); | 323 | remuser ? remuser : "(unspecified)", cmd); |
@@ -386,6 +388,8 @@ main(int argc, char **argv) | |||
386 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 388 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
387 | sanitise_stdfd(); | 389 | sanitise_stdfd(); |
388 | 390 | ||
391 | setlocale(LC_CTYPE, ""); | ||
392 | |||
389 | /* Copy argv, because we modify it */ | 393 | /* Copy argv, because we modify it */ |
390 | newargv = xcalloc(MAX(argc + 1, 1), sizeof(*newargv)); | 394 | newargv = xcalloc(MAX(argc + 1, 1), sizeof(*newargv)); |
391 | for (n = 0; n < argc; n++) | 395 | for (n = 0; n < argc; n++) |
@@ -818,9 +822,8 @@ syserr: run_err("%s: %s", name, strerror(errno)); | |||
818 | snprintf(buf, sizeof buf, "C%04o %lld %s\n", | 822 | snprintf(buf, sizeof buf, "C%04o %lld %s\n", |
819 | (u_int) (stb.st_mode & FILEMODEMASK), | 823 | (u_int) (stb.st_mode & FILEMODEMASK), |
820 | (long long)stb.st_size, last); | 824 | (long long)stb.st_size, last); |
821 | if (verbose_mode) { | 825 | if (verbose_mode) |
822 | fprintf(stderr, "Sending file modes: %s", buf); | 826 | fmprintf(stderr, "Sending file modes: %s", buf); |
823 | } | ||
824 | (void) atomicio(vwrite, remout, buf, strlen(buf)); | 827 | (void) atomicio(vwrite, remout, buf, strlen(buf)); |
825 | if (response() < 0) | 828 | if (response() < 0) |
826 | goto next; | 829 | goto next; |
@@ -856,8 +859,6 @@ next: if (fd != -1) { | |||
856 | haderr = errno; | 859 | haderr = errno; |
857 | } | 860 | } |
858 | unset_nonblock(remout); | 861 | unset_nonblock(remout); |
859 | if (showprogress) | ||
860 | stop_progress_meter(); | ||
861 | 862 | ||
862 | if (fd != -1) { | 863 | if (fd != -1) { |
863 | if (close(fd) < 0 && !haderr) | 864 | if (close(fd) < 0 && !haderr) |
@@ -869,6 +870,8 @@ next: if (fd != -1) { | |||
869 | else | 870 | else |
870 | run_err("%s: %s", name, strerror(haderr)); | 871 | run_err("%s: %s", name, strerror(haderr)); |
871 | (void) response(); | 872 | (void) response(); |
873 | if (showprogress) | ||
874 | stop_progress_meter(); | ||
872 | } | 875 | } |
873 | } | 876 | } |
874 | 877 | ||
@@ -897,7 +900,7 @@ rsource(char *name, struct stat *statp) | |||
897 | (void) snprintf(path, sizeof path, "D%04o %d %.1024s\n", | 900 | (void) snprintf(path, sizeof path, "D%04o %d %.1024s\n", |
898 | (u_int) (statp->st_mode & FILEMODEMASK), 0, last); | 901 | (u_int) (statp->st_mode & FILEMODEMASK), 0, last); |
899 | if (verbose_mode) | 902 | if (verbose_mode) |
900 | fprintf(stderr, "Entering directory: %s", path); | 903 | fmprintf(stderr, "Entering directory: %s", path); |
901 | (void) atomicio(vwrite, remout, path, strlen(path)); | 904 | (void) atomicio(vwrite, remout, path, strlen(path)); |
902 | if (response() < 0) { | 905 | if (response() < 0) { |
903 | closedir(dirp); | 906 | closedir(dirp); |
@@ -937,7 +940,7 @@ sink(int argc, char **argv) | |||
937 | off_t size, statbytes; | 940 | off_t size, statbytes; |
938 | unsigned long long ull; | 941 | unsigned long long ull; |
939 | int setimes, targisdir, wrerrno = 0; | 942 | int setimes, targisdir, wrerrno = 0; |
940 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; | 943 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; |
941 | struct timeval tv[2]; | 944 | struct timeval tv[2]; |
942 | 945 | ||
943 | #define atime tv[0] | 946 | #define atime tv[0] |
@@ -972,12 +975,15 @@ sink(int argc, char **argv) | |||
972 | } while (cp < &buf[sizeof(buf) - 1] && ch != '\n'); | 975 | } while (cp < &buf[sizeof(buf) - 1] && ch != '\n'); |
973 | *cp = 0; | 976 | *cp = 0; |
974 | if (verbose_mode) | 977 | if (verbose_mode) |
975 | fprintf(stderr, "Sink: %s", buf); | 978 | fmprintf(stderr, "Sink: %s", buf); |
976 | 979 | ||
977 | if (buf[0] == '\01' || buf[0] == '\02') { | 980 | if (buf[0] == '\01' || buf[0] == '\02') { |
978 | if (iamremote == 0) | 981 | if (iamremote == 0) { |
982 | (void) snmprintf(visbuf, sizeof(visbuf), | ||
983 | NULL, "%s", buf + 1); | ||
979 | (void) atomicio(vwrite, STDERR_FILENO, | 984 | (void) atomicio(vwrite, STDERR_FILENO, |
980 | buf + 1, strlen(buf + 1)); | 985 | visbuf, strlen(visbuf)); |
986 | } | ||
981 | if (buf[0] == '\02') | 987 | if (buf[0] == '\02') |
982 | exit(1); | 988 | exit(1); |
983 | ++errs; | 989 | ++errs; |
@@ -1153,8 +1159,6 @@ bad: run_err("%s: %s", np, strerror(errno)); | |||
1153 | } | 1159 | } |
1154 | } | 1160 | } |
1155 | unset_nonblock(remin); | 1161 | unset_nonblock(remin); |
1156 | if (showprogress) | ||
1157 | stop_progress_meter(); | ||
1158 | if (count != 0 && wrerr == NO && | 1162 | if (count != 0 && wrerr == NO && |
1159 | atomicio(vwrite, ofd, bp->buf, count) != count) { | 1163 | atomicio(vwrite, ofd, bp->buf, count) != count) { |
1160 | wrerr = YES; | 1164 | wrerr = YES; |
@@ -1193,6 +1197,8 @@ bad: run_err("%s: %s", np, strerror(errno)); | |||
1193 | wrerrno = errno; | 1197 | wrerrno = errno; |
1194 | } | 1198 | } |
1195 | (void) response(); | 1199 | (void) response(); |
1200 | if (showprogress) | ||
1201 | stop_progress_meter(); | ||
1196 | if (setimes && wrerr == NO) { | 1202 | if (setimes && wrerr == NO) { |
1197 | setimes = 0; | 1203 | setimes = 0; |
1198 | if (utimes(np, tv) < 0) { | 1204 | if (utimes(np, tv) < 0) { |
@@ -1220,7 +1226,7 @@ screwup: | |||
1220 | int | 1226 | int |
1221 | response(void) | 1227 | response(void) |
1222 | { | 1228 | { |
1223 | char ch, *cp, resp, rbuf[2048]; | 1229 | char ch, *cp, resp, rbuf[2048], visbuf[2048]; |
1224 | 1230 | ||
1225 | if (atomicio(read, remin, &resp, sizeof(resp)) != sizeof(resp)) | 1231 | if (atomicio(read, remin, &resp, sizeof(resp)) != sizeof(resp)) |
1226 | lostconn(0); | 1232 | lostconn(0); |
@@ -1240,8 +1246,13 @@ response(void) | |||
1240 | *cp++ = ch; | 1246 | *cp++ = ch; |
1241 | } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); | 1247 | } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); |
1242 | 1248 | ||
1243 | if (!iamremote) | 1249 | if (!iamremote) { |
1244 | (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf); | 1250 | cp[-1] = '\0'; |
1251 | (void) snmprintf(visbuf, sizeof(visbuf), | ||
1252 | NULL, "%s\n", rbuf); | ||
1253 | (void) atomicio(vwrite, STDERR_FILENO, | ||
1254 | visbuf, strlen(visbuf)); | ||
1255 | } | ||
1245 | ++errs; | 1256 | ++errs; |
1246 | if (resp == 1) | 1257 | if (resp == 1) |
1247 | return (-1); | 1258 | return (-1); |
@@ -1279,7 +1290,7 @@ run_err(const char *fmt,...) | |||
1279 | 1290 | ||
1280 | if (!iamremote) { | 1291 | if (!iamremote) { |
1281 | va_start(ap, fmt); | 1292 | va_start(ap, fmt); |
1282 | vfprintf(stderr, fmt, ap); | 1293 | vfmprintf(stderr, fmt, ap); |
1283 | va_end(ap); | 1294 | va_end(ap); |
1284 | fprintf(stderr, "\n"); | 1295 | fprintf(stderr, "\n"); |
1285 | } | 1296 | } |
@@ -1325,7 +1336,7 @@ okname(char *cp0) | |||
1325 | } while (*++cp); | 1336 | } while (*++cp); |
1326 | return (1); | 1337 | return (1); |
1327 | 1338 | ||
1328 | bad: fprintf(stderr, "%s: invalid user name\n", cp0); | 1339 | bad: fmprintf(stderr, "%s: invalid user name\n", cp0); |
1329 | return (0); | 1340 | return (0); |
1330 | } | 1341 | } |
1331 | 1342 | ||
diff --git a/servconf.c b/servconf.c index 8ca9695a2..a98b30938 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,5 @@ | |||
1 | 1 | ||
2 | /* $OpenBSD: servconf.c,v 1.285 2016/02/17 05:29:04 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.292 2016/06/23 05:17:51 djm Exp $ */ |
3 | /* | 3 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 5 | * All rights reserved |
@@ -390,6 +390,14 @@ fill_default_server_options(ServerOptions *options) | |||
390 | CLEAR_ON_NONE(options->host_cert_files[i]); | 390 | CLEAR_ON_NONE(options->host_cert_files[i]); |
391 | #undef CLEAR_ON_NONE | 391 | #undef CLEAR_ON_NONE |
392 | 392 | ||
393 | /* Similar handling for AuthenticationMethods=any */ | ||
394 | if (options->num_auth_methods == 1 && | ||
395 | strcmp(options->auth_methods[0], "any") == 0) { | ||
396 | free(options->auth_methods[0]); | ||
397 | options->auth_methods[0] = NULL; | ||
398 | options->num_auth_methods = 0; | ||
399 | } | ||
400 | |||
393 | #ifndef HAVE_MMAP | 401 | #ifndef HAVE_MMAP |
394 | if (use_privsep && options->compression == 1) { | 402 | if (use_privsep && options->compression == 1) { |
395 | error("This platform does not support both privilege " | 403 | error("This platform does not support both privilege " |
@@ -727,14 +735,15 @@ process_queued_listen_addrs(ServerOptions *options) | |||
727 | struct connection_info * | 735 | struct connection_info * |
728 | get_connection_info(int populate, int use_dns) | 736 | get_connection_info(int populate, int use_dns) |
729 | { | 737 | { |
738 | struct ssh *ssh = active_state; /* XXX */ | ||
730 | static struct connection_info ci; | 739 | static struct connection_info ci; |
731 | 740 | ||
732 | if (!populate) | 741 | if (!populate) |
733 | return &ci; | 742 | return &ci; |
734 | ci.host = get_canonical_hostname(use_dns); | 743 | ci.host = auth_get_canonical_hostname(ssh, use_dns); |
735 | ci.address = get_remote_ipaddr(); | 744 | ci.address = ssh_remote_ipaddr(ssh); |
736 | ci.laddress = get_local_ipaddr(packet_get_connection_in()); | 745 | ci.laddress = ssh_local_ipaddr(ssh); |
737 | ci.lport = get_local_port(); | 746 | ci.lport = ssh_local_port(ssh); |
738 | return &ci; | 747 | return &ci; |
739 | } | 748 | } |
740 | 749 | ||
@@ -1832,21 +1841,41 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1832 | 1841 | ||
1833 | case sAuthenticationMethods: | 1842 | case sAuthenticationMethods: |
1834 | if (options->num_auth_methods == 0) { | 1843 | if (options->num_auth_methods == 0) { |
1844 | value = 0; /* seen "any" pseudo-method */ | ||
1845 | value2 = 0; /* sucessfully parsed any method */ | ||
1835 | while ((arg = strdelim(&cp)) && *arg != '\0') { | 1846 | while ((arg = strdelim(&cp)) && *arg != '\0') { |
1836 | if (options->num_auth_methods >= | 1847 | if (options->num_auth_methods >= |
1837 | MAX_AUTH_METHODS) | 1848 | MAX_AUTH_METHODS) |
1838 | fatal("%s line %d: " | 1849 | fatal("%s line %d: " |
1839 | "too many authentication methods.", | 1850 | "too many authentication methods.", |
1840 | filename, linenum); | 1851 | filename, linenum); |
1841 | if (auth2_methods_valid(arg, 0) != 0) | 1852 | if (strcmp(arg, "any") == 0) { |
1853 | if (options->num_auth_methods > 0) { | ||
1854 | fatal("%s line %d: \"any\" " | ||
1855 | "must appear alone in " | ||
1856 | "AuthenticationMethods", | ||
1857 | filename, linenum); | ||
1858 | } | ||
1859 | value = 1; | ||
1860 | } else if (value) { | ||
1861 | fatal("%s line %d: \"any\" must appear " | ||
1862 | "alone in AuthenticationMethods", | ||
1863 | filename, linenum); | ||
1864 | } else if (auth2_methods_valid(arg, 0) != 0) { | ||
1842 | fatal("%s line %d: invalid " | 1865 | fatal("%s line %d: invalid " |
1843 | "authentication method list.", | 1866 | "authentication method list.", |
1844 | filename, linenum); | 1867 | filename, linenum); |
1868 | } | ||
1869 | value2 = 1; | ||
1845 | if (!*activep) | 1870 | if (!*activep) |
1846 | continue; | 1871 | continue; |
1847 | options->auth_methods[ | 1872 | options->auth_methods[ |
1848 | options->num_auth_methods++] = xstrdup(arg); | 1873 | options->num_auth_methods++] = xstrdup(arg); |
1849 | } | 1874 | } |
1875 | if (value2 == 0) { | ||
1876 | fatal("%s line %d: no AuthenticationMethods " | ||
1877 | "specified", filename, linenum); | ||
1878 | } | ||
1850 | } | 1879 | } |
1851 | return 0; | 1880 | return 0; |
1852 | 1881 | ||
@@ -2026,6 +2055,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
2026 | M_CP_INTOPT(allow_agent_forwarding); | 2055 | M_CP_INTOPT(allow_agent_forwarding); |
2027 | M_CP_INTOPT(permit_tun); | 2056 | M_CP_INTOPT(permit_tun); |
2028 | M_CP_INTOPT(fwd_opts.gateway_ports); | 2057 | M_CP_INTOPT(fwd_opts.gateway_ports); |
2058 | M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); | ||
2029 | M_CP_INTOPT(x11_display_offset); | 2059 | M_CP_INTOPT(x11_display_offset); |
2030 | M_CP_INTOPT(x11_forwarding); | 2060 | M_CP_INTOPT(x11_forwarding); |
2031 | M_CP_INTOPT(x11_use_localhost); | 2061 | M_CP_INTOPT(x11_use_localhost); |
@@ -2038,6 +2068,16 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
2038 | M_CP_INTOPT(rekey_limit); | 2068 | M_CP_INTOPT(rekey_limit); |
2039 | M_CP_INTOPT(rekey_interval); | 2069 | M_CP_INTOPT(rekey_interval); |
2040 | 2070 | ||
2071 | /* | ||
2072 | * The bind_mask is a mode_t that may be unsigned, so we can't use | ||
2073 | * M_CP_INTOPT - it does a signed comparison that causes compiler | ||
2074 | * warnings. | ||
2075 | */ | ||
2076 | if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) { | ||
2077 | dst->fwd_opts.streamlocal_bind_mask = | ||
2078 | src->fwd_opts.streamlocal_bind_mask; | ||
2079 | } | ||
2080 | |||
2041 | /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ | 2081 | /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ |
2042 | #define M_CP_STROPT(n) do {\ | 2082 | #define M_CP_STROPT(n) do {\ |
2043 | if (src->n != NULL && dst->n != src->n) { \ | 2083 | if (src->n != NULL && dst->n != src->n) { \ |
@@ -2091,7 +2131,8 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, | |||
2091 | 2131 | ||
2092 | debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); | 2132 | debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); |
2093 | 2133 | ||
2094 | obuf = cbuf = xstrdup(buffer_ptr(conf)); | 2134 | if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) |
2135 | fatal("%s: sshbuf_dup_string failed", __func__); | ||
2095 | active = connectinfo ? 0 : 1; | 2136 | active = connectinfo ? 0 : 1; |
2096 | linenum = 1; | 2137 | linenum = 1; |
2097 | while ((cp = strsep(&cbuf, "\n")) != NULL) { | 2138 | while ((cp = strsep(&cbuf, "\n")) != NULL) { |
@@ -2215,11 +2256,13 @@ dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals) | |||
2215 | { | 2256 | { |
2216 | u_int i; | 2257 | u_int i; |
2217 | 2258 | ||
2218 | if (count <= 0) | 2259 | if (count <= 0 && code != sAuthenticationMethods) |
2219 | return; | 2260 | return; |
2220 | printf("%s", lookup_opcode_name(code)); | 2261 | printf("%s", lookup_opcode_name(code)); |
2221 | for (i = 0; i < count; i++) | 2262 | for (i = 0; i < count; i++) |
2222 | printf(" %s", vals[i]); | 2263 | printf(" %s", vals[i]); |
2264 | if (code == sAuthenticationMethods && count == 0) | ||
2265 | printf(" any"); | ||
2223 | printf("\n"); | 2266 | printf("\n"); |
2224 | } | 2267 | } |
2225 | 2268 | ||
@@ -2327,6 +2370,7 @@ dump_config(ServerOptions *o) | |||
2327 | dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); | 2370 | dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); |
2328 | dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); | 2371 | dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding); |
2329 | dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); | 2372 | dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding); |
2373 | dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); | ||
2330 | dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); | 2374 | dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); |
2331 | dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); | 2375 | dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); |
2332 | 2376 | ||
diff --git a/serverloop.c b/serverloop.c index 830f88562..c4e1d1d61 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: serverloop.c,v 1.182 2016/02/08 10:57:07 djm Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.184 2016/03/07 19:02:43 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -276,7 +276,7 @@ client_alive_check(void) | |||
276 | */ | 276 | */ |
277 | static void | 277 | static void |
278 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | 278 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, |
279 | u_int *nallocp, u_int64_t max_time_milliseconds) | 279 | u_int *nallocp, u_int64_t max_time_ms) |
280 | { | 280 | { |
281 | struct timeval tv, *tvp; | 281 | struct timeval tv, *tvp; |
282 | int ret; | 282 | int ret; |
@@ -288,9 +288,9 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | |||
288 | channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, | 288 | channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, |
289 | &minwait_secs, 0); | 289 | &minwait_secs, 0); |
290 | 290 | ||
291 | /* XXX need proper deadline system for rekey/client alive */ | ||
291 | if (minwait_secs != 0) | 292 | if (minwait_secs != 0) |
292 | max_time_milliseconds = MIN(max_time_milliseconds, | 293 | max_time_ms = MIN(max_time_ms, (u_int)minwait_secs * 1000); |
293 | (u_int)minwait_secs * 1000); | ||
294 | 294 | ||
295 | /* | 295 | /* |
296 | * if using client_alive, set the max timeout accordingly, | 296 | * if using client_alive, set the max timeout accordingly, |
@@ -300,11 +300,13 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | |||
300 | * this could be randomized somewhat to make traffic | 300 | * this could be randomized somewhat to make traffic |
301 | * analysis more difficult, but we're not doing it yet. | 301 | * analysis more difficult, but we're not doing it yet. |
302 | */ | 302 | */ |
303 | if (compat20 && | 303 | if (compat20 && options.client_alive_interval) { |
304 | max_time_milliseconds == 0 && options.client_alive_interval) { | 304 | uint64_t keepalive_ms = |
305 | (uint64_t)options.client_alive_interval * 1000; | ||
306 | |||
305 | client_alive_scheduled = 1; | 307 | client_alive_scheduled = 1; |
306 | max_time_milliseconds = | 308 | if (max_time_ms == 0 || max_time_ms > keepalive_ms) |
307 | (u_int64_t)options.client_alive_interval * 1000; | 309 | max_time_ms = keepalive_ms; |
308 | } | 310 | } |
309 | 311 | ||
310 | if (compat20) { | 312 | if (compat20) { |
@@ -353,14 +355,14 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | |||
353 | * from it, then read as much as is available and exit. | 355 | * from it, then read as much as is available and exit. |
354 | */ | 356 | */ |
355 | if (child_terminated && packet_not_very_much_data_to_write()) | 357 | if (child_terminated && packet_not_very_much_data_to_write()) |
356 | if (max_time_milliseconds == 0 || client_alive_scheduled) | 358 | if (max_time_ms == 0 || client_alive_scheduled) |
357 | max_time_milliseconds = 100; | 359 | max_time_ms = 100; |
358 | 360 | ||
359 | if (max_time_milliseconds == 0) | 361 | if (max_time_ms == 0) |
360 | tvp = NULL; | 362 | tvp = NULL; |
361 | else { | 363 | else { |
362 | tv.tv_sec = max_time_milliseconds / 1000; | 364 | tv.tv_sec = max_time_ms / 1000; |
363 | tv.tv_usec = 1000 * (max_time_milliseconds % 1000); | 365 | tv.tv_usec = 1000 * (max_time_ms % 1000); |
364 | tvp = &tv; | 366 | tvp = &tv; |
365 | } | 367 | } |
366 | 368 | ||
@@ -393,6 +395,7 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | |||
393 | static void | 395 | static void |
394 | process_input(fd_set *readset) | 396 | process_input(fd_set *readset) |
395 | { | 397 | { |
398 | struct ssh *ssh = active_state; /* XXX */ | ||
396 | int len; | 399 | int len; |
397 | char buf[16384]; | 400 | char buf[16384]; |
398 | 401 | ||
@@ -400,8 +403,8 @@ process_input(fd_set *readset) | |||
400 | if (FD_ISSET(connection_in, readset)) { | 403 | if (FD_ISSET(connection_in, readset)) { |
401 | len = read(connection_in, buf, sizeof(buf)); | 404 | len = read(connection_in, buf, sizeof(buf)); |
402 | if (len == 0) { | 405 | if (len == 0) { |
403 | verbose("Connection closed by %.100s", | 406 | verbose("Connection closed by %.100s port %d", |
404 | get_remote_ipaddr()); | 407 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
405 | connection_closed = 1; | 408 | connection_closed = 1; |
406 | if (compat20) | 409 | if (compat20) |
407 | return; | 410 | return; |
@@ -410,8 +413,9 @@ process_input(fd_set *readset) | |||
410 | if (errno != EINTR && errno != EAGAIN && | 413 | if (errno != EINTR && errno != EAGAIN && |
411 | errno != EWOULDBLOCK) { | 414 | errno != EWOULDBLOCK) { |
412 | verbose("Read error from remote host " | 415 | verbose("Read error from remote host " |
413 | "%.100s: %.100s", | 416 | "%.100s port %d: %.100s", |
414 | get_remote_ipaddr(), strerror(errno)); | 417 | ssh_remote_ipaddr(ssh), |
418 | ssh_remote_port(ssh), strerror(errno)); | ||
415 | cleanup_exit(255); | 419 | cleanup_exit(255); |
416 | } | 420 | } |
417 | } else { | 421 | } else { |
@@ -1239,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) | |||
1239 | /* check permissions */ | 1243 | /* check permissions */ |
1240 | if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || | 1244 | if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || |
1241 | no_port_forwarding_flag || | 1245 | no_port_forwarding_flag || |
1242 | (!want_reply && fwd.listen_port == 0) | 1246 | (!want_reply && fwd.listen_port == 0) || |
1243 | #ifndef NO_IPPORT_RESERVED_CONCEPT | 1247 | (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && |
1244 | || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && | 1248 | pw->pw_uid != 0)) { |
1245 | pw->pw_uid != 0) | ||
1246 | #endif | ||
1247 | ) { | ||
1248 | success = 0; | 1249 | success = 0; |
1249 | packet_send_debug("Server has disabled port forwarding."); | 1250 | packet_send_debug("Server has disabled port forwarding."); |
1250 | } else { | 1251 | } else { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.280 2016/02/16 03:37:48 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.282 2016/03/10 11:47:57 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -769,6 +769,7 @@ do_exec_pty(Session *s, const char *command) | |||
769 | static void | 769 | static void |
770 | do_pre_login(Session *s) | 770 | do_pre_login(Session *s) |
771 | { | 771 | { |
772 | struct ssh *ssh = active_state; /* XXX */ | ||
772 | socklen_t fromlen; | 773 | socklen_t fromlen; |
773 | struct sockaddr_storage from; | 774 | struct sockaddr_storage from; |
774 | pid_t pid = getpid(); | 775 | pid_t pid = getpid(); |
@@ -788,7 +789,7 @@ do_pre_login(Session *s) | |||
788 | } | 789 | } |
789 | 790 | ||
790 | record_utmp_only(pid, s->tty, s->pw->pw_name, | 791 | record_utmp_only(pid, s->tty, s->pw->pw_name, |
791 | get_remote_name_or_ip(utmp_len, options.use_dns), | 792 | session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns), |
792 | (struct sockaddr *)&from, fromlen); | 793 | (struct sockaddr *)&from, fromlen); |
793 | } | 794 | } |
794 | #endif | 795 | #endif |
@@ -800,6 +801,7 @@ do_pre_login(Session *s) | |||
800 | int | 801 | int |
801 | do_exec(Session *s, const char *command) | 802 | do_exec(Session *s, const char *command) |
802 | { | 803 | { |
804 | struct ssh *ssh = active_state; /* XXX */ | ||
803 | int ret; | 805 | int ret; |
804 | const char *forced = NULL, *tty = NULL; | 806 | const char *forced = NULL, *tty = NULL; |
805 | char session_type[1024]; | 807 | char session_type[1024]; |
@@ -842,8 +844,8 @@ do_exec(Session *s, const char *command) | |||
842 | tty == NULL ? "" : " on ", | 844 | tty == NULL ? "" : " on ", |
843 | tty == NULL ? "" : tty, | 845 | tty == NULL ? "" : tty, |
844 | s->pw->pw_name, | 846 | s->pw->pw_name, |
845 | get_remote_ipaddr(), | 847 | ssh_remote_ipaddr(ssh), |
846 | get_remote_port(), | 848 | ssh_remote_port(ssh), |
847 | s->self); | 849 | s->self); |
848 | 850 | ||
849 | #ifdef SSH_AUDIT_EVENTS | 851 | #ifdef SSH_AUDIT_EVENTS |
@@ -878,6 +880,7 @@ do_exec(Session *s, const char *command) | |||
878 | void | 880 | void |
879 | do_login(Session *s, const char *command) | 881 | do_login(Session *s, const char *command) |
880 | { | 882 | { |
883 | struct ssh *ssh = active_state; /* XXX */ | ||
881 | socklen_t fromlen; | 884 | socklen_t fromlen; |
882 | struct sockaddr_storage from; | 885 | struct sockaddr_storage from; |
883 | struct passwd * pw = s->pw; | 886 | struct passwd * pw = s->pw; |
@@ -900,7 +903,7 @@ do_login(Session *s, const char *command) | |||
900 | /* Record that there was a login on that tty from the remote host. */ | 903 | /* Record that there was a login on that tty from the remote host. */ |
901 | if (!use_privsep) | 904 | if (!use_privsep) |
902 | record_login(pid, s->tty, pw->pw_name, pw->pw_uid, | 905 | record_login(pid, s->tty, pw->pw_name, pw->pw_uid, |
903 | get_remote_name_or_ip(utmp_len, | 906 | session_get_remote_name_or_ip(ssh, utmp_len, |
904 | options.use_dns), | 907 | options.use_dns), |
905 | (struct sockaddr *)&from, fromlen); | 908 | (struct sockaddr *)&from, fromlen); |
906 | 909 | ||
@@ -1161,6 +1164,7 @@ copy_environment(char **source, char ***env, u_int *envsize) | |||
1161 | static char ** | 1164 | static char ** |
1162 | do_setup_env(Session *s, const char *shell) | 1165 | do_setup_env(Session *s, const char *shell) |
1163 | { | 1166 | { |
1167 | struct ssh *ssh = active_state; /* XXX */ | ||
1164 | char buf[256]; | 1168 | char buf[256]; |
1165 | u_int i, envsize; | 1169 | u_int i, envsize; |
1166 | char **env, *laddr; | 1170 | char **env, *laddr; |
@@ -1262,12 +1266,14 @@ do_setup_env(Session *s, const char *shell) | |||
1262 | 1266 | ||
1263 | /* SSH_CLIENT deprecated */ | 1267 | /* SSH_CLIENT deprecated */ |
1264 | snprintf(buf, sizeof buf, "%.50s %d %d", | 1268 | snprintf(buf, sizeof buf, "%.50s %d %d", |
1265 | get_remote_ipaddr(), get_remote_port(), get_local_port()); | 1269 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
1270 | ssh_local_port(ssh)); | ||
1266 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); | 1271 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); |
1267 | 1272 | ||
1268 | laddr = get_local_ipaddr(packet_get_connection_in()); | 1273 | laddr = get_local_ipaddr(packet_get_connection_in()); |
1269 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", | 1274 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", |
1270 | get_remote_ipaddr(), get_remote_port(), laddr, get_local_port()); | 1275 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
1276 | laddr, ssh_local_port(ssh)); | ||
1271 | free(laddr); | 1277 | free(laddr); |
1272 | child_set_env(&env, &envsize, "SSH_CONNECTION", buf); | 1278 | child_set_env(&env, &envsize, "SSH_CONNECTION", buf); |
1273 | 1279 | ||
@@ -1684,6 +1690,7 @@ child_close_fds(void) | |||
1684 | void | 1690 | void |
1685 | do_child(Session *s, const char *command) | 1691 | do_child(Session *s, const char *command) |
1686 | { | 1692 | { |
1693 | struct ssh *ssh = active_state; /* XXX */ | ||
1687 | extern char **environ; | 1694 | extern char **environ; |
1688 | char **env; | 1695 | char **env; |
1689 | char *argv[ARGV_MAX]; | 1696 | char *argv[ARGV_MAX]; |
@@ -1760,14 +1767,14 @@ do_child(Session *s, const char *command) | |||
1760 | 1767 | ||
1761 | /* we have to stash the hostname before we close our socket. */ | 1768 | /* we have to stash the hostname before we close our socket. */ |
1762 | if (options.use_login) | 1769 | if (options.use_login) |
1763 | hostname = get_remote_name_or_ip(utmp_len, | 1770 | hostname = session_get_remote_name_or_ip(ssh, utmp_len, |
1764 | options.use_dns); | 1771 | options.use_dns); |
1765 | /* | 1772 | /* |
1766 | * Close the connection descriptors; note that this is the child, and | 1773 | * Close the connection descriptors; note that this is the child, and |
1767 | * the server will still have the socket open, and it is important | 1774 | * the server will still have the socket open, and it is important |
1768 | * that we do not shutdown it. Note that the descriptors cannot be | 1775 | * that we do not shutdown it. Note that the descriptors cannot be |
1769 | * closed before building the environment, as we call | 1776 | * closed before building the environment, as we call |
1770 | * get_remote_ipaddr there. | 1777 | * ssh_remote_ipaddr there. |
1771 | */ | 1778 | */ |
1772 | child_close_fds(); | 1779 | child_close_fds(); |
1773 | 1780 | ||
@@ -2526,12 +2533,13 @@ session_exit_message(Session *s, int status) | |||
2526 | void | 2533 | void |
2527 | session_close(Session *s) | 2534 | session_close(Session *s) |
2528 | { | 2535 | { |
2536 | struct ssh *ssh = active_state; /* XXX */ | ||
2529 | u_int i; | 2537 | u_int i; |
2530 | 2538 | ||
2531 | verbose("Close session: user %s from %.200s port %d id %d", | 2539 | verbose("Close session: user %s from %.200s port %d id %d", |
2532 | s->pw->pw_name, | 2540 | s->pw->pw_name, |
2533 | get_remote_ipaddr(), | 2541 | ssh_remote_ipaddr(ssh), |
2534 | get_remote_port(), | 2542 | ssh_remote_port(ssh), |
2535 | s->self); | 2543 | s->self); |
2536 | 2544 | ||
2537 | if (s->ttyfd != -1) | 2545 | if (s->ttyfd != -1) |
@@ -2800,3 +2808,18 @@ do_cleanup(Authctxt *authctxt) | |||
2800 | if (!use_privsep || mm_is_monitor()) | 2808 | if (!use_privsep || mm_is_monitor()) |
2801 | session_destroy_all(session_pty_cleanup2); | 2809 | session_destroy_all(session_pty_cleanup2); |
2802 | } | 2810 | } |
2811 | |||
2812 | /* Return a name for the remote host that fits inside utmp_size */ | ||
2813 | |||
2814 | const char * | ||
2815 | session_get_remote_name_or_ip(struct ssh *ssh, u_int utmp_size, int use_dns) | ||
2816 | { | ||
2817 | const char *remote = ""; | ||
2818 | |||
2819 | if (utmp_size > 0) | ||
2820 | remote = auth_get_canonical_hostname(ssh, use_dns); | ||
2821 | if (utmp_size == 0 || strlen(remote) > utmp_size) | ||
2822 | remote = ssh_remote_ipaddr(ssh); | ||
2823 | return remote; | ||
2824 | } | ||
2825 | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.h,v 1.31 2013/10/14 21:20:52 djm Exp $ */ | 1 | /* $OpenBSD: session.h,v 1.32 2016/03/07 19:02:43 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -81,4 +81,6 @@ void do_setusercontext(struct passwd *, const char *); | |||
81 | void child_set_env(char ***envp, u_int *envsizep, const char *name, | 81 | void child_set_env(char ***envp, u_int *envsizep, const char *name, |
82 | const char *value); | 82 | const char *value); |
83 | 83 | ||
84 | const char *session_get_remote_name_or_ip(struct ssh *, u_int, int); | ||
85 | |||
84 | #endif | 86 | #endif |
diff --git a/sftp-client.c b/sftp-client.c index d49bfaaba..0ca44a4d6 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-client.c,v 1.121 2016/02/11 02:21:34 djm Exp $ */ | 1 | /* $OpenBSD: sftp-client.c,v 1.124 2016/05/25 23:48:45 schwarze Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -53,6 +53,7 @@ | |||
53 | #include "atomicio.h" | 53 | #include "atomicio.h" |
54 | #include "progressmeter.h" | 54 | #include "progressmeter.h" |
55 | #include "misc.h" | 55 | #include "misc.h" |
56 | #include "utf8.h" | ||
56 | 57 | ||
57 | #include "sftp.h" | 58 | #include "sftp.h" |
58 | #include "sftp-common.h" | 59 | #include "sftp-common.h" |
@@ -515,8 +516,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag, | |||
515 | struct sshbuf *msg; | 516 | struct sshbuf *msg; |
516 | u_int count, id, i, expected_id, ents = 0; | 517 | u_int count, id, i, expected_id, ents = 0; |
517 | size_t handle_len; | 518 | size_t handle_len; |
518 | u_char type; | 519 | u_char type, *handle; |
519 | char *handle; | ||
520 | int status = SSH2_FX_FAILURE; | 520 | int status = SSH2_FX_FAILURE; |
521 | int r; | 521 | int r; |
522 | 522 | ||
@@ -611,7 +611,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag, | |||
611 | } | 611 | } |
612 | 612 | ||
613 | if (print_flag) | 613 | if (print_flag) |
614 | printf("%s\n", longname); | 614 | mprintf("%s\n", longname); |
615 | 615 | ||
616 | /* | 616 | /* |
617 | * Directory entries should never contain '/' | 617 | * Directory entries should never contain '/' |
@@ -1461,7 +1461,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, | |||
1461 | return -1; | 1461 | return -1; |
1462 | } | 1462 | } |
1463 | if (print_flag) | 1463 | if (print_flag) |
1464 | printf("Retrieving %s\n", src); | 1464 | mprintf("Retrieving %s\n", src); |
1465 | 1465 | ||
1466 | if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) | 1466 | if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) |
1467 | mode = dirattrib->perm & 01777; | 1467 | mode = dirattrib->perm & 01777; |
@@ -1601,7 +1601,7 @@ do_upload(struct sftp_conn *conn, const char *local_path, | |||
1601 | if (resume) { | 1601 | if (resume) { |
1602 | /* Get remote file size if it exists */ | 1602 | /* Get remote file size if it exists */ |
1603 | if ((c = do_stat(conn, remote_path, 0)) == NULL) { | 1603 | if ((c = do_stat(conn, remote_path, 0)) == NULL) { |
1604 | close(local_fd); | 1604 | close(local_fd); |
1605 | return -1; | 1605 | return -1; |
1606 | } | 1606 | } |
1607 | 1607 | ||
@@ -1794,7 +1794,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, | |||
1794 | return -1; | 1794 | return -1; |
1795 | } | 1795 | } |
1796 | if (print_flag) | 1796 | if (print_flag) |
1797 | printf("Entering %s\n", src); | 1797 | mprintf("Entering %s\n", src); |
1798 | 1798 | ||
1799 | attrib_clear(&a); | 1799 | attrib_clear(&a); |
1800 | stat_to_attrib(&sb, &a); | 1800 | stat_to_attrib(&sb, &a); |
diff --git a/sftp-server.0 b/sftp-server.0 index 3b22ed2a0..20d477d49 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
@@ -93,4 +93,4 @@ HISTORY | |||
93 | AUTHORS | 93 | AUTHORS |
94 | Markus Friedl <markus@openbsd.org> | 94 | Markus Friedl <markus@openbsd.org> |
95 | 95 | ||
96 | OpenBSD 5.9 December 11, 2014 OpenBSD 5.9 | 96 | OpenBSD 6.0 December 11, 2014 OpenBSD 6.0 |
diff --git a/sftp-server.c b/sftp-server.c index e11a1b89b..646286a3c 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -29,9 +29,6 @@ | |||
29 | #ifdef HAVE_SYS_STATVFS_H | 29 | #ifdef HAVE_SYS_STATVFS_H |
30 | #include <sys/statvfs.h> | 30 | #include <sys/statvfs.h> |
31 | #endif | 31 | #endif |
32 | #ifdef HAVE_SYS_PRCTL_H | ||
33 | #include <sys/prctl.h> | ||
34 | #endif | ||
35 | 32 | ||
36 | #include <dirent.h> | 33 | #include <dirent.h> |
37 | #include <errno.h> | 34 | #include <errno.h> |
@@ -1588,16 +1585,13 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1588 | 1585 | ||
1589 | log_init(__progname, log_level, log_facility, log_stderr); | 1586 | log_init(__progname, log_level, log_facility, log_stderr); |
1590 | 1587 | ||
1591 | #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) | ||
1592 | /* | 1588 | /* |
1593 | * On Linux, we should try to avoid making /proc/self/{mem,maps} | 1589 | * On platforms where we can, avoid making /proc/self/{mem,maps} |
1594 | * available to the user so that sftp access doesn't automatically | 1590 | * available to the user so that sftp access doesn't automatically |
1595 | * imply arbitrary code execution access that will break | 1591 | * imply arbitrary code execution access that will break |
1596 | * restricted configurations. | 1592 | * restricted configurations. |
1597 | */ | 1593 | */ |
1598 | if (prctl(PR_SET_DUMPABLE, 0) != 0) | 1594 | platform_disable_tracing(1); /* strict */ |
1599 | fatal("unable to make the process undumpable"); | ||
1600 | #endif /* defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) */ | ||
1601 | 1595 | ||
1602 | /* Drop any fine-grained privileges we don't need */ | 1596 | /* Drop any fine-grained privileges we don't need */ |
1603 | platform_pledge_sftp_server(); | 1597 | platform_pledge_sftp_server(); |
@@ -130,8 +130,9 @@ DESCRIPTION | |||
130 | HostKeyAlgorithms | 130 | HostKeyAlgorithms |
131 | HostKeyAlias | 131 | HostKeyAlias |
132 | HostName | 132 | HostName |
133 | IdentityFile | ||
134 | IdentitiesOnly | 133 | IdentitiesOnly |
134 | IdentityAgent | ||
135 | IdentityFile | ||
135 | IPQoS | 136 | IPQoS |
136 | KbdInteractiveAuthentication | 137 | KbdInteractiveAuthentication |
137 | KbdInteractiveDevices | 138 | KbdInteractiveDevices |
@@ -146,6 +147,7 @@ DESCRIPTION | |||
146 | PreferredAuthentications | 147 | PreferredAuthentications |
147 | Protocol | 148 | Protocol |
148 | ProxyCommand | 149 | ProxyCommand |
150 | ProxyJump | ||
149 | PubkeyAuthentication | 151 | PubkeyAuthentication |
150 | RekeyLimit | 152 | RekeyLimit |
151 | RhostsRSAAuthentication | 153 | RhostsRSAAuthentication |
@@ -381,4 +383,4 @@ SEE ALSO | |||
381 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- | 383 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- |
382 | filexfer-00.txt, January 2001, work in progress material. | 384 | filexfer-00.txt, January 2001, work in progress material. |
383 | 385 | ||
384 | OpenBSD 5.9 September 25, 2015 OpenBSD 5.9 | 386 | OpenBSD 6.0 July 16, 2016 OpenBSD 6.0 |
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: sftp.1,v 1.102 2015/09/25 18:19:54 jmc Exp $ | 1 | .\" $OpenBSD: sftp.1,v 1.105 2016/07/16 06:57:55 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. | 3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -22,7 +22,7 @@ | |||
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | .\" | 24 | .\" |
25 | .Dd $Mdocdate: September 25 2015 $ | 25 | .Dd $Mdocdate: July 16 2016 $ |
26 | .Dt SFTP 1 | 26 | .Dt SFTP 1 |
27 | .Os | 27 | .Os |
28 | .Sh NAME | 28 | .Sh NAME |
@@ -220,8 +220,9 @@ For full details of the options listed below, and their possible values, see | |||
220 | .It HostKeyAlgorithms | 220 | .It HostKeyAlgorithms |
221 | .It HostKeyAlias | 221 | .It HostKeyAlias |
222 | .It HostName | 222 | .It HostName |
223 | .It IdentityFile | ||
224 | .It IdentitiesOnly | 223 | .It IdentitiesOnly |
224 | .It IdentityAgent | ||
225 | .It IdentityFile | ||
225 | .It IPQoS | 226 | .It IPQoS |
226 | .It KbdInteractiveAuthentication | 227 | .It KbdInteractiveAuthentication |
227 | .It KbdInteractiveDevices | 228 | .It KbdInteractiveDevices |
@@ -236,6 +237,7 @@ For full details of the options listed below, and their possible values, see | |||
236 | .It PreferredAuthentications | 237 | .It PreferredAuthentications |
237 | .It Protocol | 238 | .It Protocol |
238 | .It ProxyCommand | 239 | .It ProxyCommand |
240 | .It ProxyJump | ||
239 | .It PubkeyAuthentication | 241 | .It PubkeyAuthentication |
240 | .It RekeyLimit | 242 | .It RekeyLimit |
241 | .It RhostsRSAAuthentication | 243 | .It RhostsRSAAuthentication |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp.c,v 1.172 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: sftp.c,v 1.175 2016/07/22 03:47:36 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -49,6 +49,7 @@ typedef void EditLine; | |||
49 | #endif | 49 | #endif |
50 | #include <limits.h> | 50 | #include <limits.h> |
51 | #include <signal.h> | 51 | #include <signal.h> |
52 | #include <stdarg.h> | ||
52 | #include <stdlib.h> | 53 | #include <stdlib.h> |
53 | #include <stdio.h> | 54 | #include <stdio.h> |
54 | #include <string.h> | 55 | #include <string.h> |
@@ -63,6 +64,7 @@ typedef void EditLine; | |||
63 | #include "log.h" | 64 | #include "log.h" |
64 | #include "pathnames.h" | 65 | #include "pathnames.h" |
65 | #include "misc.h" | 66 | #include "misc.h" |
67 | #include "utf8.h" | ||
66 | 68 | ||
67 | #include "sftp.h" | 69 | #include "sftp.h" |
68 | #include "ssherr.h" | 70 | #include "ssherr.h" |
@@ -335,7 +337,7 @@ local_do_ls(const char *args) | |||
335 | 337 | ||
336 | /* Strip one path (usually the pwd) from the start of another */ | 338 | /* Strip one path (usually the pwd) from the start of another */ |
337 | static char * | 339 | static char * |
338 | path_strip(char *path, char *strip) | 340 | path_strip(const char *path, const char *strip) |
339 | { | 341 | { |
340 | size_t len; | 342 | size_t len; |
341 | 343 | ||
@@ -353,7 +355,7 @@ path_strip(char *path, char *strip) | |||
353 | } | 355 | } |
354 | 356 | ||
355 | static char * | 357 | static char * |
356 | make_absolute(char *p, char *pwd) | 358 | make_absolute(char *p, const char *pwd) |
357 | { | 359 | { |
358 | char *abs_str; | 360 | char *abs_str; |
359 | 361 | ||
@@ -551,7 +553,7 @@ parse_no_flags(const char *cmd, char **argv, int argc) | |||
551 | } | 553 | } |
552 | 554 | ||
553 | static int | 555 | static int |
554 | is_dir(char *path) | 556 | is_dir(const char *path) |
555 | { | 557 | { |
556 | struct stat sb; | 558 | struct stat sb; |
557 | 559 | ||
@@ -563,7 +565,7 @@ is_dir(char *path) | |||
563 | } | 565 | } |
564 | 566 | ||
565 | static int | 567 | static int |
566 | remote_is_dir(struct sftp_conn *conn, char *path) | 568 | remote_is_dir(struct sftp_conn *conn, const char *path) |
567 | { | 569 | { |
568 | Attrib *a; | 570 | Attrib *a; |
569 | 571 | ||
@@ -577,7 +579,7 @@ remote_is_dir(struct sftp_conn *conn, char *path) | |||
577 | 579 | ||
578 | /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */ | 580 | /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */ |
579 | static int | 581 | static int |
580 | pathname_is_dir(char *pathname) | 582 | pathname_is_dir(const char *pathname) |
581 | { | 583 | { |
582 | size_t l = strlen(pathname); | 584 | size_t l = strlen(pathname); |
583 | 585 | ||
@@ -585,8 +587,8 @@ pathname_is_dir(char *pathname) | |||
585 | } | 587 | } |
586 | 588 | ||
587 | static int | 589 | static int |
588 | process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, | 590 | process_get(struct sftp_conn *conn, const char *src, const char *dst, |
589 | int pflag, int rflag, int resume, int fflag) | 591 | const char *pwd, int pflag, int rflag, int resume, int fflag) |
590 | { | 592 | { |
591 | char *abs_src = NULL; | 593 | char *abs_src = NULL; |
592 | char *abs_dst = NULL; | 594 | char *abs_dst = NULL; |
@@ -644,9 +646,11 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, | |||
644 | 646 | ||
645 | resume |= global_aflag; | 647 | resume |= global_aflag; |
646 | if (!quiet && resume) | 648 | if (!quiet && resume) |
647 | printf("Resuming %s to %s\n", g.gl_pathv[i], abs_dst); | 649 | mprintf("Resuming %s to %s\n", |
650 | g.gl_pathv[i], abs_dst); | ||
648 | else if (!quiet && !resume) | 651 | else if (!quiet && !resume) |
649 | printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); | 652 | mprintf("Fetching %s to %s\n", |
653 | g.gl_pathv[i], abs_dst); | ||
650 | if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { | 654 | if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { |
651 | if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, | 655 | if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, |
652 | pflag || global_pflag, 1, resume, | 656 | pflag || global_pflag, 1, resume, |
@@ -669,8 +673,8 @@ out: | |||
669 | } | 673 | } |
670 | 674 | ||
671 | static int | 675 | static int |
672 | process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, | 676 | process_put(struct sftp_conn *conn, const char *src, const char *dst, |
673 | int pflag, int rflag, int resume, int fflag) | 677 | const char *pwd, int pflag, int rflag, int resume, int fflag) |
674 | { | 678 | { |
675 | char *tmp_dst = NULL; | 679 | char *tmp_dst = NULL; |
676 | char *abs_dst = NULL; | 680 | char *abs_dst = NULL; |
@@ -735,10 +739,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, | |||
735 | 739 | ||
736 | resume |= global_aflag; | 740 | resume |= global_aflag; |
737 | if (!quiet && resume) | 741 | if (!quiet && resume) |
738 | printf("Resuming upload of %s to %s\n", g.gl_pathv[i], | 742 | mprintf("Resuming upload of %s to %s\n", |
739 | abs_dst); | 743 | g.gl_pathv[i], abs_dst); |
740 | else if (!quiet && !resume) | 744 | else if (!quiet && !resume) |
741 | printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst); | 745 | mprintf("Uploading %s to %s\n", |
746 | g.gl_pathv[i], abs_dst); | ||
742 | if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { | 747 | if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { |
743 | if (upload_dir(conn, g.gl_pathv[i], abs_dst, | 748 | if (upload_dir(conn, g.gl_pathv[i], abs_dst, |
744 | pflag || global_pflag, 1, resume, | 749 | pflag || global_pflag, 1, resume, |
@@ -779,7 +784,8 @@ sdirent_comp(const void *aa, const void *bb) | |||
779 | 784 | ||
780 | /* sftp ls.1 replacement for directories */ | 785 | /* sftp ls.1 replacement for directories */ |
781 | static int | 786 | static int |
782 | do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | 787 | do_ls_dir(struct sftp_conn *conn, const char *path, |
788 | const char *strip_path, int lflag) | ||
783 | { | 789 | { |
784 | int n; | 790 | int n; |
785 | u_int c = 1, colspace = 0, columns = 1; | 791 | u_int c = 1, colspace = 0, columns = 1; |
@@ -839,12 +845,12 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | |||
839 | attrib_to_stat(&d[n]->a, &sb); | 845 | attrib_to_stat(&d[n]->a, &sb); |
840 | lname = ls_file(fname, &sb, 1, | 846 | lname = ls_file(fname, &sb, 1, |
841 | (lflag & LS_SI_UNITS)); | 847 | (lflag & LS_SI_UNITS)); |
842 | printf("%s\n", lname); | 848 | mprintf("%s\n", lname); |
843 | free(lname); | 849 | free(lname); |
844 | } else | 850 | } else |
845 | printf("%s\n", d[n]->longname); | 851 | mprintf("%s\n", d[n]->longname); |
846 | } else { | 852 | } else { |
847 | printf("%-*s", colspace, fname); | 853 | mprintf("%-*s", colspace, fname); |
848 | if (c >= columns) { | 854 | if (c >= columns) { |
849 | printf("\n"); | 855 | printf("\n"); |
850 | c = 1; | 856 | c = 1; |
@@ -864,8 +870,8 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | |||
864 | 870 | ||
865 | /* sftp ls.1 replacement which handles path globs */ | 871 | /* sftp ls.1 replacement which handles path globs */ |
866 | static int | 872 | static int |
867 | do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | 873 | do_globbed_ls(struct sftp_conn *conn, const char *path, |
868 | int lflag) | 874 | const char *strip_path, int lflag) |
869 | { | 875 | { |
870 | char *fname, *lname; | 876 | char *fname, *lname; |
871 | glob_t g; | 877 | glob_t g; |
@@ -925,10 +931,10 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
925 | } | 931 | } |
926 | lname = ls_file(fname, g.gl_statv[i], 1, | 932 | lname = ls_file(fname, g.gl_statv[i], 1, |
927 | (lflag & LS_SI_UNITS)); | 933 | (lflag & LS_SI_UNITS)); |
928 | printf("%s\n", lname); | 934 | mprintf("%s\n", lname); |
929 | free(lname); | 935 | free(lname); |
930 | } else { | 936 | } else { |
931 | printf("%-*s", colspace, fname); | 937 | mprintf("%-*s", colspace, fname); |
932 | if (c >= columns) { | 938 | if (c >= columns) { |
933 | printf("\n"); | 939 | printf("\n"); |
934 | c = 1; | 940 | c = 1; |
@@ -949,7 +955,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
949 | } | 955 | } |
950 | 956 | ||
951 | static int | 957 | static int |
952 | do_df(struct sftp_conn *conn, char *path, int hflag, int iflag) | 958 | do_df(struct sftp_conn *conn, const char *path, int hflag, int iflag) |
953 | { | 959 | { |
954 | struct sftp_statvfs st; | 960 | struct sftp_statvfs st; |
955 | char s_used[FMT_SCALED_STRSIZE]; | 961 | char s_used[FMT_SCALED_STRSIZE]; |
@@ -1205,7 +1211,7 @@ makeargv(const char *arg, int *argcp, int sloppy, char *lastquote, | |||
1205 | 1211 | ||
1206 | static int | 1212 | static int |
1207 | parse_args(const char **cpp, int *ignore_errors, int *aflag, | 1213 | parse_args(const char **cpp, int *ignore_errors, int *aflag, |
1208 | int *fflag, int *hflag, int *iflag, int *lflag, int *pflag, | 1214 | int *fflag, int *hflag, int *iflag, int *lflag, int *pflag, |
1209 | int *rflag, int *sflag, | 1215 | int *rflag, int *sflag, |
1210 | unsigned long *n_arg, char **path1, char **path2) | 1216 | unsigned long *n_arg, char **path1, char **path2) |
1211 | { | 1217 | { |
@@ -1397,7 +1403,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1397 | int err_abort) | 1403 | int err_abort) |
1398 | { | 1404 | { |
1399 | char *path1, *path2, *tmp; | 1405 | char *path1, *path2, *tmp; |
1400 | int ignore_errors = 0, aflag = 0, fflag = 0, hflag = 0, | 1406 | int ignore_errors = 0, aflag = 0, fflag = 0, hflag = 0, |
1401 | iflag = 0; | 1407 | iflag = 0; |
1402 | int lflag = 0, pflag = 0, rflag = 0, sflag = 0; | 1408 | int lflag = 0, pflag = 0, rflag = 0, sflag = 0; |
1403 | int cmdnum, i; | 1409 | int cmdnum, i; |
@@ -1456,7 +1462,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1456 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); | 1462 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); |
1457 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { | 1463 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { |
1458 | if (!quiet) | 1464 | if (!quiet) |
1459 | printf("Removing %s\n", g.gl_pathv[i]); | 1465 | mprintf("Removing %s\n", g.gl_pathv[i]); |
1460 | err = do_rm(conn, g.gl_pathv[i]); | 1466 | err = do_rm(conn, g.gl_pathv[i]); |
1461 | if (err != 0 && err_abort) | 1467 | if (err != 0 && err_abort) |
1462 | break; | 1468 | break; |
@@ -1556,7 +1562,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1556 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); | 1562 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); |
1557 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { | 1563 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { |
1558 | if (!quiet) | 1564 | if (!quiet) |
1559 | printf("Changing mode on %s\n", g.gl_pathv[i]); | 1565 | mprintf("Changing mode on %s\n", |
1566 | g.gl_pathv[i]); | ||
1560 | err = do_setstat(conn, g.gl_pathv[i], &a); | 1567 | err = do_setstat(conn, g.gl_pathv[i], &a); |
1561 | if (err != 0 && err_abort) | 1568 | if (err != 0 && err_abort) |
1562 | break; | 1569 | break; |
@@ -1586,12 +1593,12 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1586 | aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; | 1593 | aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; |
1587 | if (cmdnum == I_CHOWN) { | 1594 | if (cmdnum == I_CHOWN) { |
1588 | if (!quiet) | 1595 | if (!quiet) |
1589 | printf("Changing owner on %s\n", | 1596 | mprintf("Changing owner on %s\n", |
1590 | g.gl_pathv[i]); | 1597 | g.gl_pathv[i]); |
1591 | aa->uid = n_arg; | 1598 | aa->uid = n_arg; |
1592 | } else { | 1599 | } else { |
1593 | if (!quiet) | 1600 | if (!quiet) |
1594 | printf("Changing group on %s\n", | 1601 | mprintf("Changing group on %s\n", |
1595 | g.gl_pathv[i]); | 1602 | g.gl_pathv[i]); |
1596 | aa->gid = n_arg; | 1603 | aa->gid = n_arg; |
1597 | } | 1604 | } |
@@ -1601,7 +1608,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1601 | } | 1608 | } |
1602 | break; | 1609 | break; |
1603 | case I_PWD: | 1610 | case I_PWD: |
1604 | printf("Remote working directory: %s\n", *pwd); | 1611 | mprintf("Remote working directory: %s\n", *pwd); |
1605 | break; | 1612 | break; |
1606 | case I_LPWD: | 1613 | case I_LPWD: |
1607 | if (!getcwd(path_buf, sizeof(path_buf))) { | 1614 | if (!getcwd(path_buf, sizeof(path_buf))) { |
@@ -1609,7 +1616,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1609 | err = -1; | 1616 | err = -1; |
1610 | break; | 1617 | break; |
1611 | } | 1618 | } |
1612 | printf("Local working directory: %s\n", path_buf); | 1619 | mprintf("Local working directory: %s\n", path_buf); |
1613 | break; | 1620 | break; |
1614 | case I_QUIT: | 1621 | case I_QUIT: |
1615 | /* Processed below */ | 1622 | /* Processed below */ |
@@ -1678,7 +1685,7 @@ complete_display(char **list, u_int len) | |||
1678 | for (y = 0; list[y]; y++) { | 1685 | for (y = 0; list[y]; y++) { |
1679 | llen = strlen(list[y]); | 1686 | llen = strlen(list[y]); |
1680 | tmp = llen > len ? list[y] + len : ""; | 1687 | tmp = llen > len ? list[y] + len : ""; |
1681 | printf("%-*s", colspace, tmp); | 1688 | mprintf("%-*s", colspace, tmp); |
1682 | if (m >= columns) { | 1689 | if (m >= columns) { |
1683 | printf("\n"); | 1690 | printf("\n"); |
1684 | m = 1; | 1691 | m = 1; |
@@ -2062,7 +2069,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2062 | 2069 | ||
2063 | if (remote_is_dir(conn, dir) && file2 == NULL) { | 2070 | if (remote_is_dir(conn, dir) && file2 == NULL) { |
2064 | if (!quiet) | 2071 | if (!quiet) |
2065 | printf("Changing to: %s\n", dir); | 2072 | mprintf("Changing to: %s\n", dir); |
2066 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); | 2073 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); |
2067 | if (parse_dispatch_command(conn, cmd, | 2074 | if (parse_dispatch_command(conn, cmd, |
2068 | &remote_path, 1) != 0) { | 2075 | &remote_path, 1) != 0) { |
@@ -2106,7 +2113,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2106 | break; | 2113 | break; |
2107 | } | 2114 | } |
2108 | if (!interactive) { /* Echo command */ | 2115 | if (!interactive) { /* Echo command */ |
2109 | printf("sftp> %s", cmd); | 2116 | mprintf("sftp> %s", cmd); |
2110 | if (strlen(cmd) > 0 && | 2117 | if (strlen(cmd) > 0 && |
2111 | cmd[strlen(cmd) - 1] != '\n') | 2118 | cmd[strlen(cmd) - 1] != '\n') |
2112 | printf("\n"); | 2119 | printf("\n"); |
@@ -126,4 +126,4 @@ AUTHORS | |||
126 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 126 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
127 | versions 1.5 and 2.0. | 127 | versions 1.5 and 2.0. |
128 | 128 | ||
129 | OpenBSD 5.9 March 30, 2015 OpenBSD 5.9 | 129 | OpenBSD 6.0 March 30, 2015 OpenBSD 6.0 |
diff --git a/ssh-agent.0 b/ssh-agent.0 index 2cc5ac6e0..b6abf9b4e 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 | |||
@@ -109,4 +109,4 @@ AUTHORS | |||
109 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 109 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
110 | versions 1.5 and 2.0. | 110 | versions 1.5 and 2.0. |
111 | 111 | ||
112 | OpenBSD 5.9 November 15, 2015 OpenBSD 5.9 | 112 | OpenBSD 6.0 November 15, 2015 OpenBSD 6.0 |
diff --git a/ssh-agent.c b/ssh-agent.c index c38906d94..25d6ebc53 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.213 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -88,10 +88,6 @@ | |||
88 | #include "ssh-pkcs11.h" | 88 | #include "ssh-pkcs11.h" |
89 | #endif | 89 | #endif |
90 | 90 | ||
91 | #if defined(HAVE_SYS_PRCTL_H) | ||
92 | #include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */ | ||
93 | #endif | ||
94 | |||
95 | typedef enum { | 91 | typedef enum { |
96 | AUTH_UNUSED, | 92 | AUTH_UNUSED, |
97 | AUTH_SOCKET, | 93 | AUTH_SOCKET, |
@@ -144,8 +140,8 @@ char socket_dir[PATH_MAX]; | |||
144 | #define LOCK_SALT_SIZE 16 | 140 | #define LOCK_SALT_SIZE 16 |
145 | #define LOCK_ROUNDS 1 | 141 | #define LOCK_ROUNDS 1 |
146 | int locked = 0; | 142 | int locked = 0; |
147 | char lock_passwd[LOCK_SIZE]; | 143 | u_char lock_pwhash[LOCK_SIZE]; |
148 | char lock_salt[LOCK_SALT_SIZE]; | 144 | u_char lock_salt[LOCK_SALT_SIZE]; |
149 | 145 | ||
150 | extern char *__progname; | 146 | extern char *__progname; |
151 | 147 | ||
@@ -677,7 +673,8 @@ static void | |||
677 | process_lock_agent(SocketEntry *e, int lock) | 673 | process_lock_agent(SocketEntry *e, int lock) |
678 | { | 674 | { |
679 | int r, success = 0, delay; | 675 | int r, success = 0, delay; |
680 | char *passwd, passwdhash[LOCK_SIZE]; | 676 | char *passwd; |
677 | u_char passwdhash[LOCK_SIZE]; | ||
681 | static u_int fail_count = 0; | 678 | static u_int fail_count = 0; |
682 | size_t pwlen; | 679 | size_t pwlen; |
683 | 680 | ||
@@ -689,11 +686,11 @@ process_lock_agent(SocketEntry *e, int lock) | |||
689 | if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), | 686 | if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), |
690 | passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0) | 687 | passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0) |
691 | fatal("bcrypt_pbkdf"); | 688 | fatal("bcrypt_pbkdf"); |
692 | if (timingsafe_bcmp(passwdhash, lock_passwd, LOCK_SIZE) == 0) { | 689 | if (timingsafe_bcmp(passwdhash, lock_pwhash, LOCK_SIZE) == 0) { |
693 | debug("agent unlocked"); | 690 | debug("agent unlocked"); |
694 | locked = 0; | 691 | locked = 0; |
695 | fail_count = 0; | 692 | fail_count = 0; |
696 | explicit_bzero(lock_passwd, sizeof(lock_passwd)); | 693 | explicit_bzero(lock_pwhash, sizeof(lock_pwhash)); |
697 | success = 1; | 694 | success = 1; |
698 | } else { | 695 | } else { |
699 | /* delay in 0.1s increments up to 10s */ | 696 | /* delay in 0.1s increments up to 10s */ |
@@ -710,7 +707,7 @@ process_lock_agent(SocketEntry *e, int lock) | |||
710 | locked = 1; | 707 | locked = 1; |
711 | arc4random_buf(lock_salt, sizeof(lock_salt)); | 708 | arc4random_buf(lock_salt, sizeof(lock_salt)); |
712 | if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), | 709 | if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), |
713 | lock_passwd, sizeof(lock_passwd), LOCK_ROUNDS) < 0) | 710 | lock_pwhash, sizeof(lock_pwhash), LOCK_ROUNDS) < 0) |
714 | fatal("bcrypt_pbkdf"); | 711 | fatal("bcrypt_pbkdf"); |
715 | success = 1; | 712 | success = 1; |
716 | } | 713 | } |
@@ -1208,10 +1205,7 @@ main(int ac, char **av) | |||
1208 | setegid(getgid()); | 1205 | setegid(getgid()); |
1209 | setgid(getgid()); | 1206 | setgid(getgid()); |
1210 | 1207 | ||
1211 | #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) | 1208 | platform_disable_tracing(0); /* strict=no */ |
1212 | /* Disable ptrace on Linux without sgid bit */ | ||
1213 | prctl(PR_SET_DUMPABLE, 0); | ||
1214 | #endif | ||
1215 | 1209 | ||
1216 | #ifdef WITH_OPENSSL | 1210 | #ifdef WITH_OPENSSL |
1217 | OpenSSL_add_all_algorithms(); | 1211 | OpenSSL_add_all_algorithms(); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-dss.c,v 1.34 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: ssh-dss.c,v 1.35 2016/04/21 06:08:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -139,7 +139,8 @@ ssh_dss_verify(const struct sshkey *key, | |||
139 | char *ktype = NULL; | 139 | char *ktype = NULL; |
140 | 140 | ||
141 | if (key == NULL || key->dsa == NULL || | 141 | if (key == NULL || key->dsa == NULL || |
142 | sshkey_type_plain(key->type) != KEY_DSA) | 142 | sshkey_type_plain(key->type) != KEY_DSA || |
143 | signature == NULL || signaturelen == 0) | ||
143 | return SSH_ERR_INVALID_ARGUMENT; | 144 | return SSH_ERR_INVALID_ARGUMENT; |
144 | if (dlen == 0) | 145 | if (dlen == 0) |
145 | return SSH_ERR_INTERNAL_ERROR; | 146 | return SSH_ERR_INTERNAL_ERROR; |
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index 74912dfd9..d7bf3c69b 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ecdsa.c,v 1.12 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: ssh-ecdsa.c,v 1.13 2016/04/21 06:08:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -121,7 +121,8 @@ ssh_ecdsa_verify(const struct sshkey *key, | |||
121 | char *ktype = NULL; | 121 | char *ktype = NULL; |
122 | 122 | ||
123 | if (key == NULL || key->ecdsa == NULL || | 123 | if (key == NULL || key->ecdsa == NULL || |
124 | sshkey_type_plain(key->type) != KEY_ECDSA) | 124 | sshkey_type_plain(key->type) != KEY_ECDSA || |
125 | signature == NULL || signaturelen == 0) | ||
125 | return SSH_ERR_INVALID_ARGUMENT; | 126 | return SSH_ERR_INVALID_ARGUMENT; |
126 | 127 | ||
127 | if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || | 128 | if ((hash_alg = sshkey_ec_nid_to_hash_alg(key->ecdsa_nid)) == -1 || |
diff --git a/ssh-ed25519.c b/ssh-ed25519.c index b159ff5ee..5163e0297 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ed25519.c,v 1.6 2015/01/15 21:38:50 markus Exp $ */ | 1 | /* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2013 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2013 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -107,7 +107,8 @@ ssh_ed25519_verify(const struct sshkey *key, | |||
107 | if (key == NULL || | 107 | if (key == NULL || |
108 | sshkey_type_plain(key->type) != KEY_ED25519 || | 108 | sshkey_type_plain(key->type) != KEY_ED25519 || |
109 | key->ed25519_pk == NULL || | 109 | key->ed25519_pk == NULL || |
110 | datalen >= INT_MAX - crypto_sign_ed25519_BYTES) | 110 | datalen >= INT_MAX - crypto_sign_ed25519_BYTES || |
111 | signature == NULL || signaturelen == 0) | ||
111 | return SSH_ERR_INVALID_ARGUMENT; | 112 | return SSH_ERR_INVALID_ARGUMENT; |
112 | 113 | ||
113 | if ((b = sshbuf_from(signature, signaturelen)) == NULL) | 114 | if ((b = sshbuf_from(signature, signaturelen)) == NULL) |
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 2b749ae9f..569297da4 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -71,11 +71,11 @@ DESCRIPTION | |||
71 | or forgotten, a new key must be generated and the corresponding public | 71 | or forgotten, a new key must be generated and the corresponding public |
72 | key copied to other machines. | 72 | key copied to other machines. |
73 | 73 | ||
74 | For RSA1 keys, there is also a comment field in the key file that is only | 74 | For RSA1 keys and keys stored in the newer OpenSSH format, there is also |
75 | for convenience to the user to help identify the key. The comment can | 75 | a comment field in the key file that is only for convenience to the user |
76 | tell what the key is for, or whatever is useful. The comment is | 76 | to help identify the key. The comment can tell what the key is for, or |
77 | initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed | 77 | whatever is useful. The comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the |
78 | using the -c option. | 78 | key is created, but can be changed using the -c option. |
79 | 79 | ||
80 | After a key is generated, instructions below detail where the keys should | 80 | After a key is generated, instructions below detail where the keys should |
81 | be placed to be activated. | 81 | be placed to be activated. |
@@ -117,9 +117,10 @@ DESCRIPTION | |||
117 | Provides a new comment. | 117 | Provides a new comment. |
118 | 118 | ||
119 | -c Requests changing the comment in the private and public key | 119 | -c Requests changing the comment in the private and public key |
120 | files. This operation is only supported for RSA1 keys. The | 120 | files. This operation is only supported for RSA1 keys and keys |
121 | program will prompt for the file containing the private keys, for | 121 | stored in the newer OpenSSH format. The program will prompt for |
122 | the passphrase if the key has one, and for the new comment. | 122 | the file containing the private keys, for the passphrase if the |
123 | key has one, and for the new comment. | ||
123 | 124 | ||
124 | -D pkcs11 | 125 | -D pkcs11 |
125 | Download the RSA public keys provided by the PKCS#11 shared | 126 | Download the RSA public keys provided by the PKCS#11 shared |
@@ -202,7 +203,7 @@ DESCRIPTION | |||
202 | -l Show fingerprint of specified public key file. Private RSA1 keys | 203 | -l Show fingerprint of specified public key file. Private RSA1 keys |
203 | are also supported. For RSA and DSA keys ssh-keygen tries to | 204 | are also supported. For RSA and DSA keys ssh-keygen tries to |
204 | find the matching public key file and prints its fingerprint. If | 205 | find the matching public key file and prints its fingerprint. If |
205 | combined with -v, an ASCII art representation of the key is | 206 | combined with -v, a visual ASCII art representation of the key is |
206 | supplied with the fingerprint. | 207 | supplied with the fingerprint. |
207 | 208 | ||
208 | -M memory | 209 | -M memory |
@@ -566,4 +567,4 @@ AUTHORS | |||
566 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 567 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
567 | versions 1.5 and 2.0. | 568 | versions 1.5 and 2.0. |
568 | 569 | ||
569 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 | 570 | OpenBSD 6.0 June 16, 2016 OpenBSD 6.0 |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 24bed5f61..01711dfff 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.130 2016/02/17 07:38:19 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.133 2016/06/16 06:10:45 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: February 17 2016 $ | 38 | .Dd $Mdocdate: June 16 2016 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -205,7 +205,7 @@ There is no way to recover a lost passphrase. | |||
205 | If the passphrase is lost or forgotten, a new key must be generated | 205 | If the passphrase is lost or forgotten, a new key must be generated |
206 | and the corresponding public key copied to other machines. | 206 | and the corresponding public key copied to other machines. |
207 | .Pp | 207 | .Pp |
208 | For RSA1 keys, | 208 | For RSA1 keys and keys stored in the newer OpenSSH format, |
209 | there is also a comment field in the key file that is only for | 209 | there is also a comment field in the key file that is only for |
210 | convenience to the user to help identify the key. | 210 | convenience to the user to help identify the key. |
211 | The comment can tell what the key is for, or whatever is useful. | 211 | The comment can tell what the key is for, or whatever is useful. |
@@ -260,7 +260,8 @@ flag will be ignored. | |||
260 | Provides a new comment. | 260 | Provides a new comment. |
261 | .It Fl c | 261 | .It Fl c |
262 | Requests changing the comment in the private and public key files. | 262 | Requests changing the comment in the private and public key files. |
263 | This operation is only supported for RSA1 keys. | 263 | This operation is only supported for RSA1 keys and keys stored in the |
264 | newer OpenSSH format. | ||
264 | The program will prompt for the file containing the private keys, for | 265 | The program will prompt for the file containing the private keys, for |
265 | the passphrase if the key has one, and for the new comment. | 266 | the passphrase if the key has one, and for the new comment. |
266 | .It Fl D Ar pkcs11 | 267 | .It Fl D Ar pkcs11 |
@@ -385,7 +386,8 @@ For RSA and DSA keys | |||
385 | tries to find the matching public key file and prints its fingerprint. | 386 | tries to find the matching public key file and prints its fingerprint. |
386 | If combined with | 387 | If combined with |
387 | .Fl v , | 388 | .Fl v , |
388 | an ASCII art representation of the key is supplied with the fingerprint. | 389 | a visual ASCII art representation of the key is supplied with the |
390 | fingerprint. | ||
389 | .It Fl M Ar memory | 391 | .It Fl M Ar memory |
390 | Specify the amount of memory to use (in megabytes) when generating | 392 | Specify the amount of memory to use (in megabytes) when generating |
391 | candidate moduli for DH-GEX. | 393 | candidate moduli for DH-GEX. |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 478520123..0bd5fc93a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.290 2016/05/02 09:36:42 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -883,7 +883,7 @@ do_fingerprint(struct passwd *pw) | |||
883 | char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; | 883 | char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; |
884 | int i, invalid = 1; | 884 | int i, invalid = 1; |
885 | const char *path; | 885 | const char *path; |
886 | long int lnum = 0; | 886 | u_long lnum = 0; |
887 | 887 | ||
888 | if (!have_identity) | 888 | if (!have_identity) |
889 | ask_filename(pw, "Enter file in which the key is"); | 889 | ask_filename(pw, "Enter file in which the key is"); |
@@ -946,7 +946,7 @@ do_fingerprint(struct passwd *pw) | |||
946 | } | 946 | } |
947 | /* Retry after parsing leading hostname/key options */ | 947 | /* Retry after parsing leading hostname/key options */ |
948 | if (public == NULL && (public = try_read_key(&cp)) == NULL) { | 948 | if (public == NULL && (public = try_read_key(&cp)) == NULL) { |
949 | debug("%s:%ld: not a public key", path, lnum); | 949 | debug("%s:%lu: not a public key", path, lnum); |
950 | continue; | 950 | continue; |
951 | } | 951 | } |
952 | 952 | ||
@@ -1599,6 +1599,12 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) | |||
1599 | ca = load_identity(tmp); | 1599 | ca = load_identity(tmp); |
1600 | free(tmp); | 1600 | free(tmp); |
1601 | 1601 | ||
1602 | if (key_type_name != NULL && | ||
1603 | sshkey_type_from_name(key_type_name) != ca->type) { | ||
1604 | fatal("CA key type %s doesn't match specified %s", | ||
1605 | sshkey_ssh_name(ca), key_type_name); | ||
1606 | } | ||
1607 | |||
1602 | for (i = 0; i < argc; i++) { | 1608 | for (i = 0; i < argc; i++) { |
1603 | /* Split list of principals */ | 1609 | /* Split list of principals */ |
1604 | n = 0; | 1610 | n = 0; |
@@ -1640,8 +1646,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) | |||
1640 | &public->cert->signature_key)) != 0) | 1646 | &public->cert->signature_key)) != 0) |
1641 | fatal("key_from_private (ca key): %s", ssh_err(r)); | 1647 | fatal("key_from_private (ca key): %s", ssh_err(r)); |
1642 | 1648 | ||
1643 | if (sshkey_certify(public, ca) != 0) | 1649 | if ((r = sshkey_certify(public, ca, key_type_name)) != 0) |
1644 | fatal("Couldn't not certify key %s", tmp); | 1650 | fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); |
1645 | 1651 | ||
1646 | if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) | 1652 | if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) |
1647 | *cp = '\0'; | 1653 | *cp = '\0'; |
@@ -1920,7 +1926,7 @@ do_show_cert(struct passwd *pw) | |||
1920 | FILE *f; | 1926 | FILE *f; |
1921 | char *cp, line[SSH_MAX_PUBKEY_BYTES]; | 1927 | char *cp, line[SSH_MAX_PUBKEY_BYTES]; |
1922 | const char *path; | 1928 | const char *path; |
1923 | long int lnum = 0; | 1929 | u_long lnum = 0; |
1924 | 1930 | ||
1925 | if (!have_identity) | 1931 | if (!have_identity) |
1926 | ask_filename(pw, "Enter file in which the key is"); | 1932 | ask_filename(pw, "Enter file in which the key is"); |
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index 5578cc504..e9d9f0d8b 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 | |||
@@ -108,4 +108,4 @@ BUGS | |||
108 | This is because it opens a connection to the ssh port, reads the public | 108 | This is because it opens a connection to the ssh port, reads the public |
109 | key, and drops the connection as soon as it gets the key. | 109 | key, and drops the connection as soon as it gets the key. |
110 | 110 | ||
111 | OpenBSD 5.9 November 8, 2015 OpenBSD 5.9 | 111 | OpenBSD 6.0 November 8, 2015 OpenBSD 6.0 |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7fe61e4e1..c30d54e62 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.106 2016/05/02 10:26:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -302,6 +302,9 @@ keygrab_ssh2(con *c) | |||
302 | #ifdef WITH_OPENSSL | 302 | #ifdef WITH_OPENSSL |
303 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 303 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
304 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 304 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
305 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
306 | c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
307 | c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
305 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 308 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
306 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 309 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
307 | # ifdef OPENSSL_HAS_ECC | 310 | # ifdef OPENSSL_HAS_ECC |
diff --git a/ssh-keysign.0 b/ssh-keysign.0 index 65d75f313..34a451d62 100644 --- a/ssh-keysign.0 +++ b/ssh-keysign.0 | |||
@@ -49,4 +49,4 @@ HISTORY | |||
49 | AUTHORS | 49 | AUTHORS |
50 | Markus Friedl <markus@openbsd.org> | 50 | Markus Friedl <markus@openbsd.org> |
51 | 51 | ||
52 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 | 52 | OpenBSD 6.0 February 17, 2016 OpenBSD 6.0 |
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 index 47aa7bdcd..1b58361a6 100644 --- a/ssh-pkcs11-helper.0 +++ b/ssh-pkcs11-helper.0 | |||
@@ -22,4 +22,4 @@ HISTORY | |||
22 | AUTHORS | 22 | AUTHORS |
23 | Markus Friedl <markus@openbsd.org> | 23 | Markus Friedl <markus@openbsd.org> |
24 | 24 | ||
25 | OpenBSD 5.9 July 16, 2013 OpenBSD 5.9 | 25 | OpenBSD 6.0 July 16, 2013 OpenBSD 6.0 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.58 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.59 2016/04/21 06:08:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -172,7 +172,8 @@ ssh_rsa_verify(const struct sshkey *key, | |||
172 | 172 | ||
173 | if (key == NULL || key->rsa == NULL || | 173 | if (key == NULL || key->rsa == NULL || |
174 | sshkey_type_plain(key->type) != KEY_RSA || | 174 | sshkey_type_plain(key->type) != KEY_RSA || |
175 | BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) | 175 | BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE || |
176 | sig == NULL || siglen == 0) | ||
176 | return SSH_ERR_INVALID_ARGUMENT; | 177 | return SSH_ERR_INVALID_ARGUMENT; |
177 | 178 | ||
178 | if ((b = sshbuf_from(sig, siglen)) == NULL) | 179 | if ((b = sshbuf_from(sig, siglen)) == NULL) |
@@ -6,10 +6,11 @@ NAME | |||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] | 7 | ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] |
8 | [-D [bind_address:]port] [-E log_file] [-e escape_char] | 8 | [-D [bind_address:]port] [-E log_file] [-e escape_char] |
9 | [-F configfile] [-I pkcs11] [-i identity_file] [-L address] | 9 | [-F configfile] [-I pkcs11] [-i identity_file] |
10 | [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] | 10 | [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec] |
11 | [-Q query_option] [-R address] [-S ctl_path] [-W host:port] | 11 | [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address] |
12 | [-w local_tun[:remote_tun]] [user@]hostname [command] | 12 | [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] |
13 | [user@]hostname [command] | ||
13 | 14 | ||
14 | DESCRIPTION | 15 | DESCRIPTION |
15 | ssh (SSH client) is a program for logging into a remote machine and for | 16 | ssh (SSH client) is a program for logging into a remote machine and for |
@@ -147,6 +148,13 @@ DESCRIPTION | |||
147 | information from the filename obtained by appending -cert.pub to | 148 | information from the filename obtained by appending -cert.pub to |
148 | identity filenames. | 149 | identity filenames. |
149 | 150 | ||
151 | -J [user@]host[:port] | ||
152 | Connect to the target host by first making a ssh connection to | ||
153 | the jump host and then establishing a TCP forwarding to the | ||
154 | ultimate destination from there. Multiple jump hops may be | ||
155 | specified separated by comma characters. This is a shortcut to | ||
156 | specify a ProxyJump configuration directive. | ||
157 | |||
150 | -K Enables GSSAPI-based authentication and forwarding (delegation) | 158 | -K Enables GSSAPI-based authentication and forwarding (delegation) |
151 | of GSSAPI credentials to the server. | 159 | of GSSAPI credentials to the server. |
152 | 160 | ||
@@ -264,8 +272,10 @@ DESCRIPTION | |||
264 | HostKeyAlgorithms | 272 | HostKeyAlgorithms |
265 | HostKeyAlias | 273 | HostKeyAlias |
266 | HostName | 274 | HostName |
267 | IdentityFile | ||
268 | IdentitiesOnly | 275 | IdentitiesOnly |
276 | IdentityAgent | ||
277 | IdentityFile | ||
278 | Include | ||
269 | IPQoS | 279 | IPQoS |
270 | KbdInteractiveAuthentication | 280 | KbdInteractiveAuthentication |
271 | KbdInteractiveDevices | 281 | KbdInteractiveDevices |
@@ -284,6 +294,7 @@ DESCRIPTION | |||
284 | PreferredAuthentications | 294 | PreferredAuthentications |
285 | Protocol | 295 | Protocol |
286 | ProxyCommand | 296 | ProxyCommand |
297 | ProxyJump | ||
287 | ProxyUseFdpass | 298 | ProxyUseFdpass |
288 | PubkeyAcceptedKeyTypes | 299 | PubkeyAcceptedKeyTypes |
289 | PubkeyAuthentication | 300 | PubkeyAuthentication |
@@ -384,7 +395,9 @@ DESCRIPTION | |||
384 | -W host:port | 395 | -W host:port |
385 | Requests that standard input and output on the client be | 396 | Requests that standard input and output on the client be |
386 | forwarded to host on port over the secure channel. Implies -N, | 397 | forwarded to host on port over the secure channel. Implies -N, |
387 | -T, ExitOnForwardFailure and ClearAllForwardings. | 398 | -T, ExitOnForwardFailure and ClearAllForwardings, though these |
399 | can be overridden in the configuration file or using -o command | ||
400 | line options. | ||
388 | 401 | ||
389 | -w local_tun[:remote_tun] | 402 | -w local_tun[:remote_tun] |
390 | Requests tunnel device forwarding with the specified tun(4) | 403 | Requests tunnel device forwarding with the specified tun(4) |
@@ -955,4 +968,4 @@ AUTHORS | |||
955 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 968 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
956 | versions 1.5 and 2.0. | 969 | versions 1.5 and 2.0. |
957 | 970 | ||
958 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 | 971 | OpenBSD 6.0 July 16, 2016 OpenBSD 6.0 |
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh.1,v 1.369 2016/02/17 07:38:19 jmc Exp $ | 36 | .\" $OpenBSD: ssh.1,v 1.376 2016/07/16 06:57:55 jmc Exp $ |
37 | .Dd $Mdocdate: February 17 2016 $ | 37 | .Dd $Mdocdate: July 16 2016 $ |
38 | .Dt SSH 1 | 38 | .Dt SSH 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -52,6 +52,7 @@ | |||
52 | .Op Fl F Ar configfile | 52 | .Op Fl F Ar configfile |
53 | .Op Fl I Ar pkcs11 | 53 | .Op Fl I Ar pkcs11 |
54 | .Op Fl i Ar identity_file | 54 | .Op Fl i Ar identity_file |
55 | .Op Fl J Oo Ar user Ns @ Oc Ns Ar host Ns Op : Ns Ar port | ||
55 | .Op Fl L Ar address | 56 | .Op Fl L Ar address |
56 | .Op Fl l Ar login_name | 57 | .Op Fl l Ar login_name |
57 | .Op Fl m Ar mac_spec | 58 | .Op Fl m Ar mac_spec |
@@ -312,6 +313,24 @@ by appending | |||
312 | .Pa -cert.pub | 313 | .Pa -cert.pub |
313 | to identity filenames. | 314 | to identity filenames. |
314 | .Pp | 315 | .Pp |
316 | .It Fl J Xo | ||
317 | .Sm off | ||
318 | .Op Ar user No @ | ||
319 | .Ar host | ||
320 | .Op : Ar port | ||
321 | .Sm on | ||
322 | .Xc | ||
323 | Connect to the target host by first making a | ||
324 | .Nm | ||
325 | connection to the jump | ||
326 | .Ar host | ||
327 | and then establishing a TCP forwarding to the ultimate destination from | ||
328 | there. | ||
329 | Multiple jump hops may be specified separated by comma characters. | ||
330 | This is a shortcut to specify a | ||
331 | .Cm ProxyJump | ||
332 | configuration directive. | ||
333 | .Pp | ||
315 | .It Fl K | 334 | .It Fl K |
316 | Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI | 335 | Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI |
317 | credentials to the server. | 336 | credentials to the server. |
@@ -501,8 +520,10 @@ For full details of the options listed below, and their possible values, see | |||
501 | .It HostKeyAlgorithms | 520 | .It HostKeyAlgorithms |
502 | .It HostKeyAlias | 521 | .It HostKeyAlias |
503 | .It HostName | 522 | .It HostName |
504 | .It IdentityFile | ||
505 | .It IdentitiesOnly | 523 | .It IdentitiesOnly |
524 | .It IdentityAgent | ||
525 | .It IdentityFile | ||
526 | .It Include | ||
506 | .It IPQoS | 527 | .It IPQoS |
507 | .It KbdInteractiveAuthentication | 528 | .It KbdInteractiveAuthentication |
508 | .It KbdInteractiveDevices | 529 | .It KbdInteractiveDevices |
@@ -521,6 +542,7 @@ For full details of the options listed below, and their possible values, see | |||
521 | .It PreferredAuthentications | 542 | .It PreferredAuthentications |
522 | .It Protocol | 543 | .It Protocol |
523 | .It ProxyCommand | 544 | .It ProxyCommand |
545 | .It ProxyJump | ||
524 | .It ProxyUseFdpass | 546 | .It ProxyUseFdpass |
525 | .It PubkeyAcceptedKeyTypes | 547 | .It PubkeyAcceptedKeyTypes |
526 | .It PubkeyAuthentication | 548 | .It PubkeyAuthentication |
@@ -707,7 +729,10 @@ Implies | |||
707 | .Fl T , | 729 | .Fl T , |
708 | .Cm ExitOnForwardFailure | 730 | .Cm ExitOnForwardFailure |
709 | and | 731 | and |
710 | .Cm ClearAllForwardings . | 732 | .Cm ClearAllForwardings , |
733 | though these can be overridden in the configuration file or using | ||
734 | .Fl o | ||
735 | command line options. | ||
711 | .Pp | 736 | .Pp |
712 | .It Fl w Xo | 737 | .It Fl w Xo |
713 | .Ar local_tun Ns Op : Ns Ar remote_tun | 738 | .Ar local_tun Ns Op : Ns Ar remote_tun |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.436 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.445 2016/07/17 04:20:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -67,6 +67,7 @@ | |||
67 | #include <string.h> | 67 | #include <string.h> |
68 | #include <unistd.h> | 68 | #include <unistd.h> |
69 | #include <limits.h> | 69 | #include <limits.h> |
70 | #include <locale.h> | ||
70 | 71 | ||
71 | #include <netinet/in.h> | 72 | #include <netinet/in.h> |
72 | #include <arpa/inet.h> | 73 | #include <arpa/inet.h> |
@@ -151,10 +152,6 @@ int ostdin_null_flag, ono_shell_flag, otty_flag, orequest_tty; | |||
151 | */ | 152 | */ |
152 | int fork_after_authentication_flag = 0; | 153 | int fork_after_authentication_flag = 0; |
153 | 154 | ||
154 | /* forward stdio to remote host and port */ | ||
155 | char *stdio_forward_host = NULL; | ||
156 | int stdio_forward_port = 0; | ||
157 | |||
158 | /* | 155 | /* |
159 | * General data structure for command line options and options configurable | 156 | * General data structure for command line options and options configurable |
160 | * in configuration files. See readconf.h. | 157 | * in configuration files. See readconf.h. |
@@ -202,10 +199,11 @@ usage(void) | |||
202 | fprintf(stderr, | 199 | fprintf(stderr, |
203 | "usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" | 200 | "usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" |
204 | " [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" | 201 | " [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" |
205 | " [-F configfile] [-I pkcs11] [-i identity_file] [-L address]\n" | 202 | " [-F configfile] [-I pkcs11] [-i identity_file]\n" |
206 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" | 203 | " [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]\n" |
207 | " [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n" | 204 | " [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]\n" |
208 | " [-w local_tun[:remote_tun]] [user@]hostname [command]\n" | 205 | " [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]\n" |
206 | " [user@]hostname [command]\n" | ||
209 | ); | 207 | ); |
210 | exit(255); | 208 | exit(255); |
211 | } | 209 | } |
@@ -334,7 +332,7 @@ resolve_addr(const char *name, int port, char *caddr, size_t clen) | |||
334 | * NB. this function must operate with a options having undefined members. | 332 | * NB. this function must operate with a options having undefined members. |
335 | */ | 333 | */ |
336 | static int | 334 | static int |
337 | check_follow_cname(char **namep, const char *cname) | 335 | check_follow_cname(int direct, char **namep, const char *cname) |
338 | { | 336 | { |
339 | int i; | 337 | int i; |
340 | struct allowed_cname *rule; | 338 | struct allowed_cname *rule; |
@@ -346,9 +344,9 @@ check_follow_cname(char **namep, const char *cname) | |||
346 | return 0; | 344 | return 0; |
347 | /* | 345 | /* |
348 | * Don't attempt to canonicalize names that will be interpreted by | 346 | * Don't attempt to canonicalize names that will be interpreted by |
349 | * a proxy unless the user specifically requests so. | 347 | * a proxy or jump host unless the user specifically requests so. |
350 | */ | 348 | */ |
351 | if (!option_clear_or_none(options.proxy_command) && | 349 | if (!direct && |
352 | options.canonicalize_hostname != SSH_CANONICALISE_ALWAYS) | 350 | options.canonicalize_hostname != SSH_CANONICALISE_ALWAYS) |
353 | return 0; | 351 | return 0; |
354 | debug3("%s: check \"%s\" CNAME \"%s\"", __func__, *namep, cname); | 352 | debug3("%s: check \"%s\" CNAME \"%s\"", __func__, *namep, cname); |
@@ -375,7 +373,7 @@ check_follow_cname(char **namep, const char *cname) | |||
375 | static struct addrinfo * | 373 | static struct addrinfo * |
376 | resolve_canonicalize(char **hostp, int port) | 374 | resolve_canonicalize(char **hostp, int port) |
377 | { | 375 | { |
378 | int i, ndots; | 376 | int i, direct, ndots; |
379 | char *cp, *fullhost, newname[NI_MAXHOST]; | 377 | char *cp, *fullhost, newname[NI_MAXHOST]; |
380 | struct addrinfo *addrs; | 378 | struct addrinfo *addrs; |
381 | 379 | ||
@@ -386,7 +384,9 @@ resolve_canonicalize(char **hostp, int port) | |||
386 | * Don't attempt to canonicalize names that will be interpreted by | 384 | * Don't attempt to canonicalize names that will be interpreted by |
387 | * a proxy unless the user specifically requests so. | 385 | * a proxy unless the user specifically requests so. |
388 | */ | 386 | */ |
389 | if (!option_clear_or_none(options.proxy_command) && | 387 | direct = option_clear_or_none(options.proxy_command) && |
388 | options.jump_host == NULL; | ||
389 | if (!direct && | ||
390 | options.canonicalize_hostname != SSH_CANONICALISE_ALWAYS) | 390 | options.canonicalize_hostname != SSH_CANONICALISE_ALWAYS) |
391 | return NULL; | 391 | return NULL; |
392 | 392 | ||
@@ -441,7 +441,7 @@ resolve_canonicalize(char **hostp, int port) | |||
441 | /* Remove trailing '.' */ | 441 | /* Remove trailing '.' */ |
442 | fullhost[strlen(fullhost) - 1] = '\0'; | 442 | fullhost[strlen(fullhost) - 1] = '\0'; |
443 | /* Follow CNAME if requested */ | 443 | /* Follow CNAME if requested */ |
444 | if (!check_follow_cname(&fullhost, newname)) { | 444 | if (!check_follow_cname(direct, &fullhost, newname)) { |
445 | debug("Canonicalized hostname \"%s\" => \"%s\"", | 445 | debug("Canonicalized hostname \"%s\" => \"%s\"", |
446 | *hostp, fullhost); | 446 | *hostp, fullhost); |
447 | } | 447 | } |
@@ -513,7 +513,8 @@ set_addrinfo_port(struct addrinfo *addrs, int port) | |||
513 | int | 513 | int |
514 | main(int ac, char **av) | 514 | main(int ac, char **av) |
515 | { | 515 | { |
516 | int i, r, opt, exit_status, use_syslog, config_test = 0; | 516 | struct ssh *ssh = NULL; |
517 | int i, r, opt, exit_status, use_syslog, direct, config_test = 0; | ||
517 | char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile; | 518 | char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile; |
518 | char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; | 519 | char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; |
519 | char cname[NI_MAXHOST], uidstr[32], *conn_hash_hex; | 520 | char cname[NI_MAXHOST], uidstr[32], *conn_hash_hex; |
@@ -592,6 +593,8 @@ main(int ac, char **av) | |||
592 | */ | 593 | */ |
593 | umask(022); | 594 | umask(022); |
594 | 595 | ||
596 | setlocale(LC_CTYPE, ""); | ||
597 | |||
595 | /* | 598 | /* |
596 | * Initialize option structure to indicate that no values have been | 599 | * Initialize option structure to indicate that no values have been |
597 | * set. | 600 | * set. |
@@ -606,7 +609,7 @@ main(int ac, char **av) | |||
606 | 609 | ||
607 | again: | 610 | again: |
608 | while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" | 611 | while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" |
609 | "ACD:E:F:GI:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { | 612 | "ACD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { |
610 | switch (opt) { | 613 | switch (opt) { |
611 | case '1': | 614 | case '1': |
612 | options.protocol = SSH_PROTO_1; | 615 | options.protocol = SSH_PROTO_1; |
@@ -650,7 +653,7 @@ main(int ac, char **av) | |||
650 | options.fwd_opts.gateway_ports = 1; | 653 | options.fwd_opts.gateway_ports = 1; |
651 | break; | 654 | break; |
652 | case 'O': | 655 | case 'O': |
653 | if (stdio_forward_host != NULL) | 656 | if (options.stdio_forward_host != NULL) |
654 | fatal("Cannot specify multiplexing " | 657 | fatal("Cannot specify multiplexing " |
655 | "command with -W"); | 658 | "command with -W"); |
656 | else if (muxclient_command != 0) | 659 | else if (muxclient_command != 0) |
@@ -731,6 +734,15 @@ main(int ac, char **av) | |||
731 | fprintf(stderr, "no support for PKCS#11.\n"); | 734 | fprintf(stderr, "no support for PKCS#11.\n"); |
732 | #endif | 735 | #endif |
733 | break; | 736 | break; |
737 | case 'J': | ||
738 | if (options.jump_host != NULL) | ||
739 | fatal("Only a single -J option permitted"); | ||
740 | if (options.proxy_command != NULL) | ||
741 | fatal("Cannot specify -J with ProxyCommand"); | ||
742 | if (parse_jump(optarg, &options, 1) == -1) | ||
743 | fatal("Invalid -J argument"); | ||
744 | options.proxy_command = xstrdup("none"); | ||
745 | break; | ||
734 | case 't': | 746 | case 't': |
735 | if (options.request_tty == REQUEST_TTY_YES) | 747 | if (options.request_tty == REQUEST_TTY_YES) |
736 | options.request_tty = REQUEST_TTY_FORCE; | 748 | options.request_tty = REQUEST_TTY_FORCE; |
@@ -742,8 +754,10 @@ main(int ac, char **av) | |||
742 | debug_flag = 1; | 754 | debug_flag = 1; |
743 | options.log_level = SYSLOG_LEVEL_DEBUG1; | 755 | options.log_level = SYSLOG_LEVEL_DEBUG1; |
744 | } else { | 756 | } else { |
745 | if (options.log_level < SYSLOG_LEVEL_DEBUG3) | 757 | if (options.log_level < SYSLOG_LEVEL_DEBUG3) { |
758 | debug_flag++; | ||
746 | options.log_level++; | 759 | options.log_level++; |
760 | } | ||
747 | } | 761 | } |
748 | break; | 762 | break; |
749 | case 'V': | 763 | case 'V': |
@@ -769,13 +783,13 @@ main(int ac, char **av) | |||
769 | } | 783 | } |
770 | break; | 784 | break; |
771 | case 'W': | 785 | case 'W': |
772 | if (stdio_forward_host != NULL) | 786 | if (options.stdio_forward_host != NULL) |
773 | fatal("stdio forward already specified"); | 787 | fatal("stdio forward already specified"); |
774 | if (muxclient_command != 0) | 788 | if (muxclient_command != 0) |
775 | fatal("Cannot specify stdio forward with -O"); | 789 | fatal("Cannot specify stdio forward with -O"); |
776 | if (parse_forward(&fwd, optarg, 1, 0)) { | 790 | if (parse_forward(&fwd, optarg, 1, 0)) { |
777 | stdio_forward_host = fwd.listen_host; | 791 | options.stdio_forward_host = fwd.listen_host; |
778 | stdio_forward_port = fwd.listen_port; | 792 | options.stdio_forward_port = fwd.listen_port; |
779 | free(fwd.connect_host); | 793 | free(fwd.connect_host); |
780 | } else { | 794 | } else { |
781 | fprintf(stderr, | 795 | fprintf(stderr, |
@@ -785,8 +799,6 @@ main(int ac, char **av) | |||
785 | } | 799 | } |
786 | options.request_tty = REQUEST_TTY_NO; | 800 | options.request_tty = REQUEST_TTY_NO; |
787 | no_shell_flag = 1; | 801 | no_shell_flag = 1; |
788 | options.clear_forwardings = 1; | ||
789 | options.exit_on_forward_failure = 1; | ||
790 | break; | 802 | break; |
791 | case 'q': | 803 | case 'q': |
792 | options.log_level = SYSLOG_LEVEL_QUIET; | 804 | options.log_level = SYSLOG_LEVEL_QUIET; |
@@ -1043,9 +1055,10 @@ main(int ac, char **av) | |||
1043 | * has specifically requested canonicalisation for this case via | 1055 | * has specifically requested canonicalisation for this case via |
1044 | * CanonicalizeHostname=always | 1056 | * CanonicalizeHostname=always |
1045 | */ | 1057 | */ |
1046 | if (addrs == NULL && options.num_permitted_cnames != 0 && | 1058 | direct = option_clear_or_none(options.proxy_command) && |
1047 | (option_clear_or_none(options.proxy_command) || | 1059 | options.jump_host == NULL; |
1048 | options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) { | 1060 | if (addrs == NULL && options.num_permitted_cnames != 0 && (direct || |
1061 | options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) { | ||
1049 | if ((addrs = resolve_host(host, options.port, | 1062 | if ((addrs = resolve_host(host, options.port, |
1050 | option_clear_or_none(options.proxy_command), | 1063 | option_clear_or_none(options.proxy_command), |
1051 | cname, sizeof(cname))) == NULL) { | 1064 | cname, sizeof(cname))) == NULL) { |
@@ -1053,7 +1066,7 @@ main(int ac, char **av) | |||
1053 | if (option_clear_or_none(options.proxy_command)) | 1066 | if (option_clear_or_none(options.proxy_command)) |
1054 | cleanup_exit(255); /* logged in resolve_host */ | 1067 | cleanup_exit(255); /* logged in resolve_host */ |
1055 | } else | 1068 | } else |
1056 | check_follow_cname(&host, cname); | 1069 | check_follow_cname(direct, &host, cname); |
1057 | } | 1070 | } |
1058 | 1071 | ||
1059 | /* | 1072 | /* |
@@ -1078,6 +1091,41 @@ main(int ac, char **av) | |||
1078 | /* Fill configuration defaults. */ | 1091 | /* Fill configuration defaults. */ |
1079 | fill_default_options(&options); | 1092 | fill_default_options(&options); |
1080 | 1093 | ||
1094 | /* | ||
1095 | * If ProxyJump option specified, then construct a ProxyCommand now. | ||
1096 | */ | ||
1097 | if (options.jump_host != NULL) { | ||
1098 | char port_s[8]; | ||
1099 | |||
1100 | /* Consistency check */ | ||
1101 | if (options.proxy_command != NULL) | ||
1102 | fatal("inconsistent options: ProxyCommand+ProxyJump"); | ||
1103 | /* Never use FD passing for ProxyJump */ | ||
1104 | options.proxy_use_fdpass = 0; | ||
1105 | snprintf(port_s, sizeof(port_s), "%d", options.jump_port); | ||
1106 | xasprintf(&options.proxy_command, | ||
1107 | "ssh%s%s%s%s%s%s%s%s%s%.*s -W %%h:%%p %s", | ||
1108 | /* Optional "-l user" argument if jump_user set */ | ||
1109 | options.jump_user == NULL ? "" : " -l ", | ||
1110 | options.jump_user == NULL ? "" : options.jump_user, | ||
1111 | /* Optional "-p port" argument if jump_port set */ | ||
1112 | options.jump_port <= 0 ? "" : " -p ", | ||
1113 | options.jump_port <= 0 ? "" : port_s, | ||
1114 | /* Optional additional jump hosts ",..." */ | ||
1115 | options.jump_extra == NULL ? "" : " -J ", | ||
1116 | options.jump_extra == NULL ? "" : options.jump_extra, | ||
1117 | /* Optional "-F" argumment if -F specified */ | ||
1118 | config == NULL ? "" : " -F ", | ||
1119 | config == NULL ? "" : config, | ||
1120 | /* Optional "-v" arguments if -v set */ | ||
1121 | debug_flag ? " -" : "", | ||
1122 | debug_flag, "vvv", | ||
1123 | /* Mandatory hostname */ | ||
1124 | options.jump_host); | ||
1125 | debug("Setting implicit ProxyCommand from ProxyJump: %s", | ||
1126 | options.proxy_command); | ||
1127 | } | ||
1128 | |||
1081 | if (options.port == 0) | 1129 | if (options.port == 0) |
1082 | options.port = default_ssh_port(); | 1130 | options.port = default_ssh_port(); |
1083 | channel_set_af(options.address_family); | 1131 | channel_set_af(options.address_family); |
@@ -1220,6 +1268,8 @@ main(int ac, char **av) | |||
1220 | packet_set_timeout(options.server_alive_interval, | 1268 | packet_set_timeout(options.server_alive_interval, |
1221 | options.server_alive_count_max); | 1269 | options.server_alive_count_max); |
1222 | 1270 | ||
1271 | ssh = active_state; /* XXX */ | ||
1272 | |||
1223 | if (timeout_ms > 0) | 1273 | if (timeout_ms > 0) |
1224 | debug3("timeout: %d ms remain after connect", timeout_ms); | 1274 | debug3("timeout: %d ms remain after connect", timeout_ms); |
1225 | 1275 | ||
@@ -1332,6 +1382,23 @@ main(int ac, char **av) | |||
1332 | /* load options.identity_files */ | 1382 | /* load options.identity_files */ |
1333 | load_public_identity_files(); | 1383 | load_public_identity_files(); |
1334 | 1384 | ||
1385 | /* optionally set the SSH_AUTHSOCKET_ENV_NAME varibale */ | ||
1386 | if (options.identity_agent && | ||
1387 | strcmp(options.identity_agent, SSH_AUTHSOCKET_ENV_NAME) != 0) { | ||
1388 | if (strcmp(options.identity_agent, "none") == 0) { | ||
1389 | unsetenv(SSH_AUTHSOCKET_ENV_NAME); | ||
1390 | } else { | ||
1391 | p = tilde_expand_filename(options.identity_agent, | ||
1392 | original_real_uid); | ||
1393 | cp = percent_expand(p, "d", pw->pw_dir, | ||
1394 | "u", pw->pw_name, "l", thishost, "h", host, | ||
1395 | "r", options.user, (char *)NULL); | ||
1396 | setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1); | ||
1397 | free(cp); | ||
1398 | free(p); | ||
1399 | } | ||
1400 | } | ||
1401 | |||
1335 | /* Expand ~ in known host file names. */ | 1402 | /* Expand ~ in known host file names. */ |
1336 | tilde_expand_paths(options.system_hostfiles, | 1403 | tilde_expand_paths(options.system_hostfiles, |
1337 | options.num_system_hostfiles); | 1404 | options.num_system_hostfiles); |
@@ -1346,7 +1413,7 @@ main(int ac, char **av) | |||
1346 | 1413 | ||
1347 | if (packet_connection_is_on_socket()) { | 1414 | if (packet_connection_is_on_socket()) { |
1348 | verbose("Authenticated to %s ([%s]:%d).", host, | 1415 | verbose("Authenticated to %s ([%s]:%d).", host, |
1349 | get_remote_ipaddr(), get_remote_port()); | 1416 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
1350 | } else { | 1417 | } else { |
1351 | verbose("Authenticated to %s (via proxy).", host); | 1418 | verbose("Authenticated to %s (via proxy).", host); |
1352 | } | 1419 | } |
@@ -1518,18 +1585,19 @@ ssh_init_stdio_forwarding(void) | |||
1518 | Channel *c; | 1585 | Channel *c; |
1519 | int in, out; | 1586 | int in, out; |
1520 | 1587 | ||
1521 | if (stdio_forward_host == NULL) | 1588 | if (options.stdio_forward_host == NULL) |
1522 | return; | 1589 | return; |
1523 | if (!compat20) | 1590 | if (!compat20) |
1524 | fatal("stdio forwarding require Protocol 2"); | 1591 | fatal("stdio forwarding require Protocol 2"); |
1525 | 1592 | ||
1526 | debug3("%s: %s:%d", __func__, stdio_forward_host, stdio_forward_port); | 1593 | debug3("%s: %s:%d", __func__, options.stdio_forward_host, |
1594 | options.stdio_forward_port); | ||
1527 | 1595 | ||
1528 | if ((in = dup(STDIN_FILENO)) < 0 || | 1596 | if ((in = dup(STDIN_FILENO)) < 0 || |
1529 | (out = dup(STDOUT_FILENO)) < 0) | 1597 | (out = dup(STDOUT_FILENO)) < 0) |
1530 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); | 1598 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); |
1531 | if ((c = channel_connect_stdio_fwd(stdio_forward_host, | 1599 | if ((c = channel_connect_stdio_fwd(options.stdio_forward_host, |
1532 | stdio_forward_port, in, out)) == NULL) | 1600 | options.stdio_forward_port, in, out)) == NULL) |
1533 | fatal("%s: channel_connect_stdio_fwd failed", __func__); | 1601 | fatal("%s: channel_connect_stdio_fwd failed", __func__); |
1534 | channel_register_cleanup(c->self, client_cleanup_stdio_fwd, 0); | 1602 | channel_register_cleanup(c->self, client_cleanup_stdio_fwd, 0); |
1535 | channel_register_open_confirm(c->self, ssh_stdio_confirm, NULL); | 1603 | channel_register_open_confirm(c->self, ssh_stdio_confirm, NULL); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh1.h,v 1.6 2006/03/25 22:22:43 djm Exp $ */ | 1 | /* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -22,7 +22,6 @@ | |||
22 | #define SSH_MSG_MIN 1 | 22 | #define SSH_MSG_MIN 1 |
23 | #define SSH_MSG_MAX 254 | 23 | #define SSH_MSG_MAX 254 |
24 | /* Message name */ /* msg code */ /* arguments */ | 24 | /* Message name */ /* msg code */ /* arguments */ |
25 | #define SSH_MSG_NONE 0 /* no message */ | ||
26 | #define SSH_MSG_DISCONNECT 1 /* cause (string) */ | 25 | #define SSH_MSG_DISCONNECT 1 /* cause (string) */ |
27 | #define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */ | 26 | #define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */ |
28 | #define SSH_CMSG_SESSION_KEY 3 /* key (BIGNUM) */ | 27 | #define SSH_CMSG_SESSION_KEY 3 /* key (BIGNUM) */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh2.h,v 1.17 2016/01/14 16:17:40 markus Exp $ */ | 1 | /* $OpenBSD: ssh2.h,v 1.18 2016/05/04 14:22:33 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -55,6 +55,10 @@ | |||
55 | * 192-255 Local extensions | 55 | * 192-255 Local extensions |
56 | */ | 56 | */ |
57 | 57 | ||
58 | /* special marker for no message */ | ||
59 | |||
60 | #define SSH_MSG_NONE 0 | ||
61 | |||
58 | /* ranges */ | 62 | /* ranges */ |
59 | 63 | ||
60 | #define SSH2_MSG_TRANSPORT_MIN 1 | 64 | #define SSH2_MSG_TRANSPORT_MIN 1 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh_api.c,v 1.5 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: ssh_api.c,v 1.7 2016/05/04 14:22:33 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -17,14 +17,12 @@ | |||
17 | 17 | ||
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | 19 | ||
20 | #include "ssh1.h" /* For SSH_MSG_NONE */ | ||
21 | #include "ssh_api.h" | 20 | #include "ssh_api.h" |
22 | #include "compat.h" | 21 | #include "compat.h" |
23 | #include "log.h" | 22 | #include "log.h" |
24 | #include "authfile.h" | 23 | #include "authfile.h" |
25 | #include "sshkey.h" | 24 | #include "sshkey.h" |
26 | #include "misc.h" | 25 | #include "misc.h" |
27 | #include "ssh1.h" | ||
28 | #include "ssh2.h" | 26 | #include "ssh2.h" |
29 | #include "version.h" | 27 | #include "version.h" |
30 | #include "myproposal.h" | 28 | #include "myproposal.h" |
@@ -103,6 +101,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
103 | #ifdef WITH_OPENSSL | 101 | #ifdef WITH_OPENSSL |
104 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 102 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
105 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 103 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
104 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
105 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
106 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
106 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 107 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
107 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 108 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
108 | # ifdef OPENSSL_HAS_ECC | 109 | # ifdef OPENSSL_HAS_ECC |
@@ -117,6 +118,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
117 | #ifdef WITH_OPENSSL | 118 | #ifdef WITH_OPENSSL |
118 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 119 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
119 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 120 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
121 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
122 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
123 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
120 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 124 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
121 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 125 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
122 | # ifdef OPENSSL_HAS_ECC | 126 | # ifdef OPENSSL_HAS_ECC |
diff --git a/ssh_config.0 b/ssh_config.0 index b823c021c..8733281f5 100644 --- a/ssh_config.0 +++ b/ssh_config.0 | |||
@@ -532,6 +532,22 @@ DESCRIPTION | |||
532 | situations where ssh-agent offers many different identities. The | 532 | situations where ssh-agent offers many different identities. The |
533 | default is M-bM-^@M-^\noM-bM-^@M-^]. | 533 | default is M-bM-^@M-^\noM-bM-^@M-^]. |
534 | 534 | ||
535 | IdentityAgent | ||
536 | Specifies the UNIX-domain socket used to communicate with the | ||
537 | authentication agent. | ||
538 | |||
539 | This option overrides the M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] environment variable | ||
540 | and can be used to select a specific agent. Setting the socket | ||
541 | name to M-bM-^@M-^\noneM-bM-^@M-^] disables the use of an authentication agent. If | ||
542 | the string M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the | ||
543 | socket will be read from the SSH_AUTH_SOCK environment variable. | ||
544 | |||
545 | The socket name may use the tilde syntax to refer to a user's | ||
546 | home directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y | ||
547 | (local user's home directory), M-bM-^@M-^X%uM-bM-^@M-^Y (local user name), M-bM-^@M-^X%lM-bM-^@M-^Y | ||
548 | (local host name), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host name) or M-bM-^@M-^X%rM-bM-^@M-^Y (remote user | ||
549 | name). | ||
550 | |||
535 | IdentityFile | 551 | IdentityFile |
536 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA | 552 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA |
537 | authentication identity is read. The default is ~/.ssh/identity | 553 | authentication identity is read. The default is ~/.ssh/identity |
@@ -569,6 +585,16 @@ DESCRIPTION | |||
569 | listed early in the configuration file as it will not be applied | 585 | listed early in the configuration file as it will not be applied |
570 | to unknown options that appear before it. | 586 | to unknown options that appear before it. |
571 | 587 | ||
588 | Include | ||
589 | Include the specified configuration file(s). Multiple pathnames | ||
590 | may be specified and each pathname may contain glob(3) wildcards | ||
591 | and, for user configurations, shell-like M-bM-^@M-^\~M-bM-^@M-^] references to user | ||
592 | home directories. Files without absolute paths are assumed to be | ||
593 | in ~/.ssh if included in a user configuration file or /etc/ssh if | ||
594 | included from the system configuration file. Include directive | ||
595 | may appear inside a Match or Host block to perform conditional | ||
596 | inclusion. | ||
597 | |||
572 | IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. | 598 | IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. |
573 | Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^], M-bM-^@M-^\af22M-bM-^@M-^], | 599 | Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^], M-bM-^@M-^\af22M-bM-^@M-^], |
574 | M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^], M-bM-^@M-^\cs0M-bM-^@M-^], | 600 | M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^], M-bM-^@M-^\cs0M-bM-^@M-^], |
@@ -746,6 +772,18 @@ DESCRIPTION | |||
746 | 772 | ||
747 | ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p | 773 | ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p |
748 | 774 | ||
775 | ProxyJump | ||
776 | Specifies one or more jump proxies as [user@]host[:port]. | ||
777 | Multiple proxies may be separated by comma characters and will be | ||
778 | visited sequentially. Setting this option will cause ssh(1) to | ||
779 | connect to the target host by first making a ssh(1) connection to | ||
780 | the specified ProxyJump host and then establishing a TCP | ||
781 | forwarding to the ultimate target from there. | ||
782 | |||
783 | Note that this option will compete with the ProxyCommand option - | ||
784 | whichever is specified first will prevent later instances of the | ||
785 | other from taking effect. | ||
786 | |||
749 | ProxyUseFdpass | 787 | ProxyUseFdpass |
750 | Specifies that ProxyCommand will pass a connected file descriptor | 788 | Specifies that ProxyCommand will pass a connected file descriptor |
751 | back to ssh(1) instead of continuing to execute and pass data. | 789 | back to ssh(1) instead of continuing to execute and pass data. |
@@ -1049,4 +1087,4 @@ AUTHORS | |||
1049 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 1087 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
1050 | versions 1.5 and 2.0. | 1088 | versions 1.5 and 2.0. |
1051 | 1089 | ||
1052 | OpenBSD 5.9 February 20, 2016 OpenBSD 5.9 | 1090 | OpenBSD 6.0 July 22, 2016 OpenBSD 6.0 |
diff --git a/ssh_config.5 b/ssh_config.5 index 51765c99e..c96725862 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.228 2016/02/20 23:01:46 sobrado Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.236 2016/07/22 07:00:46 djm Exp $ |
37 | .Dd $Mdocdate: February 20 2016 $ | 37 | .Dd $Mdocdate: July 22 2016 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1008,6 +1008,36 @@ This option is intended for situations where ssh-agent | |||
1008 | offers many different identities. | 1008 | offers many different identities. |
1009 | The default is | 1009 | The default is |
1010 | .Dq no . | 1010 | .Dq no . |
1011 | .It Cm IdentityAgent | ||
1012 | Specifies the | ||
1013 | .Ux Ns -domain | ||
1014 | socket used to communicate with the authentication agent. | ||
1015 | .Pp | ||
1016 | This option overrides the | ||
1017 | .Dq SSH_AUTH_SOCK | ||
1018 | environment variable and can be used to select a specific agent. | ||
1019 | Setting the socket name to | ||
1020 | .Dq none | ||
1021 | disables the use of an authentication agent. | ||
1022 | If the string | ||
1023 | .Dq SSH_AUTH_SOCK | ||
1024 | is specified, the location of the socket will be read from the | ||
1025 | .Ev SSH_AUTH_SOCK | ||
1026 | environment variable. | ||
1027 | .Pp | ||
1028 | The socket name may use the tilde | ||
1029 | syntax to refer to a user's home directory or one of the following | ||
1030 | escape characters: | ||
1031 | .Ql %d | ||
1032 | (local user's home directory), | ||
1033 | .Ql %u | ||
1034 | (local user name), | ||
1035 | .Ql %l | ||
1036 | (local host name), | ||
1037 | .Ql %h | ||
1038 | (remote host name) or | ||
1039 | .Ql %r | ||
1040 | (remote user name). | ||
1011 | .It Cm IdentityFile | 1041 | .It Cm IdentityFile |
1012 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication | 1042 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication |
1013 | identity is read. | 1043 | identity is read. |
@@ -1075,6 +1105,25 @@ It is recommended that | |||
1075 | .Cm IgnoreUnknown | 1105 | .Cm IgnoreUnknown |
1076 | be listed early in the configuration file as it will not be applied | 1106 | be listed early in the configuration file as it will not be applied |
1077 | to unknown options that appear before it. | 1107 | to unknown options that appear before it. |
1108 | .It Cm Include | ||
1109 | Include the specified configuration file(s). | ||
1110 | Multiple pathnames may be specified and each pathname may contain | ||
1111 | .Xr glob 3 | ||
1112 | wildcards and, for user configurations, shell-like | ||
1113 | .Dq ~ | ||
1114 | references to user home directories. | ||
1115 | Files without absolute paths are assumed to be in | ||
1116 | .Pa ~/.ssh | ||
1117 | if included in a user configuration file or | ||
1118 | .Pa /etc/ssh | ||
1119 | if included from the system configuration file. | ||
1120 | .Cm Include | ||
1121 | directive may appear inside a | ||
1122 | .Cm Match | ||
1123 | or | ||
1124 | .Cm Host | ||
1125 | block | ||
1126 | to perform conditional inclusion. | ||
1078 | .It Cm IPQoS | 1127 | .It Cm IPQoS |
1079 | Specifies the IPv4 type-of-service or DSCP class for connections. | 1128 | Specifies the IPv4 type-of-service or DSCP class for connections. |
1080 | Accepted values are | 1129 | Accepted values are |
@@ -1365,6 +1414,30 @@ For example, the following directive would connect via an HTTP proxy at | |||
1365 | .Bd -literal -offset 3n | 1414 | .Bd -literal -offset 3n |
1366 | ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p | 1415 | ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p |
1367 | .Ed | 1416 | .Ed |
1417 | .It Cm ProxyJump | ||
1418 | Specifies one or more jump proxies as | ||
1419 | .Xo | ||
1420 | .Sm off | ||
1421 | .Op Ar user No @ | ||
1422 | .Ar host | ||
1423 | .Op : Ns Ar port | ||
1424 | .Sm on | ||
1425 | .Xc . | ||
1426 | Multiple proxies may be separated by comma characters and will be visited | ||
1427 | sequentially. | ||
1428 | Setting this option will cause | ||
1429 | .Xr ssh 1 | ||
1430 | to connect to the target host by first making a | ||
1431 | .Xr ssh 1 | ||
1432 | connection to the specified | ||
1433 | .Cm ProxyJump | ||
1434 | host and then establishing a | ||
1435 | TCP forwarding to the ultimate target from there. | ||
1436 | .Pp | ||
1437 | Note that this option will compete with the | ||
1438 | .Cm ProxyCommand | ||
1439 | option - whichever is specified first will prevent later instances of the | ||
1440 | other from taking effect. | ||
1368 | .It Cm ProxyUseFdpass | 1441 | .It Cm ProxyUseFdpass |
1369 | Specifies that | 1442 | Specifies that |
1370 | .Cm ProxyCommand | 1443 | .Cm ProxyCommand |
diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c index 23e0fd7c1..74c49be7c 100644 --- a/sshbuf-getput-basic.c +++ b/sshbuf-getput-basic.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-getput-basic.c,v 1.5 2015/10/20 23:24:25 mmcc Exp $ */ | 1 | /* $OpenBSD: sshbuf-getput-basic.c,v 1.6 2016/06/16 11:00:17 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -19,6 +19,8 @@ | |||
19 | #include "includes.h" | 19 | #include "includes.h" |
20 | 20 | ||
21 | #include <sys/types.h> | 21 | #include <sys/types.h> |
22 | |||
23 | #include <stdarg.h> | ||
22 | #include <stdlib.h> | 24 | #include <stdlib.h> |
23 | #include <stdio.h> | 25 | #include <stdio.h> |
24 | #include <string.h> | 26 | #include <string.h> |
@@ -268,7 +270,7 @@ sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) | |||
268 | int r, len; | 270 | int r, len; |
269 | u_char *p; | 271 | u_char *p; |
270 | 272 | ||
271 | va_copy(ap2, ap); | 273 | VA_COPY(ap2, ap); |
272 | if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) { | 274 | if ((len = vsnprintf(NULL, 0, fmt, ap2)) < 0) { |
273 | r = SSH_ERR_INVALID_ARGUMENT; | 275 | r = SSH_ERR_INVALID_ARGUMENT; |
274 | goto out; | 276 | goto out; |
@@ -278,7 +280,7 @@ sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap) | |||
278 | goto out; /* Nothing to do */ | 280 | goto out; /* Nothing to do */ |
279 | } | 281 | } |
280 | va_end(ap2); | 282 | va_end(ap2); |
281 | va_copy(ap2, ap); | 283 | VA_COPY(ap2, ap); |
282 | if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0) | 284 | if ((r = sshbuf_reserve(buf, (size_t)len + 1, &p)) < 0) |
283 | goto out; | 285 | goto out; |
284 | if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) { | 286 | if ((r = vsnprintf((char *)p, len + 1, fmt, ap2)) != len) { |
diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 3da4b80e7..15dcfbc79 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-misc.c,v 1.5 2015/10/05 17:11:21 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf-misc.c,v 1.6 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -136,3 +136,26 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64) | |||
136 | return 0; | 136 | return 0; |
137 | } | 137 | } |
138 | 138 | ||
139 | char * | ||
140 | sshbuf_dup_string(struct sshbuf *buf) | ||
141 | { | ||
142 | const u_char *p = NULL, *s = sshbuf_ptr(buf); | ||
143 | size_t l = sshbuf_len(buf); | ||
144 | char *r; | ||
145 | |||
146 | if (s == NULL || l > SIZE_MAX) | ||
147 | return NULL; | ||
148 | /* accept a nul only as the last character in the buffer */ | ||
149 | if (l > 0 && (p = memchr(s, '\0', l)) != NULL) { | ||
150 | if (p != s + l - 1) | ||
151 | return NULL; | ||
152 | l--; /* the nul is put back below */ | ||
153 | } | ||
154 | if ((r = malloc(l + 1)) == NULL) | ||
155 | return NULL; | ||
156 | if (l > 0) | ||
157 | memcpy(r, s, l); | ||
158 | r[l] = '\0'; | ||
159 | return r; | ||
160 | } | ||
161 | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf.h,v 1.6 2015/12/10 07:01:35 mmcc Exp $ */ | 1 | /* $OpenBSD: sshbuf.h,v 1.7 2016/05/02 08:49:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -239,6 +239,13 @@ char *sshbuf_dtob64(struct sshbuf *buf); | |||
239 | /* Decode base64 data and append it to the buffer */ | 239 | /* Decode base64 data and append it to the buffer */ |
240 | int sshbuf_b64tod(struct sshbuf *buf, const char *b64); | 240 | int sshbuf_b64tod(struct sshbuf *buf, const char *b64); |
241 | 241 | ||
242 | /* | ||
243 | * Duplicate the contents of a buffer to a string (caller to free). | ||
244 | * Returns NULL on buffer error, or if the buffer contains a premature | ||
245 | * nul character. | ||
246 | */ | ||
247 | char *sshbuf_dup_string(struct sshbuf *buf); | ||
248 | |||
242 | /* Macros for decoding/encoding integers */ | 249 | /* Macros for decoding/encoding integers */ |
243 | #define PEEK_U64(p) \ | 250 | #define PEEK_U64(p) \ |
244 | (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ | 251 | (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ |
diff --git a/sshconnect2.c b/sshconnect2.c index 40facdab5..34b9d304e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.240 2016/03/14 16:20:54 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.247 2016/07/22 05:46:11 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -71,6 +71,7 @@ | |||
71 | #include "uidswap.h" | 71 | #include "uidswap.h" |
72 | #include "hostfile.h" | 72 | #include "hostfile.h" |
73 | #include "ssherr.h" | 73 | #include "ssherr.h" |
74 | #include "utf8.h" | ||
74 | 75 | ||
75 | #ifdef GSSAPI | 76 | #ifdef GSSAPI |
76 | #include "ssh-gss.h" | 77 | #include "ssh-gss.h" |
@@ -176,13 +177,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
176 | compat_cipher_proposal(options.ciphers); | 177 | compat_cipher_proposal(options.ciphers); |
177 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | 178 | myproposal[PROPOSAL_ENC_ALGS_STOC] = |
178 | compat_cipher_proposal(options.ciphers); | 179 | compat_cipher_proposal(options.ciphers); |
179 | if (options.compression) { | 180 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
180 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 181 | myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ? |
181 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none"; | 182 | "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib"; |
182 | } else { | ||
183 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | ||
184 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib"; | ||
185 | } | ||
186 | myproposal[PROPOSAL_MAC_ALGS_CTOS] = | 183 | myproposal[PROPOSAL_MAC_ALGS_CTOS] = |
187 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; | 184 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; |
188 | if (options.hostkeyalgorithms != NULL) { | 185 | if (options.hostkeyalgorithms != NULL) { |
@@ -206,12 +203,15 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
206 | * client to the key exchange algorithm proposal */ | 203 | * client to the key exchange algorithm proposal */ |
207 | orig = myproposal[PROPOSAL_KEX_ALGS]; | 204 | orig = myproposal[PROPOSAL_KEX_ALGS]; |
208 | 205 | ||
209 | if (options.gss_trust_dns) | 206 | if (options.gss_server_identity) |
210 | gss_host = (char *)get_canonical_hostname(1); | 207 | gss_host = xstrdup(options.gss_server_identity); |
208 | else if (options.gss_trust_dns) | ||
209 | gss_host = remote_hostname(active_state); | ||
211 | else | 210 | else |
212 | gss_host = host; | 211 | gss_host = xstrdup(host); |
213 | 212 | ||
214 | gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity); | 213 | gss = ssh_gssapi_client_mechanisms(gss_host, |
214 | options.gss_client_identity); | ||
215 | if (gss) { | 215 | if (gss) { |
216 | debug("Offering GSSAPI proposal: %s", gss); | 216 | debug("Offering GSSAPI proposal: %s", gss); |
217 | xasprintf(&myproposal[PROPOSAL_KEX_ALGS], | 217 | xasprintf(&myproposal[PROPOSAL_KEX_ALGS], |
@@ -238,6 +238,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
238 | #ifdef WITH_OPENSSL | 238 | #ifdef WITH_OPENSSL |
239 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 239 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; |
240 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 240 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; |
241 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | ||
242 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | ||
243 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | ||
241 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 244 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
242 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 245 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
243 | # ifdef OPENSSL_HAS_ECC | 246 | # ifdef OPENSSL_HAS_ECC |
@@ -261,11 +264,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
261 | kex->gss_deleg_creds = options.gss_deleg_creds; | 264 | kex->gss_deleg_creds = options.gss_deleg_creds; |
262 | kex->gss_trust_dns = options.gss_trust_dns; | 265 | kex->gss_trust_dns = options.gss_trust_dns; |
263 | kex->gss_client = options.gss_client_identity; | 266 | kex->gss_client = options.gss_client_identity; |
264 | if (options.gss_server_identity) { | 267 | kex->gss_host = gss_host; |
265 | kex->gss_host = options.gss_server_identity; | ||
266 | } else { | ||
267 | kex->gss_host = gss_host; | ||
268 | } | ||
269 | } | 268 | } |
270 | #endif | 269 | #endif |
271 | 270 | ||
@@ -554,21 +553,15 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt) | |||
554 | int | 553 | int |
555 | input_userauth_banner(int type, u_int32_t seq, void *ctxt) | 554 | input_userauth_banner(int type, u_int32_t seq, void *ctxt) |
556 | { | 555 | { |
557 | char *msg, *raw, *lang; | 556 | char *msg, *lang; |
558 | u_int len; | 557 | u_int len; |
559 | 558 | ||
560 | debug3("input_userauth_banner"); | 559 | debug3("%s", __func__); |
561 | raw = packet_get_string(&len); | 560 | msg = packet_get_string(&len); |
562 | lang = packet_get_string(NULL); | 561 | lang = packet_get_string(NULL); |
563 | if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) { | 562 | if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) |
564 | if (len > 65536) | 563 | fmprintf(stderr, "%s", msg); |
565 | len = 65536; | 564 | free(msg); |
566 | msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ | ||
567 | strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH); | ||
568 | fprintf(stderr, "%s", msg); | ||
569 | free(msg); | ||
570 | } | ||
571 | free(raw); | ||
572 | free(lang); | 565 | free(lang); |
573 | return 0; | 566 | return 0; |
574 | } | 567 | } |
@@ -620,7 +613,7 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt) | |||
620 | packet_check_eom(); | 613 | packet_check_eom(); |
621 | 614 | ||
622 | if (partial != 0) { | 615 | if (partial != 0) { |
623 | logit("Authenticated with partial success."); | 616 | verbose("Authenticated with partial success."); |
624 | /* reset state */ | 617 | /* reset state */ |
625 | pubkey_cleanup(authctxt); | 618 | pubkey_cleanup(authctxt); |
626 | pubkey_prepare(authctxt); | 619 | pubkey_prepare(authctxt); |
@@ -714,14 +707,14 @@ userauth_gssapi(Authctxt *authctxt) | |||
714 | static u_int mech = 0; | 707 | static u_int mech = 0; |
715 | OM_uint32 min; | 708 | OM_uint32 min; |
716 | int ok = 0; | 709 | int ok = 0; |
717 | const char *gss_host; | 710 | char *gss_host; |
718 | 711 | ||
719 | if (options.gss_server_identity) | 712 | if (options.gss_server_identity) |
720 | gss_host = options.gss_server_identity; | 713 | gss_host = xstrdup(options.gss_server_identity); |
721 | else if (options.gss_trust_dns) | 714 | else if (options.gss_trust_dns) |
722 | gss_host = get_canonical_hostname(1); | 715 | gss_host = remote_hostname(active_state); |
723 | else | 716 | else |
724 | gss_host = authctxt->host; | 717 | gss_host = xstrdup(authctxt->host); |
725 | 718 | ||
726 | /* Try one GSSAPI method at a time, rather than sending them all at | 719 | /* Try one GSSAPI method at a time, rather than sending them all at |
727 | * once. */ | 720 | * once. */ |
@@ -729,6 +722,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
729 | if (gss_supported == NULL) | 722 | if (gss_supported == NULL) |
730 | if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { | 723 | if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { |
731 | gss_supported = NULL; | 724 | gss_supported = NULL; |
725 | free(gss_host); | ||
732 | return 0; | 726 | return 0; |
733 | } | 727 | } |
734 | 728 | ||
@@ -745,6 +739,8 @@ userauth_gssapi(Authctxt *authctxt) | |||
745 | } | 739 | } |
746 | } | 740 | } |
747 | 741 | ||
742 | free(gss_host); | ||
743 | |||
748 | if (!ok) | 744 | if (!ok) |
749 | return 0; | 745 | return 0; |
750 | 746 | ||
@@ -1206,8 +1202,8 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) | |||
1206 | /* | 1202 | /* |
1207 | * If the key is an certificate, try to find a matching private key | 1203 | * If the key is an certificate, try to find a matching private key |
1208 | * and use it to complete the signature. | 1204 | * and use it to complete the signature. |
1209 | * If no such private key exists, return failure and continue with | 1205 | * If no such private key exists, fall back to trying the certificate |
1210 | * other methods of authentication. | 1206 | * key itself in case it has a private half already loaded. |
1211 | */ | 1207 | */ |
1212 | if (key_is_cert(id->key)) { | 1208 | if (key_is_cert(id->key)) { |
1213 | matched = 0; | 1209 | matched = 0; |
@@ -1408,29 +1404,6 @@ pubkey_prepare(Authctxt *authctxt) | |||
1408 | id->userprovided = options.identity_file_userprovided[i]; | 1404 | id->userprovided = options.identity_file_userprovided[i]; |
1409 | TAILQ_INSERT_TAIL(&files, id, next); | 1405 | TAILQ_INSERT_TAIL(&files, id, next); |
1410 | } | 1406 | } |
1411 | /* Prefer PKCS11 keys that are explicitly listed */ | ||
1412 | TAILQ_FOREACH_SAFE(id, &files, next, tmp) { | ||
1413 | if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0) | ||
1414 | continue; | ||
1415 | found = 0; | ||
1416 | TAILQ_FOREACH(id2, &files, next) { | ||
1417 | if (id2->key == NULL || | ||
1418 | (id2->key->flags & SSHKEY_FLAG_EXT) == 0) | ||
1419 | continue; | ||
1420 | if (sshkey_equal(id->key, id2->key)) { | ||
1421 | TAILQ_REMOVE(&files, id, next); | ||
1422 | TAILQ_INSERT_TAIL(preferred, id, next); | ||
1423 | found = 1; | ||
1424 | break; | ||
1425 | } | ||
1426 | } | ||
1427 | /* If IdentitiesOnly set and key not found then don't use it */ | ||
1428 | if (!found && options.identities_only) { | ||
1429 | TAILQ_REMOVE(&files, id, next); | ||
1430 | explicit_bzero(id, sizeof(*id)); | ||
1431 | free(id); | ||
1432 | } | ||
1433 | } | ||
1434 | /* list of certificates specified by user */ | 1407 | /* list of certificates specified by user */ |
1435 | for (i = 0; i < options.num_certificate_files; i++) { | 1408 | for (i = 0; i < options.num_certificate_files; i++) { |
1436 | key = options.certificates[i]; | 1409 | key = options.certificates[i]; |
@@ -1489,6 +1462,29 @@ pubkey_prepare(Authctxt *authctxt) | |||
1489 | } | 1462 | } |
1490 | authctxt->agent_fd = agent_fd; | 1463 | authctxt->agent_fd = agent_fd; |
1491 | } | 1464 | } |
1465 | /* Prefer PKCS11 keys that are explicitly listed */ | ||
1466 | TAILQ_FOREACH_SAFE(id, &files, next, tmp) { | ||
1467 | if (id->key == NULL || (id->key->flags & SSHKEY_FLAG_EXT) == 0) | ||
1468 | continue; | ||
1469 | found = 0; | ||
1470 | TAILQ_FOREACH(id2, &files, next) { | ||
1471 | if (id2->key == NULL || | ||
1472 | (id2->key->flags & SSHKEY_FLAG_EXT) == 0) | ||
1473 | continue; | ||
1474 | if (sshkey_equal(id->key, id2->key)) { | ||
1475 | TAILQ_REMOVE(&files, id, next); | ||
1476 | TAILQ_INSERT_TAIL(preferred, id, next); | ||
1477 | found = 1; | ||
1478 | break; | ||
1479 | } | ||
1480 | } | ||
1481 | /* If IdentitiesOnly set and key not found then don't use it */ | ||
1482 | if (!found && options.identities_only) { | ||
1483 | TAILQ_REMOVE(&files, id, next); | ||
1484 | explicit_bzero(id, sizeof(*id)); | ||
1485 | free(id); | ||
1486 | } | ||
1487 | } | ||
1492 | /* append remaining keys from the config file */ | 1488 | /* append remaining keys from the config file */ |
1493 | for (id = TAILQ_FIRST(&files); id; id = TAILQ_FIRST(&files)) { | 1489 | for (id = TAILQ_FIRST(&files); id; id = TAILQ_FIRST(&files)) { |
1494 | TAILQ_REMOVE(&files, id, next); | 1490 | TAILQ_REMOVE(&files, id, next); |
@@ -2034,8 +2030,8 @@ authmethods_get(void) | |||
2034 | buffer_append(&b, method->name, strlen(method->name)); | 2030 | buffer_append(&b, method->name, strlen(method->name)); |
2035 | } | 2031 | } |
2036 | } | 2032 | } |
2037 | buffer_append(&b, "\0", 1); | 2033 | if ((list = sshbuf_dup_string(&b)) == NULL) |
2038 | list = xstrdup(buffer_ptr(&b)); | 2034 | fatal("%s: sshbuf_dup_string failed", __func__); |
2039 | buffer_free(&b); | 2035 | buffer_free(&b); |
2040 | return list; | 2036 | return list; |
2041 | } | 2037 | } |
@@ -662,4 +662,4 @@ AUTHORS | |||
662 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 662 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
663 | for privilege separation. | 663 | for privilege separation. |
664 | 664 | ||
665 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 | 665 | OpenBSD 6.0 February 17, 2016 OpenBSD 6.0 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.465 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.470 2016/05/24 04:43:45 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -386,7 +386,8 @@ grace_alarm_handler(int sig) | |||
386 | } | 386 | } |
387 | 387 | ||
388 | /* Log error and exit. */ | 388 | /* Log error and exit. */ |
389 | sigdie("Timeout before authentication for %s", get_remote_ipaddr()); | 389 | sigdie("Timeout before authentication for %s port %d", |
390 | ssh_remote_ipaddr(active_state), ssh_remote_port(active_state)); | ||
390 | } | 391 | } |
391 | 392 | ||
392 | /* | 393 | /* |
@@ -422,7 +423,7 @@ key_regeneration_alarm(int sig) | |||
422 | } | 423 | } |
423 | 424 | ||
424 | static void | 425 | static void |
425 | sshd_exchange_identification(int sock_in, int sock_out) | 426 | sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) |
426 | { | 427 | { |
427 | u_int i; | 428 | u_int i; |
428 | int mismatch; | 429 | int mismatch; |
@@ -455,7 +456,8 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
455 | if (atomicio(vwrite, sock_out, server_version_string, | 456 | if (atomicio(vwrite, sock_out, server_version_string, |
456 | strlen(server_version_string)) | 457 | strlen(server_version_string)) |
457 | != strlen(server_version_string)) { | 458 | != strlen(server_version_string)) { |
458 | logit("Could not write ident string to %s", get_remote_ipaddr()); | 459 | logit("Could not write ident string to %s port %d", |
460 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
459 | cleanup_exit(255); | 461 | cleanup_exit(255); |
460 | } | 462 | } |
461 | 463 | ||
@@ -463,8 +465,9 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
463 | memset(buf, 0, sizeof(buf)); | 465 | memset(buf, 0, sizeof(buf)); |
464 | for (i = 0; i < sizeof(buf) - 1; i++) { | 466 | for (i = 0; i < sizeof(buf) - 1; i++) { |
465 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { | 467 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { |
466 | logit("Did not receive identification string from %s", | 468 | logit("Did not receive identification string " |
467 | get_remote_ipaddr()); | 469 | "from %s port %d", |
470 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
468 | cleanup_exit(255); | 471 | cleanup_exit(255); |
469 | } | 472 | } |
470 | if (buf[i] == '\r') { | 473 | if (buf[i] == '\r') { |
@@ -493,7 +496,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
493 | (void) atomicio(vwrite, sock_out, s, strlen(s)); | 496 | (void) atomicio(vwrite, sock_out, s, strlen(s)); |
494 | logit("Bad protocol version identification '%.100s' " | 497 | logit("Bad protocol version identification '%.100s' " |
495 | "from %s port %d", client_version_string, | 498 | "from %s port %d", client_version_string, |
496 | get_remote_ipaddr(), get_remote_port()); | 499 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
497 | close(sock_in); | 500 | close(sock_in); |
498 | close(sock_out); | 501 | close(sock_out); |
499 | cleanup_exit(255); | 502 | cleanup_exit(255); |
@@ -501,23 +504,25 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
501 | debug("Client protocol version %d.%d; client software version %.100s", | 504 | debug("Client protocol version %d.%d; client software version %.100s", |
502 | remote_major, remote_minor, remote_version); | 505 | remote_major, remote_minor, remote_version); |
503 | 506 | ||
504 | active_state->compat = compat_datafellows(remote_version); | 507 | ssh->compat = compat_datafellows(remote_version); |
505 | 508 | ||
506 | if ((datafellows & SSH_BUG_PROBE) != 0) { | 509 | if ((ssh->compat & SSH_BUG_PROBE) != 0) { |
507 | logit("probed from %s with %s. Don't panic.", | 510 | logit("probed from %s port %d with %s. Don't panic.", |
508 | get_remote_ipaddr(), client_version_string); | 511 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
512 | client_version_string); | ||
509 | cleanup_exit(255); | 513 | cleanup_exit(255); |
510 | } | 514 | } |
511 | if ((datafellows & SSH_BUG_SCANNER) != 0) { | 515 | if ((ssh->compat & SSH_BUG_SCANNER) != 0) { |
512 | logit("scanned from %s with %s. Don't panic.", | 516 | logit("scanned from %s port %d with %s. Don't panic.", |
513 | get_remote_ipaddr(), client_version_string); | 517 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
518 | client_version_string); | ||
514 | cleanup_exit(255); | 519 | cleanup_exit(255); |
515 | } | 520 | } |
516 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) { | 521 | if ((ssh->compat & SSH_BUG_RSASIGMD5) != 0) { |
517 | logit("Client version \"%.100s\" uses unsafe RSA signature " | 522 | logit("Client version \"%.100s\" uses unsafe RSA signature " |
518 | "scheme; disabling use of RSA keys", remote_version); | 523 | "scheme; disabling use of RSA keys", remote_version); |
519 | } | 524 | } |
520 | if ((datafellows & SSH_BUG_DERIVEKEY) != 0) { | 525 | if ((ssh->compat & SSH_BUG_DERIVEKEY) != 0) { |
521 | fatal("Client version \"%.100s\" uses unsafe key agreement; " | 526 | fatal("Client version \"%.100s\" uses unsafe key agreement; " |
522 | "refusing connection", remote_version); | 527 | "refusing connection", remote_version); |
523 | } | 528 | } |
@@ -562,8 +567,9 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
562 | (void) atomicio(vwrite, sock_out, s, strlen(s)); | 567 | (void) atomicio(vwrite, sock_out, s, strlen(s)); |
563 | close(sock_in); | 568 | close(sock_in); |
564 | close(sock_out); | 569 | close(sock_out); |
565 | logit("Protocol major versions differ for %s: %.200s vs. %.200s", | 570 | logit("Protocol major versions differ for %s port %d: " |
566 | get_remote_ipaddr(), | 571 | "%.200s vs. %.200s", |
572 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
567 | server_version_string, client_version_string); | 573 | server_version_string, client_version_string); |
568 | cleanup_exit(255); | 574 | cleanup_exit(255); |
569 | } | 575 | } |
@@ -855,8 +861,8 @@ list_hostkey_types(void) | |||
855 | break; | 861 | break; |
856 | } | 862 | } |
857 | } | 863 | } |
858 | buffer_append(&b, "\0", 1); | 864 | if ((ret = sshbuf_dup_string(&b)) == NULL) |
859 | ret = xstrdup(buffer_ptr(&b)); | 865 | fatal("%s: sshbuf_dup_string failed", __func__); |
860 | buffer_free(&b); | 866 | buffer_free(&b); |
861 | debug("list_hostkey_types: %s", ret); | 867 | debug("list_hostkey_types: %s", ret); |
862 | return ret; | 868 | return ret; |
@@ -1037,12 +1043,13 @@ usage(void) | |||
1037 | } | 1043 | } |
1038 | 1044 | ||
1039 | static void | 1045 | static void |
1040 | send_rexec_state(int fd, Buffer *conf) | 1046 | send_rexec_state(int fd, struct sshbuf *conf) |
1041 | { | 1047 | { |
1042 | Buffer m; | 1048 | struct sshbuf *m; |
1049 | int r; | ||
1043 | 1050 | ||
1044 | debug3("%s: entering fd = %d config len %d", __func__, fd, | 1051 | debug3("%s: entering fd = %d config len %zu", __func__, fd, |
1045 | buffer_len(conf)); | 1052 | sshbuf_len(conf)); |
1046 | 1053 | ||
1047 | /* | 1054 | /* |
1048 | * Protocol from reexec master to child: | 1055 | * Protocol from reexec master to child: |
@@ -1056,31 +1063,41 @@ send_rexec_state(int fd, Buffer *conf) | |||
1056 | * bignum q " | 1063 | * bignum q " |
1057 | * string rngseed (only if OpenSSL is not self-seeded) | 1064 | * string rngseed (only if OpenSSL is not self-seeded) |
1058 | */ | 1065 | */ |
1059 | buffer_init(&m); | 1066 | if ((m = sshbuf_new()) == NULL) |
1060 | buffer_put_cstring(&m, buffer_ptr(conf)); | 1067 | fatal("%s: sshbuf_new failed", __func__); |
1068 | if ((r = sshbuf_put_stringb(m, conf)) != 0) | ||
1069 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1061 | 1070 | ||
1062 | #ifdef WITH_SSH1 | 1071 | #ifdef WITH_SSH1 |
1063 | if (sensitive_data.server_key != NULL && | 1072 | if (sensitive_data.server_key != NULL && |
1064 | sensitive_data.server_key->type == KEY_RSA1) { | 1073 | sensitive_data.server_key->type == KEY_RSA1) { |
1065 | buffer_put_int(&m, 1); | 1074 | if ((r = sshbuf_put_u32(m, 1)) != 0 || |
1066 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->e); | 1075 | (r = sshbuf_put_bignum1(m, |
1067 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->n); | 1076 | sensitive_data.server_key->rsa->e)) != 0 || |
1068 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->d); | 1077 | (r = sshbuf_put_bignum1(m, |
1069 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->iqmp); | 1078 | sensitive_data.server_key->rsa->n)) != 0 || |
1070 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->p); | 1079 | (r = sshbuf_put_bignum1(m, |
1071 | buffer_put_bignum(&m, sensitive_data.server_key->rsa->q); | 1080 | sensitive_data.server_key->rsa->d)) != 0 || |
1081 | (r = sshbuf_put_bignum1(m, | ||
1082 | sensitive_data.server_key->rsa->iqmp)) != 0 || | ||
1083 | (r = sshbuf_put_bignum1(m, | ||
1084 | sensitive_data.server_key->rsa->p)) != 0 || | ||
1085 | (r = sshbuf_put_bignum1(m, | ||
1086 | sensitive_data.server_key->rsa->q)) != 0) | ||
1087 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1072 | } else | 1088 | } else |
1073 | #endif | 1089 | #endif |
1074 | buffer_put_int(&m, 0); | 1090 | if ((r = sshbuf_put_u32(m, 1)) != 0) |
1091 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1075 | 1092 | ||
1076 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) | 1093 | #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) |
1077 | rexec_send_rng_seed(&m); | 1094 | rexec_send_rng_seed(m); |
1078 | #endif | 1095 | #endif |
1079 | 1096 | ||
1080 | if (ssh_msg_send(fd, 0, &m) == -1) | 1097 | if (ssh_msg_send(fd, 0, m) == -1) |
1081 | fatal("%s: ssh_msg_send failed", __func__); | 1098 | fatal("%s: ssh_msg_send failed", __func__); |
1082 | 1099 | ||
1083 | buffer_free(&m); | 1100 | sshbuf_free(m); |
1084 | 1101 | ||
1085 | debug3("%s: done", __func__); | 1102 | debug3("%s: done", __func__); |
1086 | } | 1103 | } |
@@ -1103,7 +1120,7 @@ recv_rexec_state(int fd, Buffer *conf) | |||
1103 | 1120 | ||
1104 | cp = buffer_get_string(&m, &len); | 1121 | cp = buffer_get_string(&m, &len); |
1105 | if (conf != NULL) | 1122 | if (conf != NULL) |
1106 | buffer_append(conf, cp, len + 1); | 1123 | buffer_append(conf, cp, len); |
1107 | free(cp); | 1124 | free(cp); |
1108 | 1125 | ||
1109 | if (buffer_get_int(&m)) { | 1126 | if (buffer_get_int(&m)) { |
@@ -1468,6 +1485,47 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1468 | } | 1485 | } |
1469 | } | 1486 | } |
1470 | 1487 | ||
1488 | /* | ||
1489 | * If IP options are supported, make sure there are none (log and | ||
1490 | * return an error if any are found). Basically we are worried about | ||
1491 | * source routing; it can be used to pretend you are somebody | ||
1492 | * (ip-address) you are not. That itself may be "almost acceptable" | ||
1493 | * under certain circumstances, but rhosts autentication is useless | ||
1494 | * if source routing is accepted. Notice also that if we just dropped | ||
1495 | * source routing here, the other side could use IP spoofing to do | ||
1496 | * rest of the interaction and could still bypass security. So we | ||
1497 | * exit here if we detect any IP options. | ||
1498 | */ | ||
1499 | static void | ||
1500 | check_ip_options(struct ssh *ssh) | ||
1501 | { | ||
1502 | #ifdef IP_OPTIONS | ||
1503 | int sock_in = ssh_packet_get_connection_in(ssh); | ||
1504 | struct sockaddr_storage from; | ||
1505 | socklen_t option_size, i, fromlen = sizeof(from); | ||
1506 | u_char opts[200]; | ||
1507 | char text[sizeof(opts) * 3 + 1]; | ||
1508 | |||
1509 | memset(&from, 0, sizeof(from)); | ||
1510 | if (getpeername(sock_in, (struct sockaddr *)&from, | ||
1511 | &fromlen) < 0) | ||
1512 | return; | ||
1513 | if (from.ss_family != AF_INET) | ||
1514 | return; | ||
1515 | /* XXX IPv6 options? */ | ||
1516 | |||
1517 | if (getsockopt(sock_in, IPPROTO_IP, IP_OPTIONS, opts, | ||
1518 | &option_size) >= 0 && option_size != 0) { | ||
1519 | text[0] = '\0'; | ||
1520 | for (i = 0; i < option_size; i++) | ||
1521 | snprintf(text + i*3, sizeof(text) - i*3, | ||
1522 | " %2.2x", opts[i]); | ||
1523 | fatal("Connection from %.100s port %d with IP opts: %.800s", | ||
1524 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), text); | ||
1525 | } | ||
1526 | return; | ||
1527 | #endif /* IP_OPTIONS */ | ||
1528 | } | ||
1471 | 1529 | ||
1472 | /* | 1530 | /* |
1473 | * Main program for the daemon. | 1531 | * Main program for the daemon. |
@@ -1475,6 +1533,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1475 | int | 1533 | int |
1476 | main(int ac, char **av) | 1534 | main(int ac, char **av) |
1477 | { | 1535 | { |
1536 | struct ssh *ssh = NULL; | ||
1478 | extern char *optarg; | 1537 | extern char *optarg; |
1479 | extern int optind; | 1538 | extern int optind; |
1480 | int r, opt, i, j, on = 1; | 1539 | int r, opt, i, j, on = 1; |
@@ -2152,28 +2211,25 @@ main(int ac, char **av) | |||
2152 | */ | 2211 | */ |
2153 | packet_set_connection(sock_in, sock_out); | 2212 | packet_set_connection(sock_in, sock_out); |
2154 | packet_set_server(); | 2213 | packet_set_server(); |
2214 | ssh = active_state; /* XXX */ | ||
2215 | check_ip_options(ssh); | ||
2155 | 2216 | ||
2156 | /* Set SO_KEEPALIVE if requested. */ | 2217 | /* Set SO_KEEPALIVE if requested. */ |
2157 | if (options.tcp_keep_alive && packet_connection_is_on_socket() && | 2218 | if (options.tcp_keep_alive && packet_connection_is_on_socket() && |
2158 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) | 2219 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) |
2159 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); | 2220 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); |
2160 | 2221 | ||
2161 | if ((remote_port = get_remote_port()) < 0) { | 2222 | if ((remote_port = ssh_remote_port(ssh)) < 0) { |
2162 | debug("get_remote_port failed"); | 2223 | debug("ssh_remote_port failed"); |
2163 | cleanup_exit(255); | 2224 | cleanup_exit(255); |
2164 | } | 2225 | } |
2165 | 2226 | ||
2166 | /* | 2227 | /* |
2167 | * We use get_canonical_hostname with usedns = 0 instead of | ||
2168 | * get_remote_ipaddr here so IP options will be checked. | ||
2169 | */ | ||
2170 | (void) get_canonical_hostname(0); | ||
2171 | /* | ||
2172 | * The rest of the code depends on the fact that | 2228 | * The rest of the code depends on the fact that |
2173 | * get_remote_ipaddr() caches the remote ip, even if | 2229 | * ssh_remote_ipaddr() caches the remote ip, even if |
2174 | * the socket goes away. | 2230 | * the socket goes away. |
2175 | */ | 2231 | */ |
2176 | remote_ip = get_remote_ipaddr(); | 2232 | remote_ip = ssh_remote_ipaddr(ssh); |
2177 | 2233 | ||
2178 | #ifdef SSH_AUDIT_EVENTS | 2234 | #ifdef SSH_AUDIT_EVENTS |
2179 | audit_connection_from(remote_ip, remote_port); | 2235 | audit_connection_from(remote_ip, remote_port); |
@@ -2200,7 +2256,7 @@ main(int ac, char **av) | |||
2200 | /* Log the connection. */ | 2256 | /* Log the connection. */ |
2201 | laddr = get_local_ipaddr(sock_in); | 2257 | laddr = get_local_ipaddr(sock_in); |
2202 | verbose("Connection from %s port %d on %s port %d", | 2258 | verbose("Connection from %s port %d on %s port %d", |
2203 | remote_ip, remote_port, laddr, get_local_port()); | 2259 | remote_ip, remote_port, laddr, ssh_local_port(ssh)); |
2204 | free(laddr); | 2260 | free(laddr); |
2205 | 2261 | ||
2206 | #ifdef USE_SECURITY_SESSION_API | 2262 | #ifdef USE_SECURITY_SESSION_API |
@@ -2269,7 +2325,7 @@ main(int ac, char **av) | |||
2269 | if (!debug_flag) | 2325 | if (!debug_flag) |
2270 | alarm(options.login_grace_time); | 2326 | alarm(options.login_grace_time); |
2271 | 2327 | ||
2272 | sshd_exchange_identification(sock_in, sock_out); | 2328 | sshd_exchange_identification(ssh, sock_in, sock_out); |
2273 | 2329 | ||
2274 | /* In inetd mode, generate ephemeral key only for proto 1 connections */ | 2330 | /* In inetd mode, generate ephemeral key only for proto 1 connections */ |
2275 | if (!compat20 && inetd_flag && sensitive_data.server_key == NULL) | 2331 | if (!compat20 && inetd_flag && sensitive_data.server_key == NULL) |
@@ -2405,6 +2461,7 @@ main(int ac, char **av) | |||
2405 | int | 2461 | int |
2406 | ssh1_session_key(BIGNUM *session_key_int) | 2462 | ssh1_session_key(BIGNUM *session_key_int) |
2407 | { | 2463 | { |
2464 | struct ssh *ssh = active_state; /* XXX */ | ||
2408 | int rsafail = 0; | 2465 | int rsafail = 0; |
2409 | 2466 | ||
2410 | if (BN_cmp(sensitive_data.server_key->rsa->n, | 2467 | if (BN_cmp(sensitive_data.server_key->rsa->n, |
@@ -2413,9 +2470,9 @@ ssh1_session_key(BIGNUM *session_key_int) | |||
2413 | if (BN_num_bits(sensitive_data.server_key->rsa->n) < | 2470 | if (BN_num_bits(sensitive_data.server_key->rsa->n) < |
2414 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + | 2471 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + |
2415 | SSH_KEY_BITS_RESERVED) { | 2472 | SSH_KEY_BITS_RESERVED) { |
2416 | fatal("do_connection: %s: " | 2473 | fatal("do_connection: %s port %d: " |
2417 | "server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", | 2474 | "server_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", |
2418 | get_remote_ipaddr(), | 2475 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
2419 | BN_num_bits(sensitive_data.server_key->rsa->n), | 2476 | BN_num_bits(sensitive_data.server_key->rsa->n), |
2420 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | 2477 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), |
2421 | SSH_KEY_BITS_RESERVED); | 2478 | SSH_KEY_BITS_RESERVED); |
@@ -2431,9 +2488,9 @@ ssh1_session_key(BIGNUM *session_key_int) | |||
2431 | if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) < | 2488 | if (BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) < |
2432 | BN_num_bits(sensitive_data.server_key->rsa->n) + | 2489 | BN_num_bits(sensitive_data.server_key->rsa->n) + |
2433 | SSH_KEY_BITS_RESERVED) { | 2490 | SSH_KEY_BITS_RESERVED) { |
2434 | fatal("do_connection: %s: " | 2491 | fatal("do_connection: %s port %d: " |
2435 | "host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d", | 2492 | "host_key %d < server_key %d + SSH_KEY_BITS_RESERVED %d", |
2436 | get_remote_ipaddr(), | 2493 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
2437 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), | 2494 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n), |
2438 | BN_num_bits(sensitive_data.server_key->rsa->n), | 2495 | BN_num_bits(sensitive_data.server_key->rsa->n), |
2439 | SSH_KEY_BITS_RESERVED); | 2496 | SSH_KEY_BITS_RESERVED); |
@@ -2454,6 +2511,7 @@ ssh1_session_key(BIGNUM *session_key_int) | |||
2454 | static void | 2511 | static void |
2455 | do_ssh1_kex(void) | 2512 | do_ssh1_kex(void) |
2456 | { | 2513 | { |
2514 | struct ssh *ssh = active_state; /* XXX */ | ||
2457 | int i, len; | 2515 | int i, len; |
2458 | int rsafail = 0; | 2516 | int rsafail = 0; |
2459 | BIGNUM *session_key_int, *fake_key_int, *real_key_int; | 2517 | BIGNUM *session_key_int, *fake_key_int, *real_key_int; |
@@ -2571,9 +2629,10 @@ do_ssh1_kex(void) | |||
2571 | (void) BN_mask_bits(session_key_int, sizeof(session_key) * 8); | 2629 | (void) BN_mask_bits(session_key_int, sizeof(session_key) * 8); |
2572 | len = BN_num_bytes(session_key_int); | 2630 | len = BN_num_bytes(session_key_int); |
2573 | if (len < 0 || (u_int)len > sizeof(session_key)) { | 2631 | if (len < 0 || (u_int)len > sizeof(session_key)) { |
2574 | error("do_ssh1_kex: bad session key len from %s: " | 2632 | error("%s: bad session key len from %s port %d: " |
2575 | "session_key_int %d > sizeof(session_key) %lu", | 2633 | "session_key_int %d > sizeof(session_key) %lu", __func__, |
2576 | get_remote_ipaddr(), len, (u_long)sizeof(session_key)); | 2634 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
2635 | len, (u_long)sizeof(session_key)); | ||
2577 | rsafail++; | 2636 | rsafail++; |
2578 | } else { | 2637 | } else { |
2579 | explicit_bzero(session_key, sizeof(session_key)); | 2638 | explicit_bzero(session_key, sizeof(session_key)); |
@@ -2664,10 +2723,11 @@ do_ssh2_kex(void) | |||
2664 | 2723 | ||
2665 | if (options.compression == COMP_NONE) { | 2724 | if (options.compression == COMP_NONE) { |
2666 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2725 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
2667 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; | 2726 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; |
2668 | } else if (options.compression == COMP_DELAYED) { | 2727 | } else if (options.compression == COMP_DELAYED) { |
2669 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2728 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
2670 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; | 2729 | myproposal[PROPOSAL_COMP_ALGS_STOC] = |
2730 | "none,zlib@openssh.com"; | ||
2671 | } | 2731 | } |
2672 | 2732 | ||
2673 | if (options.rekey_limit || options.rekey_interval) | 2733 | if (options.rekey_limit || options.rekey_interval) |
@@ -2726,6 +2786,9 @@ do_ssh2_kex(void) | |||
2726 | #ifdef WITH_OPENSSL | 2786 | #ifdef WITH_OPENSSL |
2727 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2787 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
2728 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2788 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
2789 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | ||
2790 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | ||
2791 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | ||
2729 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2792 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2730 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2793 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2731 | # ifdef OPENSSL_HAS_ECC | 2794 | # ifdef OPENSSL_HAS_ECC |
diff --git a/sshd_config b/sshd_config index d103ac55f..ec8ff8f19 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -34,7 +34,6 @@ | |||
34 | #RekeyLimit default none | 34 | #RekeyLimit default none |
35 | 35 | ||
36 | # Logging | 36 | # Logging |
37 | # obsoletes QuietMode and FascistLogging | ||
38 | #SyslogFacility AUTH | 37 | #SyslogFacility AUTH |
39 | #LogLevel INFO | 38 | #LogLevel INFO |
40 | 39 | ||
diff --git a/sshd_config.0 b/sshd_config.0 index 8bda6a39f..85379dca5 100644 --- a/sshd_config.0 +++ b/sshd_config.0 | |||
@@ -80,9 +80,11 @@ DESCRIPTION | |||
80 | valid; a numerical user ID is not recognized. By default, login | 80 | valid; a numerical user ID is not recognized. By default, login |
81 | is allowed for all users. If the pattern takes the form | 81 | is allowed for all users. If the pattern takes the form |
82 | USER@HOST then USER and HOST are separately checked, restricting | 82 | USER@HOST then USER and HOST are separately checked, restricting |
83 | logins to particular users from particular hosts. The allow/deny | 83 | logins to particular users from particular hosts. HOST criteria |
84 | directives are processed in the following order: DenyUsers, | 84 | may additionally contain addresses to match in CIDR |
85 | AllowUsers, DenyGroups, and finally AllowGroups. | 85 | address/masklen format. The allow/deny directives are processed |
86 | in the following order: DenyUsers, AllowUsers, DenyGroups, and | ||
87 | finally AllowGroups. | ||
86 | 88 | ||
87 | See PATTERNS in ssh_config(5) for more information on patterns. | 89 | See PATTERNS in ssh_config(5) for more information on patterns. |
88 | 90 | ||
@@ -90,8 +92,11 @@ DESCRIPTION | |||
90 | Specifies the authentication methods that must be successfully | 92 | Specifies the authentication methods that must be successfully |
91 | completed for a user to be granted access. This option must be | 93 | completed for a user to be granted access. This option must be |
92 | followed by one or more comma-separated lists of authentication | 94 | followed by one or more comma-separated lists of authentication |
93 | method names. Successful authentication requires completion of | 95 | method names, or by the single string M-bM-^@M-^\anyM-bM-^@M-^] to indicate the |
94 | every method in at least one of these lists. | 96 | default behaviour of accepting any single authentication method. |
97 | if the default is overridden, then successful authentication | ||
98 | requires completion of every method in at least one of these | ||
99 | lists. | ||
95 | 100 | ||
96 | For example, an argument of M-bM-^@M-^\publickey,password | 101 | For example, an argument of M-bM-^@M-^\publickey,password |
97 | publickey,keyboard-interactiveM-bM-^@M-^] would require the user to | 102 | publickey,keyboard-interactiveM-bM-^@M-^] would require the user to |
@@ -116,9 +121,9 @@ DESCRIPTION | |||
116 | 121 | ||
117 | This option will yield a fatal error if enabled if protocol 1 is | 122 | This option will yield a fatal error if enabled if protocol 1 is |
118 | also enabled. Note that each authentication method listed should | 123 | also enabled. Note that each authentication method listed should |
119 | also be explicitly enabled in the configuration. The default is | 124 | also be explicitly enabled in the configuration. The default |
120 | not to require multiple authentication; successful completion of | 125 | M-bM-^@M-^\anyM-bM-^@M-^] is not to require multiple authentication; successful |
121 | a single authentication method is sufficient. | 126 | completion of a single authentication method is sufficient. |
122 | 127 | ||
123 | AuthorizedKeysCommand | 128 | AuthorizedKeysCommand |
124 | Specifies a program to be used to look up the user's public keys. | 129 | Specifies a program to be used to look up the user's public keys. |
@@ -339,9 +344,11 @@ DESCRIPTION | |||
339 | numerical user ID is not recognized. By default, login is | 344 | numerical user ID is not recognized. By default, login is |
340 | allowed for all users. If the pattern takes the form USER@HOST | 345 | allowed for all users. If the pattern takes the form USER@HOST |
341 | then USER and HOST are separately checked, restricting logins to | 346 | then USER and HOST are separately checked, restricting logins to |
342 | particular users from particular hosts. The allow/deny | 347 | particular users from particular hosts. HOST criteria may |
343 | directives are processed in the following order: DenyUsers, | 348 | additionally contain addresses to match in CIDR address/masklen |
344 | AllowUsers, DenyGroups, and finally AllowGroups. | 349 | format. The allow/deny directives are processed in the following |
350 | order: DenyUsers, AllowUsers, DenyGroups, and finally | ||
351 | AllowGroups. | ||
345 | 352 | ||
346 | See PATTERNS in ssh_config(5) for more information on patterns. | 353 | See PATTERNS in ssh_config(5) for more information on patterns. |
347 | 354 | ||
@@ -447,7 +454,7 @@ DESCRIPTION | |||
447 | 454 | ||
448 | HostKeyAgent | 455 | HostKeyAgent |
449 | Identifies the UNIX-domain socket used to communicate with an | 456 | Identifies the UNIX-domain socket used to communicate with an |
450 | agent that has access to the private host keys. If | 457 | agent that has access to the private host keys. If the string |
451 | M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the socket will be | 458 | M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the socket will be |
452 | read from the SSH_AUTH_SOCK environment variable. | 459 | read from the SSH_AUTH_SOCK environment variable. |
453 | 460 | ||
@@ -708,8 +715,10 @@ DESCRIPTION | |||
708 | Multiple forwards may be specified by separating them with | 715 | Multiple forwards may be specified by separating them with |
709 | whitespace. An argument of M-bM-^@M-^\anyM-bM-^@M-^] can be used to remove all | 716 | whitespace. An argument of M-bM-^@M-^\anyM-bM-^@M-^] can be used to remove all |
710 | restrictions and permit any forwarding requests. An argument of | 717 | restrictions and permit any forwarding requests. An argument of |
711 | M-bM-^@M-^\noneM-bM-^@M-^] can be used to prohibit all forwarding requests. By | 718 | M-bM-^@M-^\noneM-bM-^@M-^] can be used to prohibit all forwarding requests. The |
712 | default all port forwarding requests are permitted. | 719 | wildcard M-bM-^@M-^\*M-bM-^@M-^] can be used for host or port to allow all hosts or |
720 | ports, respectively. By default all port forwarding requests are | ||
721 | permitted. | ||
713 | 722 | ||
714 | PermitRootLogin | 723 | PermitRootLogin |
715 | Specifies whether root can log in using ssh(1). The argument | 724 | Specifies whether root can log in using ssh(1). The argument |
@@ -927,7 +936,7 @@ DESCRIPTION | |||
927 | address maps back to the very same IP address. | 936 | address maps back to the very same IP address. |
928 | 937 | ||
929 | If this option is set to M-bM-^@M-^\noM-bM-^@M-^] (the default) then only addresses | 938 | If this option is set to M-bM-^@M-^\noM-bM-^@M-^] (the default) then only addresses |
930 | and not host names may be used in ~/.ssh/known_hosts from and | 939 | and not host names may be used in ~/.ssh/authorized_keys from and |
931 | sshd_config Match Host directives. | 940 | sshd_config Match Host directives. |
932 | 941 | ||
933 | UseLogin | 942 | UseLogin |
@@ -1051,4 +1060,4 @@ AUTHORS | |||
1051 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 1060 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
1052 | for privilege separation. | 1061 | for privilege separation. |
1053 | 1062 | ||
1054 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 | 1063 | OpenBSD 6.0 July 19, 2016 OpenBSD 6.0 |
diff --git a/sshd_config.5 b/sshd_config.5 index 2387b51b8..79f2d611f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.220 2016/02/17 08:57:34 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.227 2016/07/19 12:59:16 jmc Exp $ |
37 | .Dd $Mdocdate: February 17 2016 $ | 37 | .Dd $Mdocdate: July 19 2016 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -198,6 +198,8 @@ By default, login is allowed for all users. | |||
198 | If the pattern takes the form USER@HOST then USER and HOST | 198 | If the pattern takes the form USER@HOST then USER and HOST |
199 | are separately checked, restricting logins to particular | 199 | are separately checked, restricting logins to particular |
200 | users from particular hosts. | 200 | users from particular hosts. |
201 | HOST criteria may additionally contain addresses to match in CIDR | ||
202 | address/masklen format. | ||
201 | The allow/deny directives are processed in the following order: | 203 | The allow/deny directives are processed in the following order: |
202 | .Cm DenyUsers , | 204 | .Cm DenyUsers , |
203 | .Cm AllowUsers , | 205 | .Cm AllowUsers , |
@@ -212,9 +214,12 @@ for more information on patterns. | |||
212 | Specifies the authentication methods that must be successfully completed | 214 | Specifies the authentication methods that must be successfully completed |
213 | for a user to be granted access. | 215 | for a user to be granted access. |
214 | This option must be followed by one or more comma-separated lists of | 216 | This option must be followed by one or more comma-separated lists of |
215 | authentication method names. | 217 | authentication method names, or by the single string |
216 | Successful authentication requires completion of every method in at least | 218 | .Dq any |
217 | one of these lists. | 219 | to indicate the default behaviour of accepting any single authentication |
220 | method. | ||
221 | if the default is overridden, then successful authentication requires | ||
222 | completion of every method in at least one of these lists. | ||
218 | .Pp | 223 | .Pp |
219 | For example, an argument of | 224 | For example, an argument of |
220 | .Dq publickey,password publickey,keyboard-interactive | 225 | .Dq publickey,password publickey,keyboard-interactive |
@@ -254,7 +259,9 @@ This option will yield a fatal | |||
254 | error if enabled if protocol 1 is also enabled. | 259 | error if enabled if protocol 1 is also enabled. |
255 | Note that each authentication method listed should also be explicitly enabled | 260 | Note that each authentication method listed should also be explicitly enabled |
256 | in the configuration. | 261 | in the configuration. |
257 | The default is not to require multiple authentication; successful completion | 262 | The default |
263 | .Dq any | ||
264 | is not to require multiple authentication; successful completion | ||
258 | of a single authentication method is sufficient. | 265 | of a single authentication method is sufficient. |
259 | .It Cm AuthorizedKeysCommand | 266 | .It Cm AuthorizedKeysCommand |
260 | Specifies a program to be used to look up the user's public keys. | 267 | Specifies a program to be used to look up the user's public keys. |
@@ -589,6 +596,8 @@ By default, login is allowed for all users. | |||
589 | If the pattern takes the form USER@HOST then USER and HOST | 596 | If the pattern takes the form USER@HOST then USER and HOST |
590 | are separately checked, restricting logins to particular | 597 | are separately checked, restricting logins to particular |
591 | users from particular hosts. | 598 | users from particular hosts. |
599 | HOST criteria may additionally contain addresses to match in CIDR | ||
600 | address/masklen format. | ||
592 | The allow/deny directives are processed in the following order: | 601 | The allow/deny directives are processed in the following order: |
593 | .Cm DenyUsers , | 602 | .Cm DenyUsers , |
594 | .Cm AllowUsers , | 603 | .Cm AllowUsers , |
@@ -773,7 +782,7 @@ to an | |||
773 | .It Cm HostKeyAgent | 782 | .It Cm HostKeyAgent |
774 | Identifies the UNIX-domain socket used to communicate | 783 | Identifies the UNIX-domain socket used to communicate |
775 | with an agent that has access to the private host keys. | 784 | with an agent that has access to the private host keys. |
776 | If | 785 | If the string |
777 | .Dq SSH_AUTH_SOCK | 786 | .Dq SSH_AUTH_SOCK |
778 | is specified, the location of the socket will be read from the | 787 | is specified, the location of the socket will be read from the |
779 | .Ev SSH_AUTH_SOCK | 788 | .Ev SSH_AUTH_SOCK |
@@ -1245,6 +1254,9 @@ can be used to remove all restrictions and permit any forwarding requests. | |||
1245 | An argument of | 1254 | An argument of |
1246 | .Dq none | 1255 | .Dq none |
1247 | can be used to prohibit all forwarding requests. | 1256 | can be used to prohibit all forwarding requests. |
1257 | The wildcard | ||
1258 | .Dq * | ||
1259 | can be used for host or port to allow all hosts or ports, respectively. | ||
1248 | By default all port forwarding requests are permitted. | 1260 | By default all port forwarding requests are permitted. |
1249 | .It Cm PermitRootLogin | 1261 | .It Cm PermitRootLogin |
1250 | Specifies whether root can log in using | 1262 | Specifies whether root can log in using |
@@ -1576,7 +1588,7 @@ very same IP address. | |||
1576 | If this option is set to | 1588 | If this option is set to |
1577 | .Dq no | 1589 | .Dq no |
1578 | (the default) then only addresses and not host names may be used in | 1590 | (the default) then only addresses and not host names may be used in |
1579 | .Pa ~/.ssh/known_hosts | 1591 | .Pa ~/.ssh/authorized_keys |
1580 | .Cm from | 1592 | .Cm from |
1581 | and | 1593 | and |
1582 | .Nm | 1594 | .Nm |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.31 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -1967,7 +1967,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
1967 | #ifdef DEBUG_PK /* XXX */ | 1967 | #ifdef DEBUG_PK /* XXX */ |
1968 | sshbuf_dump(b, stderr); | 1968 | sshbuf_dump(b, stderr); |
1969 | #endif | 1969 | #endif |
1970 | *keyp = NULL; | 1970 | if (keyp != NULL) |
1971 | *keyp = NULL; | ||
1971 | if ((copy = sshbuf_fromb(b)) == NULL) { | 1972 | if ((copy = sshbuf_fromb(b)) == NULL) { |
1972 | ret = SSH_ERR_ALLOC_FAIL; | 1973 | ret = SSH_ERR_ALLOC_FAIL; |
1973 | goto out; | 1974 | goto out; |
@@ -2122,8 +2123,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
2122 | goto out; | 2123 | goto out; |
2123 | } | 2124 | } |
2124 | ret = 0; | 2125 | ret = 0; |
2125 | *keyp = key; | 2126 | if (keyp != NULL) { |
2126 | key = NULL; | 2127 | *keyp = key; |
2128 | key = NULL; | ||
2129 | } | ||
2127 | out: | 2130 | out: |
2128 | sshbuf_free(copy); | 2131 | sshbuf_free(copy); |
2129 | sshkey_free(key); | 2132 | sshkey_free(key); |
@@ -2368,7 +2371,7 @@ sshkey_drop_cert(struct sshkey *k) | |||
2368 | 2371 | ||
2369 | /* Sign a certified key, (re-)generating the signed certblob. */ | 2372 | /* Sign a certified key, (re-)generating the signed certblob. */ |
2370 | int | 2373 | int |
2371 | sshkey_certify(struct sshkey *k, struct sshkey *ca) | 2374 | sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) |
2372 | { | 2375 | { |
2373 | struct sshbuf *principals = NULL; | 2376 | struct sshbuf *principals = NULL; |
2374 | u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; | 2377 | u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; |
@@ -2458,7 +2461,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) | |||
2458 | 2461 | ||
2459 | /* Sign the whole mess */ | 2462 | /* Sign the whole mess */ |
2460 | if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), | 2463 | if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), |
2461 | sshbuf_len(cert), NULL, 0)) != 0) | 2464 | sshbuf_len(cert), alg, 0)) != 0) |
2462 | goto out; | 2465 | goto out; |
2463 | 2466 | ||
2464 | /* Append signature and we are done */ | 2467 | /* Append signature and we are done */ |
@@ -3632,12 +3635,10 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, | |||
3632 | /* The encrypted private part is not parsed by this function. */ | 3635 | /* The encrypted private part is not parsed by this function. */ |
3633 | 3636 | ||
3634 | r = 0; | 3637 | r = 0; |
3635 | if (keyp != NULL) | 3638 | if (keyp != NULL) { |
3636 | *keyp = pub; | 3639 | *keyp = pub; |
3637 | else | 3640 | pub = NULL; |
3638 | sshkey_free(pub); | 3641 | } |
3639 | pub = NULL; | ||
3640 | |||
3641 | out: | 3642 | out: |
3642 | sshbuf_free(copy); | 3643 | sshbuf_free(copy); |
3643 | sshkey_free(pub); | 3644 | sshkey_free(pub); |
@@ -3658,7 +3659,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
3658 | const struct sshcipher *cipher; | 3659 | const struct sshcipher *cipher; |
3659 | struct sshkey *prv = NULL; | 3660 | struct sshkey *prv = NULL; |
3660 | 3661 | ||
3661 | *keyp = NULL; | 3662 | if (keyp != NULL) |
3663 | *keyp = NULL; | ||
3662 | if (commentp != NULL) | 3664 | if (commentp != NULL) |
3663 | *commentp = NULL; | 3665 | *commentp = NULL; |
3664 | 3666 | ||
@@ -3744,8 +3746,10 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
3744 | goto out; | 3746 | goto out; |
3745 | } | 3747 | } |
3746 | r = 0; | 3748 | r = 0; |
3747 | *keyp = prv; | 3749 | if (keyp != NULL) { |
3748 | prv = NULL; | 3750 | *keyp = prv; |
3751 | prv = NULL; | ||
3752 | } | ||
3749 | if (commentp != NULL) { | 3753 | if (commentp != NULL) { |
3750 | *commentp = comment; | 3754 | *commentp = comment; |
3751 | comment = NULL; | 3755 | comment = NULL; |
@@ -3770,7 +3774,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
3770 | BIO *bio = NULL; | 3774 | BIO *bio = NULL; |
3771 | int r; | 3775 | int r; |
3772 | 3776 | ||
3773 | *keyp = NULL; | 3777 | if (keyp != NULL) |
3778 | *keyp = NULL; | ||
3774 | 3779 | ||
3775 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) | 3780 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) |
3776 | return SSH_ERR_ALLOC_FAIL; | 3781 | return SSH_ERR_ALLOC_FAIL; |
@@ -3839,8 +3844,10 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
3839 | goto out; | 3844 | goto out; |
3840 | } | 3845 | } |
3841 | r = 0; | 3846 | r = 0; |
3842 | *keyp = prv; | 3847 | if (keyp != NULL) { |
3843 | prv = NULL; | 3848 | *keyp = prv; |
3849 | prv = NULL; | ||
3850 | } | ||
3844 | out: | 3851 | out: |
3845 | BIO_free(bio); | 3852 | BIO_free(bio); |
3846 | if (pk != NULL) | 3853 | if (pk != NULL) |
@@ -3854,7 +3861,8 @@ int | |||
3854 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, | 3861 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, |
3855 | const char *passphrase, struct sshkey **keyp, char **commentp) | 3862 | const char *passphrase, struct sshkey **keyp, char **commentp) |
3856 | { | 3863 | { |
3857 | *keyp = NULL; | 3864 | if (keyp != NULL) |
3865 | *keyp = NULL; | ||
3858 | if (commentp != NULL) | 3866 | if (commentp != NULL) |
3859 | *commentp = NULL; | 3867 | *commentp = NULL; |
3860 | 3868 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.h,v 1.12 2015/12/04 16:41:28 markus Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.13 2016/05/02 09:36:42 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -138,7 +138,7 @@ int sshkey_type_is_cert(int); | |||
138 | int sshkey_type_plain(int); | 138 | int sshkey_type_plain(int); |
139 | int sshkey_to_certified(struct sshkey *); | 139 | int sshkey_to_certified(struct sshkey *); |
140 | int sshkey_drop_cert(struct sshkey *); | 140 | int sshkey_drop_cert(struct sshkey *); |
141 | int sshkey_certify(struct sshkey *, struct sshkey *); | 141 | int sshkey_certify(struct sshkey *, struct sshkey *, const char *); |
142 | int sshkey_cert_copy(const struct sshkey *, struct sshkey *); | 142 | int sshkey_cert_copy(const struct sshkey *, struct sshkey *); |
143 | int sshkey_cert_check_authority(const struct sshkey *, int, int, | 143 | int sshkey_cert_check_authority(const struct sshkey *, int, int, |
144 | const char *, const char **); | 144 | const char *, const char **); |
diff --git a/ttymodes.c b/ttymodes.c index 6f51b8a70..db772c39c 100644 --- a/ttymodes.c +++ b/ttymodes.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ttymodes.c,v 1.29 2008/11/02 00:16:16 stevesk Exp $ */ | 1 | /* $OpenBSD: ttymodes.c,v 1.30 2016/05/04 14:22:33 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -54,7 +54,6 @@ | |||
54 | 54 | ||
55 | #include "packet.h" | 55 | #include "packet.h" |
56 | #include "log.h" | 56 | #include "log.h" |
57 | #include "ssh1.h" | ||
58 | #include "compat.h" | 57 | #include "compat.h" |
59 | #include "buffer.h" | 58 | #include "buffer.h" |
60 | 59 | ||
diff --git a/ttymodes.h b/ttymodes.h index 4d848fe3a..14e177cef 100644 --- a/ttymodes.h +++ b/ttymodes.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ttymodes.h,v 1.14 2006/03/25 22:22:43 djm Exp $ */ | 1 | /* $OpenBSD: ttymodes.h,v 1.15 2016/05/03 09:03:49 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -127,6 +127,9 @@ TTYMODE(IXOFF, c_iflag, 40) | |||
127 | #ifdef IMAXBEL | 127 | #ifdef IMAXBEL |
128 | TTYMODE(IMAXBEL,c_iflag, 41) | 128 | TTYMODE(IMAXBEL,c_iflag, 41) |
129 | #endif /* IMAXBEL */ | 129 | #endif /* IMAXBEL */ |
130 | #ifdef IUTF8 | ||
131 | TTYMODE(IUTF8, c_iflag, 42) | ||
132 | #endif /* IUTF8 */ | ||
130 | 133 | ||
131 | TTYMODE(ISIG, c_lflag, 50) | 134 | TTYMODE(ISIG, c_lflag, 50) |
132 | TTYMODE(ICANON, c_lflag, 51) | 135 | TTYMODE(ICANON, c_lflag, 51) |
@@ -0,0 +1,290 @@ | |||
1 | /* $OpenBSD: utf8.c,v 1.3 2016/05/30 12:57:21 schwarze Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | /* | ||
19 | * Utility functions for multibyte-character handling, | ||
20 | * in particular to sanitize untrusted strings for terminal output. | ||
21 | */ | ||
22 | |||
23 | #include "includes.h" | ||
24 | |||
25 | #include <sys/types.h> | ||
26 | #ifdef HAVE_LANGINFO_H | ||
27 | # include <langinfo.h> | ||
28 | #endif | ||
29 | #include <limits.h> | ||
30 | #include <stdarg.h> | ||
31 | #include <stdio.h> | ||
32 | #include <stdlib.h> | ||
33 | #include <string.h> | ||
34 | #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) | ||
35 | # include <vis.h> | ||
36 | #endif | ||
37 | #ifdef HAVE_WCHAR_H | ||
38 | # include <wchar.h> | ||
39 | #endif | ||
40 | |||
41 | #include "utf8.h" | ||
42 | |||
43 | static int dangerous_locale(void); | ||
44 | static int grow_dst(char **, size_t *, size_t, char **, size_t); | ||
45 | static int vasnmprintf(char **, size_t, int *, const char *, va_list); | ||
46 | |||
47 | |||
48 | /* | ||
49 | * For US-ASCII and UTF-8 encodings, we can safely recover from | ||
50 | * encoding errors and from non-printable characters. For any | ||
51 | * other encodings, err to the side of caution and abort parsing: | ||
52 | * For state-dependent encodings, recovery is impossible. | ||
53 | * For arbitrary encodings, replacement of non-printable | ||
54 | * characters would be non-trivial and too fragile. | ||
55 | */ | ||
56 | |||
57 | static int | ||
58 | dangerous_locale(void) { | ||
59 | char *loc; | ||
60 | |||
61 | loc = nl_langinfo(CODESET); | ||
62 | return strcmp(loc, "US-ASCII") && strcmp(loc, "UTF-8"); | ||
63 | } | ||
64 | |||
65 | static int | ||
66 | grow_dst(char **dst, size_t *sz, size_t maxsz, char **dp, size_t need) | ||
67 | { | ||
68 | char *tp; | ||
69 | size_t tsz; | ||
70 | |||
71 | if (*dp + need < *dst + *sz) | ||
72 | return 0; | ||
73 | tsz = *sz + 128; | ||
74 | if (tsz > maxsz) | ||
75 | tsz = maxsz; | ||
76 | if ((tp = realloc(*dst, tsz)) == NULL) | ||
77 | return -1; | ||
78 | *dp = tp + (*dp - *dst); | ||
79 | *dst = tp; | ||
80 | *sz = tsz; | ||
81 | return 0; | ||
82 | } | ||
83 | |||
84 | /* | ||
85 | * The following two functions limit the number of bytes written, | ||
86 | * including the terminating '\0', to sz. Unless wp is NULL, | ||
87 | * they limit the number of display columns occupied to *wp. | ||
88 | * Whichever is reached first terminates the output string. | ||
89 | * To stay close to the standard interfaces, they return the number of | ||
90 | * non-NUL bytes that would have been written if both were unlimited. | ||
91 | * If wp is NULL, newline, carriage return, and tab are allowed; | ||
92 | * otherwise, the actual number of columns occupied by what was | ||
93 | * written is returned in *wp. | ||
94 | */ | ||
95 | |||
96 | static int | ||
97 | vasnmprintf(char **str, size_t maxsz, int *wp, const char *fmt, va_list ap) | ||
98 | { | ||
99 | char *src; /* Source string returned from vasprintf. */ | ||
100 | char *sp; /* Pointer into src. */ | ||
101 | char *dst; /* Destination string to be returned. */ | ||
102 | char *dp; /* Pointer into dst. */ | ||
103 | char *tp; /* Temporary pointer for dst. */ | ||
104 | size_t sz; /* Number of bytes allocated for dst. */ | ||
105 | wchar_t wc; /* Wide character at sp. */ | ||
106 | int len; /* Number of bytes in the character at sp. */ | ||
107 | int ret; /* Number of bytes needed to format src. */ | ||
108 | int width; /* Display width of the character wc. */ | ||
109 | int total_width, max_width, print; | ||
110 | |||
111 | src = NULL; | ||
112 | if ((ret = vasprintf(&src, fmt, ap)) <= 0) | ||
113 | goto fail; | ||
114 | |||
115 | sz = strlen(src) + 1; | ||
116 | if ((dst = malloc(sz)) == NULL) { | ||
117 | free(src); | ||
118 | goto fail; | ||
119 | } | ||
120 | |||
121 | if (maxsz > INT_MAX) | ||
122 | maxsz = INT_MAX; | ||
123 | |||
124 | sp = src; | ||
125 | dp = dst; | ||
126 | ret = 0; | ||
127 | print = 1; | ||
128 | total_width = 0; | ||
129 | max_width = wp == NULL ? INT_MAX : *wp; | ||
130 | while (*sp != '\0') { | ||
131 | if ((len = mbtowc(&wc, sp, MB_CUR_MAX)) == -1) { | ||
132 | (void)mbtowc(NULL, NULL, MB_CUR_MAX); | ||
133 | if (dangerous_locale()) { | ||
134 | ret = -1; | ||
135 | break; | ||
136 | } | ||
137 | len = 1; | ||
138 | width = -1; | ||
139 | } else if (wp == NULL && | ||
140 | (wc == L'\n' || wc == L'\r' || wc == L'\t')) { | ||
141 | /* | ||
142 | * Don't use width uninitialized; the actual | ||
143 | * value doesn't matter because total_width | ||
144 | * is only returned for wp != NULL. | ||
145 | */ | ||
146 | width = 0; | ||
147 | } else if ((width = wcwidth(wc)) == -1 && | ||
148 | dangerous_locale()) { | ||
149 | ret = -1; | ||
150 | break; | ||
151 | } | ||
152 | |||
153 | /* Valid, printable character. */ | ||
154 | |||
155 | if (width >= 0) { | ||
156 | if (print && (dp - dst >= (int)maxsz - len || | ||
157 | total_width > max_width - width)) | ||
158 | print = 0; | ||
159 | if (print) { | ||
160 | if (grow_dst(&dst, &sz, maxsz, | ||
161 | &dp, len) == -1) { | ||
162 | ret = -1; | ||
163 | break; | ||
164 | } | ||
165 | total_width += width; | ||
166 | memcpy(dp, sp, len); | ||
167 | dp += len; | ||
168 | } | ||
169 | sp += len; | ||
170 | if (ret >= 0) | ||
171 | ret += len; | ||
172 | continue; | ||
173 | } | ||
174 | |||
175 | /* Escaping required. */ | ||
176 | |||
177 | while (len > 0) { | ||
178 | if (print && (dp - dst >= (int)maxsz - 4 || | ||
179 | total_width > max_width - 4)) | ||
180 | print = 0; | ||
181 | if (print) { | ||
182 | if (grow_dst(&dst, &sz, maxsz, | ||
183 | &dp, 4) == -1) { | ||
184 | ret = -1; | ||
185 | break; | ||
186 | } | ||
187 | tp = vis(dp, *sp, VIS_OCTAL | VIS_ALL, 0); | ||
188 | width = tp - dp; | ||
189 | total_width += width; | ||
190 | dp = tp; | ||
191 | } else | ||
192 | width = 4; | ||
193 | len--; | ||
194 | sp++; | ||
195 | if (ret >= 0) | ||
196 | ret += width; | ||
197 | } | ||
198 | if (len > 0) | ||
199 | break; | ||
200 | } | ||
201 | free(src); | ||
202 | *dp = '\0'; | ||
203 | *str = dst; | ||
204 | if (wp != NULL) | ||
205 | *wp = total_width; | ||
206 | |||
207 | /* | ||
208 | * If the string was truncated by the width limit but | ||
209 | * would have fit into the size limit, the only sane way | ||
210 | * to report the problem is using the return value, such | ||
211 | * that the usual idiom "if (ret < 0 || ret >= sz) error" | ||
212 | * works as expected. | ||
213 | */ | ||
214 | |||
215 | if (ret < (int)maxsz && !print) | ||
216 | ret = -1; | ||
217 | return ret; | ||
218 | |||
219 | fail: | ||
220 | if (wp != NULL) | ||
221 | *wp = 0; | ||
222 | if (ret == 0) { | ||
223 | *str = src; | ||
224 | return 0; | ||
225 | } else { | ||
226 | *str = NULL; | ||
227 | return -1; | ||
228 | } | ||
229 | } | ||
230 | |||
231 | int | ||
232 | snmprintf(char *str, size_t sz, int *wp, const char *fmt, ...) | ||
233 | { | ||
234 | va_list ap; | ||
235 | char *cp; | ||
236 | int ret; | ||
237 | |||
238 | va_start(ap, fmt); | ||
239 | ret = vasnmprintf(&cp, sz, wp, fmt, ap); | ||
240 | va_end(ap); | ||
241 | if (cp != NULL) { | ||
242 | (void)strlcpy(str, cp, sz); | ||
243 | free(cp); | ||
244 | } else | ||
245 | *str = '\0'; | ||
246 | return ret; | ||
247 | } | ||
248 | |||
249 | /* | ||
250 | * To stay close to the standard interfaces, the following functions | ||
251 | * return the number of non-NUL bytes written. | ||
252 | */ | ||
253 | |||
254 | int | ||
255 | vfmprintf(FILE *stream, const char *fmt, va_list ap) | ||
256 | { | ||
257 | char *str; | ||
258 | int ret; | ||
259 | |||
260 | if ((ret = vasnmprintf(&str, INT_MAX, NULL, fmt, ap)) < 0) | ||
261 | return -1; | ||
262 | if (fputs(str, stream) == EOF) | ||
263 | ret = -1; | ||
264 | free(str); | ||
265 | return ret; | ||
266 | } | ||
267 | |||
268 | int | ||
269 | fmprintf(FILE *stream, const char *fmt, ...) | ||
270 | { | ||
271 | va_list ap; | ||
272 | int ret; | ||
273 | |||
274 | va_start(ap, fmt); | ||
275 | ret = vfmprintf(stream, fmt, ap); | ||
276 | va_end(ap); | ||
277 | return ret; | ||
278 | } | ||
279 | |||
280 | int | ||
281 | mprintf(const char *fmt, ...) | ||
282 | { | ||
283 | va_list ap; | ||
284 | int ret; | ||
285 | |||
286 | va_start(ap, fmt); | ||
287 | ret = vfmprintf(stdout, fmt, ap); | ||
288 | va_end(ap); | ||
289 | return ret; | ||
290 | } | ||
@@ -0,0 +1,24 @@ | |||
1 | /* $OpenBSD: utf8.h,v 1.1 2016/05/25 23:48:45 schwarze Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | int mprintf(const char *, ...) | ||
19 | __attribute__((format(printf, 1, 2))); | ||
20 | int fmprintf(FILE *, const char *, ...) | ||
21 | __attribute__((format(printf, 2, 3))); | ||
22 | int vfmprintf(FILE *, const char *, va_list); | ||
23 | int snmprintf(char *, size_t, int *, const char *, ...) | ||
24 | __attribute__((format(printf, 4, 5))); | ||
@@ -1,8 +1,8 @@ | |||
1 | /* $OpenBSD: version.h,v 1.76 2016/02/23 09:14:34 djm Exp $ */ | 1 | /* $OpenBSD: version.h,v 1.77 2016/07/24 11:45:36 djm Exp $ */ |
2 | 2 | ||
3 | #define SSH_VERSION "OpenSSH_7.2" | 3 | #define SSH_VERSION "OpenSSH_7.3" |
4 | 4 | ||
5 | #define SSH_PORTABLE "p2" | 5 | #define SSH_PORTABLE "p1" |
6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE | 6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE |
7 | #ifdef SSH_EXTRAVERSION | 7 | #ifdef SSH_EXTRAVERSION |
8 | #define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION | 8 | #define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION |