diff options
225 files changed, 14434 insertions, 12724 deletions
@@ -6,47 +6,47 @@ audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-com | |||
6 | audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 6 | audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
7 | audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 7 | audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
8 | auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 8 | auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
9 | auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h | 9 | auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h |
10 | auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h | 10 | auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h |
11 | auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 11 | auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
12 | auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h | 12 | auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h |
13 | auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h pathnames.h log.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h | 13 | auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h |
14 | auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 14 | auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
15 | auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 15 | auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
16 | auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 16 | auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
17 | auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h | 17 | auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h dispatch.h authfile.h |
18 | auth.o: authfile.h monitor_wrap.h ssherr.h compat.h channels.h | 18 | auth.o: monitor_wrap.h ssherr.h compat.h channels.h |
19 | auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h misc.h servconf.h | 19 | auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h |
20 | auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 20 | auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
21 | auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h | 21 | auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h pathnames.h |
22 | auth2-hostbased.o: pathnames.h ssherr.h match.h | 22 | auth2-hostbased.o: ssherr.h match.h |
23 | auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h ssherr.h | 23 | auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h ssherr.h |
24 | auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h monitor_wrap.h | 24 | auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h monitor_wrap.h |
25 | auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h | 25 | auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h |
26 | auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h | 26 | auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h auth-options.h |
27 | auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h | 27 | auth2-pubkey.o: canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h |
28 | auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h ssherr.h | 28 | auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h sshbuf.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h ssherr.h monitor_wrap.h |
29 | auth2.o: monitor_wrap.h digest.h | 29 | auth2.o: digest.h |
30 | authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h | 30 | authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h |
31 | authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h ssherr.h krl.h | 31 | authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h ssherr.h krl.h |
32 | bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h | 32 | bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h |
33 | canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h canohost.h misc.h | 33 | canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h canohost.h misc.h |
34 | chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h | 34 | chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h |
35 | channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h opacket.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h | 35 | channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h |
36 | cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h | 36 | cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h |
37 | cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h | 37 | cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h |
38 | cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sshbuf.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h | 38 | cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sshbuf.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h |
39 | cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 39 | cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
40 | cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h | 40 | cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h |
41 | cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h | 41 | cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h |
42 | clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h | 42 | clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h |
43 | clientloop.o: myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h | 43 | clientloop.o: myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h |
44 | compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h log.h match.h kex.h mac.h | 44 | compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h log.h match.h kex.h mac.h crypto_api.h |
45 | crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crc32.h | 45 | crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crc32.h |
46 | dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 46 | dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
47 | digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h | 47 | digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h |
48 | digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 48 | digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
49 | dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h opacket.h compat.h ssherr.h | 49 | dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h compat.h ssherr.h |
50 | dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h | 50 | dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h |
51 | ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ge25519.h fe25519.h sc25519.h | 51 | ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ge25519.h fe25519.h sc25519.h |
52 | entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 52 | entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
@@ -60,23 +60,19 @@ gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp | |||
60 | hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h | 60 | hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h |
61 | hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h | 61 | hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h |
62 | hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h | 62 | hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h |
63 | kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h log.h match.h misc.h monitor.h ssherr.h sshbuf.h | 63 | kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h match.h |
64 | kex.o: digest.h | 64 | kex.o: misc.h monitor.h ssherr.h sshbuf.h digest.h |
65 | kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h digest.h ssherr.h | 65 | kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h ssh2.h |
66 | kexc25519c.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h digest.h ssherr.h | ||
67 | kexc25519s.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h ssherr.h | ||
68 | kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 66 | kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
69 | kexdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | ||
70 | kexdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | ||
71 | kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 67 | kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
72 | kexecdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 68 | kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h ssh2.h sshbuf.h digest.h ssherr.h |
73 | kexecdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | ||
74 | kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 69 | kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
75 | kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 70 | kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
76 | kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 71 | kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
72 | kexsntrup4591761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h | ||
77 | krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h | 73 | krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h |
78 | log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h | 74 | log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h |
79 | loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h | 75 | loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h |
80 | logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h | 76 | logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h |
81 | mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h | 77 | mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h |
82 | match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h | 78 | match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h |
@@ -84,24 +80,23 @@ md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp | |||
84 | misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h | 80 | misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h |
85 | moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 81 | moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
86 | monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h | 82 | monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h |
87 | monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h | 83 | monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h |
88 | monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h monitor_fdpass.h | 84 | monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h monitor_fdpass.h |
89 | monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h | 85 | monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h |
90 | monitor_wrap.o: auth-options.h packet.h dispatch.h opacket.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h | 86 | monitor_wrap.o: auth-options.h packet.h dispatch.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h |
91 | msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h | 87 | msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h |
92 | mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h opacket.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h ssherr.h | 88 | mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h ssherr.h |
93 | nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h opacket.h channels.h compat.h log.h | 89 | nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h channels.h compat.h log.h |
94 | opacket.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h | 90 | packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h digest.h log.h canohost.h misc.h channels.h |
95 | packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h digest.h log.h canohost.h misc.h channels.h ssh.h | 91 | packet.o: ssh.h packet.h dispatch.h ssherr.h sshbuf.h |
96 | packet.o: packet.h dispatch.h opacket.h ssherr.h sshbuf.h | ||
97 | platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 92 | platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
98 | platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 93 | platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
99 | platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h | 94 | platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h |
100 | platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h | 95 | platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h |
101 | poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h | 96 | poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h |
102 | progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h | 97 | progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h utf8.h |
103 | readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h uidswap.h | 98 | readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h |
104 | readconf.o: myproposal.h digest.h | 99 | readconf.o: uidswap.h myproposal.h digest.h |
105 | readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h | 100 | readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h |
106 | rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h | 101 | rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h |
107 | sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 102 | sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
@@ -114,25 +109,26 @@ sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openb | |||
114 | sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 109 | sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
115 | sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sc25519.h crypto_api.h | 110 | sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sc25519.h crypto_api.h |
116 | scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h | 111 | scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h |
117 | servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h match.h channels.h | 112 | servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h |
118 | servconf.o: groupaccess.h canohost.h packet.h dispatch.h opacket.h ssherr.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h | 113 | servconf.o: match.h channels.h groupaccess.h canohost.h packet.h dispatch.h ssherr.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h |
119 | serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h | 114 | serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h |
120 | serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h | 115 | serverloop.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h |
121 | session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h sshbuf.h ssherr.h match.h uidswap.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h | 116 | session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h |
122 | session.o: cipher-aesctr.h rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h monitor_wrap.h sftp.h atomicio.h | 117 | session.o: rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h crypto_api.h monitor_wrap.h sftp.h atomicio.h |
123 | sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h | 118 | sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h |
124 | sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h | 119 | sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h |
125 | sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h | 120 | sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h |
126 | sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sftp.h misc.h xmalloc.h | 121 | sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sftp.h misc.h xmalloc.h |
127 | sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h | 122 | sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h |
128 | sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h | 123 | sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h |
124 | sntrup4591761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h | ||
129 | ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h | 125 | ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h |
130 | ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h | 126 | ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h |
131 | ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 127 | ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
132 | ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 128 | ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
133 | ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h sshbuf.h sshkey.h ssherr.h ssh.h | 129 | ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h sshbuf.h sshkey.h ssherr.h ssh.h |
134 | ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h uuencode.h sshbuf.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h | 130 | ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h uuencode.h sshbuf.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h |
135 | ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h compat.h myproposal.h packet.h dispatch.h opacket.h log.h | 131 | ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h dispatch.h log.h |
136 | ssh-keyscan.o: atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h | 132 | ssh-keyscan.o: atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h |
137 | ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h | 133 | ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h |
138 | ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 134 | ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
@@ -140,27 +136,27 @@ ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/ope | |||
140 | ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 136 | ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
141 | ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 137 | ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
142 | ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 138 | ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
143 | ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h opacket.h | 139 | ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h sshbuf.h |
144 | ssh.o: sshbuf.h channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h | 140 | ssh.o: channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h |
145 | ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h log.h authfile.h misc.h | 141 | ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h authfile.h misc.h |
146 | ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h | 142 | ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h |
147 | sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h | 143 | sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h |
148 | sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h | 144 | sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h |
149 | sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h | 145 | sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h |
150 | sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h | 146 | sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h |
151 | sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h | 147 | sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h ssherr.h |
152 | sshconnect.o: ssherr.h authfd.h | 148 | sshconnect.o: authfd.h kex.h mac.h crypto_api.h |
153 | sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h myproposal.h | 149 | sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h myproposal.h |
154 | sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h | 150 | sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h |
155 | sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h | 151 | sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h |
156 | sshd.o: poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h | 152 | sshd.o: cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h |
157 | ssherr.o: ssherr.h | 153 | ssherr.o: ssherr.h |
158 | sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h | 154 | sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h |
159 | sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h openbsd-compat/openssl-compat.h | 155 | sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h openbsd-compat/openssl-compat.h |
160 | sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h | 156 | sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h |
161 | sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h misc.h | 157 | sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h misc.h |
162 | sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h | 158 | sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h |
163 | ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h compat.h sshbuf.h ssherr.h ttymodes.h | 159 | ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h compat.h sshbuf.h ssherr.h ttymodes.h |
164 | uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h uidswap.h xmalloc.h | 160 | uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h uidswap.h xmalloc.h |
165 | umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h | 161 | umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h |
166 | umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h | 162 | umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h |
diff --git a/.gitignore b/.gitignore index 650eb3c3c..e7e02ea72 100644 --- a/.gitignore +++ b/.gitignore | |||
@@ -26,3 +26,4 @@ ssh-keysign | |||
26 | ssh-pkcs11-helper | 26 | ssh-pkcs11-helper |
27 | sshd | 27 | sshd |
28 | !regress/misc/fuzz-harness/Makefile | 28 | !regress/misc/fuzz-harness/Makefile |
29 | tags | ||
diff --git a/.skipped-commit-ids b/.skipped-commit-ids index f1b3b7640..01d447a49 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids | |||
@@ -5,6 +5,7 @@ fa728823ba21c4b45212750e1d3a4b2086fd1a62 more Makefile refactoring | |||
5 | 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e moduli update | 5 | 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e moduli update |
6 | 814b2f670df75759e1581ecef530980b2b3d7e0f remove redundant make defs | 6 | 814b2f670df75759e1581ecef530980b2b3d7e0f remove redundant make defs |
7 | 04431e8e7872f49a2129bf080a6b73c19d576d40 moduli update | 7 | 04431e8e7872f49a2129bf080a6b73c19d576d40 moduli update |
8 | c07772f58028fda683ee6abd41c73da3ff70d403 moduli update | ||
8 | 9 | ||
9 | Old upstream tree: | 10 | Old upstream tree: |
10 | 11 | ||
@@ -1,3 +1,2602 @@ | |||
1 | commit fd0fa130ecf06d7d092932adcd5d77f1549bfc8d | ||
2 | Author: Damien Miller <djm@mindrot.org> | ||
3 | Date: Thu Apr 18 08:52:57 2019 +1000 | ||
4 | |||
5 | makedepend | ||
6 | |||
7 | commit 5de397a876b587ba05a9169237deffdc71f273b0 | ||
8 | Author: Damien Miller <djm@mindrot.org> | ||
9 | Date: Fri Apr 5 11:29:51 2019 -0700 | ||
10 | |||
11 | second thoughts: leave README in place | ||
12 | |||
13 | A number of contrib/* files refer to the existing README so let's leave | ||
14 | it in place for release and add the new markdown version in parallel. | ||
15 | |||
16 | I'll get rid of README after release. | ||
17 | |||
18 | commit 5d3127d9274519b25ed10e320f45045ba8d7f3be | ||
19 | Author: Damien Miller <djm@mindrot.org> | ||
20 | Date: Fri Apr 5 11:29:31 2019 -0700 | ||
21 | |||
22 | Revert "rewrite README" | ||
23 | |||
24 | This reverts commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f. | ||
25 | |||
26 | commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f | ||
27 | Author: Damien Miller <djm@mindrot.org> | ||
28 | Date: Fri Apr 5 11:21:48 2019 -0700 | ||
29 | |||
30 | rewrite README | ||
31 | |||
32 | Include basic build instructions and comments on commonly-used build- | ||
33 | time flags, links to the manual pages and other resources. | ||
34 | |||
35 | Now in Markdown format for better viewing on github, etc. | ||
36 | |||
37 | commit a924de0c4908902433813ba205bee1446bd1a157 | ||
38 | Author: Damien Miller <djm@mindrot.org> | ||
39 | Date: Fri Apr 5 03:41:52 2019 +1100 | ||
40 | |||
41 | update versions | ||
42 | |||
43 | commit 312dcee739bca5d6878c536537b2a8a497314b75 | ||
44 | Author: djm@openbsd.org <djm@openbsd.org> | ||
45 | Date: Wed Apr 3 15:48:45 2019 +0000 | ||
46 | |||
47 | upstream: openssh-8.0 | ||
48 | |||
49 | OpenBSD-Commit-ID: 5aafdf218679dab982fea20771afd643be9a127b | ||
50 | |||
51 | commit 885bc114692046d55e2a170b932bdc0092fa3456 | ||
52 | Author: Damien Miller <djm@mindrot.org> | ||
53 | Date: Thu Apr 4 02:47:40 2019 +1100 | ||
54 | |||
55 | session: Do not use removed API | ||
56 | |||
57 | from Jakub Jelen | ||
58 | |||
59 | commit 9d7b2882b0c9a5e9bf8312ce4075bf178e2b98be | ||
60 | Author: djm@openbsd.org <djm@openbsd.org> | ||
61 | Date: Fri Mar 29 11:31:40 2019 +0000 | ||
62 | |||
63 | upstream: when logging/fataling on error, include a bit more detail | ||
64 | |||
65 | than just the function name and the error message | ||
66 | |||
67 | OpenBSD-Commit-ID: dd72d7eba2215fcb89be516c378f633ea5bcca9f | ||
68 | |||
69 | commit 79a87d32783d6c9db40af8f35e091d9d30365ae7 | ||
70 | Author: Darren Tucker <dtucker@dtucker.net> | ||
71 | Date: Wed Apr 3 06:27:45 2019 +1100 | ||
72 | |||
73 | Remove "struct ssh" from sys_auth_record_login. | ||
74 | |||
75 | It's not needed, and is not available from the call site in loginrec.c | ||
76 | Should only affect AIX, spotted by Kevin Brott. | ||
77 | |||
78 | commit 138c0d52cdc90f9895333b82fc57d81cce7a3d90 | ||
79 | Author: Darren Tucker <dtucker@dtucker.net> | ||
80 | Date: Tue Apr 2 18:21:35 2019 +1100 | ||
81 | |||
82 | Adapt custom_failed_login to new prototype. | ||
83 | |||
84 | Spotted by Kevin Brott. | ||
85 | |||
86 | commit a0ca4009ab2f0b1007ec8ab6864dbf9b760a8ed5 | ||
87 | Author: Darren Tucker <dtucker@dtucker.net> | ||
88 | Date: Mon Apr 1 20:07:23 2019 +1100 | ||
89 | |||
90 | Add includes.h for compat layer. | ||
91 | |||
92 | Should fix build on AIX 7.2. | ||
93 | |||
94 | commit 00991151786ce9b1d577bdad1f83a81d19c8236d | ||
95 | Author: Tim Rice <tim@multitalents.net> | ||
96 | Date: Sun Mar 31 22:14:22 2019 -0700 | ||
97 | |||
98 | Stop USL compilers for erroring with "integral constant expression expected" | ||
99 | |||
100 | commit 43f47ebbdd4037b569c23b8f4f7981f53b567f1d | ||
101 | Author: Tim Rice <tim@multitalents.net> | ||
102 | Date: Sun Mar 31 19:22:19 2019 -0700 | ||
103 | |||
104 | Only use O_NOFOLLOW in fchownat and fchmodat if defined | ||
105 | |||
106 | commit 342d6e51589b184c337cccfc4c788b60ff8b3765 | ||
107 | Author: Jakub Jelen <jjelen@redhat.com> | ||
108 | Date: Fri Mar 29 12:29:41 2019 +0100 | ||
109 | |||
110 | Adjust softhsm2 path on Fedora Linux for regress | ||
111 | |||
112 | The SoftHSM lives in Fedora in /usr/lib64/pkcs11/libsofthsm2.so | ||
113 | |||
114 | commit f5abb05f8c7358dacdcb866fe2813f6d8efd5830 | ||
115 | Author: Darren Tucker <dtucker@dtucker.net> | ||
116 | Date: Thu Mar 28 09:26:14 2019 +1100 | ||
117 | |||
118 | Only use O_NOFOLLOW in utimensat if defined. | ||
119 | |||
120 | Fixes build on systems that don't have it (Solaris <=9) Found by | ||
121 | Tom G. Christensen. | ||
122 | |||
123 | commit 786cd4c1837fdc3fe7b4befe54a3f37db7df8715 | ||
124 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
125 | Date: Wed Mar 27 18:18:21 2019 +0100 | ||
126 | |||
127 | drop old Cygwin considerations | ||
128 | |||
129 | - Cygwin supports non-DOS characters in filenames | ||
130 | - Cygwin does not support Windows XP anymore | ||
131 | |||
132 | Signed-off-by: Corinna Vinschen <vinschen@redhat.com> | ||
133 | |||
134 | commit 21da87f439b48a85b951ef1518fe85ac0273e719 | ||
135 | Author: djm@openbsd.org <djm@openbsd.org> | ||
136 | Date: Wed Mar 27 09:29:14 2019 +0000 | ||
137 | |||
138 | upstream: fix interaction between ClientAliveInterval and RekeyLimit | ||
139 | |||
140 | that could cause connection to close incorrectly; Report and patch from Jakub | ||
141 | Jelen in bz#2757; ok dtucker@ markus@ | ||
142 | |||
143 | OpenBSD-Commit-ID: 17229a8a65bd8e6c2080318ec2b7a61e1aede3fb | ||
144 | |||
145 | commit 4f0019a9afdb4a94d83b75e82dbbbe0cbe826c56 | ||
146 | Author: djm@openbsd.org <djm@openbsd.org> | ||
147 | Date: Mon Mar 25 22:34:52 2019 +0000 | ||
148 | |||
149 | upstream: Fix authentication failures when "AuthenticationMethods | ||
150 | |||
151 | any" in a Match block overrides a more restrictive global default. | ||
152 | |||
153 | Spotted by jmc@, ok markus@ | ||
154 | |||
155 | OpenBSD-Commit-ID: a90a4fe2ab81d0eeeb8fdfc21af81f7eabda6666 | ||
156 | |||
157 | commit d6e5def308610f194c0ec3ef97a34a3e9630e190 | ||
158 | Author: djm@openbsd.org <djm@openbsd.org> | ||
159 | Date: Mon Mar 25 22:33:44 2019 +0000 | ||
160 | |||
161 | upstream: whitespace | ||
162 | |||
163 | OpenBSD-Commit-ID: 106e853ae8a477e8385bc53824d3884a8159db07 | ||
164 | |||
165 | commit 26e0cef07b04479537c971dec898741df1290fe5 | ||
166 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
167 | Date: Mon Mar 25 16:19:44 2019 +0000 | ||
168 | |||
169 | upstream: Expand comment to document rationale for default key | ||
170 | |||
171 | sizes. "seems worthwhile" deraadt. | ||
172 | |||
173 | OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456 | ||
174 | |||
175 | commit f47269ea67eb4ff87454bf0d2a03e55532786482 | ||
176 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
177 | Date: Mon Mar 25 15:49:00 2019 +0000 | ||
178 | |||
179 | upstream: Increase the default RSA key size to 3072 bits. Based on | ||
180 | |||
181 | the estimates from NIST Special Publication 800-57, 3k bits provides security | ||
182 | equivalent to 128 bits which is the smallest symmetric cipher we enable by | ||
183 | default. ok markus@ deraadt@ | ||
184 | |||
185 | OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b | ||
186 | |||
187 | commit 62949c5b37af28d8490d94866e314a76be683a5e | ||
188 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
189 | Date: Fri Mar 22 20:58:34 2019 +0000 | ||
190 | |||
191 | upstream: full stop in the wrong place; | ||
192 | |||
193 | OpenBSD-Commit-ID: 478a0567c83553a2aebf95d0f1bd67ac1b1253e4 | ||
194 | |||
195 | commit 1b1332b5bb975d759a50b37f0e8bc8cfb07a0bb0 | ||
196 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
197 | Date: Sat Mar 16 19:14:21 2019 +0000 | ||
198 | |||
199 | upstream: benno helped me clean up the tcp forwarding section; | ||
200 | |||
201 | OpenBSD-Commit-ID: d4bec27edefde636fb632b7f0b7c656b9c7b7f08 | ||
202 | |||
203 | commit 2aee9a49f668092ac5c9d34e904ef7a9722e541d | ||
204 | Author: markus@openbsd.org <markus@openbsd.org> | ||
205 | Date: Fri Mar 8 17:24:43 2019 +0000 | ||
206 | |||
207 | upstream: fix use-after-free in ssh-pkcs11; found by hshoexer w/AFL | ||
208 | |||
209 | OpenBSD-Commit-ID: febce81cca72b71f70513fbee4ff52ca050f675c | ||
210 | |||
211 | commit 9edbd7821e6837e98e7e95546cede804dac96754 | ||
212 | Author: Darren Tucker <dtucker@dtucker.net> | ||
213 | Date: Thu Mar 14 10:17:28 2019 +1100 | ||
214 | |||
215 | Fix build when configured --without-openssl. | ||
216 | |||
217 | ok djm@ | ||
218 | |||
219 | commit 825ab32f0d04a791e9d19d743c61ff8ed9b4d8e5 | ||
220 | Author: Darren Tucker <dtucker@dtucker.net> | ||
221 | Date: Thu Mar 14 08:51:17 2019 +1100 | ||
222 | |||
223 | On Cygwin run sshd as SYSTEM where possible. | ||
224 | |||
225 | Seteuid now creates user token using S4U. We don't create a token | ||
226 | from scratch anymore, so we don't need the "Create a process token" | ||
227 | privilege. The service can run under SYSTEM again... | ||
228 | |||
229 | ...unless Cygwin is running on Windows Vista or Windows 7 in the | ||
230 | WOW64 32 bit emulation layer. It turns out that WOW64 on these systems | ||
231 | didn't implement MsV1_0 S4U Logon so we still need the fallback | ||
232 | to NtCreateToken for these systems. | ||
233 | |||
234 | Signed-off-by: Corinna Vinschen <vinschen@redhat.com> | ||
235 | |||
236 | commit a212107bfdf4d3e870ab7a443e4d906e5b9578c3 | ||
237 | Author: Darren Tucker <dtucker@dtucker.net> | ||
238 | Date: Wed Mar 13 10:49:16 2019 +1100 | ||
239 | |||
240 | Replace alloca with xcalloc. | ||
241 | |||
242 | The latter checks for memory exhaustion and integer overflow and may be | ||
243 | at a less predictable place. Sanity check by vinschen at redhat.com, ok | ||
244 | djm@ | ||
245 | |||
246 | commit daa7505aadca68ba1a2c70cbdfce423208eb91ee | ||
247 | Author: Darren Tucker <dtucker@dtucker.net> | ||
248 | Date: Tue Mar 12 09:19:19 2019 +1100 | ||
249 | |||
250 | Use Cygwin-specific matching only for users+groups. | ||
251 | |||
252 | Patch from vinschen at redhat.com, updated a little by me. | ||
253 | |||
254 | commit fd10cf027b56f9aaa80c9e3844626a05066589a4 | ||
255 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
256 | Date: Wed Mar 6 22:14:23 2019 +0000 | ||
257 | |||
258 | upstream: Move checks for lists of users or groups into their own | ||
259 | |||
260 | function. This is a no-op on OpenBSD but will make things easier in | ||
261 | -portable, eg on systems where these checks should be case-insensitive. ok | ||
262 | djm@ | ||
263 | |||
264 | OpenBSD-Commit-ID: 8bc9c8d98670e23f8eaaaefe29c1f98e7ba0487e | ||
265 | |||
266 | commit ab5fee8eb6a011002fd9e32b1597f02aa8804a25 | ||
267 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
268 | Date: Wed Mar 6 21:06:59 2019 +0000 | ||
269 | |||
270 | upstream: Reset last-seen time when sending a keepalive. Prevents | ||
271 | |||
272 | sending two keepalives successively and prematurely terminating connection | ||
273 | when ClientAliveCount=1. While there, collapse two similar tests into one. | ||
274 | ok markus@ | ||
275 | |||
276 | OpenBSD-Commit-ID: 043670d201dfe222537a2a4bed16ce1087de5ddd | ||
277 | |||
278 | commit c13b74530f9f1d9df7aeae012004b31b2de4438e | ||
279 | Author: naddy@openbsd.org <naddy@openbsd.org> | ||
280 | Date: Tue Mar 5 16:17:12 2019 +0000 | ||
281 | |||
282 | upstream: PKCS#11 support is no longer limited to RSA; ok benno@ | ||
283 | |||
284 | kn@ | ||
285 | |||
286 | OpenBSD-Commit-ID: 1a9bec64d530aed5f434a960e7515a3e80cbc826 | ||
287 | |||
288 | commit e9552d6043db7cd170ac6ba1b4d2c7a5eb2c3201 | ||
289 | Author: djm@openbsd.org <djm@openbsd.org> | ||
290 | Date: Fri Mar 1 03:29:32 2019 +0000 | ||
291 | |||
292 | upstream: in ssh_set_newkeys(), mention the direction that we're | ||
293 | |||
294 | keying in debug messages. Previously it would be difficult to tell which | ||
295 | direction it was talking about | ||
296 | |||
297 | OpenBSD-Commit-ID: c2b71bfcceb2a7389b9d0b497fb2122a406a522d | ||
298 | |||
299 | commit 76a24b3fa193a9ca3e47a8779d497cb06500798b | ||
300 | Author: djm@openbsd.org <djm@openbsd.org> | ||
301 | Date: Fri Mar 1 02:32:39 2019 +0000 | ||
302 | |||
303 | upstream: Fix two race conditions in sshd relating to SIGHUP: | ||
304 | |||
305 | 1. Recently-forked child processes will briefly remain listening to | ||
306 | listen_socks. If the main server sshd process completes its restart | ||
307 | via execv() before these sockets are closed by the child processes | ||
308 | then it can fail to listen at the desired addresses/ports and/or | ||
309 | fail to restart. | ||
310 | |||
311 | 2. When a SIGHUP is received, there may be forked child processes that | ||
312 | are awaiting their reexecution state. If the main server sshd | ||
313 | process restarts before passing this state, these child processes | ||
314 | will yield errors and use a fallback path of reading the current | ||
315 | sshd_config from the filesystem rather than use the one that sshd | ||
316 | was started with. | ||
317 | |||
318 | To fix both of these cases, we reuse the startup_pipes that are shared | ||
319 | between the main server sshd and forked children. Previously this was | ||
320 | used solely to implement tracking of pre-auth child processes for | ||
321 | MaxStartups, but this extends the messaging over these pipes to include | ||
322 | a child->parent message that the parent process is safe to restart. This | ||
323 | message is sent from the child after it has completed its preliminaries: | ||
324 | closing listen_socks and receiving its reexec state. | ||
325 | |||
326 | bz#2953, reported by Michal Koutný; ok markus@ dtucker@ | ||
327 | |||
328 | OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab | ||
329 | |||
330 | commit de817e9dfab99473017d28cdf69e60397d00ea21 | ||
331 | Author: djm@openbsd.org <djm@openbsd.org> | ||
332 | Date: Fri Mar 1 02:16:47 2019 +0000 | ||
333 | |||
334 | upstream: mention PKCS11Provide=none, reword a little and remove | ||
335 | |||
336 | mention of RSA keys only (since we support ECDSA now and might support others | ||
337 | in the future). Inspired by Jakub Jelen via bz#2974 | ||
338 | |||
339 | OpenBSD-Commit-ID: a92e3686561bf624ccc64ab320c96c9e9a263aa5 | ||
340 | |||
341 | commit 95a8058c1a90a27acbb91392ba206854abc85226 | ||
342 | Author: djm@openbsd.org <djm@openbsd.org> | ||
343 | Date: Fri Mar 1 02:08:50 2019 +0000 | ||
344 | |||
345 | upstream: let PKCS11Provider=none do what users expect | ||
346 | |||
347 | print PKCS11Provider instead of obsolete SmartcardDevice in config dump. | ||
348 | |||
349 | bz#2974 ok dtucker@ | ||
350 | |||
351 | OpenBSD-Commit-ID: c303d6f0230a33aa2dd92dc9b68843d56a64f846 | ||
352 | |||
353 | commit 8e7bac35aa576d2fd7560836da83733e864ce649 | ||
354 | Author: markus@openbsd.org <markus@openbsd.org> | ||
355 | Date: Wed Feb 27 19:37:01 2019 +0000 | ||
356 | |||
357 | upstream: dup stdout/in for proxycommand=-, otherwise stdout might | ||
358 | |||
359 | be redirected to /dev/null; ok djm@ | ||
360 | |||
361 | OpenBSD-Commit-ID: 97dfce4c47ed4055042de8ebde85b7d88793e595 | ||
362 | |||
363 | commit 9b61130fbd95d196bce81ebeca94a4cb7c0d5ba0 | ||
364 | Author: djm@openbsd.org <djm@openbsd.org> | ||
365 | Date: Sat Feb 23 08:20:43 2019 +0000 | ||
366 | |||
367 | upstream: openssh-7.9 accidentally reused the server's algorithm lists | ||
368 | |||
369 | in the client for KEX, ciphers and MACs. The ciphers and MACs were identical | ||
370 | between the client and server, but the error accidentially disabled the | ||
371 | diffie-hellman-group-exchange-sha1 KEX method. | ||
372 | |||
373 | This fixes the client code to use the correct method list, but | ||
374 | because nobody complained, it also disables the | ||
375 | diffie-hellman-group-exchange-sha1 KEX method. | ||
376 | |||
377 | Reported by nuxi AT vault24.org via bz#2697; ok dtucker | ||
378 | |||
379 | OpenBSD-Commit-ID: e30c33a23c10fd536fefa120e86af1842e33fd57 | ||
380 | |||
381 | commit 37638c752041d591371900df820f070037878a2d | ||
382 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
383 | Date: Wed Feb 20 13:41:25 2019 +0100 | ||
384 | |||
385 | Cygwin: implement case-insensitive Unicode user and group name matching | ||
386 | |||
387 | The previous revert enabled case-insensitive user names again. This | ||
388 | patch implements the case-insensitive user and group name matching. | ||
389 | To allow Unicode chars, implement the matcher using wchar_t chars in | ||
390 | Cygwin-specific code. Keep the generic code changes as small as possible. | ||
391 | Cygwin: implement case-insensitive Unicode user and group name matching | ||
392 | |||
393 | Signed-off-by: Corinna Vinschen <vinschen@redhat.com> | ||
394 | |||
395 | commit bed1d43698807a07bb4ddb93a46b0bd84b9970b3 | ||
396 | Author: Darren Tucker <dtucker@dtucker.net> | ||
397 | Date: Fri Feb 22 15:21:21 2019 +1100 | ||
398 | |||
399 | Revert unintended parts of previous commit. | ||
400 | |||
401 | commit f02afa350afac1b2f2d1413259a27a4ba1e2ca24 | ||
402 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
403 | Date: Wed Feb 20 13:41:24 2019 +0100 | ||
404 | |||
405 | Revert "[auth.c] On Cygwin, refuse usernames that have differences in case" | ||
406 | |||
407 | This reverts commit acc9b29486dfd649dfda474e5c1a03b317449f1c. | ||
408 | |||
409 | Signed-off-by: Corinna Vinschen <vinschen@redhat.com> | ||
410 | |||
411 | commit 4c55b674835478eb80a1a7aeae588aa654e2a433 | ||
412 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
413 | Date: Sat Feb 16 14:13:43 2019 +0100 | ||
414 | |||
415 | Add tags to .gitignore | ||
416 | |||
417 | Signed-off-by: Corinna Vinschen <vinschen@redhat.com> | ||
418 | |||
419 | commit 625b62634c33eaef4b80d07529954fe5c6435fe5 | ||
420 | Author: djm@openbsd.org <djm@openbsd.org> | ||
421 | Date: Fri Feb 22 03:37:11 2019 +0000 | ||
422 | |||
423 | upstream: perform removal of agent-forwarding directory in forward | ||
424 | |||
425 | setup error path with user's privileged. This is a no-op as this code always | ||
426 | runs with user privilege now that we no longer support running sshd with | ||
427 | privilege separation disabled, but as long as the privsep skeleton is there | ||
428 | we should follow the rules. | ||
429 | MIME-Version: 1.0 | ||
430 | Content-Type: text/plain; charset=UTF-8 | ||
431 | Content-Transfer-Encoding: 8bit | ||
432 | |||
433 | bz#2969 with patch from Erik Sjölund | ||
434 | |||
435 | OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846 | ||
436 | |||
437 | commit d9ecfaba0b2f1887d20e4368230632e709ca83be | ||
438 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
439 | Date: Mon Feb 18 07:02:34 2019 +0000 | ||
440 | |||
441 | upstream: sync the description of ~/.ssh/config with djm's updated | ||
442 | |||
443 | description in ssh.1; issue pointed out by andreas kahari | ||
444 | |||
445 | ok dtucker djm | ||
446 | |||
447 | OpenBSD-Commit-ID: 1b01ef0ae2c6328165150badae317ec92e52b01c | ||
448 | |||
449 | commit 38e83e4f219c752ebb1560633b73f06f0392018b | ||
450 | Author: djm@openbsd.org <djm@openbsd.org> | ||
451 | Date: Tue Feb 12 23:53:10 2019 +0000 | ||
452 | |||
453 | upstream: fix regression in r1.302 reported by naddy@ - only the first | ||
454 | |||
455 | public key from the agent was being attempted for use. | ||
456 | |||
457 | OpenBSD-Commit-ID: 07116aea521a04888718b2157f1ca723b2f46c8d | ||
458 | |||
459 | commit 5c68ea8da790d711e6dd5f4c30d089c54032c59a | ||
460 | Author: djm@openbsd.org <djm@openbsd.org> | ||
461 | Date: Mon Feb 11 09:44:42 2019 +0000 | ||
462 | |||
463 | upstream: cleanup GSSAPI authentication context after completion of the | ||
464 | |||
465 | authmethod. Move function-static GSSAPI state to the client Authctxt | ||
466 | structure. Make static a bunch of functions that aren't used outside this | ||
467 | file. | ||
468 | |||
469 | Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@ | ||
470 | |||
471 | OpenBSD-Commit-ID: 497fb792c0ddb4f1ba631b6eed526861f115dbe5 | ||
472 | |||
473 | commit a8c807f1956f81a92a758d3d0237d0ff06d0be5d | ||
474 | Author: benno@openbsd.org <benno@openbsd.org> | ||
475 | Date: Sun Feb 10 16:35:41 2019 +0000 | ||
476 | |||
477 | upstream: ssh-keygen -D pkcs11.so needs to initialize pkcs11 | ||
478 | |||
479 | interactive, so it can ask for the smartcards PIN. ok markus@ | ||
480 | |||
481 | OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab | ||
482 | |||
483 | commit 3d896c157c722bc47adca51a58dca859225b5874 | ||
484 | Author: djm@openbsd.org <djm@openbsd.org> | ||
485 | Date: Sun Feb 10 11:15:52 2019 +0000 | ||
486 | |||
487 | upstream: when checking that filenames sent by the server side | ||
488 | |||
489 | match what the client requested, be prepared to handle shell-style brace | ||
490 | alternations, e.g. "{foo,bar}". | ||
491 | |||
492 | "looks good to me" millert@ + in snaps for the last week courtesy | ||
493 | deraadt@ | ||
494 | |||
495 | OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e | ||
496 | |||
497 | commit 318e4f8548a4f5c0c913f61e27d4fc21ffb1eaae | ||
498 | Author: djm@openbsd.org <djm@openbsd.org> | ||
499 | Date: Sun Feb 10 11:10:57 2019 +0000 | ||
500 | |||
501 | upstream: syslog when connection is dropped for attempting to run a | ||
502 | |||
503 | command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@ | ||
504 | |||
505 | OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8 | ||
506 | |||
507 | commit 2ff2e19653b8c0798b8b8eff209651bdb1be2761 | ||
508 | Author: Damien Miller <djm@mindrot.org> | ||
509 | Date: Fri Feb 8 14:53:35 2019 +1100 | ||
510 | |||
511 | don't set $MAIL if UsePam=yes | ||
512 | |||
513 | PAM typically specifies the user environment if it's enabled, so don't | ||
514 | second guess. bz#2937; ok dtucker@ | ||
515 | |||
516 | commit 03e92dd27d491fe6d1a54e7b2f44ef1b0a916e52 | ||
517 | Author: Damien Miller <djm@mindrot.org> | ||
518 | Date: Fri Feb 8 14:50:36 2019 +1100 | ||
519 | |||
520 | use same close logic for stderr as stdout | ||
521 | |||
522 | Avoids sending SIGPIPE to child processes after their parent exits | ||
523 | if they attempt to write to stderr. | ||
524 | |||
525 | Analysis and patch from JD Paul; patch reworked by Jakub Jelen and | ||
526 | myself. bz#2071; ok dtucker@ | ||
527 | |||
528 | commit 8c53d409baeeaf652c0c125a9b164edc9dbeb6de | ||
529 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
530 | Date: Tue Feb 5 11:35:56 2019 +0000 | ||
531 | |||
532 | upstream: Adapt code in the non-USE_PIPES codepath to the new packet | ||
533 | |||
534 | API. This code is not normally reachable since USE_PIPES is always defined. | ||
535 | bz#2961, patch from adrian.fita at gmail com. | ||
536 | |||
537 | OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a | ||
538 | |||
539 | commit 7a7fdca78de4b4774950be056099e579ef595414 | ||
540 | Author: djm@openbsd.org <djm@openbsd.org> | ||
541 | Date: Mon Feb 4 23:37:54 2019 +0000 | ||
542 | |||
543 | upstream: fix NULL-deref crash in PKCS#11 code when attempting | ||
544 | |||
545 | login to a token requiring a PIN; reported by benno@ fix mostly by markus@ | ||
546 | |||
547 | OpenBSD-Commit-ID: 438d0b114b1b4ba25a9869733db1921209aa9a31 | ||
548 | |||
549 | commit cac302a4b42a988e54d32eb254b29b79b648dbf5 | ||
550 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
551 | Date: Mon Feb 4 02:39:42 2019 +0000 | ||
552 | |||
553 | upstream: Remove obsolete "Protocol" from commented out examples. Patch | ||
554 | |||
555 | from samy.mahmoudi at gmail com. | ||
556 | |||
557 | OpenBSD-Commit-ID: 16aede33dae299725a03abdac5dcb4d73f5d0cbf | ||
558 | |||
559 | commit 483b3b638500fd498b4b529356e5a0e18cf76891 | ||
560 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
561 | Date: Fri Feb 1 03:52:23 2019 +0000 | ||
562 | |||
563 | upstream: Save connection timeout and restore for 2nd and | ||
564 | |||
565 | subsequent attempts, preventing them from having no timeout. bz#2918, ok | ||
566 | djm@ | ||
567 | |||
568 | OpenBSD-Commit-ID: 4977f1d0521d9b6bba0c9a20d3d226cefac48292 | ||
569 | |||
570 | commit 5f004620fdc1b2108139300ee12f4014530fb559 | ||
571 | Author: markus@openbsd.org <markus@openbsd.org> | ||
572 | Date: Wed Jan 30 19:51:15 2019 +0000 | ||
573 | |||
574 | upstream: Add authors for public domain sntrup4591761 code; | ||
575 | |||
576 | confirmed by Daniel J. Bernstein | ||
577 | |||
578 | OpenBSD-Commit-ID: b4621f22b8b8ef13e063c852af5e54dbbfa413c1 | ||
579 | |||
580 | commit 2c21b75a7be6ebdcbceaebb43157c48dbb36f3d8 | ||
581 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
582 | Date: Sun Jan 27 07:14:11 2019 +0000 | ||
583 | |||
584 | upstream: add -T to usage(); | ||
585 | |||
586 | OpenBSD-Commit-ID: a7ae14d9436c64e1bd05022329187ea3a0ce1899 | ||
587 | |||
588 | commit 19a0f0529d3df04118da829528cac7ceff380b24 | ||
589 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
590 | Date: Mon Jan 28 03:50:39 2019 +0000 | ||
591 | |||
592 | upstream: The test sshd_config in in $OBJ. | ||
593 | |||
594 | OpenBSD-Regress-ID: 1e5d908a286d8e7de3a15a0020c8857f3a7c9172 | ||
595 | |||
596 | commit 8fe25440206319d15b52d12b948a5dfdec14dca3 | ||
597 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
598 | Date: Mon Jan 28 03:28:10 2019 +0000 | ||
599 | |||
600 | upstream: Remove leftover debugging. | ||
601 | |||
602 | OpenBSD-Regress-ID: 3d86c3d4867e46b35af3fd2ac8c96df0ffdcfeb9 | ||
603 | |||
604 | commit e30d32364d12c351eec9e14be6c61116f9d6cc90 | ||
605 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
606 | Date: Mon Jan 28 00:12:36 2019 +0000 | ||
607 | |||
608 | upstream: Enable ssh-dss for the agent test. Disable it for the | ||
609 | |||
610 | certificate test. | ||
611 | |||
612 | OpenBSD-Regress-ID: 388c1e03e1def539d350f139b37d69f12334668d | ||
613 | |||
614 | commit ffdde469ed56249f5dc8af98da468dde35531398 | ||
615 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
616 | Date: Mon Jan 28 00:08:26 2019 +0000 | ||
617 | |||
618 | upstream: Count the number of key types instead of assuming there | ||
619 | |||
620 | are only two. | ||
621 | |||
622 | OpenBSD-Regress-ID: 0998702c41235782cf0beee396ec49b5056eaed9 | ||
623 | |||
624 | commit 1d05b4adcba08ab068466e5c08dee2f5417ec53a | ||
625 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
626 | Date: Sat Jan 26 23:42:40 2019 +0100 | ||
627 | |||
628 | Cygwin: only tweak sshd_config file if it's new, drop creating sshd user | ||
629 | |||
630 | The sshd_config tweaks were executed even if the old file was | ||
631 | still in place. Fix that. Also disable sshd user creation. | ||
632 | It's not used on Cygwin. | ||
633 | |||
634 | commit 89843de0c4c733501f6b4f988098e6e06963df37 | ||
635 | Author: Corinna Vinschen <vinschen@redhat.com> | ||
636 | Date: Sat Jan 26 23:03:12 2019 +0100 | ||
637 | |||
638 | Cygwin: Change service name to cygsshd | ||
639 | |||
640 | Microsoft hijacked the sshd service name without asking. | ||
641 | |||
642 | commit 2a9b3a2ce411d16cda9c79ab713c55f65b0ec257 | ||
643 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
644 | Date: Sun Jan 27 06:30:53 2019 +0000 | ||
645 | |||
646 | upstream: Generate all key supported key types and enable for keyscan | ||
647 | |||
648 | test. | ||
649 | |||
650 | OpenBSD-Regress-ID: 72f72ff49946c61bc949e1692dd9e3d71370891b | ||
651 | |||
652 | commit 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc | ||
653 | Author: djm@openbsd.org <djm@openbsd.org> | ||
654 | Date: Sat Jan 26 22:41:28 2019 +0000 | ||
655 | |||
656 | upstream: check in scp client that filenames sent during | ||
657 | |||
658 | remote->local directory copies satisfy the wildcard specified by the user. | ||
659 | |||
660 | This checking provides some protection against a malicious server | ||
661 | sending unexpected filenames, but it comes at a risk of rejecting wanted | ||
662 | files due to differences between client and server wildcard expansion rules. | ||
663 | |||
664 | For this reason, this also adds a new -T flag to disable the check. | ||
665 | |||
666 | reported by Harry Sintonen | ||
667 | fix approach suggested by markus@; | ||
668 | has been in snaps for ~1wk courtesy deraadt@ | ||
669 | |||
670 | OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda | ||
671 | |||
672 | commit c2c18a39683db382a15b438632afab3f551d50ce | ||
673 | Author: djm@openbsd.org <djm@openbsd.org> | ||
674 | Date: Sat Jan 26 22:35:01 2019 +0000 | ||
675 | |||
676 | upstream: make ssh-keyscan return a non-zero exit status if it | ||
677 | |||
678 | finds no keys. bz#2903 | ||
679 | |||
680 | OpenBSD-Commit-ID: 89f1081fb81d950ebb48e6e73d21807b2723d488 | ||
681 | |||
682 | commit 05b9a466700b44d49492edc2aa415fc2e8913dfe | ||
683 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
684 | Date: Thu Jan 24 17:00:29 2019 +0000 | ||
685 | |||
686 | upstream: Accept the host key fingerprint as a synonym for "yes" | ||
687 | |||
688 | when accepting an unknown host key. This allows you to paste a fingerprint | ||
689 | obtained out of band into the yes/no prompt and have the client do the | ||
690 | comparison for you. ok markus@ djm@ | ||
691 | |||
692 | OpenBSD-Commit-ID: 3c47d10b9f43d3d345e044fd9ec09709583a2767 | ||
693 | |||
694 | commit bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb | ||
695 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
696 | Date: Thu Jan 24 16:52:17 2019 +0000 | ||
697 | |||
698 | upstream: Have progressmeter force an update at the beginning and | ||
699 | |||
700 | end of each transfer. Fixes the problem recently introduces where very quick | ||
701 | transfers do not display the progressmeter at all. Spotted by naddy@ | ||
702 | |||
703 | OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a | ||
704 | |||
705 | commit 258e6ca003e47f944688ad8b8de087b58a7d966c | ||
706 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
707 | Date: Thu Jan 24 02:42:23 2019 +0000 | ||
708 | |||
709 | upstream: Check for both EAGAIN and EWOULDBLOCK. This is a no-op | ||
710 | |||
711 | in OpenBSD (they are the same value) but makes things easier in -portable | ||
712 | where they may be distinct values. "sigh ok" deraadt@ | ||
713 | |||
714 | (ID sync only, portable already had this change). | ||
715 | |||
716 | OpenBSD-Commit-ID: 91f2bc7c0ecec905915ed59fa37feb9cc90e17d7 | ||
717 | |||
718 | commit 281ce042579b834cdc1e74314f1fb2eeb75d2612 | ||
719 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
720 | Date: Thu Jan 24 02:34:52 2019 +0000 | ||
721 | |||
722 | upstream: Always initialize 2nd arg to hpdelim2. It populates that | ||
723 | |||
724 | *ONLY IF* there's a delimiter. If there's not (the common case) it checked | ||
725 | uninitialized memory, which usually passed, but if not would cause spurious | ||
726 | failures when the uninitialized memory happens to contain "/". ok deraadt. | ||
727 | |||
728 | OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3 | ||
729 | |||
730 | commit d05ea255678d9402beda4416cd0360f3e5dfe938 | ||
731 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
732 | Date: Wed Jan 23 21:50:56 2019 +0000 | ||
733 | |||
734 | upstream: Remove support for obsolete host/port syntax. | ||
735 | |||
736 | host/port was added in 2001 as an alternative to host:port syntax for | ||
737 | the benefit of IPv6 users. These days there are establised standards | ||
738 | for this like [::1]:22 and the slash syntax is easily mistaken for CIDR | ||
739 | notation, which OpenSSH now supports for some things. Remove the slash | ||
740 | notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen | ||
741 | at redhat.com, ok markus@ | ||
742 | |||
743 | OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7 | ||
744 | |||
745 | commit 177d6c80c557a5e060cd343a0c116a2f1a7f43db | ||
746 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
747 | Date: Wed Jan 23 20:48:52 2019 +0000 | ||
748 | |||
749 | upstream: Remove duplicate word. bz#2958, patch from jjelen at | ||
750 | |||
751 | redhat.com | ||
752 | |||
753 | OpenBSD-Commit-ID: cca3965a8333f2b6aae48b79ec1d72f7a830dd2c | ||
754 | |||
755 | commit be3e6cba95dffe5fcf190c713525b48c837e7875 | ||
756 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
757 | Date: Wed Jan 23 09:49:00 2019 +0000 | ||
758 | |||
759 | upstream: Remove 3 as a guess for possible generator during moduli | ||
760 | |||
761 | generation. It's not mentioned in RFC4419 and it's not possible for | ||
762 | Sophie-Germain primes greater than 5. bz#2330, from Christian Wittenhorst , | ||
763 | ok djm@ tb@ | ||
764 | |||
765 | OpenBSD-Commit-ID: 1467652e6802ad3333b0959282d8d49dfe22c8cd | ||
766 | |||
767 | commit 8976f1c4b2721c26e878151f52bdf346dfe2d54c | ||
768 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
769 | Date: Wed Jan 23 08:01:46 2019 +0000 | ||
770 | |||
771 | upstream: Sanitize scp filenames via snmprintf. To do this we move | ||
772 | |||
773 | the progressmeter formatting outside of signal handler context and have the | ||
774 | atomicio callback called for EINTR too. bz#2434 with contributions from djm | ||
775 | and jjelen at redhat.com, ok djm@ | ||
776 | |||
777 | OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 | ||
778 | |||
779 | commit 6249451f381755f792c6b9e2c2f80cdc699c14e2 | ||
780 | Author: Darren Tucker <dtucker@dtucker.net> | ||
781 | Date: Thu Jan 24 10:00:20 2019 +1100 | ||
782 | |||
783 | For broken read/readv comparisons, poll(RW). | ||
784 | |||
785 | In the cases where we can't compare to read or readv function pointers | ||
786 | for some reason we currently ifdef out the poll() used to block while | ||
787 | waiting for reads or writes, falling back to busy waiting. This restores | ||
788 | the poll() in this case, but has it always check for read or write, | ||
789 | removing an inline ifdef in the process. | ||
790 | |||
791 | commit 5cb503dff4db251520e8bf7d23b9c97c06eee031 | ||
792 | Author: Darren Tucker <dtucker@dtucker.net> | ||
793 | Date: Thu Jan 24 09:55:16 2019 +1100 | ||
794 | |||
795 | Include unistd.h for strmode(). | ||
796 | |||
797 | commit f236ca2741f29b5c443c0b2db3aa9afb9ad9befe | ||
798 | Author: Darren Tucker <dtucker@dtucker.net> | ||
799 | Date: Thu Jan 24 09:50:58 2019 +1100 | ||
800 | |||
801 | Also undef SIMPLEQ_FOREACH_SAFE. | ||
802 | |||
803 | Prevents macro redefinition warning on at least NetBSD 6.1. | ||
804 | |||
805 | commit be063945e4e7d46b1734d973bf244c350fae172a | ||
806 | Author: djm@openbsd.org <djm@openbsd.org> | ||
807 | Date: Wed Jan 23 04:51:02 2019 +0000 | ||
808 | |||
809 | upstream: allow auto-incrementing certificate serial number for certs | ||
810 | |||
811 | signed in a single commandline. | ||
812 | |||
813 | OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b | ||
814 | |||
815 | commit 851f80328931975fe68f71af363c4537cb896da2 | ||
816 | Author: djm@openbsd.org <djm@openbsd.org> | ||
817 | Date: Wed Jan 23 04:16:22 2019 +0000 | ||
818 | |||
819 | upstream: move a bunch of global flag variables to main(); make the | ||
820 | |||
821 | rest static | ||
822 | |||
823 | OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc | ||
824 | |||
825 | commit 2265402dc7d701a9aca9f8a7b7b0fd45b65c479f | ||
826 | Author: Damien Miller <djm@mindrot.org> | ||
827 | Date: Wed Jan 23 13:03:16 2019 +1100 | ||
828 | |||
829 | depend | ||
830 | |||
831 | commit 2c223878e53cc46def760add459f5f7c4fb43e35 | ||
832 | Author: djm@openbsd.org <djm@openbsd.org> | ||
833 | Date: Wed Jan 23 02:01:10 2019 +0000 | ||
834 | |||
835 | upstream: switch mainloop from select(2) to poll(2); ok deraadt@ | ||
836 | |||
837 | OpenBSD-Commit-ID: 37645419a330037d297f6f0adc3b3663e7ae7b2e | ||
838 | |||
839 | commit bb956eaa94757ad058ff43631c3a7d6c94d38c2f | ||
840 | Author: djm@openbsd.org <djm@openbsd.org> | ||
841 | Date: Wed Jan 23 00:30:41 2019 +0000 | ||
842 | |||
843 | upstream: pass most arguments to the KEX hash functions as sshbuf | ||
844 | |||
845 | rather than pointer+length; ok markus@ | ||
846 | |||
847 | OpenBSD-Commit-ID: ef0c89c52ccc89817a13a5205725148a28492bf7 | ||
848 | |||
849 | commit d691588b8e29622c66abf8932362b522cf7f4051 | ||
850 | Author: djm@openbsd.org <djm@openbsd.org> | ||
851 | Date: Tue Jan 22 22:58:50 2019 +0000 | ||
852 | |||
853 | upstream: backoff reading messages from active connections when the | ||
854 | |||
855 | input buffer is too full to read one, or if the output buffer is too full to | ||
856 | enqueue a response; feedback & ok dtucker@ | ||
857 | |||
858 | OpenBSD-Commit-ID: df3c5b6d57c968975875de40d8955cbfed05a6c8 | ||
859 | |||
860 | commit f99ef8de967949a1fc25a5c28263ea32736e5943 | ||
861 | Author: djm@openbsd.org <djm@openbsd.org> | ||
862 | Date: Tue Jan 22 20:48:01 2019 +0000 | ||
863 | |||
864 | upstream: add -m to usage(); reminded by jmc@ | ||
865 | |||
866 | OpenBSD-Commit-ID: bca476a5236e8f94210290b3e6a507af0434613e | ||
867 | |||
868 | commit 41923ce06ac149453debe472238e0cca7d5a2e5f | ||
869 | Author: djm@openbsd.org <djm@openbsd.org> | ||
870 | Date: Tue Jan 22 12:03:58 2019 +0000 | ||
871 | |||
872 | upstream: Correct some bugs in PKCS#11 token PIN handling at | ||
873 | |||
874 | initial login, the attempt at reading the PIN could be skipped in some cases | ||
875 | especially on devices with integrated PIN readers. | ||
876 | |||
877 | based on patch from Daniel Kucera in bz#2652; ok markus@ | ||
878 | |||
879 | OpenBSD-Commit-ID: fad70a61c60610afe8bb0db538c90e343e75e58e | ||
880 | |||
881 | commit 2162171ad517501ba511fa9f8191945d01857bb4 | ||
882 | Author: djm@openbsd.org <djm@openbsd.org> | ||
883 | Date: Tue Jan 22 12:00:50 2019 +0000 | ||
884 | |||
885 | upstream: Support keys that set the CKA_ALWAYS_AUTHENTICATE by | ||
886 | |||
887 | requring a fresh login after the C_SignInit operation. | ||
888 | |||
889 | based on patch from Jakub Jelen in bz#2638; ok markus | ||
890 | |||
891 | OpenBSD-Commit-ID: a76e66996ba7c0923b46b74d46d499b811786661 | ||
892 | |||
893 | commit 7a2cb18a215b2cb335da3dc99489c52a91f4925b | ||
894 | Author: djm@openbsd.org <djm@openbsd.org> | ||
895 | Date: Tue Jan 22 11:51:25 2019 +0000 | ||
896 | |||
897 | upstream: Mention that configuration for the destination host is | ||
898 | |||
899 | not applied to any ProxyJump/-J hosts. This has confused a few people... | ||
900 | |||
901 | OpenBSD-Commit-ID: 03f4f641df6ca236c1bfc69836a256b873db868b | ||
902 | |||
903 | commit ecd2f33cb772db4fa76776543599f1c1ab6f9fa0 | ||
904 | Author: djm@openbsd.org <djm@openbsd.org> | ||
905 | Date: Tue Jan 22 11:40:42 2019 +0000 | ||
906 | |||
907 | upstream: Include -m in the synopsis for a few more commands that | ||
908 | |||
909 | support it | ||
910 | |||
911 | Be more explicit in the description of -m about where it may be used | ||
912 | |||
913 | Prompted by Jakub Jelen in bz2904 | ||
914 | |||
915 | OpenBSD-Commit-ID: 3b398ac5e05d8a6356710d0ff114536c9d71046c | ||
916 | |||
917 | commit ff5d2cf4ca373bb4002eef395ed2cbe2ff0826c1 | ||
918 | Author: djm@openbsd.org <djm@openbsd.org> | ||
919 | Date: Tue Jan 22 11:26:16 2019 +0000 | ||
920 | |||
921 | upstream: print the full pubkey being attempted at loglevel >= | ||
922 | |||
923 | debug2; bz2939 | ||
924 | |||
925 | OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290 | ||
926 | |||
927 | commit 180b520e2bab33b566b4b0cbac7d5f9940935011 | ||
928 | Author: djm@openbsd.org <djm@openbsd.org> | ||
929 | Date: Tue Jan 22 11:19:42 2019 +0000 | ||
930 | |||
931 | upstream: clarify: ssh-keygen -e only writes public keys, never | ||
932 | |||
933 | private | ||
934 | |||
935 | OpenBSD-Commit-ID: 7de7ff6d274d82febf9feb641e2415ffd6a30bfb | ||
936 | |||
937 | commit c45616a199c322ca674315de88e788f1d2596e26 | ||
938 | Author: djm@openbsd.org <djm@openbsd.org> | ||
939 | Date: Tue Jan 22 11:00:15 2019 +0000 | ||
940 | |||
941 | upstream: mention the new vs. old key formats in the introduction | ||
942 | |||
943 | and give some hints on how keys may be converted or written in the old | ||
944 | format. | ||
945 | |||
946 | OpenBSD-Commit-ID: 9c90a9f92eddc249e07fad1204d0e15c8aa13823 | ||
947 | |||
948 | commit fd8eb1383a34c986a00ef13d745ae9bd3ea21760 | ||
949 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
950 | Date: Tue Jan 22 06:58:31 2019 +0000 | ||
951 | |||
952 | upstream: tweak previous; | ||
953 | |||
954 | OpenBSD-Commit-ID: d2a80e389da8e7ed71978643d8cbaa8605b597a8 | ||
955 | |||
956 | commit 68e924d5473c00057f8532af57741d258c478223 | ||
957 | Author: tb@openbsd.org <tb@openbsd.org> | ||
958 | Date: Mon Jan 21 23:55:12 2019 +0000 | ||
959 | |||
960 | upstream: Forgot to add -J to the synopsis. | ||
961 | |||
962 | OpenBSD-Commit-ID: 26d95e409a0b72526526fc56ca1caca5cc3d3c5e | ||
963 | |||
964 | commit 622dedf1a884f2927a9121e672bd9955e12ba108 | ||
965 | Author: tb@openbsd.org <tb@openbsd.org> | ||
966 | Date: Mon Jan 21 22:50:42 2019 +0000 | ||
967 | |||
968 | upstream: Add a -J option as a shortcut for -o Proxyjump= to scp(1) | ||
969 | |||
970 | and sftp(1) to match ssh(1)'s interface. | ||
971 | |||
972 | ok djm | ||
973 | |||
974 | OpenBSD-Commit-ID: a75bc2d5f329caa7229a7e9fe346c4f41c2663fc | ||
975 | |||
976 | commit c882d74652800150d538e22c80dd2bd3cdd5fae2 | ||
977 | Author: Darren Tucker <dtucker@dtucker.net> | ||
978 | Date: Tue Jan 22 20:38:40 2019 +1100 | ||
979 | |||
980 | Allow building against OpenSSL dev (3.x) version. | ||
981 | |||
982 | commit d5520393572eb24aa0e001a1c61f49b104396e45 | ||
983 | Author: Damien Miller <djm@mindrot.org> | ||
984 | Date: Tue Jan 22 10:50:40 2019 +1100 | ||
985 | |||
986 | typo | ||
987 | |||
988 | commit 2de9cec54230998ab10161576f77860a2559ccb7 | ||
989 | Author: Damien Miller <djm@mindrot.org> | ||
990 | Date: Tue Jan 22 10:49:52 2019 +1100 | ||
991 | |||
992 | add missing header | ||
993 | |||
994 | commit 533cfb01e49a2a30354e191669dc3159e03e99a7 | ||
995 | Author: djm@openbsd.org <djm@openbsd.org> | ||
996 | Date: Mon Jan 21 22:18:24 2019 +0000 | ||
997 | |||
998 | upstream: switch sntrup implementation source from supercop to | ||
999 | |||
1000 | libpqcrypto; the latter is almost identical but doesn't rely on signed | ||
1001 | underflow to implement an optimised integer sort; from markus@ | ||
1002 | |||
1003 | OpenBSD-Commit-ID: cd09bbf0e0fcef1bedca69fdf7990dc360567cf8 | ||
1004 | |||
1005 | commit d50ab3cd6fb859888a26b4d4e333239b4f6bf573 | ||
1006 | Author: Damien Miller <djm@mindrot.org> | ||
1007 | Date: Tue Jan 22 00:02:23 2019 +1100 | ||
1008 | |||
1009 | new files need includes.h | ||
1010 | |||
1011 | commit c7670b091a7174760d619ef6738b4f26b2093301 | ||
1012 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1013 | Date: Mon Jan 21 12:53:35 2019 +0000 | ||
1014 | |||
1015 | upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up | ||
1016 | |||
1017 | debug verbosity. | ||
1018 | |||
1019 | Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run | ||
1020 | in debug mode ("ssh-agent -d"), so we get to see errors from the | ||
1021 | PKCS#11 code. | ||
1022 | |||
1023 | ok markus@ | ||
1024 | |||
1025 | OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d | ||
1026 | |||
1027 | commit 49d8c8e214d39acf752903566b105d06c565442a | ||
1028 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1029 | Date: Mon Jan 21 12:50:12 2019 +0000 | ||
1030 | |||
1031 | upstream: adapt to changes in KEX APIs and file removals | ||
1032 | |||
1033 | OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca | ||
1034 | |||
1035 | commit 35ecc53a83f8e8baab2e37549addfd05c73c30f1 | ||
1036 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1037 | Date: Mon Jan 21 12:35:20 2019 +0000 | ||
1038 | |||
1039 | upstream: adapt to changes in KEX API and file removals | ||
1040 | |||
1041 | OpenBSD-Regress-ID: 92cad022d3b0d11e08f3e0055d6a14b8f994c0d7 | ||
1042 | |||
1043 | commit 7d69aae64c35868cc4f644583ab973113a79480e | ||
1044 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1045 | Date: Mon Jan 21 12:29:35 2019 +0000 | ||
1046 | |||
1047 | upstream: adapt to bignum1 API removal and bignum2 API change | ||
1048 | |||
1049 | OpenBSD-Regress-ID: cea6ff270f3d560de86b355a87a2c95b55a5ca63 | ||
1050 | |||
1051 | commit beab553f0a9578ef9bffe28b2c779725e77b39ec | ||
1052 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1053 | Date: Mon Jan 21 09:13:41 2019 +0000 | ||
1054 | |||
1055 | upstream: remove hack to use non-system libcrypto | ||
1056 | |||
1057 | OpenBSD-Regress-ID: ce72487327eee4dfae1ab0212a1f33871fe0809f | ||
1058 | |||
1059 | commit 4dc06bd57996f1a46b4c3bababe0d09bc89098f7 | ||
1060 | Author: Damien Miller <djm@mindrot.org> | ||
1061 | Date: Mon Jan 21 23:14:04 2019 +1100 | ||
1062 | |||
1063 | depend | ||
1064 | |||
1065 | commit 70edd73edc4df54e5eee50cd27c25427b34612f8 | ||
1066 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1067 | Date: Mon Jan 21 12:08:13 2019 +0000 | ||
1068 | |||
1069 | upstream: fix reversed arguments to kex_load_hostkey(); manifested as | ||
1070 | |||
1071 | errors in cert-hostkey.sh regress failures. | ||
1072 | |||
1073 | OpenBSD-Commit-ID: 12dab63850b844f84d5a67e86d9e21a42fba93ba | ||
1074 | |||
1075 | commit f1185abbf0c9108e639297addc77f8757ee00eb3 | ||
1076 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1077 | Date: Mon Jan 21 11:22:00 2019 +0000 | ||
1078 | |||
1079 | upstream: forgot to cvs add this file in previous series of commits; | ||
1080 | |||
1081 | grrr | ||
1082 | |||
1083 | OpenBSD-Commit-ID: bcff316c3e7da8fd15333e05d244442c3aaa66b0 | ||
1084 | |||
1085 | commit 7bef390b625bdc080f0fd4499ef03cef60fca4fa | ||
1086 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1087 | Date: Mon Jan 21 10:44:21 2019 +0000 | ||
1088 | |||
1089 | upstream: nothing shall escape this purge | ||
1090 | |||
1091 | OpenBSD-Commit-ID: 4795b0ff142b45448f7e15f3c2f77a947191b217 | ||
1092 | |||
1093 | commit aaca72d6f1279b842066e07bff797019efeb2c23 | ||
1094 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1095 | Date: Mon Jan 21 10:40:11 2019 +0000 | ||
1096 | |||
1097 | upstream: rename kex->kem_client_pub -> kex->client_pub now that | ||
1098 | |||
1099 | KEM has been renamed to kexgen | ||
1100 | |||
1101 | from markus@ ok djm@ | ||
1102 | |||
1103 | OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8 | ||
1104 | |||
1105 | commit 70867e1ca2eb08bbd494fe9c568df4fd3b35b867 | ||
1106 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1107 | Date: Mon Jan 21 10:38:54 2019 +0000 | ||
1108 | |||
1109 | upstream: merge kexkem[cs] into kexgen | ||
1110 | |||
1111 | from markus@ ok djm@ | ||
1112 | |||
1113 | OpenBSD-Commit-ID: 87d886b7f1812ff9355fda1435f6ea9b71a0ac89 | ||
1114 | |||
1115 | commit 71e67fff946396caa110a7964da23480757258ff | ||
1116 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1117 | Date: Mon Jan 21 10:35:09 2019 +0000 | ||
1118 | |||
1119 | upstream: pass values used in KEX hash computation as sshbuf | ||
1120 | |||
1121 | rather than pointer+len | ||
1122 | |||
1123 | suggested by me; implemented by markus@ ok me | ||
1124 | |||
1125 | OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0 | ||
1126 | |||
1127 | commit 4b83e2a2cc0c12e671a77eaba1c1245894f4e884 | ||
1128 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1129 | Date: Mon Jan 21 10:33:49 2019 +0000 | ||
1130 | |||
1131 | upstream: remove kex_derive_keys_bn wrapper; no unused since the | ||
1132 | |||
1133 | DH-like KEX methods have moved to KEM | ||
1134 | |||
1135 | from markus@ ok djm@ | ||
1136 | |||
1137 | OpenBSD-Commit-ID: bde9809103832f349545e4f5bb733d316db9a060 | ||
1138 | |||
1139 | commit 92dda34e373832f34a1944e5d9ebbebb184dedc1 | ||
1140 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1141 | Date: Mon Jan 21 10:29:56 2019 +0000 | ||
1142 | |||
1143 | upstream: use KEM API for vanilla ECDH | ||
1144 | |||
1145 | from markus@ ok djm@ | ||
1146 | |||
1147 | OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c | ||
1148 | |||
1149 | commit b72357217cbe510a3ae155307a7be6b9181f1d1b | ||
1150 | Author: Damien Miller <djm@mindrot.org> | ||
1151 | Date: Mon Jan 21 23:11:21 2019 +1100 | ||
1152 | |||
1153 | fixup missing ssherr.h | ||
1154 | |||
1155 | commit 9c9c97e14fe190931f341876ad98213e1e1dc19f | ||
1156 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1157 | Date: Mon Jan 21 10:28:01 2019 +0000 | ||
1158 | |||
1159 | upstream: use KEM API for vanilla DH KEX | ||
1160 | |||
1161 | from markus@ ok djm@ | ||
1162 | |||
1163 | OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9 | ||
1164 | |||
1165 | commit 2f6a9ddbbf6ca8623c53c323ff17fb6d68d66970 | ||
1166 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1167 | Date: Mon Jan 21 10:24:09 2019 +0000 | ||
1168 | |||
1169 | upstream: use KEM API for vanilla c25519 KEX | ||
1170 | |||
1171 | OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f | ||
1172 | |||
1173 | commit dfd591618cdf2c96727ac0eb65f89cf54af0d97e | ||
1174 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1175 | Date: Mon Jan 21 10:20:12 2019 +0000 | ||
1176 | |||
1177 | upstream: Add support for a PQC KEX/KEM: | ||
1178 | |||
1179 | sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime | ||
1180 | 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not | ||
1181 | enabled by default. | ||
1182 | |||
1183 | introduce KEM API; a simplified framework for DH-ish KEX methods. | ||
1184 | |||
1185 | from markus@ feedback & ok djm@ | ||
1186 | |||
1187 | OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7 | ||
1188 | |||
1189 | commit b1b2ff4ed559051d1035419f8f236275fa66d5d6 | ||
1190 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1191 | Date: Mon Jan 21 10:07:22 2019 +0000 | ||
1192 | |||
1193 | upstream: factor out kex_verify_hostkey() - again, duplicated | ||
1194 | |||
1195 | almost exactly across client and server for several KEX methods. | ||
1196 | |||
1197 | from markus@ ok djm@ | ||
1198 | |||
1199 | OpenBSD-Commit-ID: 4e4a16d949dadde002a0aacf6d280a684e20829c | ||
1200 | |||
1201 | commit bb39bafb6dc520cc097780f4611a52da7f19c3e2 | ||
1202 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1203 | Date: Mon Jan 21 10:05:09 2019 +0000 | ||
1204 | |||
1205 | upstream: factor out kex_load_hostkey() - this is duplicated in | ||
1206 | |||
1207 | both the client and server implementations for most KEX methods. | ||
1208 | |||
1209 | from markus@ ok djm@ | ||
1210 | |||
1211 | OpenBSD-Commit-ID: 8232fa7c21fbfbcaf838313b0c166dc6c8762f3c | ||
1212 | |||
1213 | commit dec5e9d33891e3bc3f1395d7db0e56fdc7f86dfc | ||
1214 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1215 | Date: Mon Jan 21 10:03:37 2019 +0000 | ||
1216 | |||
1217 | upstream: factor out kex_dh_compute_key() - it's shared between | ||
1218 | |||
1219 | plain DH KEX and DH GEX in both the client and server implementations | ||
1220 | |||
1221 | from markus@ ok djm@ | ||
1222 | |||
1223 | OpenBSD-Commit-ID: 12186e18791fffcd4642c82e7e0cfdd7ea37e2ec | ||
1224 | |||
1225 | commit e93bd98eab79b9a78f64ee8dd4dffc4d3979c7ae | ||
1226 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1227 | Date: Mon Jan 21 10:00:23 2019 +0000 | ||
1228 | |||
1229 | upstream: factor out DH keygen; it's identical between the client | ||
1230 | |||
1231 | and the server | ||
1232 | |||
1233 | from markus@ ok djm@ | ||
1234 | |||
1235 | OpenBSD-Commit-ID: 2be57f6a0d44f1ab2c8de2b1b5d6f530c387fae9 | ||
1236 | |||
1237 | commit 5ae3f6d314465026d028af82609c1d49ad197655 | ||
1238 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1239 | Date: Mon Jan 21 09:55:52 2019 +0000 | ||
1240 | |||
1241 | upstream: save the derived session id in kex_derive_keys() rather | ||
1242 | |||
1243 | than making each kex method implementation do it. | ||
1244 | |||
1245 | from markus@ ok djm@ | ||
1246 | |||
1247 | OpenBSD-Commit-ID: d61ade9c8d1e13f665f8663c552abff8c8a30673 | ||
1248 | |||
1249 | commit 7be8572b32a15d5c3dba897f252e2e04e991c307 | ||
1250 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1251 | Date: Mon Jan 21 09:54:11 2019 +0000 | ||
1252 | |||
1253 | upstream: Make sshpkt_get_bignum2() allocate the bignum it is | ||
1254 | |||
1255 | parsing rather than make the caller do it. Saves a lot of boilerplate code. | ||
1256 | |||
1257 | from markus@ ok djm@ | ||
1258 | |||
1259 | OpenBSD-Commit-ID: 576bf784f9a240f5a1401f7005364e59aed3bce9 | ||
1260 | |||
1261 | commit 803178bd5da7e72be94ba5b4c4c196d4b542da4d | ||
1262 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1263 | Date: Mon Jan 21 09:52:25 2019 +0000 | ||
1264 | |||
1265 | upstream: remove obsolete (SSH v.1) sshbuf_get/put_bignum1 | ||
1266 | |||
1267 | functions | ||
1268 | |||
1269 | from markus@ ok djm@ | ||
1270 | |||
1271 | OpenBSD-Commit-ID: 0380b1b2d9de063de3c5a097481a622e6a04943e | ||
1272 | |||
1273 | commit f3ebaffd8714be31d4345f90af64992de4b3bba2 | ||
1274 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1275 | Date: Mon Jan 21 09:49:37 2019 +0000 | ||
1276 | |||
1277 | upstream: fix all-zero check in kexc25519_shared_key | ||
1278 | |||
1279 | from markus@ ok djm@ | ||
1280 | |||
1281 | OpenBSD-Commit-ID: 60b1d364e0d9d34d1d1ef1620cb92e36cf06712d | ||
1282 | |||
1283 | commit 9d1a9771d0ad3a83af733bf3d2650b53f43c269f | ||
1284 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
1285 | Date: Mon Jan 21 07:09:10 2019 +0000 | ||
1286 | |||
1287 | upstream: - -T was added to the first synopsis by mistake - since | ||
1288 | |||
1289 | "..." denotes optional, no need to surround it in [] | ||
1290 | |||
1291 | ok djm | ||
1292 | |||
1293 | OpenBSD-Commit-ID: 918f6d8eed4e0d8d9ef5eadae1b8983d796f0e25 | ||
1294 | |||
1295 | commit 2f0bad2bf85391dbb41315ab55032ec522660617 | ||
1296 | Author: Darren Tucker <dtucker@dtucker.net> | ||
1297 | Date: Mon Jan 21 21:28:27 2019 +1100 | ||
1298 | |||
1299 | Make --with-rpath take a flag instead of yes/no. | ||
1300 | |||
1301 | Linkers need various flags for -rpath and similar, so make --with-rpath | ||
1302 | take an optional flag argument which is passed to the linker. ok djm@ | ||
1303 | |||
1304 | commit 23490a6c970ea1d03581a3b4208f2eb7a675f453 | ||
1305 | Author: Damien Miller <djm@mindrot.org> | ||
1306 | Date: Mon Jan 21 15:05:43 2019 +1100 | ||
1307 | |||
1308 | fix previous test | ||
1309 | |||
1310 | commit b6dd3277f2c49f9584a2097bc792e8f480397e87 | ||
1311 | Author: Darren Tucker <dtucker@dtucker.net> | ||
1312 | Date: Mon Jan 21 13:50:17 2019 +1100 | ||
1313 | |||
1314 | Wrap ECC static globals in EC_KEY_METHOD_NEW too. | ||
1315 | |||
1316 | commit b2eb9db35b7191613f2f4b934d57b25938bb34b3 | ||
1317 | Author: Damien Miller <djm@mindrot.org> | ||
1318 | Date: Mon Jan 21 12:53:40 2019 +1100 | ||
1319 | |||
1320 | pass TEST_SSH_SSHPKCS11HELPER to regress tests | ||
1321 | |||
1322 | commit ba58a529f45b3dae2db68607d8c54ae96e90e705 | ||
1323 | Author: Damien Miller <djm@mindrot.org> | ||
1324 | Date: Mon Jan 21 12:31:29 2019 +1100 | ||
1325 | |||
1326 | make agent-pkcs11 search harder for softhsm2.so | ||
1327 | |||
1328 | commit 662be40c62339ab645113c930ce689466f028938 | ||
1329 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1330 | Date: Mon Jan 21 02:05:38 2019 +0000 | ||
1331 | |||
1332 | upstream: always print the caller's error message in ossl_error(), | ||
1333 | |||
1334 | even when there are no libcrypto errors to report. | ||
1335 | |||
1336 | OpenBSD-Commit-ID: 09ebaa8f706e0eccedd209775baa1eee2ada806a | ||
1337 | |||
1338 | commit ce46c3a077dfb4c531ccffcfff03f37775725b75 | ||
1339 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1340 | Date: Mon Jan 21 02:01:03 2019 +0000 | ||
1341 | |||
1342 | upstream: get the ex_data (pkcs11_key object) back from the keys at | ||
1343 | |||
1344 | the index at which it was inserted, rather than assuming index 0 | ||
1345 | |||
1346 | OpenBSD-Commit-ID: 1f3a6ce0346c8014e895e50423bef16401510aa8 | ||
1347 | |||
1348 | commit 0a5f2ea35626022299ece3c8817a1abe8cf37b3e | ||
1349 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1350 | Date: Mon Jan 21 01:05:00 2019 +0000 | ||
1351 | |||
1352 | upstream: GSSAPI code got missed when converting to new packet API | ||
1353 | |||
1354 | OpenBSD-Commit-ID: 37e4f06ab4a0f4214430ff462ba91acba28b7851 | ||
1355 | |||
1356 | commit 2efcf812b4c1555ca3aff744820a3b3bccd68298 | ||
1357 | Author: Damien Miller <djm@mindrot.org> | ||
1358 | Date: Mon Jan 21 11:57:21 2019 +1100 | ||
1359 | |||
1360 | Fix -Wunused when compiling PKCS#11 without ECDSA | ||
1361 | |||
1362 | commit 3c0c657ed7cd335fc05c0852d88232ca7e92a5d9 | ||
1363 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1364 | Date: Sun Jan 20 23:26:44 2019 +0000 | ||
1365 | |||
1366 | upstream: allow override of ssh-pkcs11-helper binary via | ||
1367 | |||
1368 | $TEST_SSH_SSHPKCS11HELPER from markus@ | ||
1369 | |||
1370 | OpenBSD-Regress-ID: 7382a3d76746f5a792d106912a5819fd5e49e469 | ||
1371 | |||
1372 | commit 760ae37b4505453c6fa4faf1aa39a8671ab053af | ||
1373 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1374 | Date: Sun Jan 20 23:25:25 2019 +0000 | ||
1375 | |||
1376 | upstream: adapt agent-pkcs11.sh test to softhsm2 and add support | ||
1377 | |||
1378 | for ECDSA keys | ||
1379 | |||
1380 | work by markus@, ok djm@ | ||
1381 | |||
1382 | OpenBSD-Regress-ID: 1ebc2be0e88eff1b6d8be2f9c00cdc60723509fe | ||
1383 | |||
1384 | commit b2ce8b31a1f974a13e6d12e0a0c132b50bc45115 | ||
1385 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1386 | Date: Sun Jan 20 23:24:19 2019 +0000 | ||
1387 | |||
1388 | upstream: add "extra:" target to run some extra tests that are not | ||
1389 | |||
1390 | enabled by default (currently includes agent-pkcs11.sh); from markus@ | ||
1391 | |||
1392 | OpenBSD-Regress-ID: 9a969e1adcd117fea174d368dcb9c61eb50a2a3c | ||
1393 | |||
1394 | commit 632976418d60b7193597bbc6ac7ca33981a41aab | ||
1395 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1396 | Date: Mon Jan 21 00:47:34 2019 +0000 | ||
1397 | |||
1398 | upstream: use ECDSA_SIG_set0() instead of poking signature values into | ||
1399 | |||
1400 | structure directly; the latter works on LibreSSL but not on OpenSSL. From | ||
1401 | portable. | ||
1402 | |||
1403 | OpenBSD-Commit-ID: 5b22a1919d9cee907d3f8a029167f70a481891c6 | ||
1404 | |||
1405 | commit 5de6ac2bad11175135d9b819b3546db0ca0b4878 | ||
1406 | Author: Damien Miller <djm@mindrot.org> | ||
1407 | Date: Mon Jan 21 11:44:19 2019 +1100 | ||
1408 | |||
1409 | remove HAVE_DLOPEN that snuck in | ||
1410 | |||
1411 | portable doesn't use this | ||
1412 | |||
1413 | commit e2cb445d786f7572da2af93e3433308eaed1093a | ||
1414 | Author: Damien Miller <djm@mindrot.org> | ||
1415 | Date: Mon Jan 21 11:32:28 2019 +1100 | ||
1416 | |||
1417 | conditionalise ECDSA PKCS#11 support | ||
1418 | |||
1419 | Require EC_KEY_METHOD support in libcrypto, evidenced by presence | ||
1420 | of EC_KEY_METHOD_new() function. | ||
1421 | |||
1422 | commit fcb1b0937182d0137a3c357c89735d0dc5869d54 | ||
1423 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1424 | Date: Sun Jan 20 23:12:35 2019 +0000 | ||
1425 | |||
1426 | upstream: we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHOD | ||
1427 | |||
1428 | now, so there is no need to keep a copy of each in the pkcs11_key object. | ||
1429 | |||
1430 | work by markus@, ok djm@ | ||
1431 | |||
1432 | OpenBSD-Commit-ID: 43b4856516e45c0595f17a8e95b2daee05f12faa | ||
1433 | |||
1434 | commit 6529409e85890cd6df7e5e81d04e393b1d2e4b0b | ||
1435 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1436 | Date: Sun Jan 20 23:11:11 2019 +0000 | ||
1437 | |||
1438 | upstream: KNF previous; from markus@ | ||
1439 | |||
1440 | OpenBSD-Commit-ID: 3dfe35e25b310c3968b1e4e53a0cb1d03bda5395 | ||
1441 | |||
1442 | commit 58622a8c82f4e2aad630580543f51ba537c1f39e | ||
1443 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1444 | Date: Sun Jan 20 23:10:33 2019 +0000 | ||
1445 | |||
1446 | upstream: use OpenSSL's RSA reference counting hooks to | ||
1447 | |||
1448 | implicitly clean up pkcs11_key objects when their owning RSA object's | ||
1449 | reference count drops to zero. Simplifies the cleanup path and makes it more | ||
1450 | like ECDSA's | ||
1451 | |||
1452 | work by markus@, ok djm@ | ||
1453 | |||
1454 | OpenBSD-Commit-ID: 74b9c98f405cd78f7148e9e4a4982336cd3df25c | ||
1455 | |||
1456 | commit f118542fc82a3b3ab0360955b33bc5a271ea709f | ||
1457 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1458 | Date: Sun Jan 20 23:08:24 2019 +0000 | ||
1459 | |||
1460 | upstream: make the PKCS#11 RSA code more like the new PKCS#11 | ||
1461 | |||
1462 | ECDSA code: use a single custom RSA_METHOD instead of a method per key | ||
1463 | |||
1464 | suggested by me, but markus@ did all the work. | ||
1465 | ok djm@ | ||
1466 | |||
1467 | OpenBSD-Commit-ID: 8aafcebe923dc742fc5537a995cee549d07e4b2e | ||
1468 | |||
1469 | commit 445cfce49dfc904c6b8ab25afa2f43130296c1a5 | ||
1470 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1471 | Date: Sun Jan 20 23:05:52 2019 +0000 | ||
1472 | |||
1473 | upstream: fix leak of ECDSA pkcs11_key objects | ||
1474 | |||
1475 | work by markus, ok djm@ | ||
1476 | |||
1477 | OpenBSD-Commit-ID: 9fc0c4f1d640aaa5f19b8d70f37ea19b8ad284a1 | ||
1478 | |||
1479 | commit 8a2467583f0b5760787273796ec929190c3f16ee | ||
1480 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1481 | Date: Sun Jan 20 23:03:26 2019 +0000 | ||
1482 | |||
1483 | upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access of | ||
1484 | |||
1485 | EC_KEY internals as that won't work on OpenSSL | ||
1486 | |||
1487 | work by markus@, feedback and ok djm@ | ||
1488 | |||
1489 | OpenBSD-Commit-ID: 4a99cdb89fbd6f5155ef8c521c99dc66e2612700 | ||
1490 | |||
1491 | commit 24757c1ae309324e98d50e5935478655be04e549 | ||
1492 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1493 | Date: Sun Jan 20 23:01:59 2019 +0000 | ||
1494 | |||
1495 | upstream: cleanup PKCS#11 ECDSA pubkey loading: the returned | ||
1496 | |||
1497 | object should never have a DER header | ||
1498 | |||
1499 | work by markus; feedback and ok djm@ | ||
1500 | |||
1501 | OpenBSD-Commit-ID: b617fa585eddbbf0b1245b58b7a3c4b8d613db17 | ||
1502 | |||
1503 | commit 749aef30321595435ddacef2f31d7a8f2b289309 | ||
1504 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1505 | Date: Sun Jan 20 23:00:12 2019 +0000 | ||
1506 | |||
1507 | upstream: cleanup unnecessary code in ECDSA pkcs#11 signature | ||
1508 | |||
1509 | work by markus@, feedback and ok djm@ | ||
1510 | |||
1511 | OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d | ||
1512 | |||
1513 | commit 0c50992af49b562970dd0ba3f8f151f1119e260e | ||
1514 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1515 | Date: Sun Jan 20 22:57:45 2019 +0000 | ||
1516 | |||
1517 | upstream: cleanup pkcs#11 client code: use sshkey_new in instead | ||
1518 | |||
1519 | of stack- allocating a sshkey | ||
1520 | |||
1521 | work by markus@, ok djm@ | ||
1522 | |||
1523 | OpenBSD-Commit-ID: a048eb6ec8aa7fa97330af927022c0da77521f91 | ||
1524 | |||
1525 | commit 854bd8674ee5074a239f7cadf757d55454802e41 | ||
1526 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1527 | Date: Sun Jan 20 22:54:30 2019 +0000 | ||
1528 | |||
1529 | upstream: allow override of the pkcs#11 helper binary via | ||
1530 | |||
1531 | $SSH_PKCS11_HELPER; needed for regress tests. | ||
1532 | |||
1533 | work by markus@, ok me | ||
1534 | |||
1535 | OpenBSD-Commit-ID: f78d8185500bd7c37aeaf7bd27336db62f0f7a83 | ||
1536 | |||
1537 | commit 93f02107f44d63a016d8c23ebd2ca9205c495c48 | ||
1538 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1539 | Date: Sun Jan 20 22:51:37 2019 +0000 | ||
1540 | |||
1541 | upstream: add support for ECDSA keys in PKCS#11 tokens | ||
1542 | |||
1543 | Work by markus@ and Pedro Martelletto, feedback and ok me@ | ||
1544 | |||
1545 | OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424 | ||
1546 | |||
1547 | commit aa22c20e0c36c2fc610cfcc793b0d14079c38814 | ||
1548 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1549 | Date: Sun Jan 20 22:03:29 2019 +0000 | ||
1550 | |||
1551 | upstream: add option to test whether keys in an agent are usable, | ||
1552 | |||
1553 | by performing a signature and a verification using each key "ssh-add -T | ||
1554 | pubkey [...]" | ||
1555 | |||
1556 | work by markus@, ok djm@ | ||
1557 | |||
1558 | OpenBSD-Commit-ID: 931b888a600b6a883f65375bd5f73a4776c6d19b | ||
1559 | |||
1560 | commit a36b0b14a12971086034d53c0c3dfbad07665abe | ||
1561 | Author: tb@openbsd.org <tb@openbsd.org> | ||
1562 | Date: Sun Jan 20 02:01:59 2019 +0000 | ||
1563 | |||
1564 | upstream: Fix BN_is_prime_* calls in SSH, the API returns -1 on | ||
1565 | |||
1566 | error. | ||
1567 | |||
1568 | Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd | ||
1569 | by David Benjamin. | ||
1570 | |||
1571 | ok djm, dtucker | ||
1572 | |||
1573 | OpenBSD-Commit-ID: 1ee832be3c44b1337f76b8562ec6d203f3b072f8 | ||
1574 | |||
1575 | commit ec4776bb01dd8d61fddc7d2a31ab10bf3d3d829a | ||
1576 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
1577 | Date: Sun Jan 20 01:12:40 2019 +0000 | ||
1578 | |||
1579 | upstream: DH-GEX min value is now specified in RFC8270. ok djm@ | ||
1580 | |||
1581 | OpenBSD-Commit-ID: 1229d0feb1d0ecefe05bf67a17578b263e991acc | ||
1582 | |||
1583 | commit c90a7928c4191303e76a8c58b9008d464287ae1b | ||
1584 | Author: Darren Tucker <dtucker@dtucker.net> | ||
1585 | Date: Mon Jan 21 09:22:36 2019 +1100 | ||
1586 | |||
1587 | Check for cc before gcc. | ||
1588 | |||
1589 | If cc is something other than gcc and is the system compiler prefer using | ||
1590 | that, unless otherwise told via $CC. ok djm@ | ||
1591 | |||
1592 | commit 9b655dc9c9a353f0a527f0c6c43a5e35653c9503 | ||
1593 | Author: Damien Miller <djm@mindrot.org> | ||
1594 | Date: Sun Jan 20 14:55:27 2019 +1100 | ||
1595 | |||
1596 | last bits of old packet API / active_state global | ||
1597 | |||
1598 | commit 3f0786bbe73609ac96e5a0d91425ee21129f8e04 | ||
1599 | Author: Damien Miller <djm@mindrot.org> | ||
1600 | Date: Sun Jan 20 10:22:18 2019 +1100 | ||
1601 | |||
1602 | remove PAM dependencies on old packet API | ||
1603 | |||
1604 | Requires some caching of values, because the PAM code isn't | ||
1605 | always called with packet context. | ||
1606 | |||
1607 | commit 08f66d9f17e12c1140d1f1cf5c4dce67e915d3cc | ||
1608 | Author: Damien Miller <djm@mindrot.org> | ||
1609 | Date: Sun Jan 20 09:58:45 2019 +1100 | ||
1610 | |||
1611 | remove vestiges of old packet API from loginrec.c | ||
1612 | |||
1613 | commit c327813ea1d740e3e367109c17873815aba1328e | ||
1614 | Author: Damien Miller <djm@mindrot.org> | ||
1615 | Date: Sun Jan 20 09:45:38 2019 +1100 | ||
1616 | |||
1617 | depend | ||
1618 | |||
1619 | commit 135e302cfdbe91817294317c337cc38c3ff01cba | ||
1620 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1621 | Date: Sat Jan 19 22:30:52 2019 +0000 | ||
1622 | |||
1623 | upstream: fix error in refactor: use ssh_packet_disconnect() instead of | ||
1624 | |||
1625 | sshpkt_error(). The first one logs the error and exits (what we want) instead | ||
1626 | of just logging and blundering on. | ||
1627 | |||
1628 | OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae | ||
1629 | |||
1630 | commit 245c6a0b220b58686ee35bc5fc1c359e9be2faaa | ||
1631 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1632 | Date: Sat Jan 19 21:45:31 2019 +0000 | ||
1633 | |||
1634 | upstream: remove last traces of old packet API! | ||
1635 | |||
1636 | with & ok markus@ | ||
1637 | |||
1638 | OpenBSD-Commit-ID: 9bd10437026423eb8245636ad34797a20fbafd7d | ||
1639 | |||
1640 | commit 04c091fc199f17dacf8921df0a06634b454e2722 | ||
1641 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1642 | Date: Sat Jan 19 21:43:56 2019 +0000 | ||
1643 | |||
1644 | upstream: remove last references to active_state | ||
1645 | |||
1646 | with & ok markus@ | ||
1647 | |||
1648 | OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2 | ||
1649 | |||
1650 | commit ec00f918b8ad90295044266c433340a8adc93452 | ||
1651 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1652 | Date: Sat Jan 19 21:43:07 2019 +0000 | ||
1653 | |||
1654 | upstream: convert monitor.c to new packet API | ||
1655 | |||
1656 | with & ok markus@ | ||
1657 | |||
1658 | OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5 | ||
1659 | |||
1660 | commit 6350e0316981489d4205952d6904d6fedba5bfe0 | ||
1661 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1662 | Date: Sat Jan 19 21:42:30 2019 +0000 | ||
1663 | |||
1664 | upstream: convert sshd.c to new packet API | ||
1665 | |||
1666 | with & ok markus@ | ||
1667 | |||
1668 | OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891 | ||
1669 | |||
1670 | commit a5e2ad88acff2b7d131ee6d5dc5d339b0f8c6a6d | ||
1671 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1672 | Date: Sat Jan 19 21:41:53 2019 +0000 | ||
1673 | |||
1674 | upstream: convert session.c to new packet API | ||
1675 | |||
1676 | with & ok markus@ | ||
1677 | |||
1678 | OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e | ||
1679 | |||
1680 | commit 3a00a921590d4c4b7e96df11bb10e6f9253ad45e | ||
1681 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1682 | Date: Sat Jan 19 21:41:18 2019 +0000 | ||
1683 | |||
1684 | upstream: convert auth.c to new packet API | ||
1685 | |||
1686 | with & ok markus@ | ||
1687 | |||
1688 | OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4 | ||
1689 | |||
1690 | commit 7ec5cb4d15ed2f2c5c9f5d00e6b361d136fc1e2d | ||
1691 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1692 | Date: Sat Jan 19 21:40:48 2019 +0000 | ||
1693 | |||
1694 | upstream: convert serverloop.c to new packet API | ||
1695 | |||
1696 | with & ok markus@ | ||
1697 | |||
1698 | OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885 | ||
1699 | |||
1700 | commit 64c9598ac05332d1327cbf55334dee4172d216c4 | ||
1701 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1702 | Date: Sat Jan 19 21:40:21 2019 +0000 | ||
1703 | |||
1704 | upstream: convert the remainder of sshconnect2.c to new packet | ||
1705 | |||
1706 | API | ||
1707 | |||
1708 | with & ok markus@ | ||
1709 | |||
1710 | OpenBSD-Commit-ID: 0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71 | ||
1711 | |||
1712 | commit bc5e1169d101d16e3a5962a928db2bc49a8ef5a3 | ||
1713 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1714 | Date: Sat Jan 19 21:39:12 2019 +0000 | ||
1715 | |||
1716 | upstream: convert the remainder of clientloop.c to new packet API | ||
1717 | |||
1718 | with & ok markus@ | ||
1719 | |||
1720 | OpenBSD-Commit-ID: ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e | ||
1721 | |||
1722 | commit 5ebce136a6105f084db8f0d7ee41981d42daec40 | ||
1723 | Author: Damien Miller <djm@mindrot.org> | ||
1724 | Date: Sun Jan 20 09:44:53 2019 +1100 | ||
1725 | |||
1726 | upstream: convert auth2.c to new packet API | ||
1727 | |||
1728 | OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999 | ||
1729 | |||
1730 | commit 172a592a53ebe8649c4ac0d7946e6c08eb151af6 | ||
1731 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1732 | Date: Sat Jan 19 21:37:48 2019 +0000 | ||
1733 | |||
1734 | upstream: convert servconf.c to new packet API | ||
1735 | |||
1736 | with & ok markus@ | ||
1737 | |||
1738 | OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4 | ||
1739 | |||
1740 | commit 8cc7a679d29cf6ecccfa08191e688c7f81ef95c2 | ||
1741 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1742 | Date: Sat Jan 19 21:37:13 2019 +0000 | ||
1743 | |||
1744 | upstream: convert channels.c to new packet API | ||
1745 | |||
1746 | with & ok markus@ | ||
1747 | |||
1748 | OpenBSD-Commit-ID: 0b8279b56113cbd4011fc91315c0796b63dc862c | ||
1749 | |||
1750 | commit 06232038c794c7dfcb087be0ab0b3e65b09fd396 | ||
1751 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1752 | Date: Sat Jan 19 21:36:38 2019 +0000 | ||
1753 | |||
1754 | upstream: convert sshconnect.c to new packet API | ||
1755 | |||
1756 | with & ok markus@ | ||
1757 | |||
1758 | OpenBSD-Commit-ID: 222337cf6c96c347f1022d976fac74b4257c061f | ||
1759 | |||
1760 | commit 25b2ed667216314471bb66752442c55b95792dc3 | ||
1761 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1762 | Date: Sat Jan 19 21:36:06 2019 +0000 | ||
1763 | |||
1764 | upstream: convert ssh.c to new packet API | ||
1765 | |||
1766 | with & ok markus@ | ||
1767 | |||
1768 | OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21 | ||
1769 | |||
1770 | commit e3128b38623eef2fa8d6e7ae934d3bd08c7e973e | ||
1771 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1772 | Date: Sat Jan 19 21:35:25 2019 +0000 | ||
1773 | |||
1774 | upstream: convert mux.c to new packet API | ||
1775 | |||
1776 | with & ok markus@ | ||
1777 | |||
1778 | OpenBSD-Commit-ID: 4e3893937bae66416e984b282d8f0f800aafd802 | ||
1779 | |||
1780 | commit ed1df7226caf3a943a36d580d4d4e9275f8a61ee | ||
1781 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1782 | Date: Sat Jan 19 21:34:45 2019 +0000 | ||
1783 | |||
1784 | upstream: convert sshconnect2.c to new packet API | ||
1785 | |||
1786 | with & ok markus@ | ||
1787 | |||
1788 | OpenBSD-Commit-ID: 1cb869e0d6e03539f943235641ea070cae2ebc58 | ||
1789 | |||
1790 | commit 23f22a4aaa923c61ec49a99ebaa383656e87fa40 | ||
1791 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1792 | Date: Sat Jan 19 21:33:57 2019 +0000 | ||
1793 | |||
1794 | upstream: convert clientloop.c to new packet API | ||
1795 | |||
1796 | with & ok markus@ | ||
1797 | |||
1798 | OpenBSD-Commit-ID: 497b36500191f452a22abf283aa8d4a9abaee7fa | ||
1799 | |||
1800 | commit ad60b1179c9682ca5aef0b346f99ef68cbbbc4e5 | ||
1801 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1802 | Date: Sat Jan 19 21:33:13 2019 +0000 | ||
1803 | |||
1804 | upstream: allow sshpkt_fatal() to take a varargs format; we'll | ||
1805 | |||
1806 | use this to give packet-related fatal error messages more context (esp. the | ||
1807 | remote endpoint) ok markus@ | ||
1808 | |||
1809 | OpenBSD-Commit-ID: de57211f9543426b515a8a10a4f481666b2b2a50 | ||
1810 | |||
1811 | commit 0fa174ebe129f3d0aeaf4e2d1dd8de745870d0ff | ||
1812 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1813 | Date: Sat Jan 19 21:31:32 2019 +0000 | ||
1814 | |||
1815 | upstream: begin landing remaining refactoring of packet parsing | ||
1816 | |||
1817 | API, started almost exactly six years ago. | ||
1818 | |||
1819 | This change stops including the old packet_* API by default and makes | ||
1820 | each file that requires the old API include it explicitly. We will | ||
1821 | commit file-by-file refactoring to remove the old API in consistent | ||
1822 | steps. | ||
1823 | |||
1824 | with & ok markus@ | ||
1825 | |||
1826 | OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4 | ||
1827 | |||
1828 | commit 4ae7f80dfd02f2bde912a67c9f338f61e90fa79f | ||
1829 | Author: tb@openbsd.org <tb@openbsd.org> | ||
1830 | Date: Sat Jan 19 04:15:56 2019 +0000 | ||
1831 | |||
1832 | upstream: Print an \r in front of the password prompt so parts of | ||
1833 | |||
1834 | a password that was entered too early are likely clobbered by the prompt. | ||
1835 | Idea from doas. | ||
1836 | |||
1837 | from and ok djm | ||
1838 | "i like it" deraadt | ||
1839 | |||
1840 | OpenBSD-Commit-ID: 5fb97c68df6d8b09ab37f77bca1d84d799c4084e | ||
1841 | |||
1842 | commit a6258e5dc314c7d504ac9f0fbc3be96475581dbe | ||
1843 | Author: Darren Tucker <dtucker@dtucker.net> | ||
1844 | Date: Fri Jan 18 11:09:01 2019 +1100 | ||
1845 | |||
1846 | Add minimal fchownat and fchmodat implementations. | ||
1847 | |||
1848 | Fixes builds on at least OS X Lion, NetBSD 6 and Solaris 10. | ||
1849 | |||
1850 | commit 091093d25802b87d3b2b09f2c88d9f33e1ae5562 | ||
1851 | Author: Darren Tucker <dtucker@dtucker.net> | ||
1852 | Date: Fri Jan 18 12:11:42 2019 +1300 | ||
1853 | |||
1854 | Add a minimal implementation of utimensat(). | ||
1855 | |||
1856 | Some systems (eg older OS X) do not have utimensat, so provide minimal | ||
1857 | implementation in compat layer. Fixes build on at least El Capitan. | ||
1858 | |||
1859 | commit 609644027dde1f82213699cb6599e584c7efcb75 | ||
1860 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1861 | Date: Tue Jan 1 22:20:16 2019 +0000 | ||
1862 | |||
1863 | upstream: regress bits for banner processing refactor (this test was | ||
1864 | |||
1865 | depending on ssh returning a particular error message for banner parsing | ||
1866 | failure) | ||
1867 | |||
1868 | reminded by bluhm@ | ||
1869 | |||
1870 | OpenBSD-Regress-ID: f24fc303d40931157431df589b386abf5e1be575 | ||
1871 | |||
1872 | commit f47d72ddad75b93d3cbc781718b0fa9046c03df8 | ||
1873 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1874 | Date: Thu Jan 17 04:45:09 2019 +0000 | ||
1875 | |||
1876 | upstream: tun_fwd_ifnames variable should b | ||
1877 | |||
1878 | =?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?= | ||
1879 | MIME-Version: 1.0 | ||
1880 | Content-Type: text/plain; charset=UTF-8 | ||
1881 | Content-Transfer-Encoding: 8bit | ||
1882 | |||
1883 | OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271 | ||
1884 | |||
1885 | commit 943d0965263cae1c080ce5a9d0b5aa341885e55d | ||
1886 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1887 | Date: Thu Jan 17 04:20:53 2019 +0000 | ||
1888 | |||
1889 | upstream: include time.h for time(3)/nanosleep(2); from Ian | ||
1890 | |||
1891 | McKellar | ||
1892 | |||
1893 | OpenBSD-Commit-ID: 6412ccd06a88f65b207a1089345f51fa1244ea51 | ||
1894 | |||
1895 | commit dbb4dec6d5d671b5e9d67ef02162a610ad052068 | ||
1896 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1897 | Date: Thu Jan 17 01:50:24 2019 +0000 | ||
1898 | |||
1899 | upstream: many of the global variables in this file can be made static; | ||
1900 | |||
1901 | patch from Markus Schmidt | ||
1902 | |||
1903 | OpenBSD-Commit-ID: f3db619f67beb53257b21bac0e92b4fb7d5d5737 | ||
1904 | |||
1905 | commit 60d8c84e0887514c99c9ce071965fafaa1c3d34a | ||
1906 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1907 | Date: Wed Jan 16 23:23:45 2019 +0000 | ||
1908 | |||
1909 | upstream: Add "-h" flag to sftp chown/chgrp/chmod commands to | ||
1910 | |||
1911 | request they do not follow symlinks. Requires recently-committed | ||
1912 | lsetstat@openssh.com extension on the server side. | ||
1913 | |||
1914 | ok markus@ dtucker@ | ||
1915 | |||
1916 | OpenBSD-Commit-ID: f93bb3f6f7eb2fb7ef1e59126e72714f1626d604 | ||
1917 | |||
1918 | commit dbbc7e0eab7262f34b8e0cd6efecd1c77b905ed0 | ||
1919 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1920 | Date: Wed Jan 16 23:22:10 2019 +0000 | ||
1921 | |||
1922 | upstream: add support for a "lsetstat@openssh.com" extension. This | ||
1923 | |||
1924 | replicates the functionality of the existing SSH2_FXP_SETSTAT operation but | ||
1925 | does not follow symlinks. Based on a patch from Bert Haverkamp in bz#2067 but | ||
1926 | with more attribute modifications supported. | ||
1927 | |||
1928 | ok markus@ dtucker@ | ||
1929 | |||
1930 | OpenBSD-Commit-ID: f7234f6e90db19655d55d936a115ee4ccb6aaf80 | ||
1931 | |||
1932 | commit 4a526941d328fc3d97068c6a4cbd9b71b70fe5e1 | ||
1933 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1934 | Date: Fri Jan 4 03:27:50 2019 +0000 | ||
1935 | |||
1936 | upstream: eliminate function-static attempt counters for | ||
1937 | |||
1938 | passwd/kbdint authmethods by moving them to the client authctxt; Patch from | ||
1939 | Markus Schmidt, ok markus@ | ||
1940 | |||
1941 | OpenBSD-Commit-ID: 4df4404a5d5416eb056f68e0e2f4fa91ba3b3f7f | ||
1942 | |||
1943 | commit 8a8183474c41bd6cebaa917346b549af2239ba2f | ||
1944 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1945 | Date: Fri Jan 4 03:23:00 2019 +0000 | ||
1946 | |||
1947 | upstream: fix memory leak of ciphercontext when rekeying; bz#2942 | ||
1948 | |||
1949 | Patch from Markus Schmidt; ok markus@ | ||
1950 | |||
1951 | OpenBSD-Commit-ID: 7877f1b82e249986f1ef98d0ae76ce987d332bdd | ||
1952 | |||
1953 | commit 5bed70afce0907b6217418d0655724c99b683d93 | ||
1954 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1955 | Date: Tue Jan 1 23:10:53 2019 +0000 | ||
1956 | |||
1957 | upstream: static on global vars, const on handler tables that contain | ||
1958 | |||
1959 | function pointers; from Mike Frysinger | ||
1960 | |||
1961 | OpenBSD-Commit-ID: 7ef2305e50d3caa6326286db43cf2cfaf03960e0 | ||
1962 | |||
1963 | commit 007a88b48c97d092ed2f501bbdcb70d9925277be | ||
1964 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1965 | Date: Thu Dec 27 23:02:11 2018 +0000 | ||
1966 | |||
1967 | upstream: Request RSA-SHA2 signatures for | ||
1968 | |||
1969 | rsa-sha2-{256|512}-cert-v01@openssh.com cert algorithms; ok markus@ | ||
1970 | |||
1971 | OpenBSD-Commit-ID: afc6f7ca216ccd821656d1c911d2a3deed685033 | ||
1972 | |||
1973 | commit eb347d086c35428c47fe52b34588cbbc9b49d9a6 | ||
1974 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1975 | Date: Thu Dec 27 03:37:49 2018 +0000 | ||
1976 | |||
1977 | upstream: ssh_packet_set_state() now frees ssh->kex implicitly, so | ||
1978 | |||
1979 | don't do explicit kex_free() beforehand | ||
1980 | |||
1981 | OpenBSD-Regress-ID: f2f73bad47f62a2040ccba0a72cadcb12eda49cf | ||
1982 | |||
1983 | commit bb542f0cf6f7511a22a08c492861e256a82376a9 | ||
1984 | Author: tedu@openbsd.org <tedu@openbsd.org> | ||
1985 | Date: Sat Dec 15 00:50:21 2018 +0000 | ||
1986 | |||
1987 | upstream: remove unused and problematic sudo clean. ok espie | ||
1988 | |||
1989 | OpenBSD-Regress-ID: ca90c20a15a85b661e13e98b80c10e65cd662f7b | ||
1990 | |||
1991 | commit 0a843d9a0e805f14653a555f5c7a8ba99d62c12d | ||
1992 | Author: djm@openbsd.org <djm@openbsd.org> | ||
1993 | Date: Thu Dec 27 03:25:24 2018 +0000 | ||
1994 | |||
1995 | upstream: move client/server SSH-* banners to buffers under | ||
1996 | |||
1997 | ssh->kex and factor out the banner exchange. This eliminates some common code | ||
1998 | from the client and server. | ||
1999 | |||
2000 | Also be more strict about handling \r characters - these should only | ||
2001 | be accepted immediately before \n (pointed out by Jann Horn). | ||
2002 | |||
2003 | Inspired by a patch from Markus Schmidt. | ||
2004 | (lots of) feedback and ok markus@ | ||
2005 | |||
2006 | OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b | ||
2007 | |||
2008 | commit 434b587afe41c19391821e7392005068fda76248 | ||
2009 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2010 | Date: Fri Dec 7 04:36:09 2018 +0000 | ||
2011 | |||
2012 | upstream: Fix calculation of initial bandwidth limits. Account for | ||
2013 | |||
2014 | written bytes before the initial timer check so that the first buffer written | ||
2015 | is accounted. Set the threshold after which the timer is checked such that | ||
2016 | the limit starts being computed as soon as possible, ie after the second | ||
2017 | buffer is written. This prevents an initial burst of traffic and provides a | ||
2018 | more accurate bandwidth limit. bz#2927, ok djm. | ||
2019 | |||
2020 | OpenBSD-Commit-ID: ff3ef76e4e43040ec198c2718d5682c36b255cb6 | ||
2021 | |||
2022 | commit a6a0788cbbe8dfce2819ee43b09c80725742e21c | ||
2023 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2024 | Date: Fri Dec 7 03:39:40 2018 +0000 | ||
2025 | |||
2026 | upstream: only consider the ext-info-c extension during the initial | ||
2027 | |||
2028 | KEX. It shouldn't be sent in subsequent ones, but if it is present we should | ||
2029 | ignore it. | ||
2030 | |||
2031 | This prevents sshd from sending a SSH_MSG_EXT_INFO for REKEX for buggy | ||
2032 | these clients. Reported by Jakub Jelen via bz2929; ok dtucker@ | ||
2033 | |||
2034 | OpenBSD-Commit-ID: 91564118547f7807030ec537480303e2371902f9 | ||
2035 | |||
2036 | commit 63bba57a32c5bb6158d57cf4c47022daf89c14a0 | ||
2037 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2038 | Date: Fri Dec 7 03:33:18 2018 +0000 | ||
2039 | |||
2040 | upstream: fix option letter pasto in previous | ||
2041 | |||
2042 | OpenBSD-Commit-ID: e26c8bf2f2a808f3c47960e1e490d2990167ec39 | ||
2043 | |||
2044 | commit 737e4edd82406595815efadc28ed5161b8b0c01a | ||
2045 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2046 | Date: Fri Dec 7 03:32:26 2018 +0000 | ||
2047 | |||
2048 | upstream: mention that the ssh-keygen -F (find host in | ||
2049 | |||
2050 | authorized_keys) and -R (remove host from authorized_keys) options may accept | ||
2051 | either a bare hostname or a [hostname]:port combo. bz#2935 | ||
2052 | |||
2053 | OpenBSD-Commit-ID: 5535cf4ce78375968b0d2cd7aa316fa3eb176780 | ||
2054 | |||
2055 | commit 8a22ffaa13391cfe5b40316d938fe0fb931e9296 | ||
2056 | Author: Damien Miller <djm@mindrot.org> | ||
2057 | Date: Fri Dec 7 15:41:16 2018 +1100 | ||
2058 | |||
2059 | expose $SSH_CONNECTION in the PAM environment | ||
2060 | |||
2061 | This makes the connection 4-tuple available to PAM modules that | ||
2062 | wish to use it in decision-making. bz#2741 | ||
2063 | |||
2064 | commit a784fa8c7a7b084d63bae82ccfea902131bb45c5 | ||
2065 | Author: Kevin Adler <kadler@us.ibm.com> | ||
2066 | Date: Wed Dec 12 22:12:45 2018 -0600 | ||
2067 | |||
2068 | Don't pass loginmsg by address now that it's an sshbuf* | ||
2069 | |||
2070 | In 120a1ec74, loginmsg was changed from the legacy Buffer type | ||
2071 | to struct sshbuf*, but it missed changing calls to | ||
2072 | sys_auth_allowed_user and sys_auth_record_login which passed | ||
2073 | loginmsg by address. Now that it's a pointer, just pass it directly. | ||
2074 | |||
2075 | This only affects AIX, unless there are out of tree users. | ||
2076 | |||
2077 | commit 285310b897969a63ef224d39e7cc2b7316d86940 | ||
2078 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2079 | Date: Fri Dec 7 02:31:20 2018 +0000 | ||
2080 | |||
2081 | upstream: no need to allocate channels_pre/channels_post in | ||
2082 | |||
2083 | channel_init_channels() as we do it anyway in channel_handler_init() that we | ||
2084 | call at the end of the function. Fix from Markus Schmidt via bz#2938 | ||
2085 | |||
2086 | OpenBSD-Commit-ID: 74893638af49e3734f1e33a54af1b7ea533373ed | ||
2087 | |||
2088 | commit 87d6cf1cbc91df6815db8fe0acc7c910bc3d18e4 | ||
2089 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2090 | Date: Fri Nov 30 02:24:52 2018 +0000 | ||
2091 | |||
2092 | upstream: don't attempt to connect to empty SSH_AUTH_SOCK; bz#293 | ||
2093 | |||
2094 | OpenBSD-Commit-ID: 0e8fc8f19f14b21adef7109e0faa583d87c0e929 | ||
2095 | |||
2096 | commit 91b19198c3f604f5eef2c56dbe36f29478243141 | ||
2097 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2098 | Date: Wed Nov 28 06:00:38 2018 +0000 | ||
2099 | |||
2100 | upstream: don't truncate user or host name in "user@host's | ||
2101 | |||
2102 | OpenBSD-Commit-ID: e6ca01a8d58004b7f2cac0b1b7ce8f87e425e360 | ||
2103 | |||
2104 | commit dd0cf6318d9b4b3533bda1e3bc021b2cd7246b7a | ||
2105 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
2106 | Date: Fri Nov 23 06:58:28 2018 +0000 | ||
2107 | |||
2108 | upstream: tweak previous; | ||
2109 | |||
2110 | OpenBSD-Commit-ID: 08f096922eb00c98251501c193ff9e83fbb5de4f | ||
2111 | |||
2112 | commit 8a85f5458d1c802471ca899c97f89946f6666e61 | ||
2113 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2114 | Date: Sun Nov 25 21:44:05 2018 +1100 | ||
2115 | |||
2116 | Include stdio.h for FILE if needed. | ||
2117 | |||
2118 | commit 16fb23f25454991272bfe4598cc05d20fcd25116 | ||
2119 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2120 | Date: Sun Nov 25 14:05:57 2018 +1100 | ||
2121 | |||
2122 | Reverse order of OpenSSL init functions. | ||
2123 | |||
2124 | Try the new init function (OPENSSL_init_crypto) before falling back to | ||
2125 | the old one (OpenSSL_add_all_algorithms). | ||
2126 | |||
2127 | commit 98f878d2272bf8dff21f2a0265d963c29e33fed2 | ||
2128 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2129 | Date: Sun Nov 25 14:05:08 2018 +1100 | ||
2130 | |||
2131 | Improve OpenSSL_add_all_algorithms check. | ||
2132 | |||
2133 | OpenSSL_add_all_algorithms() may be a macro so check for that too. | ||
2134 | |||
2135 | commit 9e34e0c59ab04514f9de9934a772283f7f372afe | ||
2136 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2137 | Date: Fri Nov 23 05:08:07 2018 +0000 | ||
2138 | |||
2139 | upstream: add a ssh_config "Match final" predicate | ||
2140 | |||
2141 | Matches in same pass as "Match canonical" but doesn't require | ||
2142 | hostname canonicalisation be enabled. bz#2906 ok markus | ||
2143 | |||
2144 | OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa | ||
2145 | |||
2146 | commit 4da58d58736b065b1182b563d10ad6765d811c6d | ||
2147 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2148 | Date: Fri Nov 23 02:53:57 2018 +0000 | ||
2149 | |||
2150 | upstream: Remove now-unneeded ifdef SIGINFO around handler since it is | ||
2151 | |||
2152 | now always used for SIGUSR1 even when SIGINFO is not defined. This will make | ||
2153 | things simpler in -portable. | ||
2154 | |||
2155 | OpenBSD-Regress-ID: 4ff0265b335820b0646d37beb93f036ded0dc43f | ||
2156 | |||
2157 | commit c721d5877509875c8515df0215fa1dab862013bc | ||
2158 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2159 | Date: Fri Nov 23 14:11:20 2018 +1100 | ||
2160 | |||
2161 | Move RANDOM_SEED_SIZE outside ifdef. | ||
2162 | |||
2163 | RANDOM_SEED_SIZE is used by both the OpenSSL and non-OpenSSL code | ||
2164 | This fixes the build with configureed --without-openssl. | ||
2165 | |||
2166 | commit deb51552c3ce7ce72c8d0232e4f36f2e7c118c7d | ||
2167 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2168 | Date: Thu Nov 22 19:59:28 2018 +1100 | ||
2169 | |||
2170 | Resync with OpenBSD by pulling in an ifdef SIGINFO. | ||
2171 | |||
2172 | commit 28c7b2cd050f4416bfcf3869a20e3ea138aa52fe | ||
2173 | Author: Damien Miller <djm@mindrot.org> | ||
2174 | Date: Fri Nov 23 10:45:20 2018 +1100 | ||
2175 | |||
2176 | fix configure test for OpenSSL version | ||
2177 | |||
2178 | square brackets in case statements may be eaten by autoconf. | ||
2179 | |||
2180 | Report and fix from Filipp Gunbin; tweaked by naddy@ | ||
2181 | |||
2182 | commit 42c5ec4b97b6a1bae70f323952d0646af16ce710 | ||
2183 | Author: Damien Miller <djm@mindrot.org> | ||
2184 | Date: Fri Nov 23 10:40:06 2018 +1100 | ||
2185 | |||
2186 | refactor libcrypto initialisation | ||
2187 | |||
2188 | Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually | ||
2189 | supports it. | ||
2190 | |||
2191 | Move all libcrypto initialisation to a single function, and call that | ||
2192 | from seed_rng() that is called early in each tool's main(). | ||
2193 | |||
2194 | Prompted by patch from Rosen Penev | ||
2195 | |||
2196 | commit 5b60b6c02009547a3e2a99d4886965de2a4719da | ||
2197 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2198 | Date: Thu Nov 22 08:59:11 2018 +0000 | ||
2199 | |||
2200 | upstream: Output info on SIGUSR1 as well as | ||
2201 | |||
2202 | SIGINFO to resync with portable. (ID sync only). | ||
2203 | |||
2204 | OpenBSD-Regress-ID: 699d153e2de22dce51a1b270c40a98472d1a1b16 | ||
2205 | |||
2206 | commit e4ae345dc75b34fd870c2e8690d831d2c1088eb7 | ||
2207 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2208 | Date: Thu Nov 22 08:48:32 2018 +0000 | ||
2209 | |||
2210 | upstream: Append pid to temp files in /var/run and set a cleanup | ||
2211 | |||
2212 | trap for them. This allows multiple instances of tests to run without | ||
2213 | colliding. | ||
2214 | |||
2215 | OpenBSD-Regress-ID: 57add105ecdfc54752d8003acdd99eb68c3e0b4c | ||
2216 | |||
2217 | commit f72d0f52effca5aa20a193217346615ecd3eed53 | ||
2218 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2219 | Date: Wed Oct 31 11:09:27 2018 +0000 | ||
2220 | |||
2221 | upstream: UsePrivilegeSeparation no is deprecated | ||
2222 | |||
2223 | test "yes" and "sandbox". | ||
2224 | |||
2225 | OpenBSD-Regress-ID: 80e685ed8990766527dc629b1affc09a75bfe2da | ||
2226 | |||
2227 | commit 35d0e5fefc419bddcbe09d7fc163d8cd3417125b | ||
2228 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2229 | Date: Wed Oct 17 23:28:05 2018 +0000 | ||
2230 | |||
2231 | upstream: add some knobs: | ||
2232 | |||
2233 | UNITTEST_FAST?= no # Skip slow tests (e.g. less intensive fuzzing). | ||
2234 | UNITTEST_SLOW?= no # Include slower tests (e.g. more intensive fuzzing). | ||
2235 | UNITTEST_VERBOSE?= no # Verbose test output (inc. per-test names). | ||
2236 | |||
2237 | useful if you want to run the tests as a smoke test to exercise the | ||
2238 | functionality without waiting for all the fuzzers to run. | ||
2239 | |||
2240 | OpenBSD-Regress-ID: e04d82ebec86068198cd903acf1c67563c57315e | ||
2241 | |||
2242 | commit c1941293d9422a14dda372b4c21895e72aa7a063 | ||
2243 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2244 | Date: Thu Nov 22 15:52:26 2018 +1100 | ||
2245 | |||
2246 | Resync Makefile.inc with upstream. | ||
2247 | |||
2248 | It's unused in -portable, but having it out of sync makes other syncs | ||
2249 | fail to apply. | ||
2250 | |||
2251 | commit 928f1231f65f88cd4c73e6e0edd63d2cf6295d77 | ||
2252 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2253 | Date: Mon Nov 19 04:12:32 2018 +0000 | ||
2254 | |||
2255 | upstream: silence (to log level debug2) failure messages when | ||
2256 | |||
2257 | loading the default hostkeys. Hostkeys explicitly specified in the | ||
2258 | configuration or on the command-line are still reported as errors, and | ||
2259 | failure to load at least one host key remains a fatal error. | ||
2260 | MIME-Version: 1.0 | ||
2261 | Content-Type: text/plain; charset=UTF-8 | ||
2262 | Content-Transfer-Encoding: 8bit | ||
2263 | |||
2264 | Based on patch from Dag-Erling Smørgrav via | ||
2265 | https://github.com/openssh/openssh-portable/pull/103 | ||
2266 | |||
2267 | ok markus@ | ||
2268 | |||
2269 | OpenBSD-Commit-ID: ffc2e35a75d1008effaf05a5e27425041c27b684 | ||
2270 | |||
2271 | commit 7fca94edbe8ca9f879da9fdd2afd959c4180f4c7 | ||
2272 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2273 | Date: Sun Nov 18 22:43:29 2018 +0000 | ||
2274 | |||
2275 | upstream: Fix inverted logic for redirecting ProxyCommand stderr to | ||
2276 | |||
2277 | /dev/null. Fixes mosh in proxycommand mode that was broken by the previous | ||
2278 | ProxyCommand change that was reported by matthieu@. ok djm@ danj@ | ||
2279 | |||
2280 | OpenBSD-Commit-ID: c6fc9641bc250221a0a81c6beb2e72d603f8add6 | ||
2281 | |||
2282 | commit ccef7c4faf914993b53035cd2b25ce02ab039c9d | ||
2283 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2284 | Date: Fri Nov 16 06:17:38 2018 +0000 | ||
2285 | |||
2286 | upstream: redirect stderr of ProxyCommands to /dev/null when ssh is | ||
2287 | |||
2288 | started with ControlPersist; based on patch from Steffen Prohaska | ||
2289 | |||
2290 | OpenBSD-Commit-ID: 1bcaa14a03ae80369d31021271ec75dce2597957 | ||
2291 | |||
2292 | commit 15182fd96845a03216d7ac5a2cf31c4e77e406e3 | ||
2293 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2294 | Date: Fri Nov 16 06:10:29 2018 +0000 | ||
2295 | |||
2296 | upstream: make grandparent-parent-child sshbuf chains robust to | ||
2297 | |||
2298 | use-after-free faults if the ancestors are freed before the descendents. | ||
2299 | Nothing in OpenSSH uses this deallocation pattern. Reported by Jann Horn | ||
2300 | |||
2301 | OpenBSD-Commit-ID: d93501d1d2734245aac802a252b9bb2eccdba0f2 | ||
2302 | |||
2303 | commit 2a35862e664afde774d4a72497d394fe7306ccb5 | ||
2304 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2305 | Date: Fri Nov 16 03:26:01 2018 +0000 | ||
2306 | |||
2307 | upstream: use path_absolute() for pathname checks; from Manoj Ampalam | ||
2308 | |||
2309 | OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925 | ||
2310 | |||
2311 | commit d0d1dfa55be1c5c0d77ab3096b198a64235f936d | ||
2312 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2313 | Date: Fri Nov 16 14:11:44 2018 +1100 | ||
2314 | |||
2315 | Test for OPENSSL_init_crypto before using. | ||
2316 | |||
2317 | Check for the presence of OPENSSL_init_crypto and all the flags we want | ||
2318 | before trying to use it (bz#2931). | ||
2319 | |||
2320 | commit 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 | ||
2321 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2322 | Date: Fri Nov 16 03:03:10 2018 +0000 | ||
2323 | |||
2324 | upstream: disallow empty incoming filename or ones that refer to the | ||
2325 | |||
2326 | current directory; based on report/patch from Harry Sintonen | ||
2327 | |||
2328 | OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 | ||
2329 | |||
2330 | commit aaed635e3a401cfcc4cc97f33788179c458901c3 | ||
2331 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2332 | Date: Fri Nov 16 02:46:20 2018 +0000 | ||
2333 | |||
2334 | upstream: fix bug in client that was keeping a redundant ssh-agent | ||
2335 | |||
2336 | socket around for the life of the connection; bz#2912; reported by Simon | ||
2337 | Tatham; ok dtucker@ | ||
2338 | |||
2339 | OpenBSD-Commit-ID: 4ded588301183d343dce3e8c5fc1398e35058478 | ||
2340 | |||
2341 | commit e76135e3007f1564427b2956c628923d8dc2f75a | ||
2342 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2343 | Date: Fri Nov 16 02:43:56 2018 +0000 | ||
2344 | |||
2345 | upstream: fix bug in HostbasedAcceptedKeyTypes and | ||
2346 | |||
2347 | PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types were | ||
2348 | specified, then authentication would always fail for RSA keys as the monitor | ||
2349 | checks only the base key (not the signature algorithm) type against | ||
2350 | *AcceptedKeyTypes. bz#2746; reported by Jakub Jelen; ok dtucker | ||
2351 | |||
2352 | OpenBSD-Commit-ID: 117bc3dc54578dbdb515a1d3732988cb5b00461b | ||
2353 | |||
2354 | commit 5c1a63562cac0574c226224075b0829a50b48c9d | ||
2355 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2356 | Date: Fri Nov 16 02:30:20 2018 +0000 | ||
2357 | |||
2358 | upstream: support a prefix of '@' to suppress echo of sftp batch | ||
2359 | |||
2360 | commands; bz#2926; ok dtucker@ | ||
2361 | |||
2362 | OpenBSD-Commit-ID: 9d635636bc84aeae796467e059f7634de990a79d | ||
2363 | |||
2364 | commit 90ef45f7aac33eaf55ec344e101548a01e570f29 | ||
2365 | Author: schwarze@openbsd.org <schwarze@openbsd.org> | ||
2366 | Date: Tue Nov 13 07:22:45 2018 +0000 | ||
2367 | |||
2368 | upstream: fix markup error (missing blank before delimiter); from | ||
2369 | |||
2370 | Mike Frysinger <vapier at gentoo dot org> | ||
2371 | |||
2372 | OpenBSD-Commit-ID: 1bc5392f795ca86318d695e0947eaf71a5a4f6d9 | ||
2373 | |||
2374 | commit 960e7c672dc106f3b759c081de3edb4d1138b36e | ||
2375 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2376 | Date: Fri Nov 9 02:57:58 2018 +0000 | ||
2377 | |||
2378 | upstream: typo in error message; caught by Debian lintian, via | ||
2379 | |||
2380 | Colin Watson | ||
2381 | |||
2382 | OpenBSD-Commit-ID: bff614c7bd1f4ca491a84e9b5999f848d0d66758 | ||
2383 | |||
2384 | commit 81f1620c836e6c79c0823ba44acca605226a80f1 | ||
2385 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2386 | Date: Fri Nov 9 02:56:22 2018 +0000 | ||
2387 | |||
2388 | upstream: correct local variable name; from yawang AT microsoft.com | ||
2389 | |||
2390 | OpenBSD-Commit-ID: a0c228390856a215bb66319c89cb3959d3af8c87 | ||
2391 | |||
2392 | commit 1293740e800fa2e5ccd38842a2e4970c6f3b9831 | ||
2393 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
2394 | Date: Wed Oct 31 11:20:05 2018 +0000 | ||
2395 | |||
2396 | upstream: Import new moduli. | ||
2397 | |||
2398 | OpenBSD-Commit-ID: c07772f58028fda683ee6abd41c73da3ff70d403 | ||
2399 | |||
2400 | commit 46925ae28e53fc9add336a4fcdb7ed4b86c3591c | ||
2401 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2402 | Date: Fri Oct 26 01:23:03 2018 +0000 | ||
2403 | |||
2404 | upstream: mention ssh-ed25519-cert-v01@openssh.com in list of cert | ||
2405 | |||
2406 | key type at start of doc | ||
2407 | |||
2408 | OpenBSD-Commit-ID: b46b0149256d67f05f2d5d01e160634ed1a67324 | ||
2409 | |||
2410 | commit 8d8340e2c215155637fe19cb1a837f71b2d55f7b | ||
2411 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2412 | Date: Fri Nov 16 13:32:13 2018 +1100 | ||
2413 | |||
2414 | Remove fallback check for /usr/local/ssl. | ||
2415 | |||
2416 | If configure could not find a working OpenSSL installation it would | ||
2417 | fall back to checking in /usr/local/ssl. This made sense back when | ||
2418 | systems did not ship with OpenSSL, but most do and OpenSSL 1.1 doesn't | ||
2419 | use that as a default any more. The fallback behaviour also meant | ||
2420 | that if you pointed --with-ssl-dir at a specific directory and it | ||
2421 | didn't work, it would silently use either the system libs or the ones | ||
2422 | in /usr/local/ssl. If you want to use /usr/local/ssl you'll need to | ||
2423 | pass configure --with-ssl-dir=/usr/local/ssl. ok djm@ | ||
2424 | |||
2425 | commit ce93472134fb22eff73edbcd173a21ae38889331 | ||
2426 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2427 | Date: Fri Nov 16 12:44:01 2018 +1100 | ||
2428 | |||
2429 | Fix check for OpenSSL 1.0.1 exactly. | ||
2430 | |||
2431 | Both INSTALL and configure.ac claim OpenSSL >= 1.0.1 is supported; fix | ||
2432 | compile-time check for 1.0.1 to match. | ||
2433 | |||
2434 | commit f2970868f86161a22b2c377057fa3891863a692a | ||
2435 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2436 | Date: Sun Nov 11 15:58:20 2018 +1100 | ||
2437 | |||
2438 | Improve warnings in cygwin service setup. | ||
2439 | |||
2440 | bz#2922, patch from vinschen at redhat.com. | ||
2441 | |||
2442 | commit bd2d54fc1eee84bf87158a1277a50e6c8a303339 | ||
2443 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2444 | Date: Sun Nov 11 15:54:54 2018 +1100 | ||
2445 | |||
2446 | Remove hardcoded service name in cygwin setup. | ||
2447 | |||
2448 | bz#2922, patch from Christian.Lupien at USherbrooke.ca, sanity check | ||
2449 | by vinschen at redhat.com. | ||
2450 | |||
2451 | commit d0153c77bf7964e694f1d26c56c41a571b8e9466 | ||
2452 | Author: Dag-Erling Smørgrav <des@des.no> | ||
2453 | Date: Tue Oct 9 23:03:40 2018 +0200 | ||
2454 | |||
2455 | AC_CHECK_SIZEOF() no longer needs a second argument. | ||
2456 | |||
2457 | commit 9b47b083ca9d866249ada9f02dbd57c87b13806e | ||
2458 | Author: Manoj Ampalam <manojamp@microsoft.com> | ||
2459 | Date: Thu Nov 8 22:41:59 2018 -0800 | ||
2460 | |||
2461 | Fix error message w/out nistp521. | ||
2462 | |||
2463 | Correct error message when OpenSSL doesn't support certain ECDSA key | ||
2464 | lengths. | ||
2465 | |||
2466 | commit 624d19ac2d56fa86a22417c35536caceb3be346f | ||
2467 | Author: Eneas U de Queiroz <cote2004-github@yahoo.com> | ||
2468 | Date: Tue Oct 9 16:17:42 2018 -0300 | ||
2469 | |||
2470 | fix compilation with openssl built without ECC | ||
2471 | |||
2472 | ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be | ||
2473 | guarded by OPENSSL_HAS_ECC | ||
2474 | |||
2475 | Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> | ||
2476 | |||
2477 | commit 1801cd11d99d05a66ab5248c0555f55909a355ce | ||
2478 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2479 | Date: Thu Nov 8 15:03:11 2018 +1100 | ||
2480 | |||
2481 | Simplify OpenSSL 1.1 function checks. | ||
2482 | |||
2483 | Replace AC_SEARCH_LIBS checks for OpenSSL 1.1 functions with a single | ||
2484 | AC_CHECK_FUNCS. ok djm@ | ||
2485 | |||
2486 | commit bc32f118d484e4d71d2a0828fd4eab7e4176c9af | ||
2487 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2488 | Date: Mon Nov 5 17:31:24 2018 +1100 | ||
2489 | |||
2490 | Fix pasto for HAVE_EVP_CIPHER_CTX_SET_IV. | ||
2491 | |||
2492 | Prevents unnecessary redefinition. Patch from mforney at mforney.org. | ||
2493 | |||
2494 | commit 3719df60c66abc4b47200d41f571d67772f293ba | ||
2495 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2496 | Date: Wed Oct 31 22:21:03 2018 +1100 | ||
2497 | |||
2498 | Import new moduli. | ||
2499 | |||
2500 | commit 595605d4abede475339d6a1f07a8cc674c11d1c3 | ||
2501 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2502 | Date: Sun Oct 28 15:18:13 2018 +1100 | ||
2503 | |||
2504 | Update check for minimum OpenSSL version. | ||
2505 | |||
2506 | commit 6ab75aba340d827140d7ba719787aabaf39a0355 | ||
2507 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2508 | Date: Sun Oct 28 15:16:31 2018 +1100 | ||
2509 | |||
2510 | Update required OpenSSL versions to match current. | ||
2511 | |||
2512 | commit c801b0e38eae99427f37869370151b78f8e15c5d | ||
2513 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2514 | Date: Sun Oct 28 14:34:12 2018 +1100 | ||
2515 | |||
2516 | Use detected version functions in openssl compat. | ||
2517 | |||
2518 | Use detected functions in compat layer instead of guessing based on | ||
2519 | versions. Really fixes builds with LibreSSL, not just configure. | ||
2520 | |||
2521 | commit 262d81a259d4aa1507c709ec9d5caa21c7740722 | ||
2522 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2523 | Date: Sat Oct 27 16:45:59 2018 +1100 | ||
2524 | |||
2525 | Check for the existence of openssl version funcs. | ||
2526 | |||
2527 | Check for the existence of openssl version functions and use the ones | ||
2528 | detected instead of trying to guess based on the int32 version | ||
2529 | identifier. Fixes builds with LibreSSL. | ||
2530 | |||
2531 | commit 406a24b25d6a2bdd70cacd16de7e899dcb2a8829 | ||
2532 | Author: Damien Miller <djm@mindrot.org> | ||
2533 | Date: Fri Oct 26 13:43:28 2018 +1100 | ||
2534 | |||
2535 | fix builds on OpenSSL <= 1.0.x | ||
2536 | |||
2537 | I thought OpenSSL 1.0.x offered the new-style OpenSSL_version_num() API | ||
2538 | to obtain version number, but they don't. | ||
2539 | |||
2540 | commit 859754bdeb41373d372e36b5dc89c547453addb3 | ||
2541 | Author: Damien Miller <djm@mindrot.org> | ||
2542 | Date: Tue Oct 23 17:10:41 2018 +1100 | ||
2543 | |||
2544 | remove remaining references to SSLeay | ||
2545 | |||
2546 | Prompted by Rosen Penev | ||
2547 | |||
2548 | commit b9fea45a68946c8dfeace72ad1f6657c18f2a98a | ||
2549 | Author: Damien Miller <djm@mindrot.org> | ||
2550 | Date: Tue Oct 23 17:10:35 2018 +1100 | ||
2551 | |||
2552 | regen depend | ||
2553 | |||
2554 | commit a65784c9f9c5d00cf1a0e235090170abc8d07c73 | ||
2555 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2556 | Date: Tue Oct 23 05:56:35 2018 +0000 | ||
2557 | |||
2558 | upstream: refer to OpenSSL not SSLeay; | ||
2559 | |||
2560 | we're old, but we don't have to act it | ||
2561 | |||
2562 | OpenBSD-Commit-ID: 9ca38d11f8ed19e61a55108d1e892d696cee08ec | ||
2563 | |||
2564 | commit c0a35265907533be10ca151ac797f34ae0d68969 | ||
2565 | Author: Damien Miller <djm@mindrot.org> | ||
2566 | Date: Mon Oct 22 11:22:50 2018 +1100 | ||
2567 | |||
2568 | fix compile for openssl 1.0.x w/ --with-ssl-engine | ||
2569 | |||
2570 | bz#2921, patch from cotequeiroz | ||
2571 | |||
2572 | commit 31b49525168245abe16ad49d7b7f519786b53a38 | ||
2573 | Author: Darren Tucker <dtucker@dtucker.net> | ||
2574 | Date: Mon Oct 22 20:05:18 2018 +1100 | ||
2575 | |||
2576 | Include openssl compatibility. | ||
2577 | |||
2578 | Patch from rosenp at gmail.com via openssh-unix-dev. | ||
2579 | |||
2580 | commit a4fc253f5f44f0e4c47aafe2a17d2c46481d3c04 | ||
2581 | Author: djm@openbsd.org <djm@openbsd.org> | ||
2582 | Date: Fri Oct 19 03:12:42 2018 +0000 | ||
2583 | |||
2584 | upstream: when printing certificate contents "ssh-keygen -Lf | ||
2585 | |||
2586 | /path/certificate", include the algorithm that the CA used to sign the cert. | ||
2587 | |||
2588 | OpenBSD-Commit-ID: 1ea20b5048a851a7a0758dcb9777a211a2c0dddd | ||
2589 | |||
2590 | commit 83b3d99d2b47321b7ebb8db6f6ea04f3808bc069 | ||
2591 | Author: florian@openbsd.org <florian@openbsd.org> | ||
2592 | Date: Mon Oct 15 11:28:50 2018 +0000 | ||
2593 | |||
2594 | upstream: struct sockaddr_storage is guaranteed to be large enough, | ||
2595 | |||
2596 | no need to check the size. OK kn, deraadt | ||
2597 | |||
2598 | OpenBSD-Commit-ID: 0aa56e92eb49c79f495b31a5093109ec5841f439 | ||
2599 | |||
1 | commit aede1c34243a6f7feae2fb2cb686ade5f9be6f3d | 2600 | commit aede1c34243a6f7feae2fb2cb686ade5f9be6f3d |
2 | Author: Damien Miller <djm@mindrot.org> | 2601 | Author: Damien Miller <djm@mindrot.org> |
3 | Date: Wed Oct 17 11:01:20 2018 +1100 | 2602 | Date: Wed Oct 17 11:01:20 2018 +1100 |
@@ -7741,1966 +10340,3 @@ Date: Mon Apr 17 11:02:31 2017 +0000 | |||
7741 | -Wpointer-sign and -Wold-style-definition. | 10340 | -Wpointer-sign and -Wold-style-definition. |
7742 | 10341 | ||
7743 | Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a | 10342 | Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a |
7744 | |||
7745 | commit 4d827f0d75a53d3952288ab882efbddea7ffadfe | ||
7746 | Author: djm@openbsd.org <djm@openbsd.org> | ||
7747 | Date: Tue Apr 4 00:24:56 2017 +0000 | ||
7748 | |||
7749 | upstream commit | ||
7750 | |||
7751 | disallow creation (of empty files) in read-only mode; | ||
7752 | reported by Michal Zalewski, feedback & ok deraadt@ | ||
7753 | |||
7754 | Upstream-ID: 5d9c8f2fa8511d4ecf95322994ffe73e9283899b | ||
7755 | |||
7756 | commit ef47843af0a904a21c920e619c5aec97b65dd9ac | ||
7757 | Author: deraadt@openbsd.org <deraadt@openbsd.org> | ||
7758 | Date: Sun Mar 26 00:18:52 2017 +0000 | ||
7759 | |||
7760 | upstream commit | ||
7761 | |||
7762 | incorrect renditions of this quote bother me | ||
7763 | |||
7764 | Upstream-ID: 1662be3ebb7a71d543da088119c31d4d463a9e49 | ||
7765 | |||
7766 | commit d9048861bea842c4eba9c2dbbf97064cc2a5ef02 | ||
7767 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7768 | Date: Fri Mar 31 11:04:43 2017 +1100 | ||
7769 | |||
7770 | Check for and use gcc's -pipe. | ||
7771 | |||
7772 | Speeds up configure and build by a couple of percent. ok djm@ | ||
7773 | |||
7774 | commit 282cad2240c4fbc104c2f2df86d688192cbbe4bb | ||
7775 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7776 | Date: Wed Mar 29 16:34:44 2017 +1100 | ||
7777 | |||
7778 | Import fmt_scaled.c rev 1.16 from OpenBSD. | ||
7779 | |||
7780 | Fix overly-conservative overflow checks on mulitplications and add checks | ||
7781 | on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN | ||
7782 | will still be flagged as a range error). ok millert@ | ||
7783 | |||
7784 | commit c73a229e4edf98920f395e19fd310684fc6bb951 | ||
7785 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7786 | Date: Wed Mar 29 16:34:02 2017 +1100 | ||
7787 | |||
7788 | Import fmt_scaled.c rev 1.15 from OpenBSD. | ||
7789 | |||
7790 | Collapse underflow and overflow checks into a single block. | ||
7791 | ok djm@ millert@ | ||
7792 | |||
7793 | commit d427b73bf5a564f663d16546dbcbd84ba8b9d4af | ||
7794 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7795 | Date: Wed Mar 29 16:32:57 2017 +1100 | ||
7796 | |||
7797 | Import fmt_scaled.c rev 1.14 from OpenBSD. | ||
7798 | |||
7799 | Catch integer underflow in scan_scaled reported by Nicolas Iooss. | ||
7800 | ok deraadt@ djm@ | ||
7801 | |||
7802 | commit d13281f2964abc5f2e535e1613c77fc61b0c53e7 | ||
7803 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7804 | Date: Wed Mar 29 12:39:39 2017 +1100 | ||
7805 | |||
7806 | Don't check privsep user or path when unprivileged | ||
7807 | |||
7808 | If running with privsep (mandatory now) as a non-privileged user, we | ||
7809 | don't chroot or change to an unprivileged user however we still checked | ||
7810 | the existence of the user and directory. Don't do those checks if we're | ||
7811 | not going to use them. Based in part on a patch from Lionel Fourquaux | ||
7812 | via Corinna Vinschen, ok djm@ | ||
7813 | |||
7814 | commit f2742a481fe151e493765a3fbdef200df2ea7037 | ||
7815 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7816 | Date: Wed Mar 29 10:50:31 2017 +1100 | ||
7817 | |||
7818 | Remove SHA256 EVP wrapper implementation. | ||
7819 | |||
7820 | All supported versions of OpenSSL should now have SHA256 so remove our | ||
7821 | EVP wrapper implementaion. ok djm@ | ||
7822 | |||
7823 | commit 5346f271fc76549caf4a8e65b5fba319be422fe9 | ||
7824 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7825 | Date: Wed Mar 29 10:23:58 2017 +1100 | ||
7826 | |||
7827 | Remove check for OpenSSL < 0.9.8g. | ||
7828 | |||
7829 | We no longer support OpenSSL < 1.0.1 so remove check for unreliable ECC | ||
7830 | in OpenSSL < 0.9.8g. | ||
7831 | |||
7832 | commit 8fed0a5fe7b4e78a6810b133d8e91be9742ee0a1 | ||
7833 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7834 | Date: Wed Mar 29 10:16:15 2017 +1100 | ||
7835 | |||
7836 | Remove compat code for OpenSSL < 0.9.7. | ||
7837 | |||
7838 | Resyncs that code with OpenBSD upstream. | ||
7839 | |||
7840 | commit 608ec1f62ff22fdccc3952e51463d79c43cbd0d3 | ||
7841 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7842 | Date: Wed Mar 29 09:50:54 2017 +1100 | ||
7843 | |||
7844 | Remove SSHv1 code path. | ||
7845 | |||
7846 | Server-side support for Protocol 1 has been removed so remove !compat20 | ||
7847 | PAM code path. | ||
7848 | |||
7849 | commit 7af27bf538cbc493d609753f9a6d43168d438f1b | ||
7850 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7851 | Date: Fri Mar 24 09:44:56 2017 +1100 | ||
7852 | |||
7853 | Enable ldns when using ldns-config. | ||
7854 | |||
7855 | Actually enable ldns when attempting to use ldns-config. bz#2697, patch | ||
7856 | from fredrik at fornwall.net. | ||
7857 | |||
7858 | commit 58b8cfa2a062b72139d7229ae8de567f55776f24 | ||
7859 | Author: Damien Miller <djm@mindrot.org> | ||
7860 | Date: Wed Mar 22 12:43:02 2017 +1100 | ||
7861 | |||
7862 | Missing header on Linux/s390 | ||
7863 | |||
7864 | Patch from Jakub Jelen | ||
7865 | |||
7866 | commit 096fb65084593f9f3c1fc91b6d9052759a272a00 | ||
7867 | Author: djm@openbsd.org <djm@openbsd.org> | ||
7868 | Date: Mon Mar 20 22:08:06 2017 +0000 | ||
7869 | |||
7870 | upstream commit | ||
7871 | |||
7872 | remove /usr/bin/time calls around tests, makes diffing test | ||
7873 | runs harder. Based on patch from Mike Frysinger | ||
7874 | |||
7875 | Upstream-Regress-ID: 81c1083b14dcf473b23d2817882f40b346ebc95c | ||
7876 | |||
7877 | commit 6b853c6f8ba5eecc50f3b57af8e63f8184eb0fa6 | ||
7878 | Author: Damien Miller <djm@mindrot.org> | ||
7879 | Date: Tue Mar 21 08:47:55 2017 +1100 | ||
7880 | |||
7881 | Fix syntax error on Linux/X32 | ||
7882 | |||
7883 | Patch from Mike Frysinger | ||
7884 | |||
7885 | commit d38f05dbdd291212bc95ea80648b72b7177e9f4e | ||
7886 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7887 | Date: Mon Mar 20 13:38:27 2017 +1100 | ||
7888 | |||
7889 | Add llabs() implementation. | ||
7890 | |||
7891 | commit 72536316a219b7394996a74691a5d4ec197480f7 | ||
7892 | Author: Damien Miller <djm@mindrot.org> | ||
7893 | Date: Mon Mar 20 12:23:04 2017 +1100 | ||
7894 | |||
7895 | crank version numbers | ||
7896 | |||
7897 | commit 3be52bc36bdfd24ded7e0f46999e7db520fb4e3f | ||
7898 | Author: djm@openbsd.org <djm@openbsd.org> | ||
7899 | Date: Mon Mar 20 01:18:59 2017 +0000 | ||
7900 | |||
7901 | upstream commit | ||
7902 | |||
7903 | openssh-7.5 | ||
7904 | |||
7905 | Upstream-ID: b8b9a4a949427c393cd868215e1724ceb3467ee5 | ||
7906 | |||
7907 | commit db84e52fe9cfad57f22e7e23c5fbf00092385129 | ||
7908 | Author: Damien Miller <djm@mindrot.org> | ||
7909 | Date: Mon Mar 20 12:07:20 2017 +1100 | ||
7910 | |||
7911 | I'm a doofus. | ||
7912 | |||
7913 | Unbreak obvious syntax error. | ||
7914 | |||
7915 | commit 89f04852db27643717c9c3a2b0dde97ae50099ee | ||
7916 | Author: Damien Miller <djm@mindrot.org> | ||
7917 | Date: Mon Mar 20 11:53:34 2017 +1100 | ||
7918 | |||
7919 | on Cygwin, check paths from server for backslashes | ||
7920 | |||
7921 | Pointed out by Jann Horn of Google Project Zero | ||
7922 | |||
7923 | commit 7ef1f9bafc2cc8d97ff2fbd4f280002b6e8ea5d9 | ||
7924 | Author: Damien Miller <djm@mindrot.org> | ||
7925 | Date: Mon Mar 20 11:48:34 2017 +1100 | ||
7926 | |||
7927 | Yet another synonym for ASCII: "646" | ||
7928 | |||
7929 | Used by NetBSD; this unbreaks mprintf() and friends there for the C | ||
7930 | locale (caught by dtucker@ and his menagerie of test systems). | ||
7931 | |||
7932 | commit 9165abfea3f68a0c684a6ed2e575e59bc31a3a6b | ||
7933 | Author: Damien Miller <djm@mindrot.org> | ||
7934 | Date: Mon Mar 20 09:58:34 2017 +1100 | ||
7935 | |||
7936 | create test mux socket in /tmp | ||
7937 | |||
7938 | Creating the socket in $OBJ could blow past the (quite limited) | ||
7939 | path limit for Unix domain sockets. As a bandaid for bz#2660, | ||
7940 | reported by Colin Watson; ok dtucker@ | ||
7941 | |||
7942 | commit 2adbe1e63bc313d03e8e84e652cc623af8ebb163 | ||
7943 | Author: markus@openbsd.org <markus@openbsd.org> | ||
7944 | Date: Wed Mar 15 07:07:39 2017 +0000 | ||
7945 | |||
7946 | upstream commit | ||
7947 | |||
7948 | disallow KEXINIT before NEWKEYS; ok djm; report by | ||
7949 | vegard.nossum at oracle.com | ||
7950 | |||
7951 | Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234 | ||
7952 | |||
7953 | commit 2fbf91684d76d38b9cf06550b69c9e41bca5a71c | ||
7954 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7955 | Date: Thu Mar 16 14:05:46 2017 +1100 | ||
7956 | |||
7957 | Include includes.h for compat bits. | ||
7958 | |||
7959 | commit b55f634e96b9c5b0cd991e23a9ca181bec4bdbad | ||
7960 | Author: Darren Tucker <dtucker@zip.com.au> | ||
7961 | Date: Thu Mar 16 13:45:17 2017 +1100 | ||
7962 | |||
7963 | Wrap stdint.h in #ifdef HAVE_STDINT_H | ||
7964 | |||
7965 | commit 55a1117d7342a0bf8b793250cf314bab6b482b99 | ||
7966 | Author: Damien Miller <djm@mindrot.org> | ||
7967 | Date: Thu Mar 16 11:22:42 2017 +1100 | ||
7968 | |||
7969 | Adapt Cygwin config script to privsep knob removal | ||
7970 | |||
7971 | Patch from Corinna Vinschen. | ||
7972 | |||
7973 | commit 1a321bfdb91defe3c4d9cca5651724ae167e5436 | ||
7974 | Author: deraadt@openbsd.org <deraadt@openbsd.org> | ||
7975 | Date: Wed Mar 15 03:52:30 2017 +0000 | ||
7976 | |||
7977 | upstream commit | ||
7978 | |||
7979 | accidents happen to the best of us; ok djm | ||
7980 | |||
7981 | Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604 | ||
7982 | |||
7983 | commit 25f837646be8c2017c914d34be71ca435dfc0e07 | ||
7984 | Author: djm@openbsd.org <djm@openbsd.org> | ||
7985 | Date: Wed Mar 15 02:25:09 2017 +0000 | ||
7986 | |||
7987 | upstream commit | ||
7988 | |||
7989 | fix regression in 7.4: deletion of PKCS#11-hosted keys | ||
7990 | would fail unless they were specified by full physical pathname. Report and | ||
7991 | fix from Jakub Jelen via bz#2682; ok dtucker@ | ||
7992 | |||
7993 | Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268 | ||
7994 | |||
7995 | commit a8c5eeacf032a7d3408957e45dd7603cc1baf55f | ||
7996 | Author: djm@openbsd.org <djm@openbsd.org> | ||
7997 | Date: Wed Mar 15 02:19:09 2017 +0000 | ||
7998 | |||
7999 | upstream commit | ||
8000 | |||
8001 | Fix segfault when sshd attempts to load RSA1 keys (can | ||
8002 | only happen when protocol v.1 support is enabled for the client). Reported by | ||
8003 | Jakub Jelen in bz#2686; ok dtucker | ||
8004 | |||
8005 | Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7 | ||
8006 | |||
8007 | commit 66705948c0639a7061a0d0753266da7685badfec | ||
8008 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8009 | Date: Tue Mar 14 07:19:07 2017 +0000 | ||
8010 | |||
8011 | upstream commit | ||
8012 | |||
8013 | Mark the sshd_config UsePrivilegeSeparation option as | ||
8014 | deprecated, effectively making privsep mandatory in sandboxing mode. ok | ||
8015 | markus@ deraadt@ | ||
8016 | |||
8017 | (note: this doesn't remove the !privsep code paths, though that will | ||
8018 | happen eventually). | ||
8019 | |||
8020 | Upstream-ID: b4c52666256c4dd865f8ce9431af5d6ce2d74a0a | ||
8021 | |||
8022 | commit f86586b03fe6cd8f595289bde200a94bc2c191af | ||
8023 | Author: Damien Miller <djm@mindrot.org> | ||
8024 | Date: Tue Mar 14 18:26:29 2017 +1100 | ||
8025 | |||
8026 | Make seccomp-bpf sandbox work on Linux/X32 | ||
8027 | |||
8028 | Allow clock_gettime syscall with X32 bit masked off. Apparently | ||
8029 | this is required for at least some kernel versions. bz#2142 | ||
8030 | Patch mostly by Colin Watson. ok dtucker@ | ||
8031 | |||
8032 | commit 2429cf78dd2a9741ce27ba25ac41c535274a0af6 | ||
8033 | Author: Damien Miller <djm@mindrot.org> | ||
8034 | Date: Tue Mar 14 18:01:52 2017 +1100 | ||
8035 | |||
8036 | require OpenSSL >=1.0.1 | ||
8037 | |||
8038 | commit e3ea335abeab731c68f2b2141bee85a4b0bf680f | ||
8039 | Author: Damien Miller <djm@mindrot.org> | ||
8040 | Date: Tue Mar 14 17:48:43 2017 +1100 | ||
8041 | |||
8042 | Remove macro trickery; no binary change | ||
8043 | |||
8044 | This stops the SC_ALLOW(), SC_ALLOW_ARG() and SC_DENY() macros | ||
8045 | prepending __NR_ to the syscall number parameter and just makes | ||
8046 | them explicit in the macro invocations. | ||
8047 | |||
8048 | No binary change in stripped object file before/after. | ||
8049 | |||
8050 | commit 5f1596e11d55539678c41f68aed358628d33d86f | ||
8051 | Author: Damien Miller <djm@mindrot.org> | ||
8052 | Date: Tue Mar 14 13:15:18 2017 +1100 | ||
8053 | |||
8054 | support ioctls for ICA crypto card on Linux/s390 | ||
8055 | |||
8056 | Based on patch from Eduardo Barretto; ok dtucker@ | ||
8057 | |||
8058 | commit b1b22dd0df2668b322dda174e501dccba2cf5c44 | ||
8059 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8060 | Date: Tue Mar 14 14:19:36 2017 +1100 | ||
8061 | |||
8062 | Plumb conversion test into makefile. | ||
8063 | |||
8064 | commit f57783f1ddfb4cdfbd612c6beb5ec01cb5b9a6b9 | ||
8065 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8066 | Date: Tue Mar 14 01:20:29 2017 +0000 | ||
8067 | |||
8068 | upstream commit | ||
8069 | |||
8070 | Add unit test for convtime(). | ||
8071 | |||
8072 | Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1 | ||
8073 | |||
8074 | commit 8884b7247d094cd11ff9e39c325ba928c5bdbc6c | ||
8075 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8076 | Date: Tue Mar 14 01:10:07 2017 +0000 | ||
8077 | |||
8078 | upstream commit | ||
8079 | |||
8080 | Add ASSERT_LONG_* helpers. | ||
8081 | |||
8082 | Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431 | ||
8083 | |||
8084 | commit c6774d21185220c0ba11e8fd204bf0ad1a432071 | ||
8085 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8086 | Date: Tue Mar 14 00:55:37 2017 +0000 | ||
8087 | |||
8088 | upstream commit | ||
8089 | |||
8090 | Fix convtime() overflow test on boundary condition, | ||
8091 | spotted by & ok djm. | ||
8092 | |||
8093 | Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708 | ||
8094 | |||
8095 | commit f5746b40cfe6d767c8e128fe50c43274b31cd594 | ||
8096 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8097 | Date: Tue Mar 14 00:25:03 2017 +0000 | ||
8098 | |||
8099 | upstream commit | ||
8100 | |||
8101 | Check for integer overflow when parsing times in | ||
8102 | convtime(). Reported by nicolas.iooss at m4x.org, ok djm@ | ||
8103 | |||
8104 | Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13 | ||
8105 | |||
8106 | commit f5907982f42a8d88a430b8a46752cbb7859ba979 | ||
8107 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8108 | Date: Tue Mar 14 13:38:15 2017 +1100 | ||
8109 | |||
8110 | Add a "unit" target to run only unit tests. | ||
8111 | |||
8112 | commit 9e96b41682aed793fadbea5ccd472f862179fb02 | ||
8113 | Author: Damien Miller <djm@mindrot.org> | ||
8114 | Date: Tue Mar 14 12:24:47 2017 +1100 | ||
8115 | |||
8116 | Fix weakness in seccomp-bpf sandbox arg inspection | ||
8117 | |||
8118 | Syscall arguments are passed via an array of 64-bit values in struct | ||
8119 | seccomp_data, but we were only inspecting the bottom 32 bits and not | ||
8120 | even those correctly for BE systems. | ||
8121 | |||
8122 | Fortunately, the only case argument inspection was used was in the | ||
8123 | socketcall filtering so using this for sandbox escape seems | ||
8124 | impossible. | ||
8125 | |||
8126 | ok dtucker | ||
8127 | |||
8128 | commit 8ff3fc3f2f7c13e8968717bc2b895ee32c441275 | ||
8129 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8130 | Date: Sat Mar 11 23:44:16 2017 +0000 | ||
8131 | |||
8132 | upstream commit | ||
8133 | |||
8134 | regress tests for loading certificates without public keys; | ||
8135 | bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@ | ||
8136 | |||
8137 | Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0 | ||
8138 | |||
8139 | commit 1e24552716194db8f2f620587b876158a9ef56ad | ||
8140 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8141 | Date: Sat Mar 11 23:40:26 2017 +0000 | ||
8142 | |||
8143 | upstream commit | ||
8144 | |||
8145 | allow ssh to use certificates accompanied by a private | ||
8146 | key file but no corresponding plain *.pub public key. bz#2617 based on patch | ||
8147 | from Adam Eijdenberg; ok dtucker@ markus@ | ||
8148 | |||
8149 | Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9 | ||
8150 | |||
8151 | commit 0fb1a617a07b8df5de188dd5a0c8bf293d4bfc0e | ||
8152 | Author: markus@openbsd.org <markus@openbsd.org> | ||
8153 | Date: Sat Mar 11 13:07:35 2017 +0000 | ||
8154 | |||
8155 | upstream commit | ||
8156 | |||
8157 | Don't count the initial block twice when computing how | ||
8158 | many bytes to discard for the work around for the attacks against CBC-mode. | ||
8159 | ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL | ||
8160 | |||
8161 | Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2 | ||
8162 | |||
8163 | commit ef653dd5bd5777132d9f9ee356225f9ee3379504 | ||
8164 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8165 | Date: Fri Mar 10 07:18:32 2017 +0000 | ||
8166 | |||
8167 | upstream commit | ||
8168 | |||
8169 | krl.c | ||
8170 | |||
8171 | Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1 | ||
8172 | |||
8173 | commit d94c1dfef2ea30ca67b1204ada7c3b537c54f4d0 | ||
8174 | Author: Damien Miller <djm@mindrot.org> | ||
8175 | Date: Sun Mar 12 10:48:14 2017 +1100 | ||
8176 | |||
8177 | sync fmt_scaled.c with OpenBSD | ||
8178 | |||
8179 | revision 1.13 | ||
8180 | date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R; | ||
8181 | fix signed integer overflow in scan_scaled. Found by Nicolas Iooss | ||
8182 | using AFL against ssh_config. ok deraadt@ millert@ | ||
8183 | ---------------------------- | ||
8184 | revision 1.12 | ||
8185 | date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5; | ||
8186 | fairly simple unsigned char casts for ctype | ||
8187 | ok krw | ||
8188 | ---------------------------- | ||
8189 | revision 1.11 | ||
8190 | date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2; | ||
8191 | make scan_scaled set errno to EINVAL rather than ERANGE if it encounters | ||
8192 | an invalid multiplier, like the man page says it should | ||
8193 | |||
8194 | "looks sensible" deraadt@, ok ian@ | ||
8195 | ---------------------------- | ||
8196 | revision 1.10 | ||
8197 | date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4; | ||
8198 | use llabs instead of the home-grown version; and some comment changes | ||
8199 | ok ian@, millert@ | ||
8200 | ---------------------------- | ||
8201 | |||
8202 | commit 894221a63fa061e52e414ca58d47edc5fe645968 | ||
8203 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8204 | Date: Fri Mar 10 05:01:13 2017 +0000 | ||
8205 | |||
8206 | upstream commit | ||
8207 | |||
8208 | When updating hostkeys, accept RSA keys if | ||
8209 | HostkeyAlgorithms contains any RSA keytype. Previously, ssh could ignore RSA | ||
8210 | keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms | ||
8211 | nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok | ||
8212 | dtucker@ | ||
8213 | |||
8214 | Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2 | ||
8215 | |||
8216 | commit dd3e2298663f4cc1a06bc69582d00dcfee27d73c | ||
8217 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8218 | Date: Fri Mar 10 04:24:55 2017 +0000 | ||
8219 | |||
8220 | upstream commit | ||
8221 | |||
8222 | make hostname matching really insensitive to case; | ||
8223 | bz#2685, reported by Petr Cerny; ok dtucker@ | ||
8224 | |||
8225 | Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253 | ||
8226 | |||
8227 | commit 77a9be9446697fe8b5499fe651f4a82a71a4b51f | ||
8228 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8229 | Date: Fri Mar 10 03:52:48 2017 +0000 | ||
8230 | |||
8231 | upstream commit | ||
8232 | |||
8233 | reword a comment to make it fit 80 columns | ||
8234 | |||
8235 | Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4 | ||
8236 | |||
8237 | commit 61b8ef6a66efaec07e023342cb94a10bdc2254dc | ||
8238 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8239 | Date: Fri Mar 10 04:27:32 2017 +0000 | ||
8240 | |||
8241 | upstream commit | ||
8242 | |||
8243 | better match sshd config parser behaviour: fatal() if | ||
8244 | line is overlong, increase line buffer to match sshd's; bz#2651 reported by | ||
8245 | Don Fong; ok dtucker@ | ||
8246 | |||
8247 | Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18 | ||
8248 | |||
8249 | commit db2597207e69912f2592cd86a1de8e948a9d7ffb | ||
8250 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8251 | Date: Fri Mar 10 04:26:06 2017 +0000 | ||
8252 | |||
8253 | upstream commit | ||
8254 | |||
8255 | ensure hostname is lower-case before hashing it; | ||
8256 | bz#2591 reported by Griff Miller II; ok dtucker@ | ||
8257 | |||
8258 | Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17 | ||
8259 | |||
8260 | commit df9936936c695f85c1038bd706d62edf752aca4b | ||
8261 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8262 | Date: Fri Mar 10 04:24:55 2017 +0000 | ||
8263 | |||
8264 | upstream commit | ||
8265 | |||
8266 | make hostname matching really insensitive to case; | ||
8267 | bz#2685, reported by Petr Cerny; ok dtucker@ | ||
8268 | |||
8269 | Upstream-ID: e632b7a9bf0d0558d5ff56dab98b7cca6c3db549 | ||
8270 | |||
8271 | commit 67eed24bfa7645d88fa0b883745fccb22a0e527e | ||
8272 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8273 | Date: Fri Mar 10 04:11:00 2017 +0000 | ||
8274 | |||
8275 | upstream commit | ||
8276 | |||
8277 | Remove old null check from config dumper. Patch from | ||
8278 | jjelen at redhat.com vi bz#2687, ok djm@ | ||
8279 | |||
8280 | Upstream-ID: 824ab71467b78c4bab0dd1b3a38e8bc5f63dd528 | ||
8281 | |||
8282 | commit 183ba55aaaecca0206184b854ad6155df237adbe | ||
8283 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8284 | Date: Fri Mar 10 04:07:20 2017 +0000 | ||
8285 | |||
8286 | upstream commit | ||
8287 | |||
8288 | fix regression in 7.4 server-sig-algs, where we were | ||
8289 | accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno | ||
8290 | Goncalves; ok dtucker@ | ||
8291 | |||
8292 | Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8 | ||
8293 | |||
8294 | commit 66be4fe8c4435af5bbc82998501a142a831f1181 | ||
8295 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8296 | Date: Fri Mar 10 03:53:11 2017 +0000 | ||
8297 | |||
8298 | upstream commit | ||
8299 | |||
8300 | Check for NULL return value from key_new. Patch from | ||
8301 | jjelen at redhat.com via bz#2687, ok djm@ | ||
8302 | |||
8303 | Upstream-ID: 059e33cd43cba88dc8caf0b1936fd4dd88fd5b8e | ||
8304 | |||
8305 | commit ec2892b5c7fea199914cb3a6afb3af38f84990bf | ||
8306 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8307 | Date: Fri Mar 10 03:52:48 2017 +0000 | ||
8308 | |||
8309 | upstream commit | ||
8310 | |||
8311 | reword a comment to make it fit 80 columns | ||
8312 | |||
8313 | Upstream-ID: b4b48b4487c0821d16e812c40c9b09f03b28e349 | ||
8314 | |||
8315 | commit 7fadbb6da3f4122de689165651eb39985e1cba85 | ||
8316 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8317 | Date: Fri Mar 10 03:48:57 2017 +0000 | ||
8318 | |||
8319 | upstream commit | ||
8320 | |||
8321 | Check for NULL argument to sshkey_read. Patch from | ||
8322 | jjelen at redhat.com via bz#2687, ok djm@ | ||
8323 | |||
8324 | Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e | ||
8325 | |||
8326 | commit 5a06b9e019e2b0b0f65a223422935b66f3749de3 | ||
8327 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8328 | Date: Fri Mar 10 03:45:40 2017 +0000 | ||
8329 | |||
8330 | upstream commit | ||
8331 | |||
8332 | Plug some mem leaks mostly on error paths. From jjelen | ||
8333 | at redhat.com via bz#2687, ok djm@ | ||
8334 | |||
8335 | Upstream-ID: 3fb030149598957a51b7c8beb32bf92cf30c96f2 | ||
8336 | |||
8337 | commit f6edbe9febff8121f26835996b1229b5064d31b7 | ||
8338 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8339 | Date: Fri Mar 10 03:24:48 2017 +0000 | ||
8340 | |||
8341 | upstream commit | ||
8342 | |||
8343 | Plug mem leak on GLOB_NOMATCH case. From jjelen at | ||
8344 | redhat.com via bz#2687, ok djm@ | ||
8345 | |||
8346 | Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d | ||
8347 | |||
8348 | commit 566b3a46e89a2fda2db46f04f2639e92da64a120 | ||
8349 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8350 | Date: Fri Mar 10 03:22:40 2017 +0000 | ||
8351 | |||
8352 | upstream commit | ||
8353 | |||
8354 | Plug descriptor leaks of auth_sock. From jjelen at | ||
8355 | redhat.com via bz#2687, ok djm@ | ||
8356 | |||
8357 | Upstream-ID: 248acb99a5ed2fdca37d1aa33c0fcee7be286d88 | ||
8358 | |||
8359 | commit 8a2834454c73dfc1eb96453c0e97690595f3f4c2 | ||
8360 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8361 | Date: Fri Mar 10 03:18:24 2017 +0000 | ||
8362 | |||
8363 | upstream commit | ||
8364 | |||
8365 | correctly hash hosts with a port number. Reported by Josh | ||
8366 | Powers in bz#2692; ok dtucker@ | ||
8367 | |||
8368 | Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442 | ||
8369 | |||
8370 | commit 9747b9c742de409633d4753bf1a752cbd211e2d3 | ||
8371 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8372 | Date: Fri Mar 10 03:15:58 2017 +0000 | ||
8373 | |||
8374 | upstream commit | ||
8375 | |||
8376 | don't truncate off \r\n from long stderr lines; bz#2688, | ||
8377 | reported by Brian Dyson; ok dtucker@ | ||
8378 | |||
8379 | Upstream-ID: cdfdc4ba90639af807397ce996153c88af046ca4 | ||
8380 | |||
8381 | commit 4a4b75adac862029a1064577eb5af299b1580cdd | ||
8382 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8383 | Date: Fri Mar 10 02:59:51 2017 +0000 | ||
8384 | |||
8385 | upstream commit | ||
8386 | |||
8387 | Validate digest arg in ssh_digest_final; from jjelen at | ||
8388 | redhat.com via bz#2687, ok djm@ | ||
8389 | |||
8390 | Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878 | ||
8391 | |||
8392 | commit bee0167be2340d8de4bdc1ab1064ec957c85a447 | ||
8393 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8394 | Date: Fri Mar 10 13:40:18 2017 +1100 | ||
8395 | |||
8396 | Check for NULL from malloc. | ||
8397 | |||
8398 | Part of bz#2687, from jjelen at redhat.com. | ||
8399 | |||
8400 | commit da39b09d43b137a5a3d071b51589e3efb3701238 | ||
8401 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8402 | Date: Fri Mar 10 13:22:32 2017 +1100 | ||
8403 | |||
8404 | If OSX is using launchd, remove screen no. | ||
8405 | |||
8406 | Check for socket with and without screen number. From Apple and Jakob | ||
8407 | Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@ | ||
8408 | |||
8409 | commit 8fb15311a011517eb2394bb95a467c209b8b336c | ||
8410 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8411 | Date: Wed Mar 8 12:07:47 2017 +0000 | ||
8412 | |||
8413 | upstream commit | ||
8414 | |||
8415 | quote [host]:port in generated ProxyJump commandline; the | ||
8416 | [ / ] characters can confuse some shells (e.g. zsh). Reported by Lauri | ||
8417 | Tirkkonen via bugs@ | ||
8418 | |||
8419 | Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182 | ||
8420 | |||
8421 | commit 18501151cf272a15b5f2c5e777f2e0933633c513 | ||
8422 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8423 | Date: Mon Mar 6 02:03:20 2017 +0000 | ||
8424 | |||
8425 | upstream commit | ||
8426 | |||
8427 | Check l->hosts before dereferencing; fixes potential null | ||
8428 | pointer deref. ok djm@ | ||
8429 | |||
8430 | Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301 | ||
8431 | |||
8432 | commit d072370793f1a20f01ad827ba8fcd3b8f2c46165 | ||
8433 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8434 | Date: Mon Mar 6 00:44:51 2017 +0000 | ||
8435 | |||
8436 | upstream commit | ||
8437 | |||
8438 | linenum is unsigned long so use %lu in log formats. ok | ||
8439 | deraadt@ | ||
8440 | |||
8441 | Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08 | ||
8442 | |||
8443 | commit 12d3767ba4c84c32150cbe6ff6494498780f12c9 | ||
8444 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8445 | Date: Fri Mar 3 06:13:11 2017 +0000 | ||
8446 | |||
8447 | upstream commit | ||
8448 | |||
8449 | fix ssh-keygen -H accidentally corrupting known_hosts that | ||
8450 | contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by | ||
8451 | hostkeys_foreach() when hostname matching is in use, so we need to look for | ||
8452 | the hash marker explicitly. | ||
8453 | |||
8454 | Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528 | ||
8455 | |||
8456 | commit d7abb771bd5a941b26144ba400a34563a1afa589 | ||
8457 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8458 | Date: Tue Feb 28 06:10:08 2017 +0000 | ||
8459 | |||
8460 | upstream commit | ||
8461 | |||
8462 | small memleak: free fd_set on connection timeout (though | ||
8463 | we are heading to exit anyway). From Tom Rix in bz#2683 | ||
8464 | |||
8465 | Upstream-ID: 10e3dadbb8199845b66581473711642d9e6741c4 | ||
8466 | |||
8467 | commit 78142e3ab3887e53a968d6e199bcb18daaf2436e | ||
8468 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
8469 | Date: Mon Feb 27 14:30:33 2017 +0000 | ||
8470 | |||
8471 | upstream commit | ||
8472 | |||
8473 | errant dot; from klemens nanni | ||
8474 | |||
8475 | Upstream-ID: 83d93366a5acf47047298c5d3ebc5e7426f37921 | ||
8476 | |||
8477 | commit 8071a6924c12bb51406a9a64a4b2892675112c87 | ||
8478 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8479 | Date: Fri Feb 24 03:16:34 2017 +0000 | ||
8480 | |||
8481 | upstream commit | ||
8482 | |||
8483 | might as well set the listener socket CLOEXEC | ||
8484 | |||
8485 | Upstream-ID: 9c538433d6a0ca79f5f21decc5620e46fb68ab57 | ||
8486 | |||
8487 | commit d5499190559ebe374bcdfa8805408646ceffad64 | ||
8488 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8489 | Date: Sun Feb 19 00:11:29 2017 +0000 | ||
8490 | |||
8491 | upstream commit | ||
8492 | |||
8493 | add test cases for C locale; ok schwarze@ | ||
8494 | |||
8495 | Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87 | ||
8496 | |||
8497 | commit 011c8ffbb0275281a0cf330054cf21be10c43e37 | ||
8498 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8499 | Date: Sun Feb 19 00:10:57 2017 +0000 | ||
8500 | |||
8501 | upstream commit | ||
8502 | |||
8503 | Add a common nl_langinfo(CODESET) alias for US-ASCII | ||
8504 | "ANSI_X3.4-1968" that is used by Linux. Fixes mprintf output truncation for | ||
8505 | non-UTF-8 locales on Linux spotted by dtucker@; ok deraadt@ schwarze@ | ||
8506 | |||
8507 | Upstream-ID: c6808956ebffd64066f9075d839f74ff0dd60719 | ||
8508 | |||
8509 | commit 0c4430a19b73058a569573492f55e4c9eeaae67b | ||
8510 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8511 | Date: Tue Feb 7 23:03:11 2017 +0000 | ||
8512 | |||
8513 | upstream commit | ||
8514 | |||
8515 | Remove deprecated SSH1 options RSAAuthentication and | ||
8516 | RhostsRSAAuthentication from regression test sshd_config. | ||
8517 | |||
8518 | Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491 | ||
8519 | |||
8520 | commit 3baa4cdd197c95d972ec3d07f1c0d08f2d7d9199 | ||
8521 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8522 | Date: Fri Feb 17 02:32:05 2017 +0000 | ||
8523 | |||
8524 | upstream commit | ||
8525 | |||
8526 | Do not show rsa1 key type in usage when compiled without | ||
8527 | SSH1 support. | ||
8528 | |||
8529 | Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57 | ||
8530 | |||
8531 | commit ecc35893715f969e98fee118481f404772de4132 | ||
8532 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8533 | Date: Fri Feb 17 02:31:14 2017 +0000 | ||
8534 | |||
8535 | upstream commit | ||
8536 | |||
8537 | ifdef out "rsa1" from the list of supported keytypes when | ||
8538 | compiled without SSH1 support. Found by kdunlop at guralp.com, ok djm@ | ||
8539 | |||
8540 | Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f | ||
8541 | |||
8542 | commit 10577c6d96a55b877a960b2d0b75edef1b9945af | ||
8543 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8544 | Date: Fri Feb 17 02:04:15 2017 +0000 | ||
8545 | |||
8546 | upstream commit | ||
8547 | |||
8548 | For ProxyJump/-J, surround host name with brackets to | ||
8549 | allow literal IPv6 addresses. From Dick Visser; ok dtucker@ | ||
8550 | |||
8551 | Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1 | ||
8552 | |||
8553 | commit b2afdaf1b52231aa23d2153f4a8c5a60a694dda4 | ||
8554 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
8555 | Date: Wed Feb 15 23:38:31 2017 +0000 | ||
8556 | |||
8557 | upstream commit | ||
8558 | |||
8559 | Fix memory leaks in match_filter_list() error paths. | ||
8560 | |||
8561 | ok dtucker@ markus@ | ||
8562 | |||
8563 | Upstream-ID: c7f96ac0877f6dc9188bbc908100a8d246cc7f0e | ||
8564 | |||
8565 | commit 6d5a41b38b55258213ecfaae9df7a758caa752a1 | ||
8566 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8567 | Date: Wed Feb 15 01:46:47 2017 +0000 | ||
8568 | |||
8569 | upstream commit | ||
8570 | |||
8571 | fix division by zero crash in "df" output when server | ||
8572 | returns zero total filesystem blocks/inodes. Spotted by Guido Vranken; ok | ||
8573 | dtucker@ | ||
8574 | |||
8575 | Upstream-ID: 6fb6c2ae6b289aa07b6232dbc0be54682ef5419f | ||
8576 | |||
8577 | commit bd5d7d239525d595ecea92765334af33a45d9d63 | ||
8578 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8579 | Date: Sun Feb 12 15:45:15 2017 +1100 | ||
8580 | |||
8581 | ifdef out EVP_R_PRIVATE_KEY_DECODE_ERROR | ||
8582 | |||
8583 | EVP_R_PRIVATE_KEY_DECODE_ERROR was added in OpenSSL 1.0.0 so ifdef out | ||
8584 | for the benefit of OpenSSL versions prior to that. | ||
8585 | |||
8586 | commit 155d540d00ff55f063421ec182ec8ff2b7ab6cbe | ||
8587 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8588 | Date: Fri Feb 10 04:34:50 2017 +0000 | ||
8589 | |||
8590 | upstream commit | ||
8591 | |||
8592 | bring back r1.34 that was backed out for problems loading | ||
8593 | public keys: | ||
8594 | |||
8595 | translate OpenSSL error codes to something more | ||
8596 | meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ | ||
8597 | |||
8598 | with additional fix from Jakub Jelen to solve the backout. | ||
8599 | bz#2525 bz#2523 re-ok dtucker@ | ||
8600 | |||
8601 | Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031 | ||
8602 | |||
8603 | commit a287c5ad1e0bf9811c7b9221979b969255076019 | ||
8604 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8605 | Date: Fri Feb 10 03:36:40 2017 +0000 | ||
8606 | |||
8607 | upstream commit | ||
8608 | |||
8609 | Sanitise escape sequences in key comments sent to printf | ||
8610 | but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@ | ||
8611 | |||
8612 | Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e | ||
8613 | |||
8614 | commit e40269be388972848aafcca7060111c70aab5b87 | ||
8615 | Author: millert@openbsd.org <millert@openbsd.org> | ||
8616 | Date: Wed Feb 8 20:32:43 2017 +0000 | ||
8617 | |||
8618 | upstream commit | ||
8619 | |||
8620 | Avoid printf %s NULL. From semarie@, OK djm@ | ||
8621 | |||
8622 | Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c | ||
8623 | |||
8624 | commit 5b90709ab8704dafdb31e5651073b259d98352bc | ||
8625 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8626 | Date: Mon Feb 6 09:22:51 2017 +0000 | ||
8627 | |||
8628 | upstream commit | ||
8629 | |||
8630 | Restore \r\n newline sequence for server ident string. The CR | ||
8631 | got lost in the flensing of SSHv1. Pointed out by Stef Bon | ||
8632 | |||
8633 | Upstream-ID: 5333fd43ce5396bf5999496096fac5536e678fac | ||
8634 | |||
8635 | commit 97c31c46ee2e6b46dfffdfc4f90bbbf188064cbc | ||
8636 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8637 | Date: Fri Feb 3 23:01:42 2017 +0000 | ||
8638 | |||
8639 | upstream commit | ||
8640 | |||
8641 | unit test for match_filter_list() function; still want a | ||
8642 | better name for this... | ||
8643 | |||
8644 | Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a | ||
8645 | |||
8646 | commit f1a193464a7b77646f0d0cedc929068e4a413ab4 | ||
8647 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8648 | Date: Fri Feb 3 23:05:57 2017 +0000 | ||
8649 | |||
8650 | upstream commit | ||
8651 | |||
8652 | use ssh_packet_set_log_preamble() to include connection | ||
8653 | username in packet log messages, e.g. | ||
8654 | |||
8655 | Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth] | ||
8656 | |||
8657 | ok markus@ bz#113 | ||
8658 | |||
8659 | Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15 | ||
8660 | |||
8661 | commit 07edd7e9537ab32aa52abb5fb2a915c350fcf441 | ||
8662 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8663 | Date: Fri Feb 3 23:03:33 2017 +0000 | ||
8664 | |||
8665 | upstream commit | ||
8666 | |||
8667 | add ssh_packet_set_log_preamble() to allow inclusion of a | ||
8668 | preamble string in disconnect messages; ok markus@ | ||
8669 | |||
8670 | Upstream-ID: 34cb41182cd76d414c214ccb01c01707849afead | ||
8671 | |||
8672 | commit 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59 | ||
8673 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8674 | Date: Fri Feb 3 23:01:19 2017 +0000 | ||
8675 | |||
8676 | upstream commit | ||
8677 | |||
8678 | support =- for removing methods from algorithms lists, | ||
8679 | e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like | ||
8680 | it" markus@ | ||
8681 | |||
8682 | Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d | ||
8683 | |||
8684 | commit c924b2ef941028a1f31e6e94f54dfeeeef462a4e | ||
8685 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8686 | Date: Fri Feb 3 05:05:56 2017 +0000 | ||
8687 | |||
8688 | upstream commit | ||
8689 | |||
8690 | allow form-feed characters at EOL; bz#2431 ok dtucker@ | ||
8691 | |||
8692 | Upstream-ID: 1f453afaba6da2ae69d6afdf1ae79a917552f1a2 | ||
8693 | |||
8694 | commit 523db8540b720c4d21ab0ff6f928476c70c38aab | ||
8695 | Author: Damien Miller <djm@mindrot.org> | ||
8696 | Date: Fri Feb 3 16:01:22 2017 +1100 | ||
8697 | |||
8698 | prefer to use ldns-config to find libldns | ||
8699 | |||
8700 | Should fix bz#2603 - "Build with ldns and without kerberos support | ||
8701 | fails if ldns compiled with kerberos support" by including correct | ||
8702 | cflags/libs | ||
8703 | |||
8704 | ok dtucker@ | ||
8705 | |||
8706 | commit c998bf0afa1a01257a53793eba57941182e9e0b7 | ||
8707 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8708 | Date: Fri Feb 3 02:56:00 2017 +0000 | ||
8709 | |||
8710 | upstream commit | ||
8711 | |||
8712 | Make ssh_packet_set_rekey_limits take u32 for the number of | ||
8713 | seconds until rekeying (negative values are rejected at config parse time). | ||
8714 | This allows the removal of some casts and a signed vs unsigned comparison | ||
8715 | warning. | ||
8716 | |||
8717 | rekey_time is cast to int64 for the comparison which is a no-op | ||
8718 | on OpenBSD, but should also do the right thing in -portable on | ||
8719 | anything still using 32bit time_t (until the system time actually | ||
8720 | wraps, anyway). | ||
8721 | |||
8722 | some early guidance deraadt@, ok djm@ | ||
8723 | |||
8724 | Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c | ||
8725 | |||
8726 | commit 3ec5fa4ba97d4c4853620daea26a33b9f1fe3422 | ||
8727 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
8728 | Date: Thu Feb 2 10:54:25 2017 +0000 | ||
8729 | |||
8730 | upstream commit | ||
8731 | |||
8732 | In vasnmprintf() return an error if malloc fails and | ||
8733 | don't set a function argument to the address of free'd memory. | ||
8734 | |||
8735 | ok djm@ | ||
8736 | |||
8737 | Upstream-ID: 1efffffff2f51d53c9141f245b90ac23d33b9779 | ||
8738 | |||
8739 | commit 858252fb1d451ebb0969cf9749116c8f0ee42753 | ||
8740 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8741 | Date: Wed Feb 1 02:59:09 2017 +0000 | ||
8742 | |||
8743 | upstream commit | ||
8744 | |||
8745 | Return true reason for port forwarding failures where | ||
8746 | feasible rather than always "administratively prohibited". bz#2674, ok djm@ | ||
8747 | |||
8748 | Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419 | ||
8749 | |||
8750 | commit 6ba9f893838489add6ec4213c7a997b425e4a9e0 | ||
8751 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8752 | Date: Mon Jan 30 23:27:39 2017 +0000 | ||
8753 | |||
8754 | upstream commit | ||
8755 | |||
8756 | Small correction to the known_hosts section on when it is | ||
8757 | updated. Patch from lkppo at free.fr some time ago, pointed out by smallm at | ||
8758 | sdf.org | ||
8759 | |||
8760 | Upstream-ID: 1834d7af179dea1a12ad2137f84566664af225d5 | ||
8761 | |||
8762 | commit c61d5ec3c11e7ff9779b6127421d9f166cf10915 | ||
8763 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8764 | Date: Fri Feb 3 14:10:34 2017 +1100 | ||
8765 | |||
8766 | Remove _XOPEN_SOURCE from wide char detection. | ||
8767 | |||
8768 | Having _XOPEN_SOURCE unconditionally causes problems on some platforms | ||
8769 | and configurations, notably Solaris 64-bit binaries. It was there for | ||
8770 | the benefit of Linux put the required bits in the *-*linux* section. | ||
8771 | |||
8772 | Patch from yvoinov at gmail.com. | ||
8773 | |||
8774 | commit f25ee13b3e81fd80efeb871dc150fe49d7fc8afd | ||
8775 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8776 | Date: Mon Jan 30 05:22:14 2017 +0000 | ||
8777 | |||
8778 | upstream commit | ||
8779 | |||
8780 | fully unbreak: some $SSH invocations did not have -F | ||
8781 | specified and could pick up the ~/.ssh/config of the user running the tests | ||
8782 | |||
8783 | Upstream-Regress-ID: f362d1892c0d3e66212d5d3fc02d915c58ef6b89 | ||
8784 | |||
8785 | commit 6956e21fb26652887475fe77ea40d2efcf25908b | ||
8786 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8787 | Date: Mon Jan 30 04:54:07 2017 +0000 | ||
8788 | |||
8789 | upstream commit | ||
8790 | |||
8791 | partially unbreak: was not specifying hostname on some | ||
8792 | $SSH invocations | ||
8793 | |||
8794 | Upstream-Regress-ID: bc8a5e98e57bad0a92ef4f34ed91c1d18294e2cc | ||
8795 | |||
8796 | commit 52763dd3fe0a4678dafdf7aeb32286e514130afc | ||
8797 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8798 | Date: Mon Jan 30 01:03:00 2017 +0000 | ||
8799 | |||
8800 | upstream commit | ||
8801 | |||
8802 | revise keys/principals command hang fix (bz#2655) to | ||
8803 | consume entire output, avoiding sending SIGPIPE to subprocesses early; ok | ||
8804 | dtucker@ | ||
8805 | |||
8806 | Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc | ||
8807 | |||
8808 | commit 381a2615a154a82c4c53b787f4a564ef894fe9ac | ||
8809 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8810 | Date: Mon Jan 30 00:38:50 2017 +0000 | ||
8811 | |||
8812 | upstream commit | ||
8813 | |||
8814 | small cleanup post SSHv1 removal: | ||
8815 | |||
8816 | remove SSHv1-isms in commented examples | ||
8817 | |||
8818 | reorder token table to group deprecated and compile-time conditional tokens | ||
8819 | better | ||
8820 | |||
8821 | fix config dumping code for some compile-time conditional options that | ||
8822 | weren't being correctly skipped (SSHv1 and PKCS#11) | ||
8823 | |||
8824 | Upstream-ID: f2e96b3cb3158d857c5a91ad2e15925df3060105 | ||
8825 | |||
8826 | commit 4833d01591b7eb049489d9558b65f5553387ed43 | ||
8827 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8828 | Date: Mon Jan 30 00:34:01 2017 +0000 | ||
8829 | |||
8830 | upstream commit | ||
8831 | |||
8832 | some explicit NULL tests when dumping configured | ||
8833 | forwardings; from Karsten Weiss | ||
8834 | |||
8835 | Upstream-ID: 40957b8dea69672b0e50df6b4a91a94e3e37f72d | ||
8836 | |||
8837 | commit 326e2fae9f2e3e067b5651365eba86b35ee5a6b2 | ||
8838 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8839 | Date: Mon Jan 30 00:32:28 2017 +0000 | ||
8840 | |||
8841 | upstream commit | ||
8842 | |||
8843 | misplaced braces in test; from Karsten Weiss | ||
8844 | |||
8845 | Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae | ||
8846 | |||
8847 | commit 3e032a95e46bfaea9f9e857678ac8fa5f63997fb | ||
8848 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8849 | Date: Mon Jan 30 00:32:03 2017 +0000 | ||
8850 | |||
8851 | upstream commit | ||
8852 | |||
8853 | don't dereference authctxt before testing != NULL, it | ||
8854 | causes compilers to make assumptions; from Karsten Weiss | ||
8855 | |||
8856 | Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2 | ||
8857 | |||
8858 | commit 01cfaa2b1cfb84f3cdd32d1bf82b120a8d30e057 | ||
8859 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8860 | Date: Fri Jan 6 02:51:16 2017 +0000 | ||
8861 | |||
8862 | upstream commit | ||
8863 | |||
8864 | use correct ssh-add program; bz#2654, from Colin Watson | ||
8865 | |||
8866 | Upstream-Regress-ID: 7042a36e1bdaec6562f6e57e9d047efe9c7a6030 | ||
8867 | |||
8868 | commit e5c7ec67cdc42ae2584085e0fc5cc5ee91133cf5 | ||
8869 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8870 | Date: Fri Jan 6 02:26:10 2017 +0000 | ||
8871 | |||
8872 | upstream commit | ||
8873 | |||
8874 | Account for timeouts in the integrity tests as failures. | ||
8875 | |||
8876 | If the first test in a series for a given MAC happens to modify the low | ||
8877 | bytes of a packet length, then ssh will time out and this will be | ||
8878 | interpreted as a test failure. Patch from cjwatson at debian.org via | ||
8879 | bz#2658. | ||
8880 | |||
8881 | Upstream-Regress-ID: e7467613b0badedaa300bc6fc7495ec2f44e2fb9 | ||
8882 | |||
8883 | commit dbaf599b61bd6e0f8469363a8c8e7f633b334018 | ||
8884 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8885 | Date: Fri Jan 6 02:09:25 2017 +0000 | ||
8886 | |||
8887 | upstream commit | ||
8888 | |||
8889 | Make forwarding test less racy by using unix domain | ||
8890 | sockets instead of TCP ports where possible. Patch from cjwatson at | ||
8891 | debian.org via bz#2659. | ||
8892 | |||
8893 | Upstream-Regress-ID: 4756375aac5916ef9d25452a1c1d5fa9e90299a9 | ||
8894 | |||
8895 | commit 9390b0031ebd6eb5488d3bc4d4333c528dffc0a6 | ||
8896 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8897 | Date: Sun Jan 29 21:35:23 2017 +0000 | ||
8898 | |||
8899 | upstream commit | ||
8900 | |||
8901 | Fix typo in ~C error message for bad port forward | ||
8902 | cancellation. bz#2672, from Brad Marshall via Colin Watson and Ubuntu's | ||
8903 | bugtracker. | ||
8904 | |||
8905 | Upstream-ID: 0d4a7e5ead6cc59c9a44b4c1e5435ab3aada09af | ||
8906 | |||
8907 | commit 4ba15462ca38883b8a61a1eccc093c79462d5414 | ||
8908 | Author: guenther@openbsd.org <guenther@openbsd.org> | ||
8909 | Date: Sat Jan 21 11:32:04 2017 +0000 | ||
8910 | |||
8911 | upstream commit | ||
8912 | |||
8913 | The POSIX APIs that that sockaddrs all ignore the s*_len | ||
8914 | field in the incoming socket, so userspace doesn't need to set it unless it | ||
8915 | has its own reasons for tracking the size along with the sockaddr. | ||
8916 | |||
8917 | ok phessler@ deraadt@ florian@ | ||
8918 | |||
8919 | Upstream-ID: ca6e49e2f22f2b9e81d6d924b90ecd7e422e7437 | ||
8920 | |||
8921 | commit a1187bd3ef3e4940af849ca953a1b849dae78445 | ||
8922 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
8923 | Date: Fri Jan 6 16:28:12 2017 +0000 | ||
8924 | |||
8925 | upstream commit | ||
8926 | |||
8927 | keep the tokens list sorted; | ||
8928 | |||
8929 | Upstream-ID: b96239dae4fb3aa94146bb381afabcc7740a1638 | ||
8930 | |||
8931 | commit b64077f9767634715402014f509e58decf1e140d | ||
8932 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8933 | Date: Fri Jan 6 09:27:52 2017 +0000 | ||
8934 | |||
8935 | upstream commit | ||
8936 | |||
8937 | fix previous | ||
8938 | |||
8939 | Upstream-ID: c107d6a69bc22325d79fbf78a2a62e04bcac6895 | ||
8940 | |||
8941 | commit 5e820e9ea2e949aeb93071fe31c80b0c42f2b2de | ||
8942 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8943 | Date: Fri Jan 6 03:53:58 2017 +0000 | ||
8944 | |||
8945 | upstream commit | ||
8946 | |||
8947 | show a useful error message when included config files | ||
8948 | can't be opened; bz#2653, ok dtucker@ | ||
8949 | |||
8950 | Upstream-ID: f598b73b5dfe497344cec9efc9386b4e5a3cb95b | ||
8951 | |||
8952 | commit 13bd2e2d622d01dc85d22b94520a5b243d006049 | ||
8953 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8954 | Date: Fri Jan 6 03:45:41 2017 +0000 | ||
8955 | |||
8956 | upstream commit | ||
8957 | |||
8958 | sshd_config is documented to set | ||
8959 | GSSAPIStrictAcceptorCheck=yes by default, so actually make it do this. | ||
8960 | bz#2637 ok dtucker | ||
8961 | |||
8962 | Upstream-ID: 99ef8ac51f17f0f7aec166cb2e34228d4d72a665 | ||
8963 | |||
8964 | commit f89b928534c9e77f608806a217d39a2960cc7fd0 | ||
8965 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8966 | Date: Fri Jan 6 03:41:58 2017 +0000 | ||
8967 | |||
8968 | upstream commit | ||
8969 | |||
8970 | Avoid confusing error message when attempting to use | ||
8971 | ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583 | ||
8972 | |||
8973 | Upstream-ID: 5d214abd3a21337d67c6dcc5aa6f313298d0d165 | ||
8974 | |||
8975 | commit 0999533014784579aa6f01c2d3a06e3e8804b680 | ||
8976 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
8977 | Date: Fri Jan 6 02:34:54 2017 +0000 | ||
8978 | |||
8979 | upstream commit | ||
8980 | |||
8981 | Re-add '%k' token for AuthorizedKeysCommand which was | ||
8982 | lost during the re-org in rev 1.235. bz#2656, from jboning at gmail.com. | ||
8983 | |||
8984 | Upstream-ID: 2884e203c02764d7b3fe7472710d9c24bdc73e38 | ||
8985 | |||
8986 | commit 51045869fa084cdd016fdd721ea760417c0a3bf3 | ||
8987 | Author: djm@openbsd.org <djm@openbsd.org> | ||
8988 | Date: Wed Jan 4 05:37:40 2017 +0000 | ||
8989 | |||
8990 | upstream commit | ||
8991 | |||
8992 | unbreak Unix domain socket forwarding for root; ok | ||
8993 | markus@ | ||
8994 | |||
8995 | Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2 | ||
8996 | |||
8997 | commit 58fca12ba967ea5c768653535604e1522d177e44 | ||
8998 | Author: Darren Tucker <dtucker@zip.com.au> | ||
8999 | Date: Mon Jan 16 09:08:32 2017 +1100 | ||
9000 | |||
9001 | Remove LOGIN_PROGRAM. | ||
9002 | |||
9003 | UseLogin is gone, remove leftover. bz#2665, from cjwatson at debian.org | ||
9004 | |||
9005 | commit b108ce92aae0ca0376dce9513d953be60e449ae1 | ||
9006 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9007 | Date: Wed Jan 4 02:21:43 2017 +0000 | ||
9008 | |||
9009 | upstream commit | ||
9010 | |||
9011 | relax PKCS#11 whitelist a bit to allow libexec as well as | ||
9012 | lib directories. | ||
9013 | |||
9014 | Upstream-ID: cf5617958e2e2d39f8285fd3bc63b557da484702 | ||
9015 | |||
9016 | commit c7995f296b9222df2846f56ecf61e5ae13d7a53d | ||
9017 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9018 | Date: Tue Jan 3 05:46:51 2017 +0000 | ||
9019 | |||
9020 | upstream commit | ||
9021 | |||
9022 | check number of entries in SSH2_FXP_NAME response; avoids | ||
9023 | unreachable overflow later. Reported by Jann Horn | ||
9024 | |||
9025 | Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f | ||
9026 | |||
9027 | commit ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2 | ||
9028 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9029 | Date: Fri Dec 30 22:08:02 2016 +0000 | ||
9030 | |||
9031 | upstream commit | ||
9032 | |||
9033 | fix deadlock when keys/principals command produces a lot of | ||
9034 | output and a key is matched early; bz#2655, patch from jboning AT gmail.com | ||
9035 | |||
9036 | Upstream-ID: e19456429bf99087ea994432c16d00a642060afe | ||
9037 | |||
9038 | commit 30eee7d1b2fec33c14870cc11910610be5d2aa6f | ||
9039 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9040 | Date: Tue Dec 20 12:16:11 2016 +1100 | ||
9041 | |||
9042 | Re-add missing "Prerequisites" header and fix typo | ||
9043 | |||
9044 | Patch from HARUYAMA Seigo <haruyama at unixuser org>. | ||
9045 | |||
9046 | commit c8c60f3663165edd6a52632c6ddbfabfce1ca865 | ||
9047 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9048 | Date: Mon Dec 19 22:35:23 2016 +0000 | ||
9049 | |||
9050 | upstream commit | ||
9051 | |||
9052 | use standard /bin/sh equality test; from Mike Frysinger | ||
9053 | |||
9054 | Upstream-Regress-ID: 7b6f0b63525f399844c8ac211003acb8e4b0bec2 | ||
9055 | |||
9056 | commit 4a354fc231174901f2629437c2a6e924a2dd6772 | ||
9057 | Author: Damien Miller <djm@mindrot.org> | ||
9058 | Date: Mon Dec 19 15:59:26 2016 +1100 | ||
9059 | |||
9060 | crank version numbers for release | ||
9061 | |||
9062 | commit 5f8d0bb8413d4d909cc7aa3c616fb0538224c3c9 | ||
9063 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9064 | Date: Mon Dec 19 04:55:51 2016 +0000 | ||
9065 | |||
9066 | upstream commit | ||
9067 | |||
9068 | openssh-7.4 | ||
9069 | |||
9070 | Upstream-ID: 1ee404adba6bbe10ae9277cbae3a94abe2867b79 | ||
9071 | |||
9072 | commit 3a8213ea0ed843523e34e55ab9c852332bab4c7b | ||
9073 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9074 | Date: Mon Dec 19 04:55:18 2016 +0000 | ||
9075 | |||
9076 | upstream commit | ||
9077 | |||
9078 | remove testcase that depends on exact output and | ||
9079 | behaviour of snprintf(..., "%s", NULL) | ||
9080 | |||
9081 | Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f | ||
9082 | |||
9083 | commit eae735a82d759054f6ec7b4e887fb7a5692c66d7 | ||
9084 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9085 | Date: Mon Dec 19 03:32:57 2016 +0000 | ||
9086 | |||
9087 | upstream commit | ||
9088 | |||
9089 | Use LOGNAME to get current user and fall back to whoami if | ||
9090 | not set. Mainly to benefit -portable since some platforms don't have whoami. | ||
9091 | |||
9092 | Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa | ||
9093 | |||
9094 | commit 0d2f88428487518eea60602bd593989013831dcf | ||
9095 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9096 | Date: Fri Dec 16 03:51:19 2016 +0000 | ||
9097 | |||
9098 | upstream commit | ||
9099 | |||
9100 | Add regression test for AllowUsers and DenyUsers. Patch from | ||
9101 | Zev Weiss <zev at bewilderbeest.net> | ||
9102 | |||
9103 | Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9 | ||
9104 | |||
9105 | commit 3bc8180a008929f6fe98af4a56fb37d04444b417 | ||
9106 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9107 | Date: Fri Dec 16 15:02:24 2016 +1100 | ||
9108 | |||
9109 | Add missing monitor.h include. | ||
9110 | |||
9111 | Fixes warning pointed out by Zev Weiss <zev at bewilderbeest.net> | ||
9112 | |||
9113 | commit 410681f9015d76cc7b137dd90dac897f673244a0 | ||
9114 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9115 | Date: Fri Dec 16 02:48:55 2016 +0000 | ||
9116 | |||
9117 | upstream commit | ||
9118 | |||
9119 | revert to rev1.2; the new bits in this test depend on changes | ||
9120 | to ssh that aren't yet committed | ||
9121 | |||
9122 | Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123 | ||
9123 | |||
9124 | commit 2f2ffa4fbe4b671bbffa0611f15ba44cff64d58e | ||
9125 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9126 | Date: Fri Dec 16 01:06:27 2016 +0000 | ||
9127 | |||
9128 | upstream commit | ||
9129 | |||
9130 | Move the "stop sshd" code into its own helper function. | ||
9131 | Patch from Zev Weiss <zev at bewilderbeest.net>, ok djm@ | ||
9132 | |||
9133 | Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329 | ||
9134 | |||
9135 | commit e15e7152331e3976b35475fd4e9c72897ad0f074 | ||
9136 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9137 | Date: Fri Dec 16 01:01:07 2016 +0000 | ||
9138 | |||
9139 | upstream commit | ||
9140 | |||
9141 | regression test for certificates along with private key | ||
9142 | with no public half. bz#2617, mostly from Adam Eijdenberg | ||
9143 | |||
9144 | Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115 | ||
9145 | |||
9146 | commit 9a70ec085faf6e55db311cd1a329f1a35ad2a500 | ||
9147 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9148 | Date: Thu Dec 15 23:50:37 2016 +0000 | ||
9149 | |||
9150 | upstream commit | ||
9151 | |||
9152 | Use $SUDO to read pidfile in case root's umask is | ||
9153 | restricted. From portable. | ||
9154 | |||
9155 | Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98 | ||
9156 | |||
9157 | commit fe06b68f824f8f55670442fb31f2c03526dd326c | ||
9158 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9159 | Date: Thu Dec 15 21:29:05 2016 +0000 | ||
9160 | |||
9161 | upstream commit | ||
9162 | |||
9163 | Add missing braces in DenyUsers code. Patch from zev at | ||
9164 | bewilderbeest.net, ok deraadt@ | ||
9165 | |||
9166 | Upstream-ID: d747ace338dcf943b077925f90f85f789714b54e | ||
9167 | |||
9168 | commit dcc7d74242a574fd5c4afbb4224795b1644321e7 | ||
9169 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9170 | Date: Thu Dec 15 21:20:41 2016 +0000 | ||
9171 | |||
9172 | upstream commit | ||
9173 | |||
9174 | Fix text in error message. Patch from zev at | ||
9175 | bewilderbeest.net. | ||
9176 | |||
9177 | Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6 | ||
9178 | |||
9179 | commit b737e4d7433577403a31cff6614f6a1b0b5e22f4 | ||
9180 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9181 | Date: Wed Dec 14 00:36:34 2016 +0000 | ||
9182 | |||
9183 | upstream commit | ||
9184 | |||
9185 | disable Unix-domain socket forwarding when privsep is | ||
9186 | disabled | ||
9187 | |||
9188 | Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0 | ||
9189 | |||
9190 | commit 08a1e7014d65c5b59416a0e138c1f73f417496eb | ||
9191 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9192 | Date: Fri Dec 9 03:04:29 2016 +0000 | ||
9193 | |||
9194 | upstream commit | ||
9195 | |||
9196 | log connections dropped in excess of MaxStartups at | ||
9197 | verbose LogLevel; bz#2613 based on diff from Tomas Kuthan; ok dtucker@ | ||
9198 | |||
9199 | Upstream-ID: 703ae690dbf9b56620a6018f8a3b2389ce76d92b | ||
9200 | |||
9201 | commit 10e290ec00964b2bf70faab15a10a5574bb80527 | ||
9202 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9203 | Date: Tue Dec 13 13:51:32 2016 +1100 | ||
9204 | |||
9205 | Get default of TEST_SSH_UTF8 from environment. | ||
9206 | |||
9207 | commit b9b8ba3f9ed92c6220b58d70d1e6d8aa3eea1104 | ||
9208 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9209 | Date: Tue Dec 13 12:56:40 2016 +1100 | ||
9210 | |||
9211 | Remove commented-out includes. | ||
9212 | |||
9213 | These commented-out includes have "Still needed?" comments. Since | ||
9214 | they've been commented out for ~13 years I assert that they're not. | ||
9215 | |||
9216 | commit 25275f1c9d5f01a0877d39444e8f90521a598ea0 | ||
9217 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9218 | Date: Tue Dec 13 12:54:23 2016 +1100 | ||
9219 | |||
9220 | Add prototype for strcasestr in compat library. | ||
9221 | |||
9222 | commit afec07732aa2985142f3e0b9a01eb6391f523dec | ||
9223 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9224 | Date: Tue Dec 13 10:23:03 2016 +1100 | ||
9225 | |||
9226 | Add strcasestr to compat library. | ||
9227 | |||
9228 | Fixes build on (at least) Solaris 10. | ||
9229 | |||
9230 | commit dda78a03af32e7994f132d923c2046e98b7c56c8 | ||
9231 | Author: Damien Miller <djm@mindrot.org> | ||
9232 | Date: Mon Dec 12 13:57:10 2016 +1100 | ||
9233 | |||
9234 | Force Turkish locales back to C/POSIX; bz#2643 | ||
9235 | |||
9236 | Turkish locales are unique in their handling of the letters 'i' and | ||
9237 | 'I' (yes, they are different letters) and OpenSSH isn't remotely | ||
9238 | prepared to deal with that. For now, the best we can do is to force | ||
9239 | OpenSSH to use the C/POSIX locale and try to preserve the UTF-8 | ||
9240 | encoding if possible. | ||
9241 | |||
9242 | ok dtucker@ | ||
9243 | |||
9244 | commit c35995048f41239fc8895aadc3374c5f75180554 | ||
9245 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9246 | Date: Fri Dec 9 12:52:02 2016 +1100 | ||
9247 | |||
9248 | exit is in stdlib.h not unistd.h (that's _exit). | ||
9249 | |||
9250 | commit d399a8b914aace62418c0cfa20341aa37a192f98 | ||
9251 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9252 | Date: Fri Dec 9 12:33:25 2016 +1100 | ||
9253 | |||
9254 | Include <unistd.h> for exit in utf8 locale test. | ||
9255 | |||
9256 | commit 47b8c99ab3221188ad3926108dd9d36da3b528ec | ||
9257 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9258 | Date: Thu Dec 8 15:48:34 2016 +1100 | ||
9259 | |||
9260 | Check for utf8 local support before testing it. | ||
9261 | |||
9262 | Check for utf8 local support and if not found, do not attempt to run the | ||
9263 | utf8 tests. Suggested by djm@ | ||
9264 | |||
9265 | commit 4089fc1885b3a2822204effbb02b74e3da58240d | ||
9266 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9267 | Date: Thu Dec 8 12:57:24 2016 +1100 | ||
9268 | |||
9269 | Use AC_PATH_TOOL for krb5-config. | ||
9270 | |||
9271 | This will use the host-prefixed version when cross compiling; patch from | ||
9272 | david.michael at coreos.com. | ||
9273 | |||
9274 | commit b4867e0712c89b93be905220c82f0a15e6865d1e | ||
9275 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9276 | Date: Tue Dec 6 07:48:01 2016 +0000 | ||
9277 | |||
9278 | upstream commit | ||
9279 | |||
9280 | make IdentityFile successfully load and use certificates that | ||
9281 | have no corresponding bare public key. E.g. just a private id_rsa and | ||
9282 | certificate id_rsa-cert.pub (and no id_rsa.pub). | ||
9283 | |||
9284 | bz#2617 ok dtucker@ | ||
9285 | |||
9286 | Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604 | ||
9287 | |||
9288 | commit c9792783a98881eb7ed295680013ca97a958f8ac | ||
9289 | Author: Damien Miller <djm@mindrot.org> | ||
9290 | Date: Fri Nov 25 14:04:21 2016 +1100 | ||
9291 | |||
9292 | Add a gnome-ssh-askpass3 target for GTK+3 version | ||
9293 | |||
9294 | Based on patch from Colin Watson via bz#2640 | ||
9295 | |||
9296 | commit 7be85ae02b9de0993ce0a1d1e978e11329f6e763 | ||
9297 | Author: Damien Miller <djm@mindrot.org> | ||
9298 | Date: Fri Nov 25 14:03:53 2016 +1100 | ||
9299 | |||
9300 | Make gnome-ssh-askpass2.c GTK+3-friendly | ||
9301 | |||
9302 | Patch from Colin Watson via bz#2640 | ||
9303 | |||
9304 | commit b9844a45c7f0162fd1b5465683879793d4cc4aaa | ||
9305 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9306 | Date: Sun Dec 4 23:54:02 2016 +0000 | ||
9307 | |||
9308 | upstream commit | ||
9309 | |||
9310 | Fix public key authentication when multiple | ||
9311 | authentication is in use. Instead of deleting and re-preparing the entire | ||
9312 | keys list, just reset the 'used' flags; the keys list is already in a good | ||
9313 | order (with already- tried keys at the back) | ||
9314 | |||
9315 | Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@ | ||
9316 | |||
9317 | Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176 | ||
9318 | |||
9319 | commit f2398eb774075c687b13af5bc22009eb08889abe | ||
9320 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9321 | Date: Sun Dec 4 22:27:25 2016 +0000 | ||
9322 | |||
9323 | upstream commit | ||
9324 | |||
9325 | Unlink PidFile on SIGHUP and always recreate it when the | ||
9326 | new sshd starts. Regression tests (and possibly other things) depend on the | ||
9327 | pidfile being recreated after SIGHUP, and unlinking it means it won't contain | ||
9328 | a stale pid if sshd fails to restart. ok djm@ markus@ | ||
9329 | |||
9330 | Upstream-ID: 132dd6dda0c77dd49d2f15b2573b5794f6160870 | ||
9331 | |||
9332 | commit 85aa2efeba51a96bf6834f9accf2935d96150296 | ||
9333 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9334 | Date: Wed Nov 30 03:01:33 2016 +0000 | ||
9335 | |||
9336 | upstream commit | ||
9337 | |||
9338 | test new behaviour of cert force-command restriction vs. | ||
9339 | authorized_key/ principals | ||
9340 | |||
9341 | Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c | ||
9342 | |||
9343 | commit 5d333131cd8519d022389cfd3236280818dae1bc | ||
9344 | Author: jmc@openbsd.org <jmc@openbsd.org> | ||
9345 | Date: Wed Nov 30 06:54:26 2016 +0000 | ||
9346 | |||
9347 | upstream commit | ||
9348 | |||
9349 | tweak previous; while here fix up FILES and AUTHORS; | ||
9350 | |||
9351 | Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa | ||
9352 | |||
9353 | commit 786d5994da79151180cb14a6cf157ebbba61c0cc | ||
9354 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9355 | Date: Wed Nov 30 03:07:37 2016 +0000 | ||
9356 | |||
9357 | upstream commit | ||
9358 | |||
9359 | add a whitelist of paths from which ssh-agent will load | ||
9360 | (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@ | ||
9361 | |||
9362 | Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f | ||
9363 | |||
9364 | commit 7844f357cdd90530eec81340847783f1f1da010b | ||
9365 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9366 | Date: Wed Nov 30 03:00:05 2016 +0000 | ||
9367 | |||
9368 | upstream commit | ||
9369 | |||
9370 | Add a sshd_config DisableForwaring option that disables | ||
9371 | X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as | ||
9372 | anything else we might implement in the future. | ||
9373 | |||
9374 | This, like the 'restrict' authorized_keys flag, is intended to be a | ||
9375 | simple and future-proof way of restricting an account. Suggested as | ||
9376 | a complement to 'restrict' by Jann Horn; ok markus@ | ||
9377 | |||
9378 | Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7 | ||
9379 | |||
9380 | commit fd6dcef2030d23c43f986d26979f84619c10589d | ||
9381 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9382 | Date: Wed Nov 30 02:57:40 2016 +0000 | ||
9383 | |||
9384 | upstream commit | ||
9385 | |||
9386 | When a forced-command appears in both a certificate and | ||
9387 | an authorized keys/principals command= restriction, refuse to accept the | ||
9388 | certificate unless they are identical. | ||
9389 | |||
9390 | The previous (documented) behaviour of having the certificate forced- | ||
9391 | command override the other could be a bit confused and more error-prone. | ||
9392 | |||
9393 | Pointed out by Jann Horn of Project Zero; ok dtucker@ | ||
9394 | |||
9395 | Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f | ||
9396 | |||
9397 | commit 7fc4766ac78abae81ee75b22b7550720bfa28a33 | ||
9398 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9399 | Date: Wed Nov 30 00:28:31 2016 +0000 | ||
9400 | |||
9401 | upstream commit | ||
9402 | |||
9403 | On startup, check to see if sshd is already daemonized | ||
9404 | and if so, skip the call to daemon() and do not rewrite the PidFile. This | ||
9405 | means that when sshd re-execs itself on SIGHUP the process ID will no longer | ||
9406 | change. Should address bz#2641. ok djm@ markus@. | ||
9407 | |||
9408 | Upstream-ID: 5ea0355580056fb3b25c1fd6364307d9638a37b9 | ||
9409 | |||
9410 | commit c9f880c195c65f1dddcbc4ce9d6bfea7747debcc | ||
9411 | Author: Damien Miller <djm@mindrot.org> | ||
9412 | Date: Wed Nov 30 13:51:49 2016 +1100 | ||
9413 | |||
9414 | factor out common PRNG reseed before privdrop | ||
9415 | |||
9416 | Add a call to RAND_poll() to ensure than more than pid+time gets | ||
9417 | stirred into child processes states. Prompted by analysis from Jann | ||
9418 | Horn at Project Zero. ok dtucker@ | ||
9419 | |||
9420 | commit 79e4829ec81dead1b30999e1626eca589319a47f | ||
9421 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9422 | Date: Fri Nov 25 03:02:01 2016 +0000 | ||
9423 | |||
9424 | upstream commit | ||
9425 | |||
9426 | Allow PuTTY interop tests to run unattended. bz#2639, | ||
9427 | patch from cjwatson at debian.org. | ||
9428 | |||
9429 | Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0 | ||
9430 | |||
9431 | commit 504c3a9a1bf090f6b27260fc3e8ea7d984d163dc | ||
9432 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9433 | Date: Fri Nov 25 02:56:49 2016 +0000 | ||
9434 | |||
9435 | upstream commit | ||
9436 | |||
9437 | Reverse args to sshd-log-wrapper. Matches change in | ||
9438 | portable, where it allows sshd do be optionally run under Valgrind. | ||
9439 | |||
9440 | Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906 | ||
9441 | |||
9442 | commit bd13017736ec2f8f9ca498fe109fb0035f322733 | ||
9443 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9444 | Date: Fri Nov 25 02:49:18 2016 +0000 | ||
9445 | |||
9446 | upstream commit | ||
9447 | |||
9448 | Fix typo in trace message; from portable. | ||
9449 | |||
9450 | Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a | ||
9451 | |||
9452 | commit 7da751d8b007c7f3e814fd5737c2351440d78b4c | ||
9453 | Author: tb@openbsd.org <tb@openbsd.org> | ||
9454 | Date: Tue Nov 1 13:43:27 2016 +0000 | ||
9455 | |||
9456 | upstream commit | ||
9457 | |||
9458 | Clean up MALLOC_OPTIONS. For the unittests, move | ||
9459 | MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc. | ||
9460 | |||
9461 | ok otto | ||
9462 | |||
9463 | Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12 | ||
9464 | |||
9465 | commit 36f58e68221bced35e06d1cca8d97c48807a8b71 | ||
9466 | Author: tb@openbsd.org <tb@openbsd.org> | ||
9467 | Date: Mon Oct 31 23:45:08 2016 +0000 | ||
9468 | |||
9469 | upstream commit | ||
9470 | |||
9471 | Remove the obsolete A and P flags from MALLOC_OPTIONS. | ||
9472 | |||
9473 | ok dtucker | ||
9474 | |||
9475 | Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59 | ||
9476 | |||
9477 | commit b0899ee26a6630883c0f2350098b6a35e647f512 | ||
9478 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9479 | Date: Tue Nov 29 03:54:50 2016 +0000 | ||
9480 | |||
9481 | upstream commit | ||
9482 | |||
9483 | Factor out code to disconnect from controlling terminal | ||
9484 | into its own function. ok djm@ | ||
9485 | |||
9486 | Upstream-ID: 39fd9e8ebd7222615a837312face5cc7ae962885 | ||
9487 | |||
9488 | commit 54d022026aae4f53fa74cc636e4a032d9689b64d | ||
9489 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9490 | Date: Fri Nov 25 23:24:45 2016 +0000 | ||
9491 | |||
9492 | upstream commit | ||
9493 | |||
9494 | use sshbuf_allocate() to pre-allocate the buffer used for | ||
9495 | loading keys. This avoids implicit realloc inside the buffer code, which | ||
9496 | might theoretically leave fragments of the key on the heap. This doesn't | ||
9497 | appear to happen in practice for normal sized keys, but was observed for | ||
9498 | novelty oversize ones. | ||
9499 | |||
9500 | Pointed out by Jann Horn of Project Zero; ok markus@ | ||
9501 | |||
9502 | Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1 | ||
9503 | |||
9504 | commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e | ||
9505 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9506 | Date: Fri Nov 25 23:22:04 2016 +0000 | ||
9507 | |||
9508 | upstream commit | ||
9509 | |||
9510 | split allocation out of sshbuf_reserve() into a separate | ||
9511 | sshbuf_allocate() function; ok markus@ | ||
9512 | |||
9513 | Upstream-ID: 11b8a2795afeeb1418d508a2c8095b3355577ec2 | ||
9514 | |||
9515 | commit f0ddedee460486fa0e32fefb2950548009e5026e | ||
9516 | Author: markus@openbsd.org <markus@openbsd.org> | ||
9517 | Date: Wed Nov 23 23:14:15 2016 +0000 | ||
9518 | |||
9519 | upstream commit | ||
9520 | |||
9521 | allow ClientAlive{Interval,CountMax} in Match; ok dtucker, | ||
9522 | djm | ||
9523 | |||
9524 | Upstream-ID: 8beb4c1eadd588f1080b58932281983864979f55 | ||
9525 | |||
9526 | commit 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a | ||
9527 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9528 | Date: Tue Nov 8 22:04:34 2016 +0000 | ||
9529 | |||
9530 | upstream commit | ||
9531 | |||
9532 | unbreak DenyUsers; reported by henning@ | ||
9533 | |||
9534 | Upstream-ID: 1c67d4148f5e953c35acdb62e7c08ae8e33f7cb2 | ||
9535 | |||
9536 | commit 010359b32659f455fddd2bd85fd7cc4d7a3b994a | ||
9537 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9538 | Date: Sun Nov 6 05:46:37 2016 +0000 | ||
9539 | |||
9540 | upstream commit | ||
9541 | |||
9542 | Validate address ranges for AllowUser/DenyUsers at | ||
9543 | configuration load time and refuse to accept bad ones. It was previously | ||
9544 | possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and | ||
9545 | these would always match. | ||
9546 | |||
9547 | Thanks to Laurence Parry for a detailed bug report. ok markus (for | ||
9548 | a previous diff version) | ||
9549 | |||
9550 | Upstream-ID: 9dfcdd9672b06e65233ea4434c38226680d40bfb | ||
9551 | |||
9552 | commit efb494e81d1317209256b38b49f4280897c61e69 | ||
9553 | Author: djm@openbsd.org <djm@openbsd.org> | ||
9554 | Date: Fri Oct 28 03:33:52 2016 +0000 | ||
9555 | |||
9556 | upstream commit | ||
9557 | |||
9558 | Improve pkcs11_add_provider() logging: demote some | ||
9559 | excessively verbose error()s to debug()s, include PKCS#11 provider name and | ||
9560 | slot in log messages where possible. bz#2610, based on patch from Jakub Jelen | ||
9561 | |||
9562 | Upstream-ID: 3223ef693cfcbff9079edfc7e89f55bf63e1973d | ||
9563 | |||
9564 | commit 5ee3fb5affd7646f141749483205ade5fc54adaf | ||
9565 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9566 | Date: Tue Nov 1 08:12:33 2016 +1100 | ||
9567 | |||
9568 | Use ptrace(PT_DENY_ATTACH, ..) on OS X. | ||
9569 | |||
9570 | commit 315d2a4e674d0b7115574645cb51f968420ebb34 | ||
9571 | Author: Damien Miller <djm@mindrot.org> | ||
9572 | Date: Fri Oct 28 14:34:07 2016 +1100 | ||
9573 | |||
9574 | Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL | ||
9575 | |||
9576 | ok dtucker@ | ||
9577 | |||
9578 | commit a9ff3950b8e80ff971b4d44bbce96df27aed28af | ||
9579 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9580 | Date: Fri Oct 28 14:26:58 2016 +1100 | ||
9581 | |||
9582 | Move OPENSSL_NO_RIPEMD160 to compat. | ||
9583 | |||
9584 | Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the | ||
9585 | ripemd160 MACs. | ||
9586 | |||
9587 | commit bce58885160e5db2adda3054c3b81fe770f7285a | ||
9588 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9589 | Date: Fri Oct 28 13:52:31 2016 +1100 | ||
9590 | |||
9591 | Check if RIPEMD160 is disabled in OpenSSL. | ||
9592 | |||
9593 | commit d924640d4c355d1b5eca1f4cc60146a9975dbbff | ||
9594 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9595 | Date: Fri Oct 28 13:38:19 2016 +1100 | ||
9596 | |||
9597 | Skip ssh1 specfic ciphers. | ||
9598 | |||
9599 | cipher-3des1.c and cipher-bf1.c are specific to sshv1 so don't even try | ||
9600 | to compile them when Protocol 1 is not enabled. | ||
9601 | |||
9602 | commit 79d078e7a49caef746516d9710ec369ba45feab6 | ||
9603 | Author: jsg@openbsd.org <jsg@openbsd.org> | ||
9604 | Date: Tue Oct 25 04:08:13 2016 +0000 | ||
9605 | |||
9606 | upstream commit | ||
9607 | |||
9608 | Fix logic in add_local_forward() that inverted a test | ||
9609 | when code was refactored out into bind_permitted(). This broke ssh port | ||
9610 | forwarding for non-priv ports as a non root user. | ||
9611 | |||
9612 | ok dtucker@ 'looks good' deraadt@ | ||
9613 | |||
9614 | Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9 | ||
9615 | |||
9616 | commit a903e315dee483e555c8a3a02c2946937f9b4e5d | ||
9617 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9618 | Date: Mon Oct 24 01:09:17 2016 +0000 | ||
9619 | |||
9620 | upstream commit | ||
9621 | |||
9622 | Remove dead breaks, found via opencoverage.net. ok | ||
9623 | deraadt@ | ||
9624 | |||
9625 | Upstream-ID: ad9cc655829d67fad219762810770787ba913069 | ||
9626 | |||
9627 | commit b4e96b4c9bea4182846e4942ba2048e6d708ee54 | ||
9628 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9629 | Date: Wed Oct 26 08:43:25 2016 +1100 | ||
9630 | |||
9631 | Use !=NULL instead of >0 for getdefaultproj. | ||
9632 | |||
9633 | getdefaultproj() returns a pointer so test it for NULL inequality | ||
9634 | instead of >0. Fixes compiler warning and is more correct. Patch from | ||
9635 | David Binderman. | ||
9636 | |||
9637 | commit 1c4ef0b808d3d38232aeeb1cebb7e9a43def42c5 | ||
9638 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9639 | Date: Sun Oct 23 22:04:05 2016 +0000 | ||
9640 | |||
9641 | upstream commit | ||
9642 | |||
9643 | Factor out "can bind to low ports" check into its own function. This will | ||
9644 | make it easier for Portable to support platforms with permissions models | ||
9645 | other than uid==0 (eg bz#2625). ok djm@, "doesn't offend me too much" | ||
9646 | deraadt@. | ||
9647 | |||
9648 | Upstream-ID: 86213df4183e92b8f189a6d2dac858c994bfface | ||
9649 | |||
9650 | commit 0b9ee623d57e5de7e83e66fd61a7ba9a5be98894 | ||
9651 | Author: dtucker@openbsd.org <dtucker@openbsd.org> | ||
9652 | Date: Wed Oct 19 23:21:56 2016 +0000 | ||
9653 | |||
9654 | upstream commit | ||
9655 | |||
9656 | When tearing down ControlMaster connecctions, don't | ||
9657 | pollute stderr when LogLevel=quiet. Patch from Tim Kuijsten via tech@. | ||
9658 | |||
9659 | Upstream-ID: d9b3a68b2a7c2f2fc7f74678e29a4618d55ceced | ||
9660 | |||
9661 | commit 09e6a7d8354224933febc08ddcbc2010f542284e | ||
9662 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9663 | Date: Mon Oct 24 09:06:18 2016 +1100 | ||
9664 | |||
9665 | Wrap stdint.h include in ifdef. | ||
9666 | |||
9667 | commit 08d9e9516e587b25127545c029e5464b2e7f2919 | ||
9668 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9669 | Date: Fri Oct 21 09:46:46 2016 +1100 | ||
9670 | |||
9671 | Fix formatting. | ||
9672 | |||
9673 | commit 461f50e7ab8751d3a55e9158c44c13031db7ba1d | ||
9674 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9675 | Date: Fri Oct 21 06:55:58 2016 +1100 | ||
9676 | |||
9677 | Update links to https. | ||
9678 | |||
9679 | www.openssh.com now supports https and ftp.openbsd.org no longer | ||
9680 | supports ftp. Make all links to these https. | ||
9681 | |||
9682 | commit dd4e7212a6141f37742de97795e79db51e4427ad | ||
9683 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9684 | Date: Fri Oct 21 06:48:46 2016 +1100 | ||
9685 | |||
9686 | Update host key generation examples. | ||
9687 | |||
9688 | Remove ssh1 host key generation, add ssh-keygen -A | ||
9689 | |||
9690 | commit 6d49ae82634c67e9a4d4af882bee20b40bb8c639 | ||
9691 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9692 | Date: Fri Oct 21 05:22:55 2016 +1100 | ||
9693 | |||
9694 | Update links. | ||
9695 | |||
9696 | Make links to openssh.com HTTPS now that it's supported, point release | ||
9697 | notes link to the HTML release notes page, and update a couple of other | ||
9698 | links and bits of text. | ||
9699 | |||
9700 | commit fe0d1ca6ace06376625084b004ee533f2c2ea9d6 | ||
9701 | Author: Darren Tucker <dtucker@zip.com.au> | ||
9702 | Date: Thu Oct 20 03:42:09 2016 +1100 | ||
9703 | |||
9704 | Remote channels .orig and .rej files. | ||
9705 | |||
9706 | These files were incorrectly added during an OpenBSD sync. | ||
diff --git a/ChangeLog.gssapi b/ChangeLog.gssapi deleted file mode 100644 index f117a336a..000000000 --- a/ChangeLog.gssapi +++ /dev/null | |||
@@ -1,113 +0,0 @@ | |||
1 | 20110101 | ||
2 | - Finally update for OpenSSH 5.6p1 | ||
3 | - Add GSSAPIServerIdentity option from Jim Basney | ||
4 | |||
5 | 20100308 | ||
6 | - [ Makefile.in, key.c, key.h ] | ||
7 | Updates for OpenSSH 5.4p1 | ||
8 | - [ servconf.c ] | ||
9 | Include GSSAPI options in the sshd -T configuration dump, and flag | ||
10 | some older configuration options as being unsupported. Thanks to Colin | ||
11 | Watson. | ||
12 | - | ||
13 | |||
14 | 20100124 | ||
15 | - [ sshconnect2.c ] | ||
16 | Adapt to deal with additional element in Authmethod structure. Thanks to | ||
17 | Colin Watson | ||
18 | |||
19 | 20090615 | ||
20 | - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c | ||
21 | sshd.c ] | ||
22 | Fix issues identified by Greg Hudson following a code review | ||
23 | Check return value of gss_indicate_mechs | ||
24 | Protect GSSAPI calls in monitor, so they can only be used if enabled | ||
25 | Check return values of bignum functions in key exchange | ||
26 | Use BN_clear_free to clear other side's DH value | ||
27 | Make ssh_gssapi_id_kex more robust | ||
28 | Only configure kex table pointers if GSSAPI is enabled | ||
29 | Don't leak mechanism list, or gss mechanism list | ||
30 | Cast data.length before printing | ||
31 | If serverkey isn't provided, use an empty string, rather than NULL | ||
32 | |||
33 | 20090201 | ||
34 | - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h | ||
35 | ssh_config.5 sshconnet2.c ] | ||
36 | Add support for the GSSAPIClientIdentity option, which allows the user | ||
37 | to specify which GSSAPI identity to use to contact a given server | ||
38 | |||
39 | 20080404 | ||
40 | - [ gss-serv.c ] | ||
41 | Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow | ||
42 | been omitted from a previous version of this patch. Reported by Borislav | ||
43 | Stoichkov | ||
44 | |||
45 | 20070317 | ||
46 | - [ gss-serv-krb5.c ] | ||
47 | Remove C99ism, where new_ccname was being declared in the middle of a | ||
48 | function | ||
49 | |||
50 | 20061220 | ||
51 | - [ servconf.c ] | ||
52 | Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and | ||
53 | documented, behaviour. Reported by Dan Watson. | ||
54 | |||
55 | 20060910 | ||
56 | - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c | ||
57 | ssh-gss.h ] | ||
58 | add support for gss-group14-sha1 key exchange mechanisms | ||
59 | - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ] | ||
60 | Add GSSAPIStrictAcceptorCheck option to allow the disabling of | ||
61 | acceptor principal checking on multi-homed machines. | ||
62 | <Bugzilla #928> | ||
63 | - [ sshd_config ssh_config ] | ||
64 | Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample | ||
65 | configuration files | ||
66 | - [ kexgss.c kegsss.c sshconnect2.c sshd.c ] | ||
67 | Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf() | ||
68 | Limit length of error messages displayed by client | ||
69 | |||
70 | 20060909 | ||
71 | - [ gss-genr.c gss-serv.c ] | ||
72 | move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server | ||
73 | only, where they belong | ||
74 | <Bugzilla #1225> | ||
75 | |||
76 | 20060829 | ||
77 | - [ gss-serv-krb5.c ] | ||
78 | Fix CCAPI credentials cache name when creating KRB5CCNAME environment | ||
79 | variable | ||
80 | |||
81 | 20060828 | ||
82 | - [ gss-genr.c ] | ||
83 | Avoid Heimdal context freeing problem | ||
84 | <Fixed upstream 20060829> | ||
85 | |||
86 | 20060818 | ||
87 | - [ gss-genr.c ssh-gss.h sshconnect2.c ] | ||
88 | Make sure that SPENGO is disabled | ||
89 | <Bugzilla #1218 - Fixed upstream 20060818> | ||
90 | |||
91 | 20060421 | ||
92 | - [ gssgenr.c, sshconnect2.c ] | ||
93 | a few type changes (signed versus unsigned, int versus size_t) to | ||
94 | fix compiler errors/warnings | ||
95 | (from jbasney AT ncsa.uiuc.edu) | ||
96 | - [ kexgssc.c, sshconnect2.c ] | ||
97 | fix uninitialized variable warnings | ||
98 | (from jbasney AT ncsa.uiuc.edu) | ||
99 | - [ gssgenr.c ] | ||
100 | pass oid to gss_display_status (helpful when using GSSAPI mechglue) | ||
101 | (from jbasney AT ncsa.uiuc.edu) | ||
102 | <Bugzilla #1220 > | ||
103 | - [ gss-serv-krb5.c ] | ||
104 | #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H | ||
105 | (from jbasney AT ncsa.uiuc.edu) | ||
106 | <Fixed upstream 20060304> | ||
107 | - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c | ||
108 | add client-side GssapiKeyExchange option | ||
109 | (from jbasney AT ncsa.uiuc.edu) | ||
110 | - [ sshconnect2.c ] | ||
111 | add support for GssapiTrustDns option for gssapi-with-mic | ||
112 | (from jbasney AT ncsa.uiuc.edu) | ||
113 | <gssapi-with-mic support is Bugzilla #1008> | ||
@@ -13,15 +13,15 @@ OpenSSL) | |||
13 | Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems): | 13 | Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems): |
14 | http://www.gzip.org/zlib/ | 14 | http://www.gzip.org/zlib/ |
15 | 15 | ||
16 | libcrypto (LibreSSL or OpenSSL >= 1.0.1 < 1.1.0) | 16 | libcrypto from either of: |
17 | LibreSSL http://www.libressl.org/ ; or | 17 | - LibreSSL (http://www.libressl.org/) |
18 | OpenSSL http://www.openssl.org/ | 18 | - OpenSSL 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g (http://www.openssl.org/) |
19 | 19 | ||
20 | LibreSSL/OpenSSL should be compiled as a position-independent library | 20 | LibreSSL/OpenSSL should be compiled as a position-independent library |
21 | (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it. | 21 | (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it. |
22 | If you must use a non-position-independent libcrypto, then you may need | 22 | If you must use a non-position-independent libcrypto, then you may need |
23 | to configure OpenSSH --without-pie. Note that because of API changes, | 23 | to configure OpenSSH --without-pie. Note that due to a bug in EVP_CipherInit |
24 | OpenSSL 1.1.x is not currently supported. | 24 | OpenSSL 1.1 versions prior to 1.1.0g can't be used. |
25 | 25 | ||
26 | The remaining items are optional. | 26 | The remaining items are optional. |
27 | 27 | ||
diff --git a/Makefile.in b/Makefile.in index ee166114d..0960a6a03 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -88,7 +88,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | |||
88 | canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ | 88 | canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ |
89 | cipher-ctr.o cleanup.o \ | 89 | cipher-ctr.o cleanup.o \ |
90 | compat.o crc32.o fatal.o hostfile.o \ | 90 | compat.o crc32.o fatal.o hostfile.o \ |
91 | log.o match.o moduli.o nchan.o packet.o opacket.o \ | 91 | log.o match.o moduli.o nchan.o packet.o \ |
92 | readpass.o ttymodes.o xmalloc.o addrmatch.o \ | 92 | readpass.o ttymodes.o xmalloc.o addrmatch.o \ |
93 | atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \ | 93 | atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \ |
94 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ | 94 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ |
@@ -98,11 +98,12 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | |||
98 | ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \ | 98 | ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \ |
99 | sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ | 99 | sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ |
100 | kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ | 100 | kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ |
101 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ | 101 | kexgexc.o kexgexs.o \ |
102 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ | 102 | sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \ |
103 | kexgssc.o \ | 103 | kexgssc.o \ |
104 | platform-pledge.o platform-tracing.o platform-misc.o | 104 | platform-pledge.o platform-tracing.o platform-misc.o |
105 | 105 | ||
106 | |||
106 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ | 107 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ |
107 | sshconnect.o sshconnect2.o mux.o | 108 | sshconnect.o sshconnect2.o mux.o |
108 | 109 | ||
@@ -187,7 +188,7 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o | |||
187 | ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o | 188 | ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o |
188 | $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 189 | $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
189 | 190 | ||
190 | ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o | 191 | ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o |
191 | $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 192 | $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
192 | 193 | ||
193 | ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o | 194 | ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o |
@@ -600,6 +601,7 @@ tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) | |||
600 | TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ | 601 | TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ |
601 | TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ | 602 | TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ |
602 | TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ | 603 | TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ |
604 | TEST_SSH_SSHPKCS11HELPER="$${BUILDDIR}/ssh-pkcs11-helper"; \ | ||
603 | TEST_SSH_PLINK="plink"; \ | 605 | TEST_SSH_PLINK="plink"; \ |
604 | TEST_SSH_PUTTYGEN="puttygen"; \ | 606 | TEST_SSH_PUTTYGEN="puttygen"; \ |
605 | TEST_SSH_CONCH="conch"; \ | 607 | TEST_SSH_CONCH="conch"; \ |
@@ -34,11 +34,12 @@ these programs. | |||
34 | 34 | ||
35 | - Ssh contains several encryption algorithms. These are all | 35 | - Ssh contains several encryption algorithms. These are all |
36 | accessed through the cipher.h interface. The interface code is | 36 | accessed through the cipher.h interface. The interface code is |
37 | in cipher.c, and the implementations are in libc. | 37 | in cipher.c, and the implementations are either in libc or |
38 | LibreSSL. | ||
38 | 39 | ||
39 | Multiple Precision Integer Library | 40 | Multiple Precision Integer Library |
40 | 41 | ||
41 | - Uses the SSLeay BIGNUM sublibrary. | 42 | - Uses the LibreSSL BIGNUM sublibrary. |
42 | 43 | ||
43 | Random Numbers | 44 | Random Numbers |
44 | 45 | ||
@@ -158,4 +159,4 @@ these programs. | |||
158 | uidswap.c uid-swapping | 159 | uidswap.c uid-swapping |
159 | xmalloc.c "safe" malloc routines | 160 | xmalloc.c "safe" malloc routines |
160 | 161 | ||
161 | $OpenBSD: OVERVIEW,v 1.14 2018/07/27 03:55:22 dtucker Exp $ | 162 | $OpenBSD: OVERVIEW,v 1.15 2018/10/23 05:56:35 djm Exp $ |
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys index 11363fdc3..48338e671 100644 --- a/PROTOCOL.certkeys +++ b/PROTOCOL.certkeys | |||
@@ -36,6 +36,7 @@ Certified keys are represented using new key types: | |||
36 | ecdsa-sha2-nistp256-cert-v01@openssh.com | 36 | ecdsa-sha2-nistp256-cert-v01@openssh.com |
37 | ecdsa-sha2-nistp384-cert-v01@openssh.com | 37 | ecdsa-sha2-nistp384-cert-v01@openssh.com |
38 | ecdsa-sha2-nistp521-cert-v01@openssh.com | 38 | ecdsa-sha2-nistp521-cert-v01@openssh.com |
39 | ssh-ed25519-cert-v01@openssh.com | ||
39 | 40 | ||
40 | Two additional types exist for RSA certificates to force use of | 41 | Two additional types exist for RSA certificates to force use of |
41 | SHA-2 signatures (SHA-256 and SHA-512 respectively): | 42 | SHA-2 signatures (SHA-256 and SHA-512 respectively): |
@@ -303,4 +304,4 @@ permit-user-rc empty Flag indicating that execution of | |||
303 | of this script will not be permitted if | 304 | of this script will not be permitted if |
304 | this option is not present. | 305 | this option is not present. |
305 | 306 | ||
306 | $OpenBSD: PROTOCOL.certkeys,v 1.15 2018/07/03 11:39:54 djm Exp $ | 307 | $OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | See https://www.openssh.com/releasenotes.html#7.9p1 for the release notes. | 1 | See https://www.openssh.com/releasenotes.html#8.0p1 for the release notes. |
2 | 2 | ||
3 | Please read https://www.openssh.com/report.html for bug reporting | 3 | Please read https://www.openssh.com/report.html for bug reporting |
4 | instructions and note that we do not use Github for bug reporting or | 4 | instructions and note that we do not use Github for bug reporting or |
diff --git a/README.md b/README.md new file mode 100644 index 000000000..4e2624161 --- /dev/null +++ b/README.md | |||
@@ -0,0 +1,74 @@ | |||
1 | # Portable OpenSSH | ||
2 | |||
3 | OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs. | ||
4 | |||
5 | This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM). | ||
6 | |||
7 | ## Documentation | ||
8 | |||
9 | The official documentation for OpenSSH are the man pages for each tool: | ||
10 | |||
11 | * [ssh(1)](https://man.openbsd.org/ssh.1) | ||
12 | * [sshd(8)](https://man.openbsd.org/sshd.8) | ||
13 | * [ssh-keygen(1)](https://man.openbsd.org/ssh-keygen.1) | ||
14 | * [ssh-agent(1)](https://man.openbsd.org/ssh-agent.1) | ||
15 | * [scp(1)](https://man.openbsd.org/scp.1) | ||
16 | * [sftp(1)](https://man.openbsd.org/sftp.1) | ||
17 | * [ssh-keyscan(8)](https://man.openbsd.org/ssh-keyscan.8) | ||
18 | * [sftp-server(8)](https://man.openbsd.org/sftp-server.8) | ||
19 | |||
20 | ## Stable Releases | ||
21 | |||
22 | Stable release tarballs are available from a number of [download mirrors](https://www.openssh.com/portable.html#downloads). We recommend the use of a stable release for most users. Please read the [release notes](https://www.openssh.com/releasenotes.html) for details of recent changes and potential incompatibilities. | ||
23 | |||
24 | ## Building Portable OpenSSH | ||
25 | |||
26 | ### Dependencies | ||
27 | |||
28 | Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers, as well as [zlib](https://www.zlib.net/) and ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) to build. Certain platforms and build-time options may require additional dependencies. | ||
29 | |||
30 | ### Building a release | ||
31 | |||
32 | Releases include a pre-built copy of the ``configure`` script and may be built using: | ||
33 | |||
34 | ``` | ||
35 | tar zxvf openssh-X.Y.tar.gz | ||
36 | cd openssh | ||
37 | ./configure # [options] | ||
38 | make && make tests | ||
39 | ``` | ||
40 | |||
41 | See the [Build-time Customisation](#build-time-customisation) section below for configure options. If you plan on installing OpenSSH to your system, then you will usually want to specify destination paths. | ||
42 | |||
43 | ### Building from git | ||
44 | |||
45 | If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git: | ||
46 | |||
47 | ``` | ||
48 | git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git | ||
49 | cd openssh-portable | ||
50 | autoreconf | ||
51 | ./configure | ||
52 | make && make tests | ||
53 | ``` | ||
54 | |||
55 | ### Build-time Customisation | ||
56 | |||
57 | There are many build-time customisation options available. All Autoconf destination path flags (e.g. ``--prefix``) are supported (and are usually required if you want to install OpenSSH). | ||
58 | |||
59 | For a full list of available flags, run ``configure --help`` but a few of the more frequently-used ones are described below. Some of these flags will require additional libraries and/or headers be installed. | ||
60 | |||
61 | Flag | Meaning | ||
62 | --- | --- | ||
63 | ``--with-pam`` | Enable [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module) support. [OpenPAM](https://www.openpam.org/), [Linux PAM](http://www.linux-pam.org/) and Solaris PAM are supported. | ||
64 | ``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp. | ||
65 | ``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported. | ||
66 | ``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support. | ||
67 | |||
68 | ## Development | ||
69 | |||
70 | Portable OpenSSH development is discussed on the [openssh-unix-dev mailing list](https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev) ([archive mirror](https://marc.info/?l=openssh-unix-dev)). Bugs and feature requests are tracked on our [Bugzilla](https://bugzilla.mindrot.org/). | ||
71 | |||
72 | ## Reporting bugs | ||
73 | |||
74 | _Non-security_ bugs may be reported to the developers via [Bugzilla](https://bugzilla.mindrot.org/) or via the mailing list above. Security bugs should be reported to [openssh@openssh.com](mailto:openssh.openssh.com). | ||
diff --git a/atomicio.c b/atomicio.c index d91bd7621..e00c9f0d4 100644 --- a/atomicio.c +++ b/atomicio.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */ | 1 | /* $OpenBSD: atomicio.c,v 1.30 2019/01/24 02:42:23 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2006 Damien Miller. All rights reserved. | 3 | * Copyright (c) 2006 Damien Miller. All rights reserved. |
4 | * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. | 4 | * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. |
@@ -57,9 +57,11 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, | |||
57 | ssize_t res; | 57 | ssize_t res; |
58 | struct pollfd pfd; | 58 | struct pollfd pfd; |
59 | 59 | ||
60 | #ifndef BROKEN_READ_COMPARISON | ||
61 | pfd.fd = fd; | 60 | pfd.fd = fd; |
61 | #ifndef BROKEN_READ_COMPARISON | ||
62 | pfd.events = f == read ? POLLIN : POLLOUT; | 62 | pfd.events = f == read ? POLLIN : POLLOUT; |
63 | #else | ||
64 | pfd.events = POLLIN|POLLOUT; | ||
63 | #endif | 65 | #endif |
64 | while (n > pos) { | 66 | while (n > pos) { |
65 | res = (f) (fd, s + pos, n - pos); | 67 | res = (f) (fd, s + pos, n - pos); |
@@ -73,9 +75,7 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, | |||
73 | } | 75 | } |
74 | continue; | 76 | continue; |
75 | } else if (errno == EAGAIN || errno == EWOULDBLOCK) { | 77 | } else if (errno == EAGAIN || errno == EWOULDBLOCK) { |
76 | #ifndef BROKEN_READ_COMPARISON | ||
77 | (void)poll(&pfd, 1, -1); | 78 | (void)poll(&pfd, 1, -1); |
78 | #endif | ||
79 | continue; | 79 | continue; |
80 | } | 80 | } |
81 | return 0; | 81 | return 0; |
@@ -119,9 +119,11 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, | |||
119 | /* Make a copy of the iov array because we may modify it below */ | 119 | /* Make a copy of the iov array because we may modify it below */ |
120 | memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov)); | 120 | memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov)); |
121 | 121 | ||
122 | #ifndef BROKEN_READV_COMPARISON | ||
123 | pfd.fd = fd; | 122 | pfd.fd = fd; |
123 | #ifndef BROKEN_READV_COMPARISON | ||
124 | pfd.events = f == readv ? POLLIN : POLLOUT; | 124 | pfd.events = f == readv ? POLLIN : POLLOUT; |
125 | #else | ||
126 | pfd.events = POLLIN|POLLOUT; | ||
125 | #endif | 127 | #endif |
126 | for (; iovcnt > 0 && iov[0].iov_len > 0;) { | 128 | for (; iovcnt > 0 && iov[0].iov_len > 0;) { |
127 | res = (f) (fd, iov, iovcnt); | 129 | res = (f) (fd, iov, iovcnt); |
@@ -135,9 +137,7 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, | |||
135 | } | 137 | } |
136 | continue; | 138 | continue; |
137 | } else if (errno == EAGAIN || errno == EWOULDBLOCK) { | 139 | } else if (errno == EAGAIN || errno == EWOULDBLOCK) { |
138 | #ifndef BROKEN_READV_COMPARISON | ||
139 | (void)poll(&pfd, 1, -1); | 140 | (void)poll(&pfd, 1, -1); |
140 | #endif | ||
141 | continue; | 141 | continue; |
142 | } | 142 | } |
143 | return 0; | 143 | return 0; |
diff --git a/atomicio.h b/atomicio.h index 0d728ac86..8b3cc6e21 100644 --- a/atomicio.h +++ b/atomicio.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: atomicio.h,v 1.11 2010/09/22 22:58:51 djm Exp $ */ | 1 | /* $OpenBSD: atomicio.h,v 1.12 2018/12/27 03:25:25 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2006 Damien Miller. All rights reserved. |
@@ -29,6 +29,8 @@ | |||
29 | #ifndef _ATOMICIO_H | 29 | #ifndef _ATOMICIO_H |
30 | #define _ATOMICIO_H | 30 | #define _ATOMICIO_H |
31 | 31 | ||
32 | struct iovec; | ||
33 | |||
32 | /* | 34 | /* |
33 | * Ensure all of data on socket comes through. f==read || f==vwrite | 35 | * Ensure all of data on socket comes through. f==read || f==vwrite |
34 | */ | 36 | */ |
diff --git a/audit-bsm.c b/audit-bsm.c index 1409f69ae..0ba16c72c 100644 --- a/audit-bsm.c +++ b/audit-bsm.c | |||
@@ -391,7 +391,7 @@ audit_session_close(struct logininfo *li) | |||
391 | } | 391 | } |
392 | 392 | ||
393 | void | 393 | void |
394 | audit_event(ssh_audit_event_t event) | 394 | audit_event(struct ssh *ssh, ssh_audit_event_t event) |
395 | { | 395 | { |
396 | char textbuf[BSM_TEXTBUFSZ]; | 396 | char textbuf[BSM_TEXTBUFSZ]; |
397 | static int logged_in = 0; | 397 | static int logged_in = 0; |
diff --git a/audit-linux.c b/audit-linux.c index 136ed76bb..3fcbe5c53 100644 --- a/audit-linux.c +++ b/audit-linux.c | |||
@@ -97,10 +97,8 @@ audit_session_close(struct logininfo *li) | |||
97 | } | 97 | } |
98 | 98 | ||
99 | void | 99 | void |
100 | audit_event(ssh_audit_event_t event) | 100 | audit_event(struct ssh *ssh, ssh_audit_event_t event) |
101 | { | 101 | { |
102 | struct ssh *ssh = active_state; /* XXX */ | ||
103 | |||
104 | switch(event) { | 102 | switch(event) { |
105 | case SSH_AUTH_SUCCESS: | 103 | case SSH_AUTH_SUCCESS: |
106 | case SSH_CONNECTION_CLOSE: | 104 | case SSH_CONNECTION_CLOSE: |
@@ -131,7 +131,7 @@ audit_connection_from(const char *host, int port) | |||
131 | * events and what they mean). | 131 | * events and what they mean). |
132 | */ | 132 | */ |
133 | void | 133 | void |
134 | audit_event(ssh_audit_event_t event) | 134 | audit_event(struct ssh *ssh, ssh_audit_event_t event) |
135 | { | 135 | { |
136 | debug("audit event euid %d user %s event %d (%s)", geteuid(), | 136 | debug("audit event euid %d user %s event %d (%s)", geteuid(), |
137 | audit_username(), event, audit_event_lookup(event)); | 137 | audit_username(), event, audit_event_lookup(event)); |
@@ -27,6 +27,8 @@ | |||
27 | 27 | ||
28 | #include "loginrec.h" | 28 | #include "loginrec.h" |
29 | 29 | ||
30 | struct ssh; | ||
31 | |||
30 | enum ssh_audit_event_type { | 32 | enum ssh_audit_event_type { |
31 | SSH_LOGIN_EXCEED_MAXTRIES, | 33 | SSH_LOGIN_EXCEED_MAXTRIES, |
32 | SSH_LOGIN_ROOT_DENIED, | 34 | SSH_LOGIN_ROOT_DENIED, |
@@ -46,7 +48,7 @@ enum ssh_audit_event_type { | |||
46 | typedef enum ssh_audit_event_type ssh_audit_event_t; | 48 | typedef enum ssh_audit_event_type ssh_audit_event_t; |
47 | 49 | ||
48 | void audit_connection_from(const char *, int); | 50 | void audit_connection_from(const char *, int); |
49 | void audit_event(ssh_audit_event_t); | 51 | void audit_event(struct ssh *, ssh_audit_event_t); |
50 | void audit_session_open(struct logininfo *); | 52 | void audit_session_open(struct logininfo *); |
51 | void audit_session_close(struct logininfo *); | 53 | void audit_session_close(struct logininfo *); |
52 | void audit_run_command(const char *); | 54 | void audit_run_command(const char *); |
diff --git a/auth-pam.c b/auth-pam.c index 1dec53e92..bde0a8f56 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -248,6 +248,9 @@ static int sshpam_maxtries_reached = 0; | |||
248 | static char **sshpam_env = NULL; | 248 | static char **sshpam_env = NULL; |
249 | static Authctxt *sshpam_authctxt = NULL; | 249 | static Authctxt *sshpam_authctxt = NULL; |
250 | static const char *sshpam_password = NULL; | 250 | static const char *sshpam_password = NULL; |
251 | static char *sshpam_rhost = NULL; | ||
252 | static char *sshpam_laddr = NULL; | ||
253 | static char *sshpam_conninfo = NULL; | ||
251 | 254 | ||
252 | /* Some PAM implementations don't implement this */ | 255 | /* Some PAM implementations don't implement this */ |
253 | #ifndef HAVE_PAM_GETENVLIST | 256 | #ifndef HAVE_PAM_GETENVLIST |
@@ -669,13 +672,17 @@ sshpam_cleanup(void) | |||
669 | } | 672 | } |
670 | 673 | ||
671 | static int | 674 | static int |
672 | sshpam_init(Authctxt *authctxt) | 675 | sshpam_init(struct ssh *ssh, Authctxt *authctxt) |
673 | { | 676 | { |
674 | const char *pam_rhost, *pam_user, *user = authctxt->user; | 677 | const char *pam_user, *user = authctxt->user; |
675 | const char **ptr_pam_user = &pam_user; | 678 | const char **ptr_pam_user = &pam_user; |
676 | struct ssh *ssh = active_state; /* XXX */ | ||
677 | 679 | ||
678 | if (sshpam_handle != NULL) { | 680 | if (sshpam_handle == NULL) { |
681 | if (ssh == NULL) { | ||
682 | fatal("%s: called initially with no " | ||
683 | "packet context", __func__); | ||
684 | } | ||
685 | } if (sshpam_handle != NULL) { | ||
679 | /* We already have a PAM context; check if the user matches */ | 686 | /* We already have a PAM context; check if the user matches */ |
680 | sshpam_err = pam_get_item(sshpam_handle, | 687 | sshpam_err = pam_get_item(sshpam_handle, |
681 | PAM_USER, (sshpam_const void **)ptr_pam_user); | 688 | PAM_USER, (sshpam_const void **)ptr_pam_user); |
@@ -694,14 +701,33 @@ sshpam_init(Authctxt *authctxt) | |||
694 | sshpam_handle = NULL; | 701 | sshpam_handle = NULL; |
695 | return (-1); | 702 | return (-1); |
696 | } | 703 | } |
697 | pam_rhost = auth_get_canonical_hostname(ssh, options.use_dns); | 704 | |
698 | debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost); | 705 | if (ssh != NULL && sshpam_rhost == NULL) { |
699 | sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost); | 706 | /* |
700 | if (sshpam_err != PAM_SUCCESS) { | 707 | * We need to cache these as we don't have packet context |
701 | pam_end(sshpam_handle, sshpam_err); | 708 | * during the kbdint flow. |
702 | sshpam_handle = NULL; | 709 | */ |
703 | return (-1); | 710 | sshpam_rhost = xstrdup(auth_get_canonical_hostname(ssh, |
711 | options.use_dns)); | ||
712 | sshpam_laddr = get_local_ipaddr( | ||
713 | ssh_packet_get_connection_in(ssh)); | ||
714 | xasprintf(&sshpam_conninfo, "SSH_CONNECTION=%.50s %d %.50s %d", | ||
715 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
716 | sshpam_laddr, ssh_local_port(ssh)); | ||
704 | } | 717 | } |
718 | if (sshpam_rhost != NULL) { | ||
719 | debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); | ||
720 | sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, | ||
721 | sshpam_rhost); | ||
722 | if (sshpam_err != PAM_SUCCESS) { | ||
723 | pam_end(sshpam_handle, sshpam_err); | ||
724 | sshpam_handle = NULL; | ||
725 | return (-1); | ||
726 | } | ||
727 | /* Put SSH_CONNECTION in the PAM environment too */ | ||
728 | pam_putenv(sshpam_handle, sshpam_conninfo); | ||
729 | } | ||
730 | |||
705 | #ifdef PAM_TTY_KLUDGE | 731 | #ifdef PAM_TTY_KLUDGE |
706 | /* | 732 | /* |
707 | * Some silly PAM modules (e.g. pam_time) require a TTY to operate. | 733 | * Some silly PAM modules (e.g. pam_time) require a TTY to operate. |
@@ -755,7 +781,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
755 | return NULL; | 781 | return NULL; |
756 | 782 | ||
757 | /* Initialize PAM */ | 783 | /* Initialize PAM */ |
758 | if (sshpam_init(authctxt) == -1) { | 784 | if (sshpam_init(NULL, authctxt) == -1) { |
759 | error("PAM: initialization failed"); | 785 | error("PAM: initialization failed"); |
760 | return (NULL); | 786 | return (NULL); |
761 | } | 787 | } |
@@ -787,7 +813,6 @@ static int | |||
787 | sshpam_query(void *ctx, char **name, char **info, | 813 | sshpam_query(void *ctx, char **name, char **info, |
788 | u_int *num, char ***prompts, u_int **echo_on) | 814 | u_int *num, char ***prompts, u_int **echo_on) |
789 | { | 815 | { |
790 | struct ssh *ssh = active_state; /* XXX */ | ||
791 | struct sshbuf *buffer; | 816 | struct sshbuf *buffer; |
792 | struct pam_ctxt *ctxt = ctx; | 817 | struct pam_ctxt *ctxt = ctx; |
793 | size_t plen; | 818 | size_t plen; |
@@ -877,8 +902,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
877 | } | 902 | } |
878 | error("PAM: %s for %s%.100s from %.100s", msg, | 903 | error("PAM: %s for %s%.100s from %.100s", msg, |
879 | sshpam_authctxt->valid ? "" : "illegal user ", | 904 | sshpam_authctxt->valid ? "" : "illegal user ", |
880 | sshpam_authctxt->user, | 905 | sshpam_authctxt->user, sshpam_rhost); |
881 | auth_get_canonical_hostname(ssh, options.use_dns)); | ||
882 | /* FALLTHROUGH */ | 906 | /* FALLTHROUGH */ |
883 | default: | 907 | default: |
884 | *num = 0; | 908 | *num = 0; |
@@ -995,12 +1019,14 @@ KbdintDevice mm_sshpam_device = { | |||
995 | * This replaces auth-pam.c | 1019 | * This replaces auth-pam.c |
996 | */ | 1020 | */ |
997 | void | 1021 | void |
998 | start_pam(Authctxt *authctxt) | 1022 | start_pam(struct ssh *ssh) |
999 | { | 1023 | { |
1024 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | ||
1025 | |||
1000 | if (!options.use_pam) | 1026 | if (!options.use_pam) |
1001 | fatal("PAM: initialisation requested when UsePAM=no"); | 1027 | fatal("PAM: initialisation requested when UsePAM=no"); |
1002 | 1028 | ||
1003 | if (sshpam_init(authctxt) == -1) | 1029 | if (sshpam_init(ssh, authctxt) == -1) |
1004 | fatal("PAM: initialisation failed"); | 1030 | fatal("PAM: initialisation failed"); |
1005 | } | 1031 | } |
1006 | 1032 | ||
diff --git a/auth-pam.h b/auth-pam.h index 419860745..9fcea270f 100644 --- a/auth-pam.h +++ b/auth-pam.h | |||
@@ -27,7 +27,7 @@ | |||
27 | 27 | ||
28 | struct ssh; | 28 | struct ssh; |
29 | 29 | ||
30 | void start_pam(Authctxt *); | 30 | void start_pam(struct ssh *); |
31 | void finish_pam(void); | 31 | void finish_pam(void); |
32 | u_int do_pam_account(void); | 32 | u_int do_pam_account(void); |
33 | void do_pam_session(struct ssh *); | 33 | void do_pam_session(struct ssh *); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.133 2018/09/12 01:19:12 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -50,6 +50,7 @@ | |||
50 | #include <unistd.h> | 50 | #include <unistd.h> |
51 | #include <limits.h> | 51 | #include <limits.h> |
52 | #include <netdb.h> | 52 | #include <netdb.h> |
53 | #include <time.h> | ||
53 | 54 | ||
54 | #include "xmalloc.h" | 55 | #include "xmalloc.h" |
55 | #include "match.h" | 56 | #include "match.h" |
@@ -96,9 +97,8 @@ static struct sshbuf *auth_debug; | |||
96 | * Otherwise true is returned. | 97 | * Otherwise true is returned. |
97 | */ | 98 | */ |
98 | int | 99 | int |
99 | allowed_user(struct passwd * pw) | 100 | allowed_user(struct ssh *ssh, struct passwd * pw) |
100 | { | 101 | { |
101 | struct ssh *ssh = active_state; /* XXX */ | ||
102 | struct stat st; | 102 | struct stat st; |
103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 103 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
104 | u_int i; | 104 | u_int i; |
@@ -258,7 +258,7 @@ allowed_user(struct passwd * pw) | |||
258 | } | 258 | } |
259 | 259 | ||
260 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER | 260 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER |
261 | if (!sys_auth_allowed_user(pw, &loginmsg)) | 261 | if (!sys_auth_allowed_user(pw, loginmsg)) |
262 | return 0; | 262 | return 0; |
263 | #endif | 263 | #endif |
264 | 264 | ||
@@ -308,10 +308,10 @@ format_method_key(Authctxt *authctxt) | |||
308 | } | 308 | } |
309 | 309 | ||
310 | void | 310 | void |
311 | auth_log(Authctxt *authctxt, int authenticated, int partial, | 311 | auth_log(struct ssh *ssh, int authenticated, int partial, |
312 | const char *method, const char *submethod) | 312 | const char *method, const char *submethod) |
313 | { | 313 | { |
314 | struct ssh *ssh = active_state; /* XXX */ | 314 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
315 | int level = SYSLOG_LEVEL_VERBOSE; | 315 | int level = SYSLOG_LEVEL_VERBOSE; |
316 | const char *authmsg; | 316 | const char *authmsg; |
317 | char *extra = NULL; | 317 | char *extra = NULL; |
@@ -356,26 +356,26 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, | |||
356 | (strcmp(method, "password") == 0 || | 356 | (strcmp(method, "password") == 0 || |
357 | strncmp(method, "keyboard-interactive", 20) == 0 || | 357 | strncmp(method, "keyboard-interactive", 20) == 0 || |
358 | strcmp(method, "challenge-response") == 0)) | 358 | strcmp(method, "challenge-response") == 0)) |
359 | record_failed_login(authctxt->user, | 359 | record_failed_login(ssh, authctxt->user, |
360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
361 | # ifdef WITH_AIXAUTHENTICATE | 361 | # ifdef WITH_AIXAUTHENTICATE |
362 | if (authenticated) | 362 | if (authenticated) |
363 | sys_auth_record_login(authctxt->user, | 363 | sys_auth_record_login(authctxt->user, |
364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", | 364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", |
365 | &loginmsg); | 365 | loginmsg); |
366 | # endif | 366 | # endif |
367 | #endif | 367 | #endif |
368 | #ifdef SSH_AUDIT_EVENTS | 368 | #ifdef SSH_AUDIT_EVENTS |
369 | if (authenticated == 0 && !authctxt->postponed) | 369 | if (authenticated == 0 && !authctxt->postponed) |
370 | audit_event(audit_classify_auth(method)); | 370 | audit_event(ssh, audit_classify_auth(method)); |
371 | #endif | 371 | #endif |
372 | } | 372 | } |
373 | 373 | ||
374 | 374 | ||
375 | void | 375 | void |
376 | auth_maxtries_exceeded(Authctxt *authctxt) | 376 | auth_maxtries_exceeded(struct ssh *ssh) |
377 | { | 377 | { |
378 | struct ssh *ssh = active_state; /* XXX */ | 378 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
379 | 379 | ||
380 | error("maximum authentication attempts exceeded for " | 380 | error("maximum authentication attempts exceeded for " |
381 | "%s%.100s from %.200s port %d ssh2", | 381 | "%s%.100s from %.200s port %d ssh2", |
@@ -383,7 +383,7 @@ auth_maxtries_exceeded(Authctxt *authctxt) | |||
383 | authctxt->user, | 383 | authctxt->user, |
384 | ssh_remote_ipaddr(ssh), | 384 | ssh_remote_ipaddr(ssh), |
385 | ssh_remote_port(ssh)); | 385 | ssh_remote_port(ssh)); |
386 | packet_disconnect("Too many authentication failures"); | 386 | ssh_packet_disconnect(ssh, "Too many authentication failures"); |
387 | /* NOTREACHED */ | 387 | /* NOTREACHED */ |
388 | } | 388 | } |
389 | 389 | ||
@@ -438,7 +438,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) | |||
438 | * Ensure that filename starts anchored. If not, be backward | 438 | * Ensure that filename starts anchored. If not, be backward |
439 | * compatible and prepend the '%h/' | 439 | * compatible and prepend the '%h/' |
440 | */ | 440 | */ |
441 | if (*file == '/') | 441 | if (path_absolute(file)) |
442 | return (file); | 442 | return (file); |
443 | 443 | ||
444 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); | 444 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); |
@@ -558,9 +558,8 @@ auth_openprincipals(const char *file, struct passwd *pw, int strict_modes) | |||
558 | } | 558 | } |
559 | 559 | ||
560 | struct passwd * | 560 | struct passwd * |
561 | getpwnamallow(const char *user) | 561 | getpwnamallow(struct ssh *ssh, const char *user) |
562 | { | 562 | { |
563 | struct ssh *ssh = active_state; /* XXX */ | ||
564 | #ifdef HAVE_LOGIN_CAP | 563 | #ifdef HAVE_LOGIN_CAP |
565 | extern login_cap_t *lc; | 564 | extern login_cap_t *lc; |
566 | #ifdef BSD_AUTH | 565 | #ifdef BSD_AUTH |
@@ -568,8 +567,9 @@ getpwnamallow(const char *user) | |||
568 | #endif | 567 | #endif |
569 | #endif | 568 | #endif |
570 | struct passwd *pw; | 569 | struct passwd *pw; |
571 | struct connection_info *ci = get_connection_info(1, options.use_dns); | 570 | struct connection_info *ci; |
572 | 571 | ||
572 | ci = get_connection_info(ssh, 1, options.use_dns); | ||
573 | ci->user = user; | 573 | ci->user = user; |
574 | parse_server_match_config(&options, ci); | 574 | parse_server_match_config(&options, ci); |
575 | log_change_level(options.log_level); | 575 | log_change_level(options.log_level); |
@@ -584,32 +584,19 @@ getpwnamallow(const char *user) | |||
584 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) | 584 | #if defined(_AIX) && defined(HAVE_SETAUTHDB) |
585 | aix_restoreauthdb(); | 585 | aix_restoreauthdb(); |
586 | #endif | 586 | #endif |
587 | #ifdef HAVE_CYGWIN | ||
588 | /* | ||
589 | * Windows usernames are case-insensitive. To avoid later problems | ||
590 | * when trying to match the username, the user is only allowed to | ||
591 | * login if the username is given in the same case as stored in the | ||
592 | * user database. | ||
593 | */ | ||
594 | if (pw != NULL && strcmp(user, pw->pw_name) != 0) { | ||
595 | logit("Login name %.100s does not match stored username %.100s", | ||
596 | user, pw->pw_name); | ||
597 | pw = NULL; | ||
598 | } | ||
599 | #endif | ||
600 | if (pw == NULL) { | 587 | if (pw == NULL) { |
601 | logit("Invalid user %.100s from %.100s port %d", | 588 | logit("Invalid user %.100s from %.100s port %d", |
602 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 589 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
603 | #ifdef CUSTOM_FAILED_LOGIN | 590 | #ifdef CUSTOM_FAILED_LOGIN |
604 | record_failed_login(user, | 591 | record_failed_login(ssh, user, |
605 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 592 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
606 | #endif | 593 | #endif |
607 | #ifdef SSH_AUDIT_EVENTS | 594 | #ifdef SSH_AUDIT_EVENTS |
608 | audit_event(SSH_INVALID_USER); | 595 | audit_event(ssh, SSH_INVALID_USER); |
609 | #endif /* SSH_AUDIT_EVENTS */ | 596 | #endif /* SSH_AUDIT_EVENTS */ |
610 | return (NULL); | 597 | return (NULL); |
611 | } | 598 | } |
612 | if (!allowed_user(pw)) | 599 | if (!allowed_user(ssh, pw)) |
613 | return (NULL); | 600 | return (NULL); |
614 | #ifdef HAVE_LOGIN_CAP | 601 | #ifdef HAVE_LOGIN_CAP |
615 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | 602 | if ((lc = login_getclass(pw->pw_class)) == NULL) { |
@@ -688,9 +675,8 @@ auth_debug_add(const char *fmt,...) | |||
688 | } | 675 | } |
689 | 676 | ||
690 | void | 677 | void |
691 | auth_debug_send(void) | 678 | auth_debug_send(struct ssh *ssh) |
692 | { | 679 | { |
693 | struct ssh *ssh = active_state; /* XXX */ | ||
694 | char *msg; | 680 | char *msg; |
695 | int r; | 681 | int r; |
696 | 682 | ||
@@ -800,7 +786,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
800 | * If executing an explicit binary, then verify the it exists | 786 | * If executing an explicit binary, then verify the it exists |
801 | * and appears safe-ish to execute | 787 | * and appears safe-ish to execute |
802 | */ | 788 | */ |
803 | if (*av[0] != '/') { | 789 | if (!path_absolute(av[0])) { |
804 | error("%s path is not absolute", tag); | 790 | error("%s path is not absolute", tag); |
805 | return 0; | 791 | return 0; |
806 | } | 792 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.h,v 1.96 2018/04/10 00:10:49 djm Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.99 2019/01/19 21:43:56 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -133,8 +133,8 @@ auth_rhosts2(struct passwd *, const char *, const char *, const char *); | |||
133 | 133 | ||
134 | int auth_password(struct ssh *, const char *); | 134 | int auth_password(struct ssh *, const char *); |
135 | 135 | ||
136 | int hostbased_key_allowed(struct passwd *, const char *, char *, | 136 | int hostbased_key_allowed(struct ssh *, struct passwd *, |
137 | struct sshkey *); | 137 | const char *, char *, struct sshkey *); |
138 | int user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, | 138 | int user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, |
139 | struct sshauthopt **); | 139 | struct sshauthopt **); |
140 | int auth2_key_already_used(Authctxt *, const struct sshkey *); | 140 | int auth2_key_already_used(Authctxt *, const struct sshkey *); |
@@ -167,15 +167,13 @@ int auth_shadow_pwexpired(Authctxt *); | |||
167 | #include "audit.h" | 167 | #include "audit.h" |
168 | void remove_kbdint_device(const char *); | 168 | void remove_kbdint_device(const char *); |
169 | 169 | ||
170 | void do_authentication2(Authctxt *); | 170 | void do_authentication2(struct ssh *); |
171 | 171 | ||
172 | void auth_log(Authctxt *, int, int, const char *, const char *); | 172 | void auth_log(struct ssh *, int, int, const char *, const char *); |
173 | void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); | 173 | void auth_maxtries_exceeded(struct ssh *) __attribute__((noreturn)); |
174 | void userauth_finish(struct ssh *, int, const char *, const char *); | 174 | void userauth_finish(struct ssh *, int, const char *, const char *); |
175 | int auth_root_allowed(struct ssh *, const char *); | 175 | int auth_root_allowed(struct ssh *, const char *); |
176 | 176 | ||
177 | void userauth_send_banner(const char *); | ||
178 | |||
179 | char *auth2_read_banner(void); | 177 | char *auth2_read_banner(void); |
180 | int auth2_methods_valid(const char *, int); | 178 | int auth2_methods_valid(const char *, int); |
181 | int auth2_update_methods_lists(Authctxt *, const char *, const char *); | 179 | int auth2_update_methods_lists(Authctxt *, const char *, const char *); |
@@ -189,8 +187,8 @@ void auth2_challenge_stop(struct ssh *); | |||
189 | int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); | 187 | int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); |
190 | int bsdauth_respond(void *, u_int, char **); | 188 | int bsdauth_respond(void *, u_int, char **); |
191 | 189 | ||
192 | int allowed_user(struct passwd *); | 190 | int allowed_user(struct ssh *, struct passwd *); |
193 | struct passwd * getpwnamallow(const char *user); | 191 | struct passwd * getpwnamallow(struct ssh *, const char *user); |
194 | 192 | ||
195 | char *expand_authorized_keys(const char *, struct passwd *pw); | 193 | char *expand_authorized_keys(const char *, struct passwd *pw); |
196 | char *authorized_principals_file(struct passwd *); | 194 | char *authorized_principals_file(struct passwd *); |
@@ -211,8 +209,8 @@ struct sshkey *get_hostkey_public_by_index(int, struct ssh *); | |||
211 | struct sshkey *get_hostkey_public_by_type(int, int, struct ssh *); | 209 | struct sshkey *get_hostkey_public_by_type(int, int, struct ssh *); |
212 | struct sshkey *get_hostkey_private_by_type(int, int, struct ssh *); | 210 | struct sshkey *get_hostkey_private_by_type(int, int, struct ssh *); |
213 | int get_hostkey_index(struct sshkey *, int, struct ssh *); | 211 | int get_hostkey_index(struct sshkey *, int, struct ssh *); |
214 | int sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **, | 212 | int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, |
215 | size_t *, const u_char *, size_t, const char *, u_int); | 213 | u_char **, size_t *, const u_char *, size_t, const char *); |
216 | 214 | ||
217 | /* Key / cert options linkage to auth layer */ | 215 | /* Key / cert options linkage to auth layer */ |
218 | const struct sshauthopt *auth_options(struct ssh *); | 216 | const struct sshauthopt *auth_options(struct ssh *); |
@@ -225,7 +223,7 @@ void auth_log_authopts(const char *, const struct sshauthopt *, int); | |||
225 | /* debug messages during authentication */ | 223 | /* debug messages during authentication */ |
226 | void auth_debug_add(const char *fmt,...) | 224 | void auth_debug_add(const char *fmt,...) |
227 | __attribute__((format(printf, 1, 2))); | 225 | __attribute__((format(printf, 1, 2))); |
228 | void auth_debug_send(void); | 226 | void auth_debug_send(struct ssh *); |
229 | void auth_debug_reset(void); | 227 | void auth_debug_reset(void); |
230 | 228 | ||
231 | struct passwd *fakepw(void); | 229 | struct passwd *fakepw(void); |
diff --git a/auth2-gss.c b/auth2-gss.c index 1f12bb113..d6446c0cf 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -54,7 +54,7 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); | |||
54 | static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); | 54 | static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); |
55 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); | 55 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); |
56 | 56 | ||
57 | /* | 57 | /* |
58 | * The 'gssapi_keyex' userauth mechanism. | 58 | * The 'gssapi_keyex' userauth mechanism. |
59 | */ | 59 | */ |
60 | static int | 60 | static int |
@@ -62,7 +62,7 @@ userauth_gsskeyex(struct ssh *ssh) | |||
62 | { | 62 | { |
63 | Authctxt *authctxt = ssh->authctxt; | 63 | Authctxt *authctxt = ssh->authctxt; |
64 | int r, authenticated = 0; | 64 | int r, authenticated = 0; |
65 | struct sshbuf *b; | 65 | struct sshbuf *b = NULL; |
66 | gss_buffer_desc mic, gssbuf; | 66 | gss_buffer_desc mic, gssbuf; |
67 | u_char *p; | 67 | u_char *p; |
68 | size_t len; | 68 | size_t len; |
@@ -70,8 +70,10 @@ userauth_gsskeyex(struct ssh *ssh) | |||
70 | if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || | 70 | if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || |
71 | (r = sshpkt_get_end(ssh)) != 0) | 71 | (r = sshpkt_get_end(ssh)) != 0) |
72 | fatal("%s: %s", __func__, ssh_err(r)); | 72 | fatal("%s: %s", __func__, ssh_err(r)); |
73 | |||
73 | if ((b = sshbuf_new()) == NULL) | 74 | if ((b = sshbuf_new()) == NULL) |
74 | fatal("%s: sshbuf_new failed", __func__); | 75 | fatal("%s: sshbuf_new failed", __func__); |
76 | |||
75 | mic.value = p; | 77 | mic.value = p; |
76 | mic.length = len; | 78 | mic.length = len; |
77 | 79 | ||
@@ -83,11 +85,11 @@ userauth_gsskeyex(struct ssh *ssh) | |||
83 | gssbuf.length = sshbuf_len(b); | 85 | gssbuf.length = sshbuf_len(b); |
84 | 86 | ||
85 | /* gss_kex_context is NULL with privsep, so we can't check it here */ | 87 | /* gss_kex_context is NULL with privsep, so we can't check it here */ |
86 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, | 88 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, |
87 | &gssbuf, &mic)))) | 89 | &gssbuf, &mic)))) |
88 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, | 90 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
89 | authctxt->pw)); | 91 | authctxt->pw, 1)); |
90 | 92 | ||
91 | sshbuf_free(b); | 93 | sshbuf_free(b); |
92 | free(mic.value); | 94 | free(mic.value); |
93 | 95 | ||
@@ -301,7 +303,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) | |||
301 | fatal("%s: %s", __func__, ssh_err(r)); | 303 | fatal("%s: %s", __func__, ssh_err(r)); |
302 | 304 | ||
303 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, | 305 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
304 | authctxt->pw)); | 306 | authctxt->pw, 1)); |
305 | 307 | ||
306 | if ((!use_privsep || mm_is_monitor()) && | 308 | if ((!use_privsep || mm_is_monitor()) && |
307 | (displayname = ssh_gssapi_displayname()) != NULL) | 309 | (displayname = ssh_gssapi_displayname()) != NULL) |
@@ -347,8 +349,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) | |||
347 | gssbuf.length = sshbuf_len(b); | 349 | gssbuf.length = sshbuf_len(b); |
348 | 350 | ||
349 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) | 351 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) |
350 | authenticated = | 352 | authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
351 | PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw)); | 353 | authctxt->pw, 0)); |
352 | else | 354 | else |
353 | logit("GSSAPI MIC check failed"); | 355 | logit("GSSAPI MIC check failed"); |
354 | 356 | ||
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 764ceff74..0c40fad4e 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-hostbased.c,v 1.38 2018/09/20 03:28:06 djm Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.40 2019/01/19 21:43:56 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -147,7 +147,8 @@ userauth_hostbased(struct ssh *ssh) | |||
147 | 147 | ||
148 | /* test for allowed key and correct signature */ | 148 | /* test for allowed key and correct signature */ |
149 | authenticated = 0; | 149 | authenticated = 0; |
150 | if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && | 150 | if (PRIVSEP(hostbased_key_allowed(ssh, authctxt->pw, cuser, |
151 | chost, key)) && | ||
151 | PRIVSEP(sshkey_verify(key, sig, slen, | 152 | PRIVSEP(sshkey_verify(key, sig, slen, |
152 | sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) | 153 | sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0) |
153 | authenticated = 1; | 154 | authenticated = 1; |
@@ -167,10 +168,9 @@ done: | |||
167 | 168 | ||
168 | /* return 1 if given hostkey is allowed */ | 169 | /* return 1 if given hostkey is allowed */ |
169 | int | 170 | int |
170 | hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, | 171 | hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, |
171 | struct sshkey *key) | 172 | const char *cuser, char *chost, struct sshkey *key) |
172 | { | 173 | { |
173 | struct ssh *ssh = active_state; /* XXX */ | ||
174 | const char *resolvedname, *ipaddr, *lookup, *reason; | 174 | const char *resolvedname, *ipaddr, *lookup, *reason; |
175 | HostStatus host_status; | 175 | HostStatus host_status; |
176 | int len; | 176 | int len; |
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 2fb5950ea..0b3975a74 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -102,6 +102,22 @@ userauth_pubkey(struct ssh *ssh) | |||
102 | (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || | 102 | (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 || |
103 | (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) | 103 | (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0) |
104 | fatal("%s: parse request failed: %s", __func__, ssh_err(r)); | 104 | fatal("%s: parse request failed: %s", __func__, ssh_err(r)); |
105 | |||
106 | if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) { | ||
107 | char *keystring; | ||
108 | struct sshbuf *pkbuf; | ||
109 | |||
110 | if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL) | ||
111 | fatal("%s: sshbuf_from failed", __func__); | ||
112 | if ((keystring = sshbuf_dtob64(pkbuf)) == NULL) | ||
113 | fatal("%s: sshbuf_dtob64 failed", __func__); | ||
114 | debug2("%s: %s user %s %s public key %s %s", __func__, | ||
115 | authctxt->valid ? "valid" : "invalid", authctxt->user, | ||
116 | have_sig ? "attempting" : "querying", pkalg, keystring); | ||
117 | sshbuf_free(pkbuf); | ||
118 | free(keystring); | ||
119 | } | ||
120 | |||
105 | pktype = sshkey_type_from_name(pkalg); | 121 | pktype = sshkey_type_from_name(pkalg); |
106 | if (pktype == KEY_UNSPEC) { | 122 | if (pktype == KEY_UNSPEC) { |
107 | /* this is perfectly legal */ | 123 | /* this is perfectly legal */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2.c,v 1.149 2018/07/11 18:53:29 markus Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.155 2019/03/25 22:34:52 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -35,6 +35,7 @@ | |||
35 | #include <stdarg.h> | 35 | #include <stdarg.h> |
36 | #include <string.h> | 36 | #include <string.h> |
37 | #include <unistd.h> | 37 | #include <unistd.h> |
38 | #include <time.h> | ||
38 | 39 | ||
39 | #include "atomicio.h" | 40 | #include "atomicio.h" |
40 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
@@ -139,18 +140,21 @@ auth2_read_banner(void) | |||
139 | return (banner); | 140 | return (banner); |
140 | } | 141 | } |
141 | 142 | ||
142 | void | 143 | static void |
143 | userauth_send_banner(const char *msg) | 144 | userauth_send_banner(struct ssh *ssh, const char *msg) |
144 | { | 145 | { |
145 | packet_start(SSH2_MSG_USERAUTH_BANNER); | 146 | int r; |
146 | packet_put_cstring(msg); | 147 | |
147 | packet_put_cstring(""); /* language, unused */ | 148 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_BANNER)) != 0 || |
148 | packet_send(); | 149 | (r = sshpkt_put_cstring(ssh, msg)) != 0 || |
150 | (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */ | ||
151 | (r = sshpkt_send(ssh)) != 0) | ||
152 | fatal("%s: %s", __func__, ssh_err(r)); | ||
149 | debug("%s: sent", __func__); | 153 | debug("%s: sent", __func__); |
150 | } | 154 | } |
151 | 155 | ||
152 | static void | 156 | static void |
153 | userauth_banner(void) | 157 | userauth_banner(struct ssh *ssh) |
154 | { | 158 | { |
155 | char *banner = NULL; | 159 | char *banner = NULL; |
156 | 160 | ||
@@ -159,7 +163,7 @@ userauth_banner(void) | |||
159 | 163 | ||
160 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) | 164 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
161 | goto done; | 165 | goto done; |
162 | userauth_send_banner(banner); | 166 | userauth_send_banner(ssh, banner); |
163 | 167 | ||
164 | done: | 168 | done: |
165 | free(banner); | 169 | free(banner); |
@@ -169,10 +173,10 @@ done: | |||
169 | * loop until authctxt->success == TRUE | 173 | * loop until authctxt->success == TRUE |
170 | */ | 174 | */ |
171 | void | 175 | void |
172 | do_authentication2(Authctxt *authctxt) | 176 | do_authentication2(struct ssh *ssh) |
173 | { | 177 | { |
174 | struct ssh *ssh = active_state; /* XXX */ | 178 | Authctxt *authctxt = ssh->authctxt; |
175 | ssh->authctxt = authctxt; /* XXX move to caller */ | 179 | |
176 | ssh_dispatch_init(ssh, &dispatch_protocol_error); | 180 | ssh_dispatch_init(ssh, &dispatch_protocol_error); |
177 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_REQUEST, &input_service_request); | 181 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_REQUEST, &input_service_request); |
178 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt->success); | 182 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt->success); |
@@ -184,10 +188,12 @@ static int | |||
184 | input_service_request(int type, u_int32_t seq, struct ssh *ssh) | 188 | input_service_request(int type, u_int32_t seq, struct ssh *ssh) |
185 | { | 189 | { |
186 | Authctxt *authctxt = ssh->authctxt; | 190 | Authctxt *authctxt = ssh->authctxt; |
187 | u_int len; | 191 | char *service = NULL; |
188 | int acceptit = 0; | 192 | int r, acceptit = 0; |
189 | char *service = packet_get_cstring(&len); | 193 | |
190 | packet_check_eom(); | 194 | if ((r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || |
195 | (r = sshpkt_get_end(ssh)) != 0) | ||
196 | goto out; | ||
191 | 197 | ||
192 | if (authctxt == NULL) | 198 | if (authctxt == NULL) |
193 | fatal("input_service_request: no authctxt"); | 199 | fatal("input_service_request: no authctxt"); |
@@ -196,20 +202,24 @@ input_service_request(int type, u_int32_t seq, struct ssh *ssh) | |||
196 | if (!authctxt->success) { | 202 | if (!authctxt->success) { |
197 | acceptit = 1; | 203 | acceptit = 1; |
198 | /* now we can handle user-auth requests */ | 204 | /* now we can handle user-auth requests */ |
199 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request); | 205 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, |
206 | &input_userauth_request); | ||
200 | } | 207 | } |
201 | } | 208 | } |
202 | /* XXX all other service requests are denied */ | 209 | /* XXX all other service requests are denied */ |
203 | 210 | ||
204 | if (acceptit) { | 211 | if (acceptit) { |
205 | packet_start(SSH2_MSG_SERVICE_ACCEPT); | 212 | if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_ACCEPT)) != 0 || |
206 | packet_put_cstring(service); | 213 | (r = sshpkt_put_cstring(ssh, service)) != 0 || |
207 | packet_send(); | 214 | (r = sshpkt_send(ssh)) != 0 || |
208 | packet_write_wait(); | 215 | (r = ssh_packet_write_wait(ssh)) != 0) |
216 | goto out; | ||
209 | } else { | 217 | } else { |
210 | debug("bad service request %s", service); | 218 | debug("bad service request %s", service); |
211 | packet_disconnect("bad service request %s", service); | 219 | ssh_packet_disconnect(ssh, "bad service request %s", service); |
212 | } | 220 | } |
221 | r = 0; | ||
222 | out: | ||
213 | free(service); | 223 | free(service); |
214 | return 0; | 224 | return 0; |
215 | } | 225 | } |
@@ -257,16 +267,17 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | |||
257 | { | 267 | { |
258 | Authctxt *authctxt = ssh->authctxt; | 268 | Authctxt *authctxt = ssh->authctxt; |
259 | Authmethod *m = NULL; | 269 | Authmethod *m = NULL; |
260 | char *user, *service, *method, *style = NULL, *role = NULL; | 270 | char *user = NULL, *service = NULL, *method = NULL, *style = NULL, *role = NULL; |
261 | int authenticated = 0; | 271 | int r, authenticated = 0; |
262 | double tstart = monotime_double(); | 272 | double tstart = monotime_double(); |
263 | 273 | ||
264 | if (authctxt == NULL) | 274 | if (authctxt == NULL) |
265 | fatal("input_userauth_request: no authctxt"); | 275 | fatal("input_userauth_request: no authctxt"); |
266 | 276 | ||
267 | user = packet_get_cstring(NULL); | 277 | if ((r = sshpkt_get_cstring(ssh, &user, NULL)) != 0 || |
268 | service = packet_get_cstring(NULL); | 278 | (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 || |
269 | method = packet_get_cstring(NULL); | 279 | (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0) |
280 | goto out; | ||
270 | debug("userauth-request for user %s service %s method %s", user, service, method); | 281 | debug("userauth-request for user %s service %s method %s", user, service, method); |
271 | debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); | 282 | debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); |
272 | 283 | ||
@@ -280,7 +291,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | |||
280 | 291 | ||
281 | if (authctxt->attempt++ == 0) { | 292 | if (authctxt->attempt++ == 0) { |
282 | /* setup auth context */ | 293 | /* setup auth context */ |
283 | authctxt->pw = PRIVSEP(getpwnamallow(user)); | 294 | authctxt->pw = PRIVSEP(getpwnamallow(ssh, user)); |
284 | authctxt->user = xstrdup(user); | 295 | authctxt->user = xstrdup(user); |
285 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { | 296 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
286 | authctxt->valid = 1; | 297 | authctxt->valid = 1; |
@@ -290,12 +301,12 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | |||
290 | /* Invalid user, fake password information */ | 301 | /* Invalid user, fake password information */ |
291 | authctxt->pw = fakepw(); | 302 | authctxt->pw = fakepw(); |
292 | #ifdef SSH_AUDIT_EVENTS | 303 | #ifdef SSH_AUDIT_EVENTS |
293 | PRIVSEP(audit_event(SSH_INVALID_USER)); | 304 | PRIVSEP(audit_event(ssh, SSH_INVALID_USER)); |
294 | #endif | 305 | #endif |
295 | } | 306 | } |
296 | #ifdef USE_PAM | 307 | #ifdef USE_PAM |
297 | if (options.use_pam) | 308 | if (options.use_pam) |
298 | PRIVSEP(start_pam(authctxt)); | 309 | PRIVSEP(start_pam(ssh)); |
299 | #endif | 310 | #endif |
300 | ssh_packet_set_log_preamble(ssh, "%suser %s", | 311 | ssh_packet_set_log_preamble(ssh, "%suser %s", |
301 | authctxt->valid ? "authenticating " : "invalid ", user); | 312 | authctxt->valid ? "authenticating " : "invalid ", user); |
@@ -306,13 +317,14 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | |||
306 | authctxt->role = role ? xstrdup(role) : NULL; | 317 | authctxt->role = role ? xstrdup(role) : NULL; |
307 | if (use_privsep) | 318 | if (use_privsep) |
308 | mm_inform_authserv(service, style, role); | 319 | mm_inform_authserv(service, style, role); |
309 | userauth_banner(); | 320 | userauth_banner(ssh); |
310 | if (auth2_setup_methods_lists(authctxt) != 0) | 321 | if (auth2_setup_methods_lists(authctxt) != 0) |
311 | packet_disconnect("no authentication methods enabled"); | 322 | ssh_packet_disconnect(ssh, |
323 | "no authentication methods enabled"); | ||
312 | } else if (strcmp(user, authctxt->user) != 0 || | 324 | } else if (strcmp(user, authctxt->user) != 0 || |
313 | strcmp(service, authctxt->service) != 0) { | 325 | strcmp(service, authctxt->service) != 0) { |
314 | packet_disconnect("Change of username or service not allowed: " | 326 | ssh_packet_disconnect(ssh, "Change of username or service " |
315 | "(%s,%s) -> (%s,%s)", | 327 | "not allowed: (%s,%s) -> (%s,%s)", |
316 | authctxt->user, authctxt->service, user, service); | 328 | authctxt->user, authctxt->service, user, service); |
317 | } | 329 | } |
318 | /* reset state */ | 330 | /* reset state */ |
@@ -338,11 +350,12 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | |||
338 | ensure_minimum_time_since(tstart, | 350 | ensure_minimum_time_since(tstart, |
339 | user_specific_delay(authctxt->user)); | 351 | user_specific_delay(authctxt->user)); |
340 | userauth_finish(ssh, authenticated, method, NULL); | 352 | userauth_finish(ssh, authenticated, method, NULL); |
341 | 353 | r = 0; | |
354 | out: | ||
342 | free(service); | 355 | free(service); |
343 | free(user); | 356 | free(user); |
344 | free(method); | 357 | free(method); |
345 | return 0; | 358 | return r; |
346 | } | 359 | } |
347 | 360 | ||
348 | void | 361 | void |
@@ -351,7 +364,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
351 | { | 364 | { |
352 | Authctxt *authctxt = ssh->authctxt; | 365 | Authctxt *authctxt = ssh->authctxt; |
353 | char *methods; | 366 | char *methods; |
354 | int partial = 0; | 367 | int r, partial = 0; |
355 | 368 | ||
356 | if (!authctxt->valid && authenticated) | 369 | if (!authctxt->valid && authenticated) |
357 | fatal("INTERNAL ERROR: authenticated invalid user %s", | 370 | fatal("INTERNAL ERROR: authenticated invalid user %s", |
@@ -364,7 +377,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
364 | !auth_root_allowed(ssh, method)) { | 377 | !auth_root_allowed(ssh, method)) { |
365 | authenticated = 0; | 378 | authenticated = 0; |
366 | #ifdef SSH_AUDIT_EVENTS | 379 | #ifdef SSH_AUDIT_EVENTS |
367 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); | 380 | PRIVSEP(audit_event(ssh, SSH_LOGIN_ROOT_DENIED)); |
368 | #endif | 381 | #endif |
369 | } | 382 | } |
370 | 383 | ||
@@ -376,7 +389,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
376 | } | 389 | } |
377 | 390 | ||
378 | /* Log before sending the reply */ | 391 | /* Log before sending the reply */ |
379 | auth_log(authctxt, authenticated, partial, method, submethod); | 392 | auth_log(ssh, authenticated, partial, method, submethod); |
380 | 393 | ||
381 | /* Update information exposed to session */ | 394 | /* Update information exposed to session */ |
382 | if (authenticated || partial) | 395 | if (authenticated || partial) |
@@ -395,8 +408,11 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
395 | if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0) | 408 | if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0) |
396 | fatal("%s: buffer error: %s", | 409 | fatal("%s: buffer error: %s", |
397 | __func__, ssh_err(r)); | 410 | __func__, ssh_err(r)); |
398 | userauth_send_banner(sshbuf_ptr(loginmsg)); | 411 | userauth_send_banner(ssh, sshbuf_ptr(loginmsg)); |
399 | packet_write_wait(); | 412 | if ((r = ssh_packet_write_wait(ssh)) != 0) { |
413 | sshpkt_fatal(ssh, r, | ||
414 | "%s: send PAM banner", __func__); | ||
415 | } | ||
400 | } | 416 | } |
401 | fatal("Access denied for user %s by PAM account " | 417 | fatal("Access denied for user %s by PAM account " |
402 | "configuration", authctxt->user); | 418 | "configuration", authctxt->user); |
@@ -406,10 +422,12 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
406 | 422 | ||
407 | if (authenticated == 1) { | 423 | if (authenticated == 1) { |
408 | /* turn off userauth */ | 424 | /* turn off userauth */ |
409 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); | 425 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, |
410 | packet_start(SSH2_MSG_USERAUTH_SUCCESS); | 426 | &dispatch_protocol_ignore); |
411 | packet_send(); | 427 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_SUCCESS)) != 0 || |
412 | packet_write_wait(); | 428 | (r = sshpkt_send(ssh)) != 0 || |
429 | (r = ssh_packet_write_wait(ssh)) != 0) | ||
430 | fatal("%s: %s", __func__, ssh_err(r)); | ||
413 | /* now we can break out */ | 431 | /* now we can break out */ |
414 | authctxt->success = 1; | 432 | authctxt->success = 1; |
415 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | 433 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); |
@@ -420,18 +438,19 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
420 | authctxt->failures++; | 438 | authctxt->failures++; |
421 | if (authctxt->failures >= options.max_authtries) { | 439 | if (authctxt->failures >= options.max_authtries) { |
422 | #ifdef SSH_AUDIT_EVENTS | 440 | #ifdef SSH_AUDIT_EVENTS |
423 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | 441 | PRIVSEP(audit_event(ssh, SSH_LOGIN_EXCEED_MAXTRIES)); |
424 | #endif | 442 | #endif |
425 | auth_maxtries_exceeded(authctxt); | 443 | auth_maxtries_exceeded(ssh); |
426 | } | 444 | } |
427 | methods = authmethods_get(authctxt); | 445 | methods = authmethods_get(authctxt); |
428 | debug3("%s: failure partial=%d next methods=\"%s\"", __func__, | 446 | debug3("%s: failure partial=%d next methods=\"%s\"", __func__, |
429 | partial, methods); | 447 | partial, methods); |
430 | packet_start(SSH2_MSG_USERAUTH_FAILURE); | 448 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_FAILURE)) != 0 || |
431 | packet_put_cstring(methods); | 449 | (r = sshpkt_put_cstring(ssh, methods)) != 0 || |
432 | packet_put_char(partial); | 450 | (r = sshpkt_put_u8(ssh, partial)) != 0 || |
433 | packet_send(); | 451 | (r = sshpkt_send(ssh)) != 0 || |
434 | packet_write_wait(); | 452 | (r = ssh_packet_write_wait(ssh)) != 0) |
453 | fatal("%s: %s", __func__, ssh_err(r)); | ||
435 | free(methods); | 454 | free(methods); |
436 | } | 455 | } |
437 | } | 456 | } |
@@ -566,6 +585,14 @@ auth2_setup_methods_lists(Authctxt *authctxt) | |||
566 | { | 585 | { |
567 | u_int i; | 586 | u_int i; |
568 | 587 | ||
588 | /* First, normalise away the "any" pseudo-method */ | ||
589 | if (options.num_auth_methods == 1 && | ||
590 | strcmp(options.auth_methods[0], "any") == 0) { | ||
591 | free(options.auth_methods[0]); | ||
592 | options.auth_methods[0] = NULL; | ||
593 | options.num_auth_methods = 0; | ||
594 | } | ||
595 | |||
569 | if (options.num_auth_methods == 0) | 596 | if (options.num_auth_methods == 0) |
570 | return 0; | 597 | return 0; |
571 | debug3("%s: checking methods", __func__); | 598 | debug3("%s: checking methods", __func__); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.111 2018/07/09 21:59:10 markus Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.113 2018/12/27 23:02:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -94,7 +94,7 @@ ssh_get_authentication_socket(int *fdp) | |||
94 | *fdp = -1; | 94 | *fdp = -1; |
95 | 95 | ||
96 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); | 96 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); |
97 | if (!authsocket) | 97 | if (authsocket == NULL || *authsocket == '\0') |
98 | return SSH_ERR_AGENT_NOT_PRESENT; | 98 | return SSH_ERR_AGENT_NOT_PRESENT; |
99 | 99 | ||
100 | memset(&sunaddr, 0, sizeof(sunaddr)); | 100 | memset(&sunaddr, 0, sizeof(sunaddr)); |
diff --git a/channels.c b/channels.c index c85d46abd..657381b80 100644 --- a/channels.c +++ b/channels.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.c,v 1.386 2018/10/04 01:04:52 djm Exp $ */ | 1 | /* $OpenBSD: channels.c,v 1.389 2019/01/19 21:37:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -227,11 +227,7 @@ channel_init_channels(struct ssh *ssh) | |||
227 | { | 227 | { |
228 | struct ssh_channels *sc; | 228 | struct ssh_channels *sc; |
229 | 229 | ||
230 | if ((sc = calloc(1, sizeof(*sc))) == NULL || | 230 | if ((sc = calloc(1, sizeof(*sc))) == NULL) |
231 | (sc->channel_pre = calloc(SSH_CHANNEL_MAX_TYPE, | ||
232 | sizeof(*sc->channel_pre))) == NULL || | ||
233 | (sc->channel_post = calloc(SSH_CHANNEL_MAX_TYPE, | ||
234 | sizeof(*sc->channel_post))) == NULL) | ||
235 | fatal("%s: allocation failed", __func__); | 231 | fatal("%s: allocation failed", __func__); |
236 | sc->channels_alloc = 10; | 232 | sc->channels_alloc = 10; |
237 | sc->channels = xcalloc(sc->channels_alloc, sizeof(*sc->channels)); | 233 | sc->channels = xcalloc(sc->channels_alloc, sizeof(*sc->channels)); |
@@ -2104,16 +2100,18 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c, | |||
2104 | fd_set *readset, fd_set *writeset) | 2100 | fd_set *readset, fd_set *writeset) |
2105 | { | 2101 | { |
2106 | char buf[CHAN_RBUF]; | 2102 | char buf[CHAN_RBUF]; |
2107 | int r; | ||
2108 | ssize_t len; | 2103 | ssize_t len; |
2104 | int r, force; | ||
2105 | |||
2106 | force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED; | ||
2109 | 2107 | ||
2110 | if (!c->detach_close && !FD_ISSET(c->efd, readset)) | 2108 | if (c->efd == -1 || (!force && !FD_ISSET(c->efd, readset))) |
2111 | return 1; | 2109 | return 1; |
2112 | 2110 | ||
2113 | len = read(c->efd, buf, sizeof(buf)); | 2111 | len = read(c->efd, buf, sizeof(buf)); |
2114 | debug2("channel %d: read %zd from efd %d", c->self, len, c->efd); | 2112 | debug2("channel %d: read %zd from efd %d", c->self, len, c->efd); |
2115 | if (len < 0 && (errno == EINTR || ((errno == EAGAIN || | 2113 | if (len < 0 && (errno == EINTR || ((errno == EAGAIN || |
2116 | errno == EWOULDBLOCK) && !c->detach_close))) | 2114 | errno == EWOULDBLOCK) && !force))) |
2117 | return 1; | 2115 | return 1; |
2118 | if (len <= 0) { | 2116 | if (len <= 0) { |
2119 | debug2("channel %d: closing read-efd %d", | 2117 | debug2("channel %d: closing read-efd %d", |
@@ -2995,10 +2993,10 @@ channel_input_data(int type, u_int32_t seq, struct ssh *ssh) | |||
2995 | return 0; | 2993 | return 0; |
2996 | 2994 | ||
2997 | /* Get the data. */ | 2995 | /* Get the data. */ |
2998 | if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0) | 2996 | if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0 || |
2997 | (r = sshpkt_get_end(ssh)) != 0) | ||
2999 | fatal("%s: channel %d: get data: %s", __func__, | 2998 | fatal("%s: channel %d: get data: %s", __func__, |
3000 | c->self, ssh_err(r)); | 2999 | c->self, ssh_err(r)); |
3001 | ssh_packet_check_eom(ssh); | ||
3002 | 3000 | ||
3003 | win_len = data_len; | 3001 | win_len = data_len; |
3004 | if (c->datagram) | 3002 | if (c->datagram) |
@@ -3072,11 +3070,11 @@ channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh) | |||
3072 | logit("channel %d: bad ext data", c->self); | 3070 | logit("channel %d: bad ext data", c->self); |
3073 | return 0; | 3071 | return 0; |
3074 | } | 3072 | } |
3075 | if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0) { | 3073 | if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0 || |
3074 | (r = sshpkt_get_end(ssh)) != 0) { | ||
3076 | error("%s: parse data: %s", __func__, ssh_err(r)); | 3075 | error("%s: parse data: %s", __func__, ssh_err(r)); |
3077 | ssh_packet_disconnect(ssh, "Invalid extended_data message"); | 3076 | ssh_packet_disconnect(ssh, "Invalid extended_data message"); |
3078 | } | 3077 | } |
3079 | ssh_packet_check_eom(ssh); | ||
3080 | 3078 | ||
3081 | if (data_len > c->local_window) { | 3079 | if (data_len > c->local_window) { |
3082 | logit("channel %d: rcvd too much extended_data %zu, win %u", | 3080 | logit("channel %d: rcvd too much extended_data %zu, win %u", |
@@ -3095,8 +3093,12 @@ int | |||
3095 | channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh) | 3093 | channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh) |
3096 | { | 3094 | { |
3097 | Channel *c = channel_from_packet_id(ssh, __func__, "ieof"); | 3095 | Channel *c = channel_from_packet_id(ssh, __func__, "ieof"); |
3096 | int r; | ||
3098 | 3097 | ||
3099 | ssh_packet_check_eom(ssh); | 3098 | if ((r = sshpkt_get_end(ssh)) != 0) { |
3099 | error("%s: parse data: %s", __func__, ssh_err(r)); | ||
3100 | ssh_packet_disconnect(ssh, "Invalid ieof message"); | ||
3101 | } | ||
3100 | 3102 | ||
3101 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3103 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3102 | return 0; | 3104 | return 0; |
@@ -3116,10 +3118,14 @@ int | |||
3116 | channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh) | 3118 | channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh) |
3117 | { | 3119 | { |
3118 | Channel *c = channel_from_packet_id(ssh, __func__, "oclose"); | 3120 | Channel *c = channel_from_packet_id(ssh, __func__, "oclose"); |
3121 | int r; | ||
3119 | 3122 | ||
3120 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3123 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3121 | return 0; | 3124 | return 0; |
3122 | ssh_packet_check_eom(ssh); | 3125 | if ((r = sshpkt_get_end(ssh)) != 0) { |
3126 | error("%s: parse data: %s", __func__, ssh_err(r)); | ||
3127 | ssh_packet_disconnect(ssh, "Invalid oclose message"); | ||
3128 | } | ||
3123 | chan_rcvd_oclose(ssh, c); | 3129 | chan_rcvd_oclose(ssh, c); |
3124 | return 0; | 3130 | return 0; |
3125 | } | 3131 | } |
@@ -3134,7 +3140,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh) | |||
3134 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3140 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3135 | return 0; | 3141 | return 0; |
3136 | if (c->type != SSH_CHANNEL_OPENING) | 3142 | if (c->type != SSH_CHANNEL_OPENING) |
3137 | packet_disconnect("Received open confirmation for " | 3143 | ssh_packet_disconnect(ssh, "Received open confirmation for " |
3138 | "non-opening channel %d.", c->self); | 3144 | "non-opening channel %d.", c->self); |
3139 | /* | 3145 | /* |
3140 | * Record the remote channel number and mark that the channel | 3146 | * Record the remote channel number and mark that the channel |
@@ -3142,11 +3148,11 @@ channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh) | |||
3142 | */ | 3148 | */ |
3143 | if ((r = sshpkt_get_u32(ssh, &c->remote_id)) != 0 || | 3149 | if ((r = sshpkt_get_u32(ssh, &c->remote_id)) != 0 || |
3144 | (r = sshpkt_get_u32(ssh, &remote_window)) != 0 || | 3150 | (r = sshpkt_get_u32(ssh, &remote_window)) != 0 || |
3145 | (r = sshpkt_get_u32(ssh, &remote_maxpacket)) != 0) { | 3151 | (r = sshpkt_get_u32(ssh, &remote_maxpacket)) != 0 || |
3152 | (r = sshpkt_get_end(ssh)) != 0) { | ||
3146 | error("%s: window/maxpacket: %s", __func__, ssh_err(r)); | 3153 | error("%s: window/maxpacket: %s", __func__, ssh_err(r)); |
3147 | packet_disconnect("Invalid open confirmation message"); | 3154 | ssh_packet_disconnect(ssh, "Invalid open confirmation message"); |
3148 | } | 3155 | } |
3149 | ssh_packet_check_eom(ssh); | ||
3150 | 3156 | ||
3151 | c->have_remote_id = 1; | 3157 | c->have_remote_id = 1; |
3152 | c->remote_window = remote_window; | 3158 | c->remote_window = remote_window; |
@@ -3189,19 +3195,19 @@ channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh) | |||
3189 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3195 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3190 | return 0; | 3196 | return 0; |
3191 | if (c->type != SSH_CHANNEL_OPENING) | 3197 | if (c->type != SSH_CHANNEL_OPENING) |
3192 | packet_disconnect("Received open failure for " | 3198 | ssh_packet_disconnect(ssh, "Received open failure for " |
3193 | "non-opening channel %d.", c->self); | 3199 | "non-opening channel %d.", c->self); |
3194 | if ((r = sshpkt_get_u32(ssh, &reason)) != 0) { | 3200 | if ((r = sshpkt_get_u32(ssh, &reason)) != 0) { |
3195 | error("%s: reason: %s", __func__, ssh_err(r)); | 3201 | error("%s: reason: %s", __func__, ssh_err(r)); |
3196 | packet_disconnect("Invalid open failure message"); | 3202 | ssh_packet_disconnect(ssh, "Invalid open failure message"); |
3197 | } | 3203 | } |
3198 | /* skip language */ | 3204 | /* skip language */ |
3199 | if ((r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 || | 3205 | if ((r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 || |
3200 | (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0) { | 3206 | (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0 || |
3207 | (r = sshpkt_get_end(ssh)) != 0) { | ||
3201 | error("%s: message/lang: %s", __func__, ssh_err(r)); | 3208 | error("%s: message/lang: %s", __func__, ssh_err(r)); |
3202 | packet_disconnect("Invalid open failure message"); | 3209 | ssh_packet_disconnect(ssh, "Invalid open failure message"); |
3203 | } | 3210 | } |
3204 | ssh_packet_check_eom(ssh); | ||
3205 | logit("channel %d: open failed: %s%s%s", c->self, | 3211 | logit("channel %d: open failed: %s%s%s", c->self, |
3206 | reason2txt(reason), msg ? ": ": "", msg ? msg : ""); | 3212 | reason2txt(reason), msg ? ": ": "", msg ? msg : ""); |
3207 | free(msg); | 3213 | free(msg); |
@@ -3231,11 +3237,11 @@ channel_input_window_adjust(int type, u_int32_t seq, struct ssh *ssh) | |||
3231 | 3237 | ||
3232 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3238 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3233 | return 0; | 3239 | return 0; |
3234 | if ((r = sshpkt_get_u32(ssh, &adjust)) != 0) { | 3240 | if ((r = sshpkt_get_u32(ssh, &adjust)) != 0 || |
3241 | (r = sshpkt_get_end(ssh)) != 0) { | ||
3235 | error("%s: adjust: %s", __func__, ssh_err(r)); | 3242 | error("%s: adjust: %s", __func__, ssh_err(r)); |
3236 | packet_disconnect("Invalid window adjust message"); | 3243 | ssh_packet_disconnect(ssh, "Invalid window adjust message"); |
3237 | } | 3244 | } |
3238 | ssh_packet_check_eom(ssh); | ||
3239 | debug2("channel %d: rcvd adjust %u", c->self, adjust); | 3245 | debug2("channel %d: rcvd adjust %u", c->self, adjust); |
3240 | if ((new_rwin = c->remote_window + adjust) < c->remote_window) { | 3246 | if ((new_rwin = c->remote_window + adjust) < c->remote_window) { |
3241 | fatal("channel %d: adjust %u overflows remote window %u", | 3247 | fatal("channel %d: adjust %u overflows remote window %u", |
@@ -3251,9 +3257,10 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh) | |||
3251 | int id = channel_parse_id(ssh, __func__, "status confirm"); | 3257 | int id = channel_parse_id(ssh, __func__, "status confirm"); |
3252 | Channel *c; | 3258 | Channel *c; |
3253 | struct channel_confirm *cc; | 3259 | struct channel_confirm *cc; |
3260 | int r; | ||
3254 | 3261 | ||
3255 | /* Reset keepalive timeout */ | 3262 | /* Reset keepalive timeout */ |
3256 | packet_set_alive_timeouts(0); | 3263 | ssh_packet_set_alive_timeouts(ssh, 0); |
3257 | 3264 | ||
3258 | debug2("%s: type %d id %d", __func__, type, id); | 3265 | debug2("%s: type %d id %d", __func__, type, id); |
3259 | 3266 | ||
@@ -3263,7 +3270,8 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh) | |||
3263 | } | 3270 | } |
3264 | if (channel_proxy_upstream(c, type, seq, ssh)) | 3271 | if (channel_proxy_upstream(c, type, seq, ssh)) |
3265 | return 0; | 3272 | return 0; |
3266 | ssh_packet_check_eom(ssh); | 3273 | if ((r = sshpkt_get_end(ssh)) != 0) |
3274 | ssh_packet_disconnect(ssh, "Invalid status confirm message"); | ||
3267 | if ((cc = TAILQ_FIRST(&c->status_confirms)) == NULL) | 3275 | if ((cc = TAILQ_FIRST(&c->status_confirms)) == NULL) |
3268 | return 0; | 3276 | return 0; |
3269 | cc->cb(ssh, type, c, cc->ctx); | 3277 | cc->cb(ssh, type, c, cc->ctx); |
@@ -3298,7 +3306,7 @@ channel_set_af(struct ssh *ssh, int af) | |||
3298 | * "127.0.0.1" / "::1" -> accepted even if gateway_ports isn't set | 3306 | * "127.0.0.1" / "::1" -> accepted even if gateway_ports isn't set |
3299 | */ | 3307 | */ |
3300 | static const char * | 3308 | static const char * |
3301 | channel_fwd_bind_addr(const char *listen_addr, int *wildcardp, | 3309 | channel_fwd_bind_addr(struct ssh *ssh, const char *listen_addr, int *wildcardp, |
3302 | int is_client, struct ForwardOptions *fwd_opts) | 3310 | int is_client, struct ForwardOptions *fwd_opts) |
3303 | { | 3311 | { |
3304 | const char *addr = NULL; | 3312 | const char *addr = NULL; |
@@ -3321,7 +3329,8 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp, | |||
3321 | if (*listen_addr != '\0' && | 3329 | if (*listen_addr != '\0' && |
3322 | strcmp(listen_addr, "0.0.0.0") != 0 && | 3330 | strcmp(listen_addr, "0.0.0.0") != 0 && |
3323 | strcmp(listen_addr, "*") != 0) { | 3331 | strcmp(listen_addr, "*") != 0) { |
3324 | packet_send_debug("Forwarding listen address " | 3332 | ssh_packet_send_debug(ssh, |
3333 | "Forwarding listen address " | ||
3325 | "\"%s\" overridden by server " | 3334 | "\"%s\" overridden by server " |
3326 | "GatewayPorts", listen_addr); | 3335 | "GatewayPorts", listen_addr); |
3327 | } | 3336 | } |
@@ -3375,7 +3384,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, | |||
3375 | } | 3384 | } |
3376 | 3385 | ||
3377 | /* Determine the bind address, cf. channel_fwd_bind_addr() comment */ | 3386 | /* Determine the bind address, cf. channel_fwd_bind_addr() comment */ |
3378 | addr = channel_fwd_bind_addr(fwd->listen_host, &wildcard, | 3387 | addr = channel_fwd_bind_addr(ssh, fwd->listen_host, &wildcard, |
3379 | is_client, fwd_opts); | 3388 | is_client, fwd_opts); |
3380 | debug3("%s: type %d wildcard %d addr %s", __func__, | 3389 | debug3("%s: type %d wildcard %d addr %s", __func__, |
3381 | type, wildcard, (addr == NULL) ? "NULL" : addr); | 3390 | type, wildcard, (addr == NULL) ? "NULL" : addr); |
@@ -3392,7 +3401,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, | |||
3392 | if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { | 3401 | if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { |
3393 | if (addr == NULL) { | 3402 | if (addr == NULL) { |
3394 | /* This really shouldn't happen */ | 3403 | /* This really shouldn't happen */ |
3395 | packet_disconnect("getaddrinfo: fatal error: %s", | 3404 | ssh_packet_disconnect(ssh, "getaddrinfo: fatal error: %s", |
3396 | ssh_gai_strerror(r)); | 3405 | ssh_gai_strerror(r)); |
3397 | } else { | 3406 | } else { |
3398 | error("%s: getaddrinfo(%.64s): %s", __func__, addr, | 3407 | error("%s: getaddrinfo(%.64s): %s", __func__, addr, |
@@ -3641,7 +3650,7 @@ channel_cancel_lport_listener_tcpip(struct ssh *ssh, | |||
3641 | { | 3650 | { |
3642 | u_int i; | 3651 | u_int i; |
3643 | int found = 0; | 3652 | int found = 0; |
3644 | const char *addr = channel_fwd_bind_addr(lhost, NULL, 1, fwd_opts); | 3653 | const char *addr = channel_fwd_bind_addr(ssh, lhost, NULL, 1, fwd_opts); |
3645 | 3654 | ||
3646 | for (i = 0; i < ssh->chanctxt->channels_alloc; i++) { | 3655 | for (i = 0; i < ssh->chanctxt->channels_alloc; i++) { |
3647 | Channel *c = ssh->chanctxt->channels[i]; | 3656 | Channel *c = ssh->chanctxt->channels[i]; |
@@ -3793,7 +3802,7 @@ channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd, | |||
3793 | int *allocated_listen_port, struct ForwardOptions *fwd_opts) | 3802 | int *allocated_listen_port, struct ForwardOptions *fwd_opts) |
3794 | { | 3803 | { |
3795 | if (!check_rfwd_permission(ssh, fwd)) { | 3804 | if (!check_rfwd_permission(ssh, fwd)) { |
3796 | packet_send_debug("port forwarding refused"); | 3805 | ssh_packet_send_debug(ssh, "port forwarding refused"); |
3797 | return 0; | 3806 | return 0; |
3798 | } | 3807 | } |
3799 | if (fwd->listen_path != NULL) { | 3808 | if (fwd->listen_path != NULL) { |
diff --git a/clientloop.c b/clientloop.c index 1464634b0..9b90c64f3 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.322 2019/03/29 11:31:40 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -164,7 +164,7 @@ static int need_rekeying; /* Set to non-zero if rekeying is requested. */ | |||
164 | static int session_closed; /* In SSH2: login session closed. */ | 164 | static int session_closed; /* In SSH2: login session closed. */ |
165 | static u_int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ | 165 | static u_int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ |
166 | 166 | ||
167 | static void client_init_dispatch(void); | 167 | static void client_init_dispatch(struct ssh *ssh); |
168 | int session_ident = -1; | 168 | int session_ident = -1; |
169 | 169 | ||
170 | /* Track escape per proto2 channel */ | 170 | /* Track escape per proto2 channel */ |
@@ -368,7 +368,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display, | |||
368 | SSH_X11_PROTO, x11_timeout_real, | 368 | SSH_X11_PROTO, x11_timeout_real, |
369 | _PATH_DEVNULL); | 369 | _PATH_DEVNULL); |
370 | } | 370 | } |
371 | debug2("%s: %s", __func__, cmd); | 371 | debug2("%s: xauth command: %s", __func__, cmd); |
372 | 372 | ||
373 | if (timeout != 0 && x11_refuse_time == 0) { | 373 | if (timeout != 0 && x11_refuse_time == 0) { |
374 | now = monotime() + 1; | 374 | now = monotime() + 1; |
@@ -479,21 +479,24 @@ client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
479 | free(gc); | 479 | free(gc); |
480 | } | 480 | } |
481 | 481 | ||
482 | packet_set_alive_timeouts(0); | 482 | ssh_packet_set_alive_timeouts(ssh, 0); |
483 | return 0; | 483 | return 0; |
484 | } | 484 | } |
485 | 485 | ||
486 | static void | 486 | static void |
487 | server_alive_check(void) | 487 | server_alive_check(struct ssh *ssh) |
488 | { | 488 | { |
489 | if (packet_inc_alive_timeouts() > options.server_alive_count_max) { | 489 | int r; |
490 | |||
491 | if (ssh_packet_inc_alive_timeouts(ssh) > options.server_alive_count_max) { | ||
490 | logit("Timeout, server %s not responding.", host); | 492 | logit("Timeout, server %s not responding.", host); |
491 | cleanup_exit(255); | 493 | cleanup_exit(255); |
492 | } | 494 | } |
493 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 495 | if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || |
494 | packet_put_cstring("keepalive@openssh.com"); | 496 | (r = sshpkt_put_cstring(ssh, "keepalive@openssh.com")) != 0 || |
495 | packet_put_char(1); /* boolean: want reply */ | 497 | (r = sshpkt_put_u8(ssh, 1)) != 0 || /* boolean: want reply */ |
496 | packet_send(); | 498 | (r = sshpkt_send(ssh)) != 0) |
499 | fatal("%s: send packet: %s", __func__, ssh_err(r)); | ||
497 | /* Insert an empty placeholder to maintain ordering */ | 500 | /* Insert an empty placeholder to maintain ordering */ |
498 | client_register_global_confirm(NULL, NULL); | 501 | client_register_global_confirm(NULL, NULL); |
499 | } | 502 | } |
@@ -513,12 +516,12 @@ client_wait_until_can_do_something(struct ssh *ssh, | |||
513 | int r, ret; | 516 | int r, ret; |
514 | 517 | ||
515 | /* Add any selections by the channel mechanism. */ | 518 | /* Add any selections by the channel mechanism. */ |
516 | channel_prepare_select(active_state, readsetp, writesetp, maxfdp, | 519 | channel_prepare_select(ssh, readsetp, writesetp, maxfdp, |
517 | nallocp, &minwait_secs); | 520 | nallocp, &minwait_secs); |
518 | 521 | ||
519 | /* channel_prepare_select could have closed the last channel */ | 522 | /* channel_prepare_select could have closed the last channel */ |
520 | if (session_closed && !channel_still_open(ssh) && | 523 | if (session_closed && !channel_still_open(ssh) && |
521 | !packet_have_data_to_write()) { | 524 | !ssh_packet_have_data_to_write(ssh)) { |
522 | /* clear mask since we did not call select() */ | 525 | /* clear mask since we did not call select() */ |
523 | memset(*readsetp, 0, *nallocp); | 526 | memset(*readsetp, 0, *nallocp); |
524 | memset(*writesetp, 0, *nallocp); | 527 | memset(*writesetp, 0, *nallocp); |
@@ -528,7 +531,7 @@ client_wait_until_can_do_something(struct ssh *ssh, | |||
528 | FD_SET(connection_in, *readsetp); | 531 | FD_SET(connection_in, *readsetp); |
529 | 532 | ||
530 | /* Select server connection if have data to write to the server. */ | 533 | /* Select server connection if have data to write to the server. */ |
531 | if (packet_have_data_to_write()) | 534 | if (ssh_packet_have_data_to_write(ssh)) |
532 | FD_SET(connection_out, *writesetp); | 535 | FD_SET(connection_out, *writesetp); |
533 | 536 | ||
534 | /* | 537 | /* |
@@ -543,7 +546,8 @@ client_wait_until_can_do_something(struct ssh *ssh, | |||
543 | server_alive_time = now + options.server_alive_interval; | 546 | server_alive_time = now + options.server_alive_interval; |
544 | } | 547 | } |
545 | if (options.rekey_interval > 0 && !rekeying) | 548 | if (options.rekey_interval > 0 && !rekeying) |
546 | timeout_secs = MINIMUM(timeout_secs, packet_get_rekey_timeout()); | 549 | timeout_secs = MINIMUM(timeout_secs, |
550 | ssh_packet_get_rekey_timeout(ssh)); | ||
547 | set_control_persist_exit_time(ssh); | 551 | set_control_persist_exit_time(ssh); |
548 | if (control_persist_exit_time > 0) { | 552 | if (control_persist_exit_time > 0) { |
549 | timeout_secs = MINIMUM(timeout_secs, | 553 | timeout_secs = MINIMUM(timeout_secs, |
@@ -584,7 +588,7 @@ client_wait_until_can_do_something(struct ssh *ssh, | |||
584 | * Keepalive we check here, rekeying is checked in clientloop. | 588 | * Keepalive we check here, rekeying is checked in clientloop. |
585 | */ | 589 | */ |
586 | if (server_alive_time != 0 && server_alive_time <= monotime()) | 590 | if (server_alive_time != 0 && server_alive_time <= monotime()) |
587 | server_alive_check(); | 591 | server_alive_check(ssh); |
588 | } | 592 | } |
589 | 593 | ||
590 | } | 594 | } |
@@ -616,7 +620,7 @@ client_suspend_self(struct sshbuf *bin, struct sshbuf *bout, struct sshbuf *berr | |||
616 | } | 620 | } |
617 | 621 | ||
618 | static void | 622 | static void |
619 | client_process_net_input(fd_set *readset) | 623 | client_process_net_input(struct ssh *ssh, fd_set *readset) |
620 | { | 624 | { |
621 | char buf[SSH_IOBUFSZ]; | 625 | char buf[SSH_IOBUFSZ]; |
622 | int r, len; | 626 | int r, len; |
@@ -662,7 +666,7 @@ client_process_net_input(fd_set *readset) | |||
662 | quit_pending = 1; | 666 | quit_pending = 1; |
663 | return; | 667 | return; |
664 | } | 668 | } |
665 | packet_process_incoming(buf, len); | 669 | ssh_packet_process_incoming(ssh, buf, len); |
666 | } | 670 | } |
667 | } | 671 | } |
668 | 672 | ||
@@ -1035,7 +1039,7 @@ process_escapes(struct ssh *ssh, Channel *c, | |||
1035 | channel_request_start(ssh, c->self, "break", 0); | 1039 | channel_request_start(ssh, c->self, "break", 0); |
1036 | if ((r = sshpkt_put_u32(ssh, 1000)) != 0 || | 1040 | if ((r = sshpkt_put_u32(ssh, 1000)) != 0 || |
1037 | (r = sshpkt_send(ssh)) != 0) | 1041 | (r = sshpkt_send(ssh)) != 0) |
1038 | fatal("%s: %s", __func__, | 1042 | fatal("%s: send packet: %s", __func__, |
1039 | ssh_err(r)); | 1043 | ssh_err(r)); |
1040 | continue; | 1044 | continue; |
1041 | 1045 | ||
@@ -1186,9 +1190,9 @@ process_escapes(struct ssh *ssh, Channel *c, | |||
1186 | */ | 1190 | */ |
1187 | 1191 | ||
1188 | static void | 1192 | static void |
1189 | client_process_buffered_input_packets(void) | 1193 | client_process_buffered_input_packets(struct ssh *ssh) |
1190 | { | 1194 | { |
1191 | ssh_dispatch_run_fatal(active_state, DISPATCH_NONBLOCK, &quit_pending); | 1195 | ssh_dispatch_run_fatal(ssh, DISPATCH_NONBLOCK, &quit_pending); |
1192 | } | 1196 | } |
1193 | 1197 | ||
1194 | /* scan buf[] for '~' before sending data to the peer */ | 1198 | /* scan buf[] for '~' before sending data to the peer */ |
@@ -1285,8 +1289,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1285 | /* Initialize variables. */ | 1289 | /* Initialize variables. */ |
1286 | last_was_cr = 1; | 1290 | last_was_cr = 1; |
1287 | exit_status = -1; | 1291 | exit_status = -1; |
1288 | connection_in = packet_get_connection_in(); | 1292 | connection_in = ssh_packet_get_connection_in(ssh); |
1289 | connection_out = packet_get_connection_out(); | 1293 | connection_out = ssh_packet_get_connection_out(ssh); |
1290 | max_fd = MAXIMUM(connection_in, connection_out); | 1294 | max_fd = MAXIMUM(connection_in, connection_out); |
1291 | 1295 | ||
1292 | quit_pending = 0; | 1296 | quit_pending = 0; |
@@ -1295,7 +1299,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1295 | if ((stderr_buffer = sshbuf_new()) == NULL) | 1299 | if ((stderr_buffer = sshbuf_new()) == NULL) |
1296 | fatal("%s: sshbuf_new failed", __func__); | 1300 | fatal("%s: sshbuf_new failed", __func__); |
1297 | 1301 | ||
1298 | client_init_dispatch(); | 1302 | client_init_dispatch(ssh); |
1299 | 1303 | ||
1300 | /* | 1304 | /* |
1301 | * Set signal handlers, (e.g. to restore non-blocking mode) | 1305 | * Set signal handlers, (e.g. to restore non-blocking mode) |
@@ -1331,7 +1335,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1331 | while (!quit_pending) { | 1335 | while (!quit_pending) { |
1332 | 1336 | ||
1333 | /* Process buffered packets sent by the server. */ | 1337 | /* Process buffered packets sent by the server. */ |
1334 | client_process_buffered_input_packets(); | 1338 | client_process_buffered_input_packets(ssh); |
1335 | 1339 | ||
1336 | if (session_closed && !channel_still_open(ssh)) | 1340 | if (session_closed && !channel_still_open(ssh)) |
1337 | break; | 1341 | break; |
@@ -1350,7 +1354,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1350 | * Make packets from buffered channel data, and | 1354 | * Make packets from buffered channel data, and |
1351 | * enqueue them for sending to the server. | 1355 | * enqueue them for sending to the server. |
1352 | */ | 1356 | */ |
1353 | if (packet_not_very_much_data_to_write()) | 1357 | if (ssh_packet_not_very_much_data_to_write(ssh)) |
1354 | channel_output_poll(ssh); | 1358 | channel_output_poll(ssh); |
1355 | 1359 | ||
1356 | /* | 1360 | /* |
@@ -1387,7 +1391,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1387 | } | 1391 | } |
1388 | 1392 | ||
1389 | /* Buffer input from the connection. */ | 1393 | /* Buffer input from the connection. */ |
1390 | client_process_net_input(readset); | 1394 | client_process_net_input(ssh, readset); |
1391 | 1395 | ||
1392 | if (quit_pending) | 1396 | if (quit_pending) |
1393 | break; | 1397 | break; |
@@ -1397,7 +1401,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1397 | * sender. | 1401 | * sender. |
1398 | */ | 1402 | */ |
1399 | if (FD_ISSET(connection_out, writeset)) | 1403 | if (FD_ISSET(connection_out, writeset)) |
1400 | packet_write_poll(); | 1404 | ssh_packet_write_poll(ssh); |
1401 | 1405 | ||
1402 | /* | 1406 | /* |
1403 | * If we are a backgrounded control master, and the | 1407 | * If we are a backgrounded control master, and the |
@@ -1419,12 +1423,13 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1419 | /* Stop watching for window change. */ | 1423 | /* Stop watching for window change. */ |
1420 | signal(SIGWINCH, SIG_DFL); | 1424 | signal(SIGWINCH, SIG_DFL); |
1421 | 1425 | ||
1422 | packet_start(SSH2_MSG_DISCONNECT); | 1426 | if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 || |
1423 | packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); | 1427 | (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 || |
1424 | packet_put_cstring("disconnected by user"); | 1428 | (r = sshpkt_put_cstring(ssh, "disconnected by user")) != 0 || |
1425 | packet_put_cstring(""); /* language tag */ | 1429 | (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language tag */ |
1426 | packet_send(); | 1430 | (r = sshpkt_send(ssh)) != 0 || |
1427 | packet_write_wait(); | 1431 | (r = ssh_packet_write_wait(ssh)) != 0) |
1432 | fatal("%s: send disconnect: %s", __func__, ssh_err(r)); | ||
1428 | 1433 | ||
1429 | channel_free_all(ssh); | 1434 | channel_free_all(ssh); |
1430 | 1435 | ||
@@ -1481,7 +1486,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1481 | 1486 | ||
1482 | /* Report bytes transferred, and transfer rates. */ | 1487 | /* Report bytes transferred, and transfer rates. */ |
1483 | total_time = monotime_double() - start_time; | 1488 | total_time = monotime_double() - start_time; |
1484 | packet_get_bytes(&ibytes, &obytes); | 1489 | ssh_packet_get_bytes(ssh, &ibytes, &obytes); |
1485 | verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds", | 1490 | verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds", |
1486 | (unsigned long long)obytes, (unsigned long long)ibytes, total_time); | 1491 | (unsigned long long)obytes, (unsigned long long)ibytes, total_time); |
1487 | if (total_time > 0) | 1492 | if (total_time > 0) |
@@ -1501,21 +1506,29 @@ client_request_forwarded_tcpip(struct ssh *ssh, const char *request_type, | |||
1501 | Channel *c = NULL; | 1506 | Channel *c = NULL; |
1502 | struct sshbuf *b = NULL; | 1507 | struct sshbuf *b = NULL; |
1503 | char *listen_address, *originator_address; | 1508 | char *listen_address, *originator_address; |
1504 | u_short listen_port, originator_port; | 1509 | u_int listen_port, originator_port; |
1505 | int r; | 1510 | int r; |
1506 | 1511 | ||
1507 | /* Get rest of the packet */ | 1512 | /* Get rest of the packet */ |
1508 | listen_address = packet_get_string(NULL); | 1513 | if ((r = sshpkt_get_cstring(ssh, &listen_address, NULL)) != 0 || |
1509 | listen_port = packet_get_int(); | 1514 | (r = sshpkt_get_u32(ssh, &listen_port)) != 0 || |
1510 | originator_address = packet_get_string(NULL); | 1515 | (r = sshpkt_get_cstring(ssh, &originator_address, NULL)) != 0 || |
1511 | originator_port = packet_get_int(); | 1516 | (r = sshpkt_get_u32(ssh, &originator_port)) != 0 || |
1512 | packet_check_eom(); | 1517 | (r = sshpkt_get_end(ssh)) != 0) |
1518 | fatal("%s: parse packet: %s", __func__, ssh_err(r)); | ||
1513 | 1519 | ||
1514 | debug("%s: listen %s port %d, originator %s port %d", __func__, | 1520 | debug("%s: listen %s port %d, originator %s port %d", __func__, |
1515 | listen_address, listen_port, originator_address, originator_port); | 1521 | listen_address, listen_port, originator_address, originator_port); |
1516 | 1522 | ||
1517 | c = channel_connect_by_listen_address(ssh, listen_address, listen_port, | 1523 | if (listen_port > 0xffff) |
1518 | "forwarded-tcpip", originator_address); | 1524 | error("%s: invalid listen port", __func__); |
1525 | else if (originator_port > 0xffff) | ||
1526 | error("%s: invalid originator port", __func__); | ||
1527 | else { | ||
1528 | c = channel_connect_by_listen_address(ssh, | ||
1529 | listen_address, listen_port, "forwarded-tcpip", | ||
1530 | originator_address); | ||
1531 | } | ||
1519 | 1532 | ||
1520 | if (c != NULL && c->type == SSH_CHANNEL_MUX_CLIENT) { | 1533 | if (c != NULL && c->type == SSH_CHANNEL_MUX_CLIENT) { |
1521 | if ((b = sshbuf_new()) == NULL) { | 1534 | if ((b = sshbuf_new()) == NULL) { |
@@ -1553,15 +1566,15 @@ client_request_forwarded_streamlocal(struct ssh *ssh, | |||
1553 | { | 1566 | { |
1554 | Channel *c = NULL; | 1567 | Channel *c = NULL; |
1555 | char *listen_path; | 1568 | char *listen_path; |
1569 | int r; | ||
1556 | 1570 | ||
1557 | /* Get the remote path. */ | 1571 | /* Get the remote path. */ |
1558 | listen_path = packet_get_string(NULL); | 1572 | if ((r = sshpkt_get_cstring(ssh, &listen_path, NULL)) != 0 || |
1559 | /* XXX: Skip reserved field for now. */ | 1573 | (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* reserved */ |
1560 | if (packet_get_string_ptr(NULL) == NULL) | 1574 | (r = sshpkt_get_end(ssh)) != 0) |
1561 | fatal("%s: packet_get_string_ptr failed", __func__); | 1575 | fatal("%s: parse packet: %s", __func__, ssh_err(r)); |
1562 | packet_check_eom(); | ||
1563 | 1576 | ||
1564 | debug("%s: %s", __func__, listen_path); | 1577 | debug("%s: request: %s", __func__, listen_path); |
1565 | 1578 | ||
1566 | c = channel_connect_by_listen_path(ssh, listen_path, | 1579 | c = channel_connect_by_listen_path(ssh, listen_path, |
1567 | "forwarded-streamlocal@openssh.com", "forwarded-streamlocal"); | 1580 | "forwarded-streamlocal@openssh.com", "forwarded-streamlocal"); |
@@ -1574,8 +1587,8 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan) | |||
1574 | { | 1587 | { |
1575 | Channel *c = NULL; | 1588 | Channel *c = NULL; |
1576 | char *originator; | 1589 | char *originator; |
1577 | u_short originator_port; | 1590 | u_int originator_port; |
1578 | int sock; | 1591 | int r, sock; |
1579 | 1592 | ||
1580 | if (!options.forward_x11) { | 1593 | if (!options.forward_x11) { |
1581 | error("Warning: ssh server tried X11 forwarding."); | 1594 | error("Warning: ssh server tried X11 forwarding."); |
@@ -1588,11 +1601,13 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan) | |||
1588 | "expired"); | 1601 | "expired"); |
1589 | return NULL; | 1602 | return NULL; |
1590 | } | 1603 | } |
1591 | originator = packet_get_string(NULL); | 1604 | if ((r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 || |
1592 | originator_port = packet_get_int(); | 1605 | (r = sshpkt_get_u32(ssh, &originator_port)) != 0 || |
1593 | packet_check_eom(); | 1606 | (r = sshpkt_get_end(ssh)) != 0) |
1607 | fatal("%s: parse packet: %s", __func__, ssh_err(r)); | ||
1594 | /* XXX check permission */ | 1608 | /* XXX check permission */ |
1595 | debug("client_request_x11: request from %s %d", originator, | 1609 | /* XXX range check originator port? */ |
1610 | debug("client_request_x11: request from %s %u", originator, | ||
1596 | originator_port); | 1611 | originator_port); |
1597 | free(originator); | 1612 | free(originator); |
1598 | sock = x11_connect_display(ssh); | 1613 | sock = x11_connect_display(ssh); |
@@ -1636,7 +1651,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, | |||
1636 | int local_tun, int remote_tun) | 1651 | int local_tun, int remote_tun) |
1637 | { | 1652 | { |
1638 | Channel *c; | 1653 | Channel *c; |
1639 | int fd; | 1654 | int r, fd; |
1640 | char *ifname = NULL; | 1655 | char *ifname = NULL; |
1641 | 1656 | ||
1642 | if (tun_mode == SSH_TUNMODE_NO) | 1657 | if (tun_mode == SSH_TUNMODE_NO) |
@@ -1661,14 +1676,15 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode, | |||
1661 | sys_tun_outfilter, NULL, NULL); | 1676 | sys_tun_outfilter, NULL, NULL); |
1662 | #endif | 1677 | #endif |
1663 | 1678 | ||
1664 | packet_start(SSH2_MSG_CHANNEL_OPEN); | 1679 | if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN)) != 0 || |
1665 | packet_put_cstring("tun@openssh.com"); | 1680 | (r = sshpkt_put_cstring(ssh, "tun@openssh.com")) != 0 || |
1666 | packet_put_int(c->self); | 1681 | (r = sshpkt_put_u32(ssh, c->self)) != 0 || |
1667 | packet_put_int(c->local_window_max); | 1682 | (r = sshpkt_put_u32(ssh, c->local_window_max)) != 0 || |
1668 | packet_put_int(c->local_maxpacket); | 1683 | (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 || |
1669 | packet_put_int(tun_mode); | 1684 | (r = sshpkt_put_u32(ssh, tun_mode)) != 0 || |
1670 | packet_put_int(remote_tun); | 1685 | (r = sshpkt_put_u32(ssh, remote_tun)) != 0 || |
1671 | packet_send(); | 1686 | (r = sshpkt_send(ssh)) != 0) |
1687 | sshpkt_fatal(ssh, r, "%s: send reply", __func__); | ||
1672 | 1688 | ||
1673 | return ifname; | 1689 | return ifname; |
1674 | } | 1690 | } |
@@ -1678,14 +1694,17 @@ static int | |||
1678 | client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) | 1694 | client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) |
1679 | { | 1695 | { |
1680 | Channel *c = NULL; | 1696 | Channel *c = NULL; |
1681 | char *ctype; | 1697 | char *ctype = NULL; |
1682 | int rchan; | 1698 | int r; |
1683 | u_int rmaxpack, rwindow, len; | 1699 | u_int rchan; |
1684 | 1700 | size_t len; | |
1685 | ctype = packet_get_string(&len); | 1701 | u_int rmaxpack, rwindow; |
1686 | rchan = packet_get_int(); | 1702 | |
1687 | rwindow = packet_get_int(); | 1703 | if ((r = sshpkt_get_cstring(ssh, &ctype, &len)) != 0 || |
1688 | rmaxpack = packet_get_int(); | 1704 | (r = sshpkt_get_u32(ssh, &rchan)) != 0 || |
1705 | (r = sshpkt_get_u32(ssh, &rwindow)) != 0 || | ||
1706 | (r = sshpkt_get_u32(ssh, &rmaxpack)) != 0) | ||
1707 | goto out; | ||
1689 | 1708 | ||
1690 | debug("client_input_channel_open: ctype %s rchan %d win %d max %d", | 1709 | debug("client_input_channel_open: ctype %s rchan %d win %d max %d", |
1691 | ctype, rchan, rwindow, rmaxpack); | 1710 | ctype, rchan, rwindow, rmaxpack); |
@@ -1709,57 +1728,66 @@ client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) | |||
1709 | c->remote_window = rwindow; | 1728 | c->remote_window = rwindow; |
1710 | c->remote_maxpacket = rmaxpack; | 1729 | c->remote_maxpacket = rmaxpack; |
1711 | if (c->type != SSH_CHANNEL_CONNECTING) { | 1730 | if (c->type != SSH_CHANNEL_CONNECTING) { |
1712 | packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); | 1731 | if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION)) != 0 || |
1713 | packet_put_int(c->remote_id); | 1732 | (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || |
1714 | packet_put_int(c->self); | 1733 | (r = sshpkt_put_u32(ssh, c->self)) != 0 || |
1715 | packet_put_int(c->local_window); | 1734 | (r = sshpkt_put_u32(ssh, c->local_window)) != 0 || |
1716 | packet_put_int(c->local_maxpacket); | 1735 | (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 || |
1717 | packet_send(); | 1736 | (r = sshpkt_send(ssh)) != 0) |
1737 | sshpkt_fatal(ssh, r, "%s: send reply", __func__); | ||
1718 | } | 1738 | } |
1719 | } else { | 1739 | } else { |
1720 | debug("failure %s", ctype); | 1740 | debug("failure %s", ctype); |
1721 | packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); | 1741 | if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE)) != 0 || |
1722 | packet_put_int(rchan); | 1742 | (r = sshpkt_put_u32(ssh, rchan)) != 0 || |
1723 | packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); | 1743 | (r = sshpkt_put_u32(ssh, SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED)) != 0 || |
1724 | packet_put_cstring("open failed"); | 1744 | (r = sshpkt_put_cstring(ssh, "open failed")) != 0 || |
1725 | packet_put_cstring(""); | 1745 | (r = sshpkt_put_cstring(ssh, "")) != 0 || |
1726 | packet_send(); | 1746 | (r = sshpkt_send(ssh)) != 0) |
1747 | sshpkt_fatal(ssh, r, "%s: send failure", __func__); | ||
1727 | } | 1748 | } |
1749 | r = 0; | ||
1750 | out: | ||
1728 | free(ctype); | 1751 | free(ctype); |
1729 | return 0; | 1752 | return r; |
1730 | } | 1753 | } |
1731 | 1754 | ||
1732 | static int | 1755 | static int |
1733 | client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) | 1756 | client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) |
1734 | { | 1757 | { |
1735 | Channel *c = NULL; | 1758 | Channel *c = NULL; |
1736 | int exitval, id, reply, success = 0; | 1759 | char *rtype = NULL; |
1737 | char *rtype; | 1760 | u_char reply; |
1738 | 1761 | u_int id, exitval; | |
1739 | id = packet_get_int(); | 1762 | int r, success = 0; |
1740 | c = channel_lookup(ssh, id); | 1763 | |
1764 | if ((r = sshpkt_get_u32(ssh, &id)) != 0) | ||
1765 | return r; | ||
1766 | if (id <= INT_MAX) | ||
1767 | c = channel_lookup(ssh, id); | ||
1741 | if (channel_proxy_upstream(c, type, seq, ssh)) | 1768 | if (channel_proxy_upstream(c, type, seq, ssh)) |
1742 | return 0; | 1769 | return 0; |
1743 | rtype = packet_get_string(NULL); | 1770 | if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 || |
1744 | reply = packet_get_char(); | 1771 | (r = sshpkt_get_u8(ssh, &reply)) != 0) |
1772 | goto out; | ||
1745 | 1773 | ||
1746 | debug("client_input_channel_req: channel %d rtype %s reply %d", | 1774 | debug("client_input_channel_req: channel %u rtype %s reply %d", |
1747 | id, rtype, reply); | 1775 | id, rtype, reply); |
1748 | 1776 | ||
1749 | if (id == -1) { | 1777 | if (c == NULL) { |
1750 | error("client_input_channel_req: request for channel -1"); | ||
1751 | } else if (c == NULL) { | ||
1752 | error("client_input_channel_req: channel %d: " | 1778 | error("client_input_channel_req: channel %d: " |
1753 | "unknown channel", id); | 1779 | "unknown channel", id); |
1754 | } else if (strcmp(rtype, "eow@openssh.com") == 0) { | 1780 | } else if (strcmp(rtype, "eow@openssh.com") == 0) { |
1755 | packet_check_eom(); | 1781 | if ((r = sshpkt_get_end(ssh)) != 0) |
1782 | goto out; | ||
1756 | chan_rcvd_eow(ssh, c); | 1783 | chan_rcvd_eow(ssh, c); |
1757 | } else if (strcmp(rtype, "exit-status") == 0) { | 1784 | } else if (strcmp(rtype, "exit-status") == 0) { |
1758 | exitval = packet_get_int(); | 1785 | if ((r = sshpkt_get_u32(ssh, &exitval)) != 0) |
1786 | goto out; | ||
1759 | if (c->ctl_chan != -1) { | 1787 | if (c->ctl_chan != -1) { |
1760 | mux_exit_message(ssh, c, exitval); | 1788 | mux_exit_message(ssh, c, exitval); |
1761 | success = 1; | 1789 | success = 1; |
1762 | } else if (id == session_ident) { | 1790 | } else if ((int)id == session_ident) { |
1763 | /* Record exit value of local session */ | 1791 | /* Record exit value of local session */ |
1764 | success = 1; | 1792 | success = 1; |
1765 | exit_status = exitval; | 1793 | exit_status = exitval; |
@@ -1768,19 +1796,23 @@ client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) | |||
1768 | debug("%s: no sink for exit-status on channel %d", | 1796 | debug("%s: no sink for exit-status on channel %d", |
1769 | __func__, id); | 1797 | __func__, id); |
1770 | } | 1798 | } |
1771 | packet_check_eom(); | 1799 | if ((r = sshpkt_get_end(ssh)) != 0) |
1800 | goto out; | ||
1772 | } | 1801 | } |
1773 | if (reply && c != NULL && !(c->flags & CHAN_CLOSE_SENT)) { | 1802 | if (reply && c != NULL && !(c->flags & CHAN_CLOSE_SENT)) { |
1774 | if (!c->have_remote_id) | 1803 | if (!c->have_remote_id) |
1775 | fatal("%s: channel %d: no remote_id", | 1804 | fatal("%s: channel %d: no remote_id", |
1776 | __func__, c->self); | 1805 | __func__, c->self); |
1777 | packet_start(success ? | 1806 | if ((r = sshpkt_start(ssh, success ? |
1778 | SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); | 1807 | SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE)) != 0 || |
1779 | packet_put_int(c->remote_id); | 1808 | (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || |
1780 | packet_send(); | 1809 | (r = sshpkt_send(ssh)) != 0) |
1810 | sshpkt_fatal(ssh, r, "%s: send failure", __func__); | ||
1781 | } | 1811 | } |
1812 | r = 0; | ||
1813 | out: | ||
1782 | free(rtype); | 1814 | free(rtype); |
1783 | return 0; | 1815 | return r; |
1784 | } | 1816 | } |
1785 | 1817 | ||
1786 | struct hostkeys_update_ctx { | 1818 | struct hostkeys_update_ctx { |
@@ -1997,7 +2029,10 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type, | |||
1997 | if (ndone != ctx->nnew) | 2029 | if (ndone != ctx->nnew) |
1998 | fatal("%s: ndone != ctx->nnew (%zu / %zu)", __func__, | 2030 | fatal("%s: ndone != ctx->nnew (%zu / %zu)", __func__, |
1999 | ndone, ctx->nnew); /* Shouldn't happen */ | 2031 | ndone, ctx->nnew); /* Shouldn't happen */ |
2000 | ssh_packet_check_eom(ssh); | 2032 | if ((r = sshpkt_get_end(ssh)) != 0) { |
2033 | error("%s: protocol error", __func__); | ||
2034 | goto out; | ||
2035 | } | ||
2001 | 2036 | ||
2002 | /* Make the edits to known_hosts */ | 2037 | /* Make the edits to known_hosts */ |
2003 | update_known_hosts(ctx); | 2038 | update_known_hosts(ctx); |
@@ -2031,9 +2066,8 @@ key_accepted_by_hostkeyalgs(const struct sshkey *key) | |||
2031 | * HostkeyAlgorithms preference before they are accepted. | 2066 | * HostkeyAlgorithms preference before they are accepted. |
2032 | */ | 2067 | */ |
2033 | static int | 2068 | static int |
2034 | client_input_hostkeys(void) | 2069 | client_input_hostkeys(struct ssh *ssh) |
2035 | { | 2070 | { |
2036 | struct ssh *ssh = active_state; /* XXX */ | ||
2037 | const u_char *blob = NULL; | 2071 | const u_char *blob = NULL; |
2038 | size_t i, len = 0; | 2072 | size_t i, len = 0; |
2039 | struct sshbuf *buf = NULL; | 2073 | struct sshbuf *buf = NULL; |
@@ -2184,23 +2218,27 @@ static int | |||
2184 | client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) | 2218 | client_input_global_request(int type, u_int32_t seq, struct ssh *ssh) |
2185 | { | 2219 | { |
2186 | char *rtype; | 2220 | char *rtype; |
2187 | int want_reply; | 2221 | u_char want_reply; |
2188 | int success = 0; | 2222 | int r, success = 0; |
2189 | 2223 | ||
2190 | rtype = packet_get_cstring(NULL); | 2224 | if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 || |
2191 | want_reply = packet_get_char(); | 2225 | (r = sshpkt_get_u8(ssh, &want_reply)) != 0) |
2226 | goto out; | ||
2192 | debug("client_input_global_request: rtype %s want_reply %d", | 2227 | debug("client_input_global_request: rtype %s want_reply %d", |
2193 | rtype, want_reply); | 2228 | rtype, want_reply); |
2194 | if (strcmp(rtype, "hostkeys-00@openssh.com") == 0) | 2229 | if (strcmp(rtype, "hostkeys-00@openssh.com") == 0) |
2195 | success = client_input_hostkeys(); | 2230 | success = client_input_hostkeys(ssh); |
2196 | if (want_reply) { | 2231 | if (want_reply) { |
2197 | packet_start(success ? | 2232 | if ((r = sshpkt_start(ssh, success ? SSH2_MSG_REQUEST_SUCCESS : |
2198 | SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); | 2233 | SSH2_MSG_REQUEST_FAILURE)) != 0 || |
2199 | packet_send(); | 2234 | (r = sshpkt_send(ssh)) != 0 || |
2200 | packet_write_wait(); | 2235 | (r = ssh_packet_write_wait(ssh)) != 0) |
2236 | goto out; | ||
2201 | } | 2237 | } |
2238 | r = 0; | ||
2239 | out: | ||
2202 | free(rtype); | 2240 | free(rtype); |
2203 | return 0; | 2241 | return r; |
2204 | } | 2242 | } |
2205 | 2243 | ||
2206 | void | 2244 | void |
@@ -2208,7 +2246,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2208 | const char *term, struct termios *tiop, int in_fd, struct sshbuf *cmd, | 2246 | const char *term, struct termios *tiop, int in_fd, struct sshbuf *cmd, |
2209 | char **env) | 2247 | char **env) |
2210 | { | 2248 | { |
2211 | int i, j, matched, len; | 2249 | int i, j, matched, len, r; |
2212 | char *name, *val; | 2250 | char *name, *val; |
2213 | Channel *c = NULL; | 2251 | Channel *c = NULL; |
2214 | 2252 | ||
@@ -2217,7 +2255,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2217 | if ((c = channel_lookup(ssh, id)) == NULL) | 2255 | if ((c = channel_lookup(ssh, id)) == NULL) |
2218 | fatal("%s: channel %d: unknown channel", __func__, id); | 2256 | fatal("%s: channel %d: unknown channel", __func__, id); |
2219 | 2257 | ||
2220 | packet_set_interactive(want_tty, | 2258 | ssh_packet_set_interactive(ssh, want_tty, |
2221 | options.ip_qos_interactive, options.ip_qos_bulk); | 2259 | options.ip_qos_interactive, options.ip_qos_bulk); |
2222 | 2260 | ||
2223 | if (want_tty) { | 2261 | if (want_tty) { |
@@ -2229,15 +2267,18 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2229 | 2267 | ||
2230 | channel_request_start(ssh, id, "pty-req", 1); | 2268 | channel_request_start(ssh, id, "pty-req", 1); |
2231 | client_expect_confirm(ssh, id, "PTY allocation", CONFIRM_TTY); | 2269 | client_expect_confirm(ssh, id, "PTY allocation", CONFIRM_TTY); |
2232 | packet_put_cstring(term != NULL ? term : ""); | 2270 | if ((r = sshpkt_put_cstring(ssh, term != NULL ? term : "")) |
2233 | packet_put_int((u_int)ws.ws_col); | 2271 | != 0 || |
2234 | packet_put_int((u_int)ws.ws_row); | 2272 | (r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 || |
2235 | packet_put_int((u_int)ws.ws_xpixel); | 2273 | (r = sshpkt_put_u32(ssh, (u_int)ws.ws_row)) != 0 || |
2236 | packet_put_int((u_int)ws.ws_ypixel); | 2274 | (r = sshpkt_put_u32(ssh, (u_int)ws.ws_xpixel)) != 0 || |
2275 | (r = sshpkt_put_u32(ssh, (u_int)ws.ws_ypixel)) != 0) | ||
2276 | fatal("%s: build packet: %s", __func__, ssh_err(r)); | ||
2237 | if (tiop == NULL) | 2277 | if (tiop == NULL) |
2238 | tiop = get_saved_tio(); | 2278 | tiop = get_saved_tio(); |
2239 | ssh_tty_make_modes(ssh, -1, tiop); | 2279 | ssh_tty_make_modes(ssh, -1, tiop); |
2240 | packet_send(); | 2280 | if ((r = sshpkt_send(ssh)) != 0) |
2281 | fatal("%s: send packet: %s", __func__, ssh_err(r)); | ||
2241 | /* XXX wait for reply */ | 2282 | /* XXX wait for reply */ |
2242 | c->client_tty = 1; | 2283 | c->client_tty = 1; |
2243 | } | 2284 | } |
@@ -2269,9 +2310,12 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2269 | 2310 | ||
2270 | debug("Sending env %s = %s", name, val); | 2311 | debug("Sending env %s = %s", name, val); |
2271 | channel_request_start(ssh, id, "env", 0); | 2312 | channel_request_start(ssh, id, "env", 0); |
2272 | packet_put_cstring(name); | 2313 | if ((r = sshpkt_put_cstring(ssh, name)) != 0 || |
2273 | packet_put_cstring(val); | 2314 | (r = sshpkt_put_cstring(ssh, val)) != 0 || |
2274 | packet_send(); | 2315 | (r = sshpkt_send(ssh)) != 0) { |
2316 | fatal("%s: send packet: %s", | ||
2317 | __func__, ssh_err(r)); | ||
2318 | } | ||
2275 | free(name); | 2319 | free(name); |
2276 | } | 2320 | } |
2277 | } | 2321 | } |
@@ -2286,9 +2330,10 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2286 | 2330 | ||
2287 | debug("Setting env %s = %s", name, val); | 2331 | debug("Setting env %s = %s", name, val); |
2288 | channel_request_start(ssh, id, "env", 0); | 2332 | channel_request_start(ssh, id, "env", 0); |
2289 | packet_put_cstring(name); | 2333 | if ((r = sshpkt_put_cstring(ssh, name)) != 0 || |
2290 | packet_put_cstring(val); | 2334 | (r = sshpkt_put_cstring(ssh, val)) != 0 || |
2291 | packet_send(); | 2335 | (r = sshpkt_send(ssh)) != 0) |
2336 | fatal("%s: send packet: %s", __func__, ssh_err(r)); | ||
2292 | free(name); | 2337 | free(name); |
2293 | } | 2338 | } |
2294 | 2339 | ||
@@ -2308,39 +2353,43 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2308 | channel_request_start(ssh, id, "exec", 1); | 2353 | channel_request_start(ssh, id, "exec", 1); |
2309 | client_expect_confirm(ssh, id, "exec", CONFIRM_CLOSE); | 2354 | client_expect_confirm(ssh, id, "exec", CONFIRM_CLOSE); |
2310 | } | 2355 | } |
2311 | packet_put_string(sshbuf_ptr(cmd), sshbuf_len(cmd)); | 2356 | if ((r = sshpkt_put_stringb(ssh, cmd)) != 0 || |
2312 | packet_send(); | 2357 | (r = sshpkt_send(ssh)) != 0) |
2358 | fatal("%s: send command: %s", __func__, ssh_err(r)); | ||
2313 | } else { | 2359 | } else { |
2314 | channel_request_start(ssh, id, "shell", 1); | 2360 | channel_request_start(ssh, id, "shell", 1); |
2315 | client_expect_confirm(ssh, id, "shell", CONFIRM_CLOSE); | 2361 | client_expect_confirm(ssh, id, "shell", CONFIRM_CLOSE); |
2316 | packet_send(); | 2362 | if ((r = sshpkt_send(ssh)) != 0) { |
2363 | fatal("%s: send shell request: %s", | ||
2364 | __func__, ssh_err(r)); | ||
2365 | } | ||
2317 | } | 2366 | } |
2318 | } | 2367 | } |
2319 | 2368 | ||
2320 | static void | 2369 | static void |
2321 | client_init_dispatch(void) | 2370 | client_init_dispatch(struct ssh *ssh) |
2322 | { | 2371 | { |
2323 | dispatch_init(&dispatch_protocol_error); | 2372 | ssh_dispatch_init(ssh, &dispatch_protocol_error); |
2324 | 2373 | ||
2325 | dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); | 2374 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); |
2326 | dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data); | 2375 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_DATA, &channel_input_data); |
2327 | dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); | 2376 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); |
2328 | dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data); | 2377 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data); |
2329 | dispatch_set(SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open); | 2378 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open); |
2330 | dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); | 2379 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); |
2331 | dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); | 2380 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); |
2332 | dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req); | 2381 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req); |
2333 | dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); | 2382 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); |
2334 | dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &channel_input_status_confirm); | 2383 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_SUCCESS, &channel_input_status_confirm); |
2335 | dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &channel_input_status_confirm); | 2384 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_FAILURE, &channel_input_status_confirm); |
2336 | dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request); | 2385 | ssh_dispatch_set(ssh, SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request); |
2337 | 2386 | ||
2338 | /* rekeying */ | 2387 | /* rekeying */ |
2339 | dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); | 2388 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); |
2340 | 2389 | ||
2341 | /* global request reply messages */ | 2390 | /* global request reply messages */ |
2342 | dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply); | 2391 | ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply); |
2343 | dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply); | 2392 | ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply); |
2344 | } | 2393 | } |
2345 | 2394 | ||
2346 | void | 2395 | void |
diff --git a/config.h.in b/config.h.in index 209760c7c..05b7206df 100644 --- a/config.h.in +++ b/config.h.in | |||
@@ -393,19 +393,19 @@ | |||
393 | /* Define if you have /dev/ptc */ | 393 | /* Define if you have /dev/ptc */ |
394 | #undef HAVE_DEV_PTS_AND_PTC | 394 | #undef HAVE_DEV_PTS_AND_PTC |
395 | 395 | ||
396 | /* Define if libcrypto has DH_get0_key */ | 396 | /* Define to 1 if you have the `DH_get0_key' function. */ |
397 | #undef HAVE_DH_GET0_KEY | 397 | #undef HAVE_DH_GET0_KEY |
398 | 398 | ||
399 | /* Define if libcrypto has DH_get0_pqg */ | 399 | /* Define to 1 if you have the `DH_get0_pqg' function. */ |
400 | #undef HAVE_DH_GET0_PQG | 400 | #undef HAVE_DH_GET0_PQG |
401 | 401 | ||
402 | /* Define if libcrypto has DH_set0_key */ | 402 | /* Define to 1 if you have the `DH_set0_key' function. */ |
403 | #undef HAVE_DH_SET0_KEY | 403 | #undef HAVE_DH_SET0_KEY |
404 | 404 | ||
405 | /* Define if libcrypto has DH_set0_pqg */ | 405 | /* Define to 1 if you have the `DH_set0_pqg' function. */ |
406 | #undef HAVE_DH_SET0_PQG | 406 | #undef HAVE_DH_SET0_PQG |
407 | 407 | ||
408 | /* Define if libcrypto has DH_set_length */ | 408 | /* Define to 1 if you have the `DH_set_length' function. */ |
409 | #undef HAVE_DH_SET_LENGTH | 409 | #undef HAVE_DH_SET_LENGTH |
410 | 410 | ||
411 | /* Define to 1 if you have the <dirent.h> header file. */ | 411 | /* Define to 1 if you have the <dirent.h> header file. */ |
@@ -420,30 +420,33 @@ | |||
420 | /* Define to 1 if you have the `DSA_generate_parameters_ex' function. */ | 420 | /* Define to 1 if you have the `DSA_generate_parameters_ex' function. */ |
421 | #undef HAVE_DSA_GENERATE_PARAMETERS_EX | 421 | #undef HAVE_DSA_GENERATE_PARAMETERS_EX |
422 | 422 | ||
423 | /* Define if libcrypto has DSA_get0_key */ | 423 | /* Define to 1 if you have the `DSA_get0_key' function. */ |
424 | #undef HAVE_DSA_GET0_KEY | 424 | #undef HAVE_DSA_GET0_KEY |
425 | 425 | ||
426 | /* Define if libcrypto has DSA_get0_pqg */ | 426 | /* Define to 1 if you have the `DSA_get0_pqg' function. */ |
427 | #undef HAVE_DSA_GET0_PQG | 427 | #undef HAVE_DSA_GET0_PQG |
428 | 428 | ||
429 | /* Define if libcrypto has DSA_set0_key */ | 429 | /* Define to 1 if you have the `DSA_set0_key' function. */ |
430 | #undef HAVE_DSA_SET0_KEY | 430 | #undef HAVE_DSA_SET0_KEY |
431 | 431 | ||
432 | /* Define if libcrypto has DSA_set0_pqg */ | 432 | /* Define to 1 if you have the `DSA_set0_pqg' function. */ |
433 | #undef HAVE_DSA_SET0_PQG | 433 | #undef HAVE_DSA_SET0_PQG |
434 | 434 | ||
435 | /* Define if libcrypto has DSA_SIG_get0 */ | 435 | /* Define to 1 if you have the `DSA_SIG_get0' function. */ |
436 | #undef HAVE_DSA_SIG_GET0 | 436 | #undef HAVE_DSA_SIG_GET0 |
437 | 437 | ||
438 | /* Define if libcrypto has DSA_SIG_set0 */ | 438 | /* Define to 1 if you have the `DSA_SIG_set0' function. */ |
439 | #undef HAVE_DSA_SIG_SET0 | 439 | #undef HAVE_DSA_SIG_SET0 |
440 | 440 | ||
441 | /* Define if libcrypto has ECDSA_SIG_get0 */ | 441 | /* Define to 1 if you have the `ECDSA_SIG_get0' function. */ |
442 | #undef HAVE_ECDSA_SIG_GET0 | 442 | #undef HAVE_ECDSA_SIG_GET0 |
443 | 443 | ||
444 | /* Define if libcrypto has ECDSA_SIG_set0 */ | 444 | /* Define to 1 if you have the `ECDSA_SIG_set0' function. */ |
445 | #undef HAVE_ECDSA_SIG_SET0 | 445 | #undef HAVE_ECDSA_SIG_SET0 |
446 | 446 | ||
447 | /* Define to 1 if you have the `EC_KEY_METHOD_new' function. */ | ||
448 | #undef HAVE_EC_KEY_METHOD_NEW | ||
449 | |||
447 | /* Define to 1 if you have the <elf.h> header file. */ | 450 | /* Define to 1 if you have the <elf.h> header file. */ |
448 | #undef HAVE_ELF_H | 451 | #undef HAVE_ELF_H |
449 | 452 | ||
@@ -471,18 +474,21 @@ | |||
471 | /* Define if your system has /etc/default/login */ | 474 | /* Define if your system has /etc/default/login */ |
472 | #undef HAVE_ETC_DEFAULT_LOGIN | 475 | #undef HAVE_ETC_DEFAULT_LOGIN |
473 | 476 | ||
474 | /* Define if libcrypto has EVP_CIPHER_CTX_ctrl */ | 477 | /* Define to 1 if you have the `EVP_CIPHER_CTX_ctrl' function. */ |
475 | #undef HAVE_EVP_CIPHER_CTX_CTRL | 478 | #undef HAVE_EVP_CIPHER_CTX_CTRL |
476 | 479 | ||
477 | /* Define if libcrypto has EVP_CIPHER_CTX_set_iv */ | 480 | /* Define to 1 if you have the `EVP_CIPHER_CTX_get_iv' function. */ |
478 | #undef HAVE_EVP_CIPHER_CTX_GET_IV | 481 | #undef HAVE_EVP_CIPHER_CTX_GET_IV |
479 | 482 | ||
480 | /* Define if libcrypto has EVP_CIPHER_CTX_iv */ | 483 | /* Define to 1 if you have the `EVP_CIPHER_CTX_iv' function. */ |
481 | #undef HAVE_EVP_CIPHER_CTX_IV | 484 | #undef HAVE_EVP_CIPHER_CTX_IV |
482 | 485 | ||
483 | /* Define if libcrypto has EVP_CIPHER_CTX_iv_noconst */ | 486 | /* Define to 1 if you have the `EVP_CIPHER_CTX_iv_noconst' function. */ |
484 | #undef HAVE_EVP_CIPHER_CTX_IV_NOCONST | 487 | #undef HAVE_EVP_CIPHER_CTX_IV_NOCONST |
485 | 488 | ||
489 | /* Define to 1 if you have the `EVP_CIPHER_CTX_set_iv' function. */ | ||
490 | #undef HAVE_EVP_CIPHER_CTX_SET_IV | ||
491 | |||
486 | /* Define to 1 if you have the `EVP_DigestFinal_ex' function. */ | 492 | /* Define to 1 if you have the `EVP_DigestFinal_ex' function. */ |
487 | #undef HAVE_EVP_DIGESTFINAL_EX | 493 | #undef HAVE_EVP_DIGESTFINAL_EX |
488 | 494 | ||
@@ -495,16 +501,16 @@ | |||
495 | /* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */ | 501 | /* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */ |
496 | #undef HAVE_EVP_MD_CTX_COPY_EX | 502 | #undef HAVE_EVP_MD_CTX_COPY_EX |
497 | 503 | ||
498 | /* Define if libcrypto has EVP_MD_CTX_free */ | 504 | /* Define to 1 if you have the `EVP_MD_CTX_free' function. */ |
499 | #undef HAVE_EVP_MD_CTX_FREE | 505 | #undef HAVE_EVP_MD_CTX_FREE |
500 | 506 | ||
501 | /* Define to 1 if you have the `EVP_MD_CTX_init' function. */ | 507 | /* Define to 1 if you have the `EVP_MD_CTX_init' function. */ |
502 | #undef HAVE_EVP_MD_CTX_INIT | 508 | #undef HAVE_EVP_MD_CTX_INIT |
503 | 509 | ||
504 | /* Define if libcrypto has EVP_MD_CTX_new */ | 510 | /* Define to 1 if you have the `EVP_MD_CTX_new' function. */ |
505 | #undef HAVE_EVP_MD_CTX_NEW | 511 | #undef HAVE_EVP_MD_CTX_NEW |
506 | 512 | ||
507 | /* Define if libcrypto has EVP_PKEY_get0_RSA */ | 513 | /* Define to 1 if you have the `EVP_PKEY_get0_RSA' function. */ |
508 | #undef HAVE_EVP_PKEY_GET0_RSA | 514 | #undef HAVE_EVP_PKEY_GET0_RSA |
509 | 515 | ||
510 | /* Define to 1 if you have the `EVP_ripemd160' function. */ | 516 | /* Define to 1 if you have the `EVP_ripemd160' function. */ |
@@ -522,9 +528,15 @@ | |||
522 | /* Define to 1 if you have the `fchmod' function. */ | 528 | /* Define to 1 if you have the `fchmod' function. */ |
523 | #undef HAVE_FCHMOD | 529 | #undef HAVE_FCHMOD |
524 | 530 | ||
531 | /* Define to 1 if you have the `fchmodat' function. */ | ||
532 | #undef HAVE_FCHMODAT | ||
533 | |||
525 | /* Define to 1 if you have the `fchown' function. */ | 534 | /* Define to 1 if you have the `fchown' function. */ |
526 | #undef HAVE_FCHOWN | 535 | #undef HAVE_FCHOWN |
527 | 536 | ||
537 | /* Define to 1 if you have the `fchownat' function. */ | ||
538 | #undef HAVE_FCHOWNAT | ||
539 | |||
528 | /* Use F_CLOSEM fcntl for closefrom */ | 540 | /* Use F_CLOSEM fcntl for closefrom */ |
529 | #undef HAVE_FCNTL_CLOSEM | 541 | #undef HAVE_FCNTL_CLOSEM |
530 | 542 | ||
@@ -935,8 +947,17 @@ | |||
935 | /* Define to 1 if you have the `openpty' function. */ | 947 | /* Define to 1 if you have the `openpty' function. */ |
936 | #undef HAVE_OPENPTY | 948 | #undef HAVE_OPENPTY |
937 | 949 | ||
938 | /* Define if your ssl headers are included with #include <openssl/header.h> */ | 950 | /* as a macro */ |
939 | #undef HAVE_OPENSSL | 951 | #undef HAVE_OPENSSL_ADD_ALL_ALGORITHMS |
952 | |||
953 | /* Define to 1 if you have the `OPENSSL_init_crypto' function. */ | ||
954 | #undef HAVE_OPENSSL_INIT_CRYPTO | ||
955 | |||
956 | /* Define to 1 if you have the `OpenSSL_version' function. */ | ||
957 | #undef HAVE_OPENSSL_VERSION | ||
958 | |||
959 | /* Define to 1 if you have the `OpenSSL_version_num' function. */ | ||
960 | #undef HAVE_OPENSSL_VERSION_NUM | ||
940 | 961 | ||
941 | /* Define if you have Digital Unix Security Integration Architecture */ | 962 | /* Define if you have Digital Unix Security Integration Architecture */ |
942 | #undef HAVE_OSF_SIA | 963 | #undef HAVE_OSF_SIA |
@@ -1029,46 +1050,46 @@ | |||
1029 | /* Define to 1 if you have the `RSA_generate_key_ex' function. */ | 1050 | /* Define to 1 if you have the `RSA_generate_key_ex' function. */ |
1030 | #undef HAVE_RSA_GENERATE_KEY_EX | 1051 | #undef HAVE_RSA_GENERATE_KEY_EX |
1031 | 1052 | ||
1032 | /* Define if libcrypto has RSA_get0_crt_params */ | 1053 | /* Define to 1 if you have the `RSA_get0_crt_params' function. */ |
1033 | #undef HAVE_RSA_GET0_CRT_PARAMS | 1054 | #undef HAVE_RSA_GET0_CRT_PARAMS |
1034 | 1055 | ||
1035 | /* Define if libcrypto has RSA_get0_factors */ | 1056 | /* Define to 1 if you have the `RSA_get0_factors' function. */ |
1036 | #undef HAVE_RSA_GET0_FACTORS | 1057 | #undef HAVE_RSA_GET0_FACTORS |
1037 | 1058 | ||
1038 | /* Define if libcrypto has RSA_get0_key */ | 1059 | /* Define to 1 if you have the `RSA_get0_key' function. */ |
1039 | #undef HAVE_RSA_GET0_KEY | 1060 | #undef HAVE_RSA_GET0_KEY |
1040 | 1061 | ||
1041 | /* Define to 1 if you have the `RSA_get_default_method' function. */ | 1062 | /* Define to 1 if you have the `RSA_get_default_method' function. */ |
1042 | #undef HAVE_RSA_GET_DEFAULT_METHOD | 1063 | #undef HAVE_RSA_GET_DEFAULT_METHOD |
1043 | 1064 | ||
1044 | /* Define if libcrypto has RSA_meth_dup */ | 1065 | /* Define to 1 if you have the `RSA_meth_dup' function. */ |
1045 | #undef HAVE_RSA_METH_DUP | 1066 | #undef HAVE_RSA_METH_DUP |
1046 | 1067 | ||
1047 | /* Define if libcrypto has RSA_meth_free */ | 1068 | /* Define to 1 if you have the `RSA_meth_free' function. */ |
1048 | #undef HAVE_RSA_METH_FREE | 1069 | #undef HAVE_RSA_METH_FREE |
1049 | 1070 | ||
1050 | /* Define if libcrypto has RSA_meth_get_finish */ | 1071 | /* Define to 1 if you have the `RSA_meth_get_finish' function. */ |
1051 | #undef HAVE_RSA_METH_GET_FINISH | 1072 | #undef HAVE_RSA_METH_GET_FINISH |
1052 | 1073 | ||
1053 | /* Define if libcrypto has RSA_meth_set1_name */ | 1074 | /* Define to 1 if you have the `RSA_meth_set1_name' function. */ |
1054 | #undef HAVE_RSA_METH_SET1_NAME | 1075 | #undef HAVE_RSA_METH_SET1_NAME |
1055 | 1076 | ||
1056 | /* Define if libcrypto has RSA_meth_set_finish */ | 1077 | /* Define to 1 if you have the `RSA_meth_set_finish' function. */ |
1057 | #undef HAVE_RSA_METH_SET_FINISH | 1078 | #undef HAVE_RSA_METH_SET_FINISH |
1058 | 1079 | ||
1059 | /* Define if libcrypto has RSA_meth_set_priv_dec */ | 1080 | /* Define to 1 if you have the `RSA_meth_set_priv_dec' function. */ |
1060 | #undef HAVE_RSA_METH_SET_PRIV_DEC | 1081 | #undef HAVE_RSA_METH_SET_PRIV_DEC |
1061 | 1082 | ||
1062 | /* Define if libcrypto has RSA_meth_set_priv_enc */ | 1083 | /* Define to 1 if you have the `RSA_meth_set_priv_enc' function. */ |
1063 | #undef HAVE_RSA_METH_SET_PRIV_ENC | 1084 | #undef HAVE_RSA_METH_SET_PRIV_ENC |
1064 | 1085 | ||
1065 | /* Define if libcrypto has RSA_get0_srt_params */ | 1086 | /* Define to 1 if you have the `RSA_set0_crt_params' function. */ |
1066 | #undef HAVE_RSA_SET0_CRT_PARAMS | 1087 | #undef HAVE_RSA_SET0_CRT_PARAMS |
1067 | 1088 | ||
1068 | /* Define if libcrypto has RSA_set0_factors */ | 1089 | /* Define to 1 if you have the `RSA_set0_factors' function. */ |
1069 | #undef HAVE_RSA_SET0_FACTORS | 1090 | #undef HAVE_RSA_SET0_FACTORS |
1070 | 1091 | ||
1071 | /* Define if libcrypto has RSA_set0_key */ | 1092 | /* Define to 1 if you have the `RSA_set0_key' function. */ |
1072 | #undef HAVE_RSA_SET0_KEY | 1093 | #undef HAVE_RSA_SET0_KEY |
1073 | 1094 | ||
1074 | /* Define to 1 if you have the <sandbox.h> header file. */ | 1095 | /* Define to 1 if you have the <sandbox.h> header file. */ |
@@ -1512,6 +1533,9 @@ | |||
1512 | /* Define to 1 if you have the <util.h> header file. */ | 1533 | /* Define to 1 if you have the <util.h> header file. */ |
1513 | #undef HAVE_UTIL_H | 1534 | #undef HAVE_UTIL_H |
1514 | 1535 | ||
1536 | /* Define to 1 if you have the `utimensat' function. */ | ||
1537 | #undef HAVE_UTIMENSAT | ||
1538 | |||
1515 | /* Define to 1 if you have the `utimes' function. */ | 1539 | /* Define to 1 if you have the `utimes' function. */ |
1516 | #undef HAVE_UTIMES | 1540 | #undef HAVE_UTIMES |
1517 | 1541 | ||
@@ -1845,9 +1869,6 @@ | |||
1845 | /* Use btmp to log bad logins */ | 1869 | /* Use btmp to log bad logins */ |
1846 | #undef USE_BTMP | 1870 | #undef USE_BTMP |
1847 | 1871 | ||
1848 | /* platform uses an in-memory credentials cache */ | ||
1849 | #undef USE_CCAPI | ||
1850 | |||
1851 | /* Use libedit for sftp */ | 1872 | /* Use libedit for sftp */ |
1852 | #undef USE_LIBEDIT | 1873 | #undef USE_LIBEDIT |
1853 | 1874 | ||
@@ -1863,9 +1884,6 @@ | |||
1863 | /* Use PIPES instead of a socketpair() */ | 1884 | /* Use PIPES instead of a socketpair() */ |
1864 | #undef USE_PIPES | 1885 | #undef USE_PIPES |
1865 | 1886 | ||
1866 | /* platform has the Security Authorization Session API */ | ||
1867 | #undef USE_SECURITY_SESSION_API | ||
1868 | |||
1869 | /* Define if you have Solaris privileges */ | 1887 | /* Define if you have Solaris privileges */ |
1870 | #undef USE_SOLARIS_PRIVS | 1888 | #undef USE_SOLARIS_PRIVS |
1871 | 1889 | ||
@@ -2625,197 +2625,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' | |||
2625 | ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' | 2625 | ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' |
2626 | ac_compiler_gnu=$ac_cv_c_compiler_gnu | 2626 | ac_compiler_gnu=$ac_cv_c_compiler_gnu |
2627 | if test -n "$ac_tool_prefix"; then | 2627 | if test -n "$ac_tool_prefix"; then |
2628 | # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. | 2628 | for ac_prog in cc gcc |
2629 | set dummy ${ac_tool_prefix}gcc; ac_word=$2 | ||
2630 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
2631 | $as_echo_n "checking for $ac_word... " >&6; } | ||
2632 | if ${ac_cv_prog_CC+:} false; then : | ||
2633 | $as_echo_n "(cached) " >&6 | ||
2634 | else | ||
2635 | if test -n "$CC"; then | ||
2636 | ac_cv_prog_CC="$CC" # Let the user override the test. | ||
2637 | else | ||
2638 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
2639 | for as_dir in $PATH | ||
2640 | do | ||
2641 | IFS=$as_save_IFS | ||
2642 | test -z "$as_dir" && as_dir=. | ||
2643 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
2644 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
2645 | ac_cv_prog_CC="${ac_tool_prefix}gcc" | ||
2646 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
2647 | break 2 | ||
2648 | fi | ||
2649 | done | ||
2650 | done | ||
2651 | IFS=$as_save_IFS | ||
2652 | |||
2653 | fi | ||
2654 | fi | ||
2655 | CC=$ac_cv_prog_CC | ||
2656 | if test -n "$CC"; then | ||
2657 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 | ||
2658 | $as_echo "$CC" >&6; } | ||
2659 | else | ||
2660 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
2661 | $as_echo "no" >&6; } | ||
2662 | fi | ||
2663 | |||
2664 | |||
2665 | fi | ||
2666 | if test -z "$ac_cv_prog_CC"; then | ||
2667 | ac_ct_CC=$CC | ||
2668 | # Extract the first word of "gcc", so it can be a program name with args. | ||
2669 | set dummy gcc; ac_word=$2 | ||
2670 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
2671 | $as_echo_n "checking for $ac_word... " >&6; } | ||
2672 | if ${ac_cv_prog_ac_ct_CC+:} false; then : | ||
2673 | $as_echo_n "(cached) " >&6 | ||
2674 | else | ||
2675 | if test -n "$ac_ct_CC"; then | ||
2676 | ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. | ||
2677 | else | ||
2678 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
2679 | for as_dir in $PATH | ||
2680 | do | ||
2681 | IFS=$as_save_IFS | ||
2682 | test -z "$as_dir" && as_dir=. | ||
2683 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
2684 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
2685 | ac_cv_prog_ac_ct_CC="gcc" | ||
2686 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
2687 | break 2 | ||
2688 | fi | ||
2689 | done | ||
2690 | done | ||
2691 | IFS=$as_save_IFS | ||
2692 | |||
2693 | fi | ||
2694 | fi | ||
2695 | ac_ct_CC=$ac_cv_prog_ac_ct_CC | ||
2696 | if test -n "$ac_ct_CC"; then | ||
2697 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 | ||
2698 | $as_echo "$ac_ct_CC" >&6; } | ||
2699 | else | ||
2700 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
2701 | $as_echo "no" >&6; } | ||
2702 | fi | ||
2703 | |||
2704 | if test "x$ac_ct_CC" = x; then | ||
2705 | CC="" | ||
2706 | else | ||
2707 | case $cross_compiling:$ac_tool_warned in | ||
2708 | yes:) | ||
2709 | { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 | ||
2710 | $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} | ||
2711 | ac_tool_warned=yes ;; | ||
2712 | esac | ||
2713 | CC=$ac_ct_CC | ||
2714 | fi | ||
2715 | else | ||
2716 | CC="$ac_cv_prog_CC" | ||
2717 | fi | ||
2718 | |||
2719 | if test -z "$CC"; then | ||
2720 | if test -n "$ac_tool_prefix"; then | ||
2721 | # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. | ||
2722 | set dummy ${ac_tool_prefix}cc; ac_word=$2 | ||
2723 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
2724 | $as_echo_n "checking for $ac_word... " >&6; } | ||
2725 | if ${ac_cv_prog_CC+:} false; then : | ||
2726 | $as_echo_n "(cached) " >&6 | ||
2727 | else | ||
2728 | if test -n "$CC"; then | ||
2729 | ac_cv_prog_CC="$CC" # Let the user override the test. | ||
2730 | else | ||
2731 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
2732 | for as_dir in $PATH | ||
2733 | do | ||
2734 | IFS=$as_save_IFS | ||
2735 | test -z "$as_dir" && as_dir=. | ||
2736 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
2737 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
2738 | ac_cv_prog_CC="${ac_tool_prefix}cc" | ||
2739 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
2740 | break 2 | ||
2741 | fi | ||
2742 | done | ||
2743 | done | ||
2744 | IFS=$as_save_IFS | ||
2745 | |||
2746 | fi | ||
2747 | fi | ||
2748 | CC=$ac_cv_prog_CC | ||
2749 | if test -n "$CC"; then | ||
2750 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 | ||
2751 | $as_echo "$CC" >&6; } | ||
2752 | else | ||
2753 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
2754 | $as_echo "no" >&6; } | ||
2755 | fi | ||
2756 | |||
2757 | |||
2758 | fi | ||
2759 | fi | ||
2760 | if test -z "$CC"; then | ||
2761 | # Extract the first word of "cc", so it can be a program name with args. | ||
2762 | set dummy cc; ac_word=$2 | ||
2763 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
2764 | $as_echo_n "checking for $ac_word... " >&6; } | ||
2765 | if ${ac_cv_prog_CC+:} false; then : | ||
2766 | $as_echo_n "(cached) " >&6 | ||
2767 | else | ||
2768 | if test -n "$CC"; then | ||
2769 | ac_cv_prog_CC="$CC" # Let the user override the test. | ||
2770 | else | ||
2771 | ac_prog_rejected=no | ||
2772 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
2773 | for as_dir in $PATH | ||
2774 | do | ||
2775 | IFS=$as_save_IFS | ||
2776 | test -z "$as_dir" && as_dir=. | ||
2777 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
2778 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
2779 | if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then | ||
2780 | ac_prog_rejected=yes | ||
2781 | continue | ||
2782 | fi | ||
2783 | ac_cv_prog_CC="cc" | ||
2784 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
2785 | break 2 | ||
2786 | fi | ||
2787 | done | ||
2788 | done | ||
2789 | IFS=$as_save_IFS | ||
2790 | |||
2791 | if test $ac_prog_rejected = yes; then | ||
2792 | # We found a bogon in the path, so make sure we never use it. | ||
2793 | set dummy $ac_cv_prog_CC | ||
2794 | shift | ||
2795 | if test $# != 0; then | ||
2796 | # We chose a different compiler from the bogus one. | ||
2797 | # However, it has the same basename, so the bogon will be chosen | ||
2798 | # first if we set CC to just the basename; use the full file name. | ||
2799 | shift | ||
2800 | ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" | ||
2801 | fi | ||
2802 | fi | ||
2803 | fi | ||
2804 | fi | ||
2805 | CC=$ac_cv_prog_CC | ||
2806 | if test -n "$CC"; then | ||
2807 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 | ||
2808 | $as_echo "$CC" >&6; } | ||
2809 | else | ||
2810 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
2811 | $as_echo "no" >&6; } | ||
2812 | fi | ||
2813 | |||
2814 | |||
2815 | fi | ||
2816 | if test -z "$CC"; then | ||
2817 | if test -n "$ac_tool_prefix"; then | ||
2818 | for ac_prog in cl.exe | ||
2819 | do | 2629 | do |
2820 | # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. | 2630 | # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. |
2821 | set dummy $ac_tool_prefix$ac_prog; ac_word=$2 | 2631 | set dummy $ac_tool_prefix$ac_prog; ac_word=$2 |
@@ -2859,7 +2669,7 @@ fi | |||
2859 | fi | 2669 | fi |
2860 | if test -z "$CC"; then | 2670 | if test -z "$CC"; then |
2861 | ac_ct_CC=$CC | 2671 | ac_ct_CC=$CC |
2862 | for ac_prog in cl.exe | 2672 | for ac_prog in cc gcc |
2863 | do | 2673 | do |
2864 | # Extract the first word of "$ac_prog", so it can be a program name with args. | 2674 | # Extract the first word of "$ac_prog", so it can be a program name with args. |
2865 | set dummy $ac_prog; ac_word=$2 | 2675 | set dummy $ac_prog; ac_word=$2 |
@@ -2914,8 +2724,6 @@ esac | |||
2914 | fi | 2724 | fi |
2915 | fi | 2725 | fi |
2916 | 2726 | ||
2917 | fi | ||
2918 | |||
2919 | 2727 | ||
2920 | test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 | 2728 | test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 |
2921 | $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} | 2729 | $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} |
@@ -6735,10 +6543,11 @@ fi | |||
6735 | if test "${with_rpath+set}" = set; then : | 6543 | if test "${with_rpath+set}" = set; then : |
6736 | withval=$with_rpath; | 6544 | withval=$with_rpath; |
6737 | if test "x$withval" = "xno" ; then | 6545 | if test "x$withval" = "xno" ; then |
6738 | need_dash_r="" | 6546 | rpath_opt="" |
6739 | fi | 6547 | elif test "x$withval" = "xyes" ; then |
6740 | if test "x$withval" = "xyes" ; then | 6548 | rpath_opt="-R" |
6741 | need_dash_r=1 | 6549 | else |
6550 | rpath_opt="$withval" | ||
6742 | fi | 6551 | fi |
6743 | 6552 | ||
6744 | 6553 | ||
@@ -8059,7 +7868,7 @@ $as_echo "#define NEED_SETPGRP 1" >>confdefs.h | |||
8059 | *-*-netbsd*) | 7868 | *-*-netbsd*) |
8060 | check_for_libcrypt_before=1 | 7869 | check_for_libcrypt_before=1 |
8061 | if test "x$withval" != "xno" ; then | 7870 | if test "x$withval" != "xno" ; then |
8062 | need_dash_r=1 | 7871 | rpath_opt="-R" |
8063 | fi | 7872 | fi |
8064 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" | 7873 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" |
8065 | 7874 | ||
@@ -8153,7 +7962,7 @@ $as_echo "#define SYSLOG_R_SAFE_IN_SIGHAND 1" >>confdefs.h | |||
8153 | ;; | 7962 | ;; |
8154 | *-*-solaris*) | 7963 | *-*-solaris*) |
8155 | if test "x$withval" != "xno" ; then | 7964 | if test "x$withval" != "xno" ; then |
8156 | need_dash_r=1 | 7965 | rpath_opt="-R" |
8157 | fi | 7966 | fi |
8158 | $as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h | 7967 | $as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h |
8159 | 7968 | ||
@@ -9083,14 +8892,14 @@ if test "${with_zlib+set}" = set; then : | |||
9083 | as_fn_error $? "*** zlib is required ***" "$LINENO" 5 | 8892 | as_fn_error $? "*** zlib is required ***" "$LINENO" 5 |
9084 | elif test "x$withval" != "xyes"; then | 8893 | elif test "x$withval" != "xyes"; then |
9085 | if test -d "$withval/lib"; then | 8894 | if test -d "$withval/lib"; then |
9086 | if test -n "${need_dash_r}"; then | 8895 | if test -n "${rpath_opt}"; then |
9087 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 8896 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
9088 | else | 8897 | else |
9089 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 8898 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
9090 | fi | 8899 | fi |
9091 | else | 8900 | else |
9092 | if test -n "${need_dash_r}"; then | 8901 | if test -n "${rpath_opt}"; then |
9093 | LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" | 8902 | LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}" |
9094 | else | 8903 | else |
9095 | LDFLAGS="-L${withval} ${LDFLAGS}" | 8904 | LDFLAGS="-L${withval} ${LDFLAGS}" |
9096 | fi | 8905 | fi |
@@ -9161,8 +8970,8 @@ else | |||
9161 | saved_CPPFLAGS="$CPPFLAGS" | 8970 | saved_CPPFLAGS="$CPPFLAGS" |
9162 | saved_LDFLAGS="$LDFLAGS" | 8971 | saved_LDFLAGS="$LDFLAGS" |
9163 | save_LIBS="$LIBS" | 8972 | save_LIBS="$LIBS" |
9164 | if test -n "${need_dash_r}"; then | 8973 | if test -n "${rpath_opt}"; then |
9165 | LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" | 8974 | LDFLAGS="-L/usr/local/lib ${rpath_opt}/usr/local/lib ${saved_LDFLAGS}" |
9166 | else | 8975 | else |
9167 | LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" | 8976 | LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" |
9168 | fi | 8977 | fi |
@@ -10607,8 +10416,8 @@ $as_echo "no" >&6; } | |||
10607 | fi | 10416 | fi |
10608 | else | 10417 | else |
10609 | CPPFLAGS="$CPPFLAGS -I${withval}/include" | 10418 | CPPFLAGS="$CPPFLAGS -I${withval}/include" |
10610 | if test -n "${need_dash_r}"; then | 10419 | if test -n "${rpath_opt}"; then |
10611 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 10420 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
10612 | else | 10421 | else |
10613 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 10422 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
10614 | fi | 10423 | fi |
@@ -11030,7 +10839,9 @@ for ac_func in \ | |||
11030 | errx \ | 10839 | errx \ |
11031 | explicit_bzero \ | 10840 | explicit_bzero \ |
11032 | fchmod \ | 10841 | fchmod \ |
10842 | fchmodat \ | ||
11033 | fchown \ | 10843 | fchown \ |
10844 | fchownat \ | ||
11034 | flock \ | 10845 | flock \ |
11035 | freeaddrinfo \ | 10846 | freeaddrinfo \ |
11036 | freezero \ | 10847 | freezero \ |
@@ -11123,6 +10934,7 @@ for ac_func in \ | |||
11123 | truncate \ | 10934 | truncate \ |
11124 | unsetenv \ | 10935 | unsetenv \ |
11125 | updwtmpx \ | 10936 | updwtmpx \ |
10937 | utimensat \ | ||
11126 | user_from_uid \ | 10938 | user_from_uid \ |
11127 | usleep \ | 10939 | usleep \ |
11128 | vasprintf \ | 10940 | vasprintf \ |
@@ -12742,20 +12554,20 @@ if test "${with_ssl_dir+set}" = set; then : | |||
12742 | ./*|../*) withval="`pwd`/$withval" | 12554 | ./*|../*) withval="`pwd`/$withval" |
12743 | esac | 12555 | esac |
12744 | if test -d "$withval/lib"; then | 12556 | if test -d "$withval/lib"; then |
12745 | if test -n "${need_dash_r}"; then | 12557 | if test -n "${rpath_opt}"; then |
12746 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 12558 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
12747 | else | 12559 | else |
12748 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 12560 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
12749 | fi | 12561 | fi |
12750 | elif test -d "$withval/lib64"; then | 12562 | elif test -d "$withval/lib64"; then |
12751 | if test -n "${need_dash_r}"; then | 12563 | if test -n "${rpath_opt}"; then |
12752 | LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" | 12564 | LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}" |
12753 | else | 12565 | else |
12754 | LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" | 12566 | LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" |
12755 | fi | 12567 | fi |
12756 | else | 12568 | else |
12757 | if test -n "${need_dash_r}"; then | 12569 | if test -n "${rpath_opt}"; then |
12758 | LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" | 12570 | LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}" |
12759 | else | 12571 | else |
12760 | LDFLAGS="-L${withval} ${LDFLAGS}" | 12572 | LDFLAGS="-L${withval} ${LDFLAGS}" |
12761 | fi | 12573 | fi |
@@ -12821,17 +12633,12 @@ return RAND_add (); | |||
12821 | _ACEOF | 12633 | _ACEOF |
12822 | if ac_fn_c_try_link "$LINENO"; then : | 12634 | if ac_fn_c_try_link "$LINENO"; then : |
12823 | 12635 | ||
12824 | $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h | ||
12825 | |||
12826 | else | 12636 | else |
12827 | 12637 | as_fn_error $? "*** working libcrypto not found, check config.log" "$LINENO" 5 | |
12828 | if test -n "${need_dash_r}"; then | 12638 | fi |
12829 | LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" | 12639 | rm -f core conftest.err conftest.$ac_objext \ |
12830 | else | 12640 | conftest$ac_exeext conftest.$ac_ext |
12831 | LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" | 12641 | ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default" |
12832 | fi | ||
12833 | CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" | ||
12834 | ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default" | ||
12835 | if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then : | 12642 | if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then : |
12836 | 12643 | ||
12837 | else | 12644 | else |
@@ -12839,40 +12646,6 @@ else | |||
12839 | fi | 12646 | fi |
12840 | 12647 | ||
12841 | 12648 | ||
12842 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
12843 | /* end confdefs.h. */ | ||
12844 | |||
12845 | /* Override any GCC internal prototype to avoid an error. | ||
12846 | Use char because int might match the return type of a GCC | ||
12847 | builtin and then its argument prototype would still apply. */ | ||
12848 | #ifdef __cplusplus | ||
12849 | extern "C" | ||
12850 | #endif | ||
12851 | char RAND_add (); | ||
12852 | int | ||
12853 | main () | ||
12854 | { | ||
12855 | return RAND_add (); | ||
12856 | ; | ||
12857 | return 0; | ||
12858 | } | ||
12859 | _ACEOF | ||
12860 | if ac_fn_c_try_link "$LINENO"; then : | ||
12861 | $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h | ||
12862 | |||
12863 | else | ||
12864 | |||
12865 | as_fn_error $? "*** Can't find recent OpenSSL libcrypto (see config.log for details) ***" "$LINENO" 5 | ||
12866 | |||
12867 | |||
12868 | fi | ||
12869 | rm -f core conftest.err conftest.$ac_objext \ | ||
12870 | conftest$ac_exeext conftest.$ac_ext | ||
12871 | |||
12872 | |||
12873 | fi | ||
12874 | rm -f core conftest.err conftest.$ac_objext \ | ||
12875 | conftest$ac_exeext conftest.$ac_ext | ||
12876 | 12649 | ||
12877 | # Determine OpenSSL header version | 12650 | # Determine OpenSSL header version |
12878 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5 | 12651 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5 |
@@ -12933,6 +12706,20 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ | |||
12933 | fi | 12706 | fi |
12934 | 12707 | ||
12935 | 12708 | ||
12709 | # Determining OpenSSL library version is version dependent. | ||
12710 | for ac_func in OpenSSL_version OpenSSL_version_num | ||
12711 | do : | ||
12712 | as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
12713 | ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" | ||
12714 | if eval test \"x\$"$as_ac_var"\" = x"yes"; then : | ||
12715 | cat >>confdefs.h <<_ACEOF | ||
12716 | #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
12717 | _ACEOF | ||
12718 | |||
12719 | fi | ||
12720 | done | ||
12721 | |||
12722 | |||
12936 | # Determine OpenSSL library version | 12723 | # Determine OpenSSL library version |
12937 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5 | 12724 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5 |
12938 | $as_echo_n "checking OpenSSL library version... " >&6; } | 12725 | $as_echo_n "checking OpenSSL library version... " >&6; } |
@@ -12962,9 +12749,18 @@ main () | |||
12962 | fd = fopen(DATA,"w"); | 12749 | fd = fopen(DATA,"w"); |
12963 | if(fd == NULL) | 12750 | if(fd == NULL) |
12964 | exit(1); | 12751 | exit(1); |
12965 | 12752 | #ifndef OPENSSL_VERSION | |
12966 | if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(), | 12753 | # define OPENSSL_VERSION SSLEAY_VERSION |
12967 | SSLeay_version(SSLEAY_VERSION))) < 0) | 12754 | #endif |
12755 | #ifndef HAVE_OPENSSL_VERSION | ||
12756 | # define OpenSSL_version SSLeay_version | ||
12757 | #endif | ||
12758 | #ifndef HAVE_OPENSSL_VERSION_NUM | ||
12759 | # define OpenSSL_version_num SSLeay | ||
12760 | #endif | ||
12761 | if ((rc = fprintf(fd, "%08lx (%s)\n", | ||
12762 | (unsigned long)OpenSSL_version_num(), | ||
12763 | OpenSSL_version(OPENSSL_VERSION))) < 0) | ||
12968 | exit(1); | 12764 | exit(1); |
12969 | 12765 | ||
12970 | exit(0); | 12766 | exit(0); |
@@ -12982,14 +12778,15 @@ if ac_fn_c_try_run "$LINENO"; then : | |||
12982 | as_fn_error $? "OpenSSL >= 1.0.1 required (have \"$ssl_library_ver\")" "$LINENO" 5 | 12778 | as_fn_error $? "OpenSSL >= 1.0.1 required (have \"$ssl_library_ver\")" "$LINENO" 5 |
12983 | ;; | 12779 | ;; |
12984 | 100*) ;; # 1.0.x | 12780 | 100*) ;; # 1.0.x |
12985 | 1010000123456*) | 12781 | 101000[0123456]*) |
12986 | # https://github.com/openssl/openssl/pull/4613 | 12782 | # https://github.com/openssl/openssl/pull/4613 |
12987 | as_fn_error $? "OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have \"$ssl_library_ver\")" "$LINENO" 5 | 12783 | as_fn_error $? "OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have \"$ssl_library_ver\")" "$LINENO" 5 |
12988 | ;; | 12784 | ;; |
12989 | 101*) ;; # 1.1.x | 12785 | 101*) ;; # 1.1.x |
12990 | 200*) ;; # LibreSSL | 12786 | 200*) ;; # LibreSSL |
12787 | 300*) ;; # OpenSSL development branch. | ||
12991 | *) | 12788 | *) |
12992 | as_fn_error $? "OpenSSL > 1.1.x is not yet supported (have \"$ssl_library_ver\")" "$LINENO" 5 | 12789 | as_fn_error $? "Unknown/unsupported OpenSSL version (\"$ssl_library_ver\")" "$LINENO" 5 |
12993 | ;; | 12790 | ;; |
12994 | esac | 12791 | esac |
12995 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5 | 12792 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5 |
@@ -13028,7 +12825,10 @@ int | |||
13028 | main () | 12825 | main () |
13029 | { | 12826 | { |
13030 | 12827 | ||
13031 | exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); | 12828 | #ifndef HAVE_OPENSSL_VERSION_NUM |
12829 | # define OpenSSL_version_num SSLeay | ||
12830 | #endif | ||
12831 | exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); | ||
13032 | 12832 | ||
13033 | ; | 12833 | ; |
13034 | return 0; | 12834 | return 0; |
@@ -13069,11 +12869,11 @@ fi | |||
13069 | $as_echo_n "checking if programs using OpenSSL functions will link... " >&6; } | 12869 | $as_echo_n "checking if programs using OpenSSL functions will link... " >&6; } |
13070 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | 12870 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext |
13071 | /* end confdefs.h. */ | 12871 | /* end confdefs.h. */ |
13072 | #include <openssl/evp.h> | 12872 | #include <openssl/err.h> |
13073 | int | 12873 | int |
13074 | main () | 12874 | main () |
13075 | { | 12875 | { |
13076 | SSLeay_add_all_algorithms(); | 12876 | ERR_load_crypto_strings(); |
13077 | ; | 12877 | ; |
13078 | return 0; | 12878 | return 0; |
13079 | } | 12879 | } |
@@ -13093,11 +12893,11 @@ $as_echo "no" >&6; } | |||
13093 | $as_echo_n "checking if programs using OpenSSL need -ldl... " >&6; } | 12893 | $as_echo_n "checking if programs using OpenSSL need -ldl... " >&6; } |
13094 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | 12894 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext |
13095 | /* end confdefs.h. */ | 12895 | /* end confdefs.h. */ |
13096 | #include <openssl/evp.h> | 12896 | #include <openssl/err.h> |
13097 | int | 12897 | int |
13098 | main () | 12898 | main () |
13099 | { | 12899 | { |
13100 | SSLeay_add_all_algorithms(); | 12900 | ERR_load_crypto_strings(); |
13101 | ; | 12901 | ; |
13102 | return 0; | 12902 | return 0; |
13103 | } | 12903 | } |
@@ -13126,11 +12926,12 @@ rm -f core conftest.err conftest.$ac_objext \ | |||
13126 | for ac_func in \ | 12926 | for ac_func in \ |
13127 | BN_is_prime_ex \ | 12927 | BN_is_prime_ex \ |
13128 | DSA_generate_parameters_ex \ | 12928 | DSA_generate_parameters_ex \ |
13129 | EVP_DigestInit_ex \ | 12929 | EVP_CIPHER_CTX_ctrl \ |
13130 | EVP_DigestFinal_ex \ | 12930 | EVP_DigestFinal_ex \ |
13131 | EVP_MD_CTX_init \ | 12931 | EVP_DigestInit_ex \ |
13132 | EVP_MD_CTX_cleanup \ | 12932 | EVP_MD_CTX_cleanup \ |
13133 | EVP_MD_CTX_copy_ex \ | 12933 | EVP_MD_CTX_copy_ex \ |
12934 | EVP_MD_CTX_init \ | ||
13134 | HMAC_CTX_init \ | 12935 | HMAC_CTX_init \ |
13135 | RSA_generate_key_ex \ | 12936 | RSA_generate_key_ex \ |
13136 | RSA_get_default_method \ | 12937 | RSA_get_default_method \ |
@@ -13147,6 +12948,75 @@ fi | |||
13147 | done | 12948 | done |
13148 | 12949 | ||
13149 | 12950 | ||
12951 | # OpenSSL_add_all_algorithms may be a macro. | ||
12952 | ac_fn_c_check_func "$LINENO" "OpenSSL_add_all_algorithms" "ac_cv_func_OpenSSL_add_all_algorithms" | ||
12953 | if test "x$ac_cv_func_OpenSSL_add_all_algorithms" = xyes; then : | ||
12954 | |||
12955 | $as_echo "#define HAVE_OPENSSL_ADD_ALL_ALGORITHMS 1" >>confdefs.h | ||
12956 | |||
12957 | else | ||
12958 | ac_fn_c_check_decl "$LINENO" "OpenSSL_add_all_algorithms" "ac_cv_have_decl_OpenSSL_add_all_algorithms" "#include <openssl/evp.h> | ||
12959 | |||
12960 | " | ||
12961 | if test "x$ac_cv_have_decl_OpenSSL_add_all_algorithms" = xyes; then : | ||
12962 | |||
12963 | $as_echo "#define HAVE_OPENSSL_ADD_ALL_ALGORITHMS 1" >>confdefs.h | ||
12964 | |||
12965 | fi | ||
12966 | |||
12967 | |||
12968 | fi | ||
12969 | |||
12970 | |||
12971 | # LibreSSL/OpenSSL 1.1x API | ||
12972 | for ac_func in \ | ||
12973 | OPENSSL_init_crypto \ | ||
12974 | DH_get0_key \ | ||
12975 | DH_get0_pqg \ | ||
12976 | DH_set0_key \ | ||
12977 | DH_set_length \ | ||
12978 | DH_set0_pqg \ | ||
12979 | DSA_get0_key \ | ||
12980 | DSA_get0_pqg \ | ||
12981 | DSA_set0_key \ | ||
12982 | DSA_set0_pqg \ | ||
12983 | DSA_SIG_get0 \ | ||
12984 | DSA_SIG_set0 \ | ||
12985 | ECDSA_SIG_get0 \ | ||
12986 | ECDSA_SIG_set0 \ | ||
12987 | EVP_CIPHER_CTX_iv \ | ||
12988 | EVP_CIPHER_CTX_iv_noconst \ | ||
12989 | EVP_CIPHER_CTX_get_iv \ | ||
12990 | EVP_CIPHER_CTX_set_iv \ | ||
12991 | RSA_get0_crt_params \ | ||
12992 | RSA_get0_factors \ | ||
12993 | RSA_get0_key \ | ||
12994 | RSA_set0_crt_params \ | ||
12995 | RSA_set0_factors \ | ||
12996 | RSA_set0_key \ | ||
12997 | RSA_meth_free \ | ||
12998 | RSA_meth_dup \ | ||
12999 | RSA_meth_set1_name \ | ||
13000 | RSA_meth_get_finish \ | ||
13001 | RSA_meth_set_priv_enc \ | ||
13002 | RSA_meth_set_priv_dec \ | ||
13003 | RSA_meth_set_finish \ | ||
13004 | EVP_PKEY_get0_RSA \ | ||
13005 | EVP_MD_CTX_new \ | ||
13006 | EVP_MD_CTX_free \ | ||
13007 | |||
13008 | do : | ||
13009 | as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
13010 | ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" | ||
13011 | if eval test \"x\$"$as_ac_var"\" = x"yes"; then : | ||
13012 | cat >>confdefs.h <<_ACEOF | ||
13013 | #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
13014 | _ACEOF | ||
13015 | |||
13016 | fi | ||
13017 | done | ||
13018 | |||
13019 | |||
13150 | if test "x$openssl_engine" = "xyes" ; then | 13020 | if test "x$openssl_engine" = "xyes" ; then |
13151 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5 | 13021 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5 |
13152 | $as_echo_n "checking for OpenSSL ENGINE support... " >&6; } | 13022 | $as_echo_n "checking for OpenSSL ENGINE support... " >&6; } |
@@ -13302,1989 +13172,6 @@ fi | |||
13302 | rm -f core conftest.err conftest.$ac_objext \ | 13172 | rm -f core conftest.err conftest.$ac_objext \ |
13303 | conftest$ac_exeext conftest.$ac_ext | 13173 | conftest$ac_exeext conftest.$ac_ext |
13304 | 13174 | ||
13305 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_ctrl" >&5 | ||
13306 | $as_echo_n "checking for library containing EVP_CIPHER_CTX_ctrl... " >&6; } | ||
13307 | if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : | ||
13308 | $as_echo_n "(cached) " >&6 | ||
13309 | else | ||
13310 | ac_func_search_save_LIBS=$LIBS | ||
13311 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13312 | /* end confdefs.h. */ | ||
13313 | |||
13314 | /* Override any GCC internal prototype to avoid an error. | ||
13315 | Use char because int might match the return type of a GCC | ||
13316 | builtin and then its argument prototype would still apply. */ | ||
13317 | #ifdef __cplusplus | ||
13318 | extern "C" | ||
13319 | #endif | ||
13320 | char EVP_CIPHER_CTX_ctrl (); | ||
13321 | int | ||
13322 | main () | ||
13323 | { | ||
13324 | return EVP_CIPHER_CTX_ctrl (); | ||
13325 | ; | ||
13326 | return 0; | ||
13327 | } | ||
13328 | _ACEOF | ||
13329 | for ac_lib in '' crypto; do | ||
13330 | if test -z "$ac_lib"; then | ||
13331 | ac_res="none required" | ||
13332 | else | ||
13333 | ac_res=-l$ac_lib | ||
13334 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13335 | fi | ||
13336 | if ac_fn_c_try_link "$LINENO"; then : | ||
13337 | ac_cv_search_EVP_CIPHER_CTX_ctrl=$ac_res | ||
13338 | fi | ||
13339 | rm -f core conftest.err conftest.$ac_objext \ | ||
13340 | conftest$ac_exeext | ||
13341 | if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : | ||
13342 | break | ||
13343 | fi | ||
13344 | done | ||
13345 | if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then : | ||
13346 | |||
13347 | else | ||
13348 | ac_cv_search_EVP_CIPHER_CTX_ctrl=no | ||
13349 | fi | ||
13350 | rm conftest.$ac_ext | ||
13351 | LIBS=$ac_func_search_save_LIBS | ||
13352 | fi | ||
13353 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_ctrl" >&5 | ||
13354 | $as_echo "$ac_cv_search_EVP_CIPHER_CTX_ctrl" >&6; } | ||
13355 | ac_res=$ac_cv_search_EVP_CIPHER_CTX_ctrl | ||
13356 | if test "$ac_res" != no; then : | ||
13357 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13358 | |||
13359 | $as_echo "#define HAVE_EVP_CIPHER_CTX_CTRL 1" >>confdefs.h | ||
13360 | |||
13361 | fi | ||
13362 | |||
13363 | |||
13364 | # LibreSSL/OpenSSL 1.1x API | ||
13365 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_get0_key" >&5 | ||
13366 | $as_echo_n "checking for library containing DH_get0_key... " >&6; } | ||
13367 | if ${ac_cv_search_DH_get0_key+:} false; then : | ||
13368 | $as_echo_n "(cached) " >&6 | ||
13369 | else | ||
13370 | ac_func_search_save_LIBS=$LIBS | ||
13371 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13372 | /* end confdefs.h. */ | ||
13373 | |||
13374 | /* Override any GCC internal prototype to avoid an error. | ||
13375 | Use char because int might match the return type of a GCC | ||
13376 | builtin and then its argument prototype would still apply. */ | ||
13377 | #ifdef __cplusplus | ||
13378 | extern "C" | ||
13379 | #endif | ||
13380 | char DH_get0_key (); | ||
13381 | int | ||
13382 | main () | ||
13383 | { | ||
13384 | return DH_get0_key (); | ||
13385 | ; | ||
13386 | return 0; | ||
13387 | } | ||
13388 | _ACEOF | ||
13389 | for ac_lib in '' crypto; do | ||
13390 | if test -z "$ac_lib"; then | ||
13391 | ac_res="none required" | ||
13392 | else | ||
13393 | ac_res=-l$ac_lib | ||
13394 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13395 | fi | ||
13396 | if ac_fn_c_try_link "$LINENO"; then : | ||
13397 | ac_cv_search_DH_get0_key=$ac_res | ||
13398 | fi | ||
13399 | rm -f core conftest.err conftest.$ac_objext \ | ||
13400 | conftest$ac_exeext | ||
13401 | if ${ac_cv_search_DH_get0_key+:} false; then : | ||
13402 | break | ||
13403 | fi | ||
13404 | done | ||
13405 | if ${ac_cv_search_DH_get0_key+:} false; then : | ||
13406 | |||
13407 | else | ||
13408 | ac_cv_search_DH_get0_key=no | ||
13409 | fi | ||
13410 | rm conftest.$ac_ext | ||
13411 | LIBS=$ac_func_search_save_LIBS | ||
13412 | fi | ||
13413 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_get0_key" >&5 | ||
13414 | $as_echo "$ac_cv_search_DH_get0_key" >&6; } | ||
13415 | ac_res=$ac_cv_search_DH_get0_key | ||
13416 | if test "$ac_res" != no; then : | ||
13417 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13418 | |||
13419 | $as_echo "#define HAVE_DH_GET0_KEY 1" >>confdefs.h | ||
13420 | |||
13421 | fi | ||
13422 | |||
13423 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_get0_pqg" >&5 | ||
13424 | $as_echo_n "checking for library containing DH_get0_pqg... " >&6; } | ||
13425 | if ${ac_cv_search_DH_get0_pqg+:} false; then : | ||
13426 | $as_echo_n "(cached) " >&6 | ||
13427 | else | ||
13428 | ac_func_search_save_LIBS=$LIBS | ||
13429 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13430 | /* end confdefs.h. */ | ||
13431 | |||
13432 | /* Override any GCC internal prototype to avoid an error. | ||
13433 | Use char because int might match the return type of a GCC | ||
13434 | builtin and then its argument prototype would still apply. */ | ||
13435 | #ifdef __cplusplus | ||
13436 | extern "C" | ||
13437 | #endif | ||
13438 | char DH_get0_pqg (); | ||
13439 | int | ||
13440 | main () | ||
13441 | { | ||
13442 | return DH_get0_pqg (); | ||
13443 | ; | ||
13444 | return 0; | ||
13445 | } | ||
13446 | _ACEOF | ||
13447 | for ac_lib in '' crypto; do | ||
13448 | if test -z "$ac_lib"; then | ||
13449 | ac_res="none required" | ||
13450 | else | ||
13451 | ac_res=-l$ac_lib | ||
13452 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13453 | fi | ||
13454 | if ac_fn_c_try_link "$LINENO"; then : | ||
13455 | ac_cv_search_DH_get0_pqg=$ac_res | ||
13456 | fi | ||
13457 | rm -f core conftest.err conftest.$ac_objext \ | ||
13458 | conftest$ac_exeext | ||
13459 | if ${ac_cv_search_DH_get0_pqg+:} false; then : | ||
13460 | break | ||
13461 | fi | ||
13462 | done | ||
13463 | if ${ac_cv_search_DH_get0_pqg+:} false; then : | ||
13464 | |||
13465 | else | ||
13466 | ac_cv_search_DH_get0_pqg=no | ||
13467 | fi | ||
13468 | rm conftest.$ac_ext | ||
13469 | LIBS=$ac_func_search_save_LIBS | ||
13470 | fi | ||
13471 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_get0_pqg" >&5 | ||
13472 | $as_echo "$ac_cv_search_DH_get0_pqg" >&6; } | ||
13473 | ac_res=$ac_cv_search_DH_get0_pqg | ||
13474 | if test "$ac_res" != no; then : | ||
13475 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13476 | |||
13477 | $as_echo "#define HAVE_DH_GET0_PQG 1" >>confdefs.h | ||
13478 | |||
13479 | fi | ||
13480 | |||
13481 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set0_key" >&5 | ||
13482 | $as_echo_n "checking for library containing DH_set0_key... " >&6; } | ||
13483 | if ${ac_cv_search_DH_set0_key+:} false; then : | ||
13484 | $as_echo_n "(cached) " >&6 | ||
13485 | else | ||
13486 | ac_func_search_save_LIBS=$LIBS | ||
13487 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13488 | /* end confdefs.h. */ | ||
13489 | |||
13490 | /* Override any GCC internal prototype to avoid an error. | ||
13491 | Use char because int might match the return type of a GCC | ||
13492 | builtin and then its argument prototype would still apply. */ | ||
13493 | #ifdef __cplusplus | ||
13494 | extern "C" | ||
13495 | #endif | ||
13496 | char DH_set0_key (); | ||
13497 | int | ||
13498 | main () | ||
13499 | { | ||
13500 | return DH_set0_key (); | ||
13501 | ; | ||
13502 | return 0; | ||
13503 | } | ||
13504 | _ACEOF | ||
13505 | for ac_lib in '' crypto; do | ||
13506 | if test -z "$ac_lib"; then | ||
13507 | ac_res="none required" | ||
13508 | else | ||
13509 | ac_res=-l$ac_lib | ||
13510 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13511 | fi | ||
13512 | if ac_fn_c_try_link "$LINENO"; then : | ||
13513 | ac_cv_search_DH_set0_key=$ac_res | ||
13514 | fi | ||
13515 | rm -f core conftest.err conftest.$ac_objext \ | ||
13516 | conftest$ac_exeext | ||
13517 | if ${ac_cv_search_DH_set0_key+:} false; then : | ||
13518 | break | ||
13519 | fi | ||
13520 | done | ||
13521 | if ${ac_cv_search_DH_set0_key+:} false; then : | ||
13522 | |||
13523 | else | ||
13524 | ac_cv_search_DH_set0_key=no | ||
13525 | fi | ||
13526 | rm conftest.$ac_ext | ||
13527 | LIBS=$ac_func_search_save_LIBS | ||
13528 | fi | ||
13529 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set0_key" >&5 | ||
13530 | $as_echo "$ac_cv_search_DH_set0_key" >&6; } | ||
13531 | ac_res=$ac_cv_search_DH_set0_key | ||
13532 | if test "$ac_res" != no; then : | ||
13533 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13534 | |||
13535 | $as_echo "#define HAVE_DH_SET0_KEY 1" >>confdefs.h | ||
13536 | |||
13537 | fi | ||
13538 | |||
13539 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set_length" >&5 | ||
13540 | $as_echo_n "checking for library containing DH_set_length... " >&6; } | ||
13541 | if ${ac_cv_search_DH_set_length+:} false; then : | ||
13542 | $as_echo_n "(cached) " >&6 | ||
13543 | else | ||
13544 | ac_func_search_save_LIBS=$LIBS | ||
13545 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13546 | /* end confdefs.h. */ | ||
13547 | |||
13548 | /* Override any GCC internal prototype to avoid an error. | ||
13549 | Use char because int might match the return type of a GCC | ||
13550 | builtin and then its argument prototype would still apply. */ | ||
13551 | #ifdef __cplusplus | ||
13552 | extern "C" | ||
13553 | #endif | ||
13554 | char DH_set_length (); | ||
13555 | int | ||
13556 | main () | ||
13557 | { | ||
13558 | return DH_set_length (); | ||
13559 | ; | ||
13560 | return 0; | ||
13561 | } | ||
13562 | _ACEOF | ||
13563 | for ac_lib in '' crypto; do | ||
13564 | if test -z "$ac_lib"; then | ||
13565 | ac_res="none required" | ||
13566 | else | ||
13567 | ac_res=-l$ac_lib | ||
13568 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13569 | fi | ||
13570 | if ac_fn_c_try_link "$LINENO"; then : | ||
13571 | ac_cv_search_DH_set_length=$ac_res | ||
13572 | fi | ||
13573 | rm -f core conftest.err conftest.$ac_objext \ | ||
13574 | conftest$ac_exeext | ||
13575 | if ${ac_cv_search_DH_set_length+:} false; then : | ||
13576 | break | ||
13577 | fi | ||
13578 | done | ||
13579 | if ${ac_cv_search_DH_set_length+:} false; then : | ||
13580 | |||
13581 | else | ||
13582 | ac_cv_search_DH_set_length=no | ||
13583 | fi | ||
13584 | rm conftest.$ac_ext | ||
13585 | LIBS=$ac_func_search_save_LIBS | ||
13586 | fi | ||
13587 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set_length" >&5 | ||
13588 | $as_echo "$ac_cv_search_DH_set_length" >&6; } | ||
13589 | ac_res=$ac_cv_search_DH_set_length | ||
13590 | if test "$ac_res" != no; then : | ||
13591 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13592 | |||
13593 | $as_echo "#define HAVE_DH_SET_LENGTH 1" >>confdefs.h | ||
13594 | |||
13595 | fi | ||
13596 | |||
13597 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set0_pqg" >&5 | ||
13598 | $as_echo_n "checking for library containing DH_set0_pqg... " >&6; } | ||
13599 | if ${ac_cv_search_DH_set0_pqg+:} false; then : | ||
13600 | $as_echo_n "(cached) " >&6 | ||
13601 | else | ||
13602 | ac_func_search_save_LIBS=$LIBS | ||
13603 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13604 | /* end confdefs.h. */ | ||
13605 | |||
13606 | /* Override any GCC internal prototype to avoid an error. | ||
13607 | Use char because int might match the return type of a GCC | ||
13608 | builtin and then its argument prototype would still apply. */ | ||
13609 | #ifdef __cplusplus | ||
13610 | extern "C" | ||
13611 | #endif | ||
13612 | char DH_set0_pqg (); | ||
13613 | int | ||
13614 | main () | ||
13615 | { | ||
13616 | return DH_set0_pqg (); | ||
13617 | ; | ||
13618 | return 0; | ||
13619 | } | ||
13620 | _ACEOF | ||
13621 | for ac_lib in '' crypto; do | ||
13622 | if test -z "$ac_lib"; then | ||
13623 | ac_res="none required" | ||
13624 | else | ||
13625 | ac_res=-l$ac_lib | ||
13626 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13627 | fi | ||
13628 | if ac_fn_c_try_link "$LINENO"; then : | ||
13629 | ac_cv_search_DH_set0_pqg=$ac_res | ||
13630 | fi | ||
13631 | rm -f core conftest.err conftest.$ac_objext \ | ||
13632 | conftest$ac_exeext | ||
13633 | if ${ac_cv_search_DH_set0_pqg+:} false; then : | ||
13634 | break | ||
13635 | fi | ||
13636 | done | ||
13637 | if ${ac_cv_search_DH_set0_pqg+:} false; then : | ||
13638 | |||
13639 | else | ||
13640 | ac_cv_search_DH_set0_pqg=no | ||
13641 | fi | ||
13642 | rm conftest.$ac_ext | ||
13643 | LIBS=$ac_func_search_save_LIBS | ||
13644 | fi | ||
13645 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set0_pqg" >&5 | ||
13646 | $as_echo "$ac_cv_search_DH_set0_pqg" >&6; } | ||
13647 | ac_res=$ac_cv_search_DH_set0_pqg | ||
13648 | if test "$ac_res" != no; then : | ||
13649 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13650 | |||
13651 | $as_echo "#define HAVE_DH_SET0_PQG 1" >>confdefs.h | ||
13652 | |||
13653 | fi | ||
13654 | |||
13655 | |||
13656 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_get0_key" >&5 | ||
13657 | $as_echo_n "checking for library containing DSA_get0_key... " >&6; } | ||
13658 | if ${ac_cv_search_DSA_get0_key+:} false; then : | ||
13659 | $as_echo_n "(cached) " >&6 | ||
13660 | else | ||
13661 | ac_func_search_save_LIBS=$LIBS | ||
13662 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13663 | /* end confdefs.h. */ | ||
13664 | |||
13665 | /* Override any GCC internal prototype to avoid an error. | ||
13666 | Use char because int might match the return type of a GCC | ||
13667 | builtin and then its argument prototype would still apply. */ | ||
13668 | #ifdef __cplusplus | ||
13669 | extern "C" | ||
13670 | #endif | ||
13671 | char DSA_get0_key (); | ||
13672 | int | ||
13673 | main () | ||
13674 | { | ||
13675 | return DSA_get0_key (); | ||
13676 | ; | ||
13677 | return 0; | ||
13678 | } | ||
13679 | _ACEOF | ||
13680 | for ac_lib in '' crypto; do | ||
13681 | if test -z "$ac_lib"; then | ||
13682 | ac_res="none required" | ||
13683 | else | ||
13684 | ac_res=-l$ac_lib | ||
13685 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13686 | fi | ||
13687 | if ac_fn_c_try_link "$LINENO"; then : | ||
13688 | ac_cv_search_DSA_get0_key=$ac_res | ||
13689 | fi | ||
13690 | rm -f core conftest.err conftest.$ac_objext \ | ||
13691 | conftest$ac_exeext | ||
13692 | if ${ac_cv_search_DSA_get0_key+:} false; then : | ||
13693 | break | ||
13694 | fi | ||
13695 | done | ||
13696 | if ${ac_cv_search_DSA_get0_key+:} false; then : | ||
13697 | |||
13698 | else | ||
13699 | ac_cv_search_DSA_get0_key=no | ||
13700 | fi | ||
13701 | rm conftest.$ac_ext | ||
13702 | LIBS=$ac_func_search_save_LIBS | ||
13703 | fi | ||
13704 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_get0_key" >&5 | ||
13705 | $as_echo "$ac_cv_search_DSA_get0_key" >&6; } | ||
13706 | ac_res=$ac_cv_search_DSA_get0_key | ||
13707 | if test "$ac_res" != no; then : | ||
13708 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13709 | |||
13710 | $as_echo "#define HAVE_DSA_GET0_KEY 1" >>confdefs.h | ||
13711 | |||
13712 | fi | ||
13713 | |||
13714 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_get0_pqg" >&5 | ||
13715 | $as_echo_n "checking for library containing DSA_get0_pqg... " >&6; } | ||
13716 | if ${ac_cv_search_DSA_get0_pqg+:} false; then : | ||
13717 | $as_echo_n "(cached) " >&6 | ||
13718 | else | ||
13719 | ac_func_search_save_LIBS=$LIBS | ||
13720 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13721 | /* end confdefs.h. */ | ||
13722 | |||
13723 | /* Override any GCC internal prototype to avoid an error. | ||
13724 | Use char because int might match the return type of a GCC | ||
13725 | builtin and then its argument prototype would still apply. */ | ||
13726 | #ifdef __cplusplus | ||
13727 | extern "C" | ||
13728 | #endif | ||
13729 | char DSA_get0_pqg (); | ||
13730 | int | ||
13731 | main () | ||
13732 | { | ||
13733 | return DSA_get0_pqg (); | ||
13734 | ; | ||
13735 | return 0; | ||
13736 | } | ||
13737 | _ACEOF | ||
13738 | for ac_lib in '' crypto; do | ||
13739 | if test -z "$ac_lib"; then | ||
13740 | ac_res="none required" | ||
13741 | else | ||
13742 | ac_res=-l$ac_lib | ||
13743 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13744 | fi | ||
13745 | if ac_fn_c_try_link "$LINENO"; then : | ||
13746 | ac_cv_search_DSA_get0_pqg=$ac_res | ||
13747 | fi | ||
13748 | rm -f core conftest.err conftest.$ac_objext \ | ||
13749 | conftest$ac_exeext | ||
13750 | if ${ac_cv_search_DSA_get0_pqg+:} false; then : | ||
13751 | break | ||
13752 | fi | ||
13753 | done | ||
13754 | if ${ac_cv_search_DSA_get0_pqg+:} false; then : | ||
13755 | |||
13756 | else | ||
13757 | ac_cv_search_DSA_get0_pqg=no | ||
13758 | fi | ||
13759 | rm conftest.$ac_ext | ||
13760 | LIBS=$ac_func_search_save_LIBS | ||
13761 | fi | ||
13762 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_get0_pqg" >&5 | ||
13763 | $as_echo "$ac_cv_search_DSA_get0_pqg" >&6; } | ||
13764 | ac_res=$ac_cv_search_DSA_get0_pqg | ||
13765 | if test "$ac_res" != no; then : | ||
13766 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13767 | |||
13768 | $as_echo "#define HAVE_DSA_GET0_PQG 1" >>confdefs.h | ||
13769 | |||
13770 | fi | ||
13771 | |||
13772 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_set0_key" >&5 | ||
13773 | $as_echo_n "checking for library containing DSA_set0_key... " >&6; } | ||
13774 | if ${ac_cv_search_DSA_set0_key+:} false; then : | ||
13775 | $as_echo_n "(cached) " >&6 | ||
13776 | else | ||
13777 | ac_func_search_save_LIBS=$LIBS | ||
13778 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13779 | /* end confdefs.h. */ | ||
13780 | |||
13781 | /* Override any GCC internal prototype to avoid an error. | ||
13782 | Use char because int might match the return type of a GCC | ||
13783 | builtin and then its argument prototype would still apply. */ | ||
13784 | #ifdef __cplusplus | ||
13785 | extern "C" | ||
13786 | #endif | ||
13787 | char DSA_set0_key (); | ||
13788 | int | ||
13789 | main () | ||
13790 | { | ||
13791 | return DSA_set0_key (); | ||
13792 | ; | ||
13793 | return 0; | ||
13794 | } | ||
13795 | _ACEOF | ||
13796 | for ac_lib in '' crypto; do | ||
13797 | if test -z "$ac_lib"; then | ||
13798 | ac_res="none required" | ||
13799 | else | ||
13800 | ac_res=-l$ac_lib | ||
13801 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13802 | fi | ||
13803 | if ac_fn_c_try_link "$LINENO"; then : | ||
13804 | ac_cv_search_DSA_set0_key=$ac_res | ||
13805 | fi | ||
13806 | rm -f core conftest.err conftest.$ac_objext \ | ||
13807 | conftest$ac_exeext | ||
13808 | if ${ac_cv_search_DSA_set0_key+:} false; then : | ||
13809 | break | ||
13810 | fi | ||
13811 | done | ||
13812 | if ${ac_cv_search_DSA_set0_key+:} false; then : | ||
13813 | |||
13814 | else | ||
13815 | ac_cv_search_DSA_set0_key=no | ||
13816 | fi | ||
13817 | rm conftest.$ac_ext | ||
13818 | LIBS=$ac_func_search_save_LIBS | ||
13819 | fi | ||
13820 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_set0_key" >&5 | ||
13821 | $as_echo "$ac_cv_search_DSA_set0_key" >&6; } | ||
13822 | ac_res=$ac_cv_search_DSA_set0_key | ||
13823 | if test "$ac_res" != no; then : | ||
13824 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13825 | |||
13826 | $as_echo "#define HAVE_DSA_SET0_KEY 1" >>confdefs.h | ||
13827 | |||
13828 | fi | ||
13829 | |||
13830 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_set0_pqg" >&5 | ||
13831 | $as_echo_n "checking for library containing DSA_set0_pqg... " >&6; } | ||
13832 | if ${ac_cv_search_DSA_set0_pqg+:} false; then : | ||
13833 | $as_echo_n "(cached) " >&6 | ||
13834 | else | ||
13835 | ac_func_search_save_LIBS=$LIBS | ||
13836 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13837 | /* end confdefs.h. */ | ||
13838 | |||
13839 | /* Override any GCC internal prototype to avoid an error. | ||
13840 | Use char because int might match the return type of a GCC | ||
13841 | builtin and then its argument prototype would still apply. */ | ||
13842 | #ifdef __cplusplus | ||
13843 | extern "C" | ||
13844 | #endif | ||
13845 | char DSA_set0_pqg (); | ||
13846 | int | ||
13847 | main () | ||
13848 | { | ||
13849 | return DSA_set0_pqg (); | ||
13850 | ; | ||
13851 | return 0; | ||
13852 | } | ||
13853 | _ACEOF | ||
13854 | for ac_lib in '' crypto; do | ||
13855 | if test -z "$ac_lib"; then | ||
13856 | ac_res="none required" | ||
13857 | else | ||
13858 | ac_res=-l$ac_lib | ||
13859 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13860 | fi | ||
13861 | if ac_fn_c_try_link "$LINENO"; then : | ||
13862 | ac_cv_search_DSA_set0_pqg=$ac_res | ||
13863 | fi | ||
13864 | rm -f core conftest.err conftest.$ac_objext \ | ||
13865 | conftest$ac_exeext | ||
13866 | if ${ac_cv_search_DSA_set0_pqg+:} false; then : | ||
13867 | break | ||
13868 | fi | ||
13869 | done | ||
13870 | if ${ac_cv_search_DSA_set0_pqg+:} false; then : | ||
13871 | |||
13872 | else | ||
13873 | ac_cv_search_DSA_set0_pqg=no | ||
13874 | fi | ||
13875 | rm conftest.$ac_ext | ||
13876 | LIBS=$ac_func_search_save_LIBS | ||
13877 | fi | ||
13878 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_set0_pqg" >&5 | ||
13879 | $as_echo "$ac_cv_search_DSA_set0_pqg" >&6; } | ||
13880 | ac_res=$ac_cv_search_DSA_set0_pqg | ||
13881 | if test "$ac_res" != no; then : | ||
13882 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13883 | |||
13884 | $as_echo "#define HAVE_DSA_SET0_PQG 1" >>confdefs.h | ||
13885 | |||
13886 | fi | ||
13887 | |||
13888 | |||
13889 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_SIG_get0" >&5 | ||
13890 | $as_echo_n "checking for library containing DSA_SIG_get0... " >&6; } | ||
13891 | if ${ac_cv_search_DSA_SIG_get0+:} false; then : | ||
13892 | $as_echo_n "(cached) " >&6 | ||
13893 | else | ||
13894 | ac_func_search_save_LIBS=$LIBS | ||
13895 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13896 | /* end confdefs.h. */ | ||
13897 | |||
13898 | /* Override any GCC internal prototype to avoid an error. | ||
13899 | Use char because int might match the return type of a GCC | ||
13900 | builtin and then its argument prototype would still apply. */ | ||
13901 | #ifdef __cplusplus | ||
13902 | extern "C" | ||
13903 | #endif | ||
13904 | char DSA_SIG_get0 (); | ||
13905 | int | ||
13906 | main () | ||
13907 | { | ||
13908 | return DSA_SIG_get0 (); | ||
13909 | ; | ||
13910 | return 0; | ||
13911 | } | ||
13912 | _ACEOF | ||
13913 | for ac_lib in '' crypto; do | ||
13914 | if test -z "$ac_lib"; then | ||
13915 | ac_res="none required" | ||
13916 | else | ||
13917 | ac_res=-l$ac_lib | ||
13918 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13919 | fi | ||
13920 | if ac_fn_c_try_link "$LINENO"; then : | ||
13921 | ac_cv_search_DSA_SIG_get0=$ac_res | ||
13922 | fi | ||
13923 | rm -f core conftest.err conftest.$ac_objext \ | ||
13924 | conftest$ac_exeext | ||
13925 | if ${ac_cv_search_DSA_SIG_get0+:} false; then : | ||
13926 | break | ||
13927 | fi | ||
13928 | done | ||
13929 | if ${ac_cv_search_DSA_SIG_get0+:} false; then : | ||
13930 | |||
13931 | else | ||
13932 | ac_cv_search_DSA_SIG_get0=no | ||
13933 | fi | ||
13934 | rm conftest.$ac_ext | ||
13935 | LIBS=$ac_func_search_save_LIBS | ||
13936 | fi | ||
13937 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_SIG_get0" >&5 | ||
13938 | $as_echo "$ac_cv_search_DSA_SIG_get0" >&6; } | ||
13939 | ac_res=$ac_cv_search_DSA_SIG_get0 | ||
13940 | if test "$ac_res" != no; then : | ||
13941 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
13942 | |||
13943 | $as_echo "#define HAVE_DSA_SIG_GET0 1" >>confdefs.h | ||
13944 | |||
13945 | fi | ||
13946 | |||
13947 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_SIG_set0" >&5 | ||
13948 | $as_echo_n "checking for library containing DSA_SIG_set0... " >&6; } | ||
13949 | if ${ac_cv_search_DSA_SIG_set0+:} false; then : | ||
13950 | $as_echo_n "(cached) " >&6 | ||
13951 | else | ||
13952 | ac_func_search_save_LIBS=$LIBS | ||
13953 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
13954 | /* end confdefs.h. */ | ||
13955 | |||
13956 | /* Override any GCC internal prototype to avoid an error. | ||
13957 | Use char because int might match the return type of a GCC | ||
13958 | builtin and then its argument prototype would still apply. */ | ||
13959 | #ifdef __cplusplus | ||
13960 | extern "C" | ||
13961 | #endif | ||
13962 | char DSA_SIG_set0 (); | ||
13963 | int | ||
13964 | main () | ||
13965 | { | ||
13966 | return DSA_SIG_set0 (); | ||
13967 | ; | ||
13968 | return 0; | ||
13969 | } | ||
13970 | _ACEOF | ||
13971 | for ac_lib in '' crypto; do | ||
13972 | if test -z "$ac_lib"; then | ||
13973 | ac_res="none required" | ||
13974 | else | ||
13975 | ac_res=-l$ac_lib | ||
13976 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
13977 | fi | ||
13978 | if ac_fn_c_try_link "$LINENO"; then : | ||
13979 | ac_cv_search_DSA_SIG_set0=$ac_res | ||
13980 | fi | ||
13981 | rm -f core conftest.err conftest.$ac_objext \ | ||
13982 | conftest$ac_exeext | ||
13983 | if ${ac_cv_search_DSA_SIG_set0+:} false; then : | ||
13984 | break | ||
13985 | fi | ||
13986 | done | ||
13987 | if ${ac_cv_search_DSA_SIG_set0+:} false; then : | ||
13988 | |||
13989 | else | ||
13990 | ac_cv_search_DSA_SIG_set0=no | ||
13991 | fi | ||
13992 | rm conftest.$ac_ext | ||
13993 | LIBS=$ac_func_search_save_LIBS | ||
13994 | fi | ||
13995 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_SIG_set0" >&5 | ||
13996 | $as_echo "$ac_cv_search_DSA_SIG_set0" >&6; } | ||
13997 | ac_res=$ac_cv_search_DSA_SIG_set0 | ||
13998 | if test "$ac_res" != no; then : | ||
13999 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14000 | |||
14001 | $as_echo "#define HAVE_DSA_SIG_SET0 1" >>confdefs.h | ||
14002 | |||
14003 | fi | ||
14004 | |||
14005 | |||
14006 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ECDSA_SIG_get0" >&5 | ||
14007 | $as_echo_n "checking for library containing ECDSA_SIG_get0... " >&6; } | ||
14008 | if ${ac_cv_search_ECDSA_SIG_get0+:} false; then : | ||
14009 | $as_echo_n "(cached) " >&6 | ||
14010 | else | ||
14011 | ac_func_search_save_LIBS=$LIBS | ||
14012 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14013 | /* end confdefs.h. */ | ||
14014 | |||
14015 | /* Override any GCC internal prototype to avoid an error. | ||
14016 | Use char because int might match the return type of a GCC | ||
14017 | builtin and then its argument prototype would still apply. */ | ||
14018 | #ifdef __cplusplus | ||
14019 | extern "C" | ||
14020 | #endif | ||
14021 | char ECDSA_SIG_get0 (); | ||
14022 | int | ||
14023 | main () | ||
14024 | { | ||
14025 | return ECDSA_SIG_get0 (); | ||
14026 | ; | ||
14027 | return 0; | ||
14028 | } | ||
14029 | _ACEOF | ||
14030 | for ac_lib in '' crypto; do | ||
14031 | if test -z "$ac_lib"; then | ||
14032 | ac_res="none required" | ||
14033 | else | ||
14034 | ac_res=-l$ac_lib | ||
14035 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14036 | fi | ||
14037 | if ac_fn_c_try_link "$LINENO"; then : | ||
14038 | ac_cv_search_ECDSA_SIG_get0=$ac_res | ||
14039 | fi | ||
14040 | rm -f core conftest.err conftest.$ac_objext \ | ||
14041 | conftest$ac_exeext | ||
14042 | if ${ac_cv_search_ECDSA_SIG_get0+:} false; then : | ||
14043 | break | ||
14044 | fi | ||
14045 | done | ||
14046 | if ${ac_cv_search_ECDSA_SIG_get0+:} false; then : | ||
14047 | |||
14048 | else | ||
14049 | ac_cv_search_ECDSA_SIG_get0=no | ||
14050 | fi | ||
14051 | rm conftest.$ac_ext | ||
14052 | LIBS=$ac_func_search_save_LIBS | ||
14053 | fi | ||
14054 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ECDSA_SIG_get0" >&5 | ||
14055 | $as_echo "$ac_cv_search_ECDSA_SIG_get0" >&6; } | ||
14056 | ac_res=$ac_cv_search_ECDSA_SIG_get0 | ||
14057 | if test "$ac_res" != no; then : | ||
14058 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14059 | |||
14060 | $as_echo "#define HAVE_ECDSA_SIG_GET0 1" >>confdefs.h | ||
14061 | |||
14062 | fi | ||
14063 | |||
14064 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ECDSA_SIG_set0" >&5 | ||
14065 | $as_echo_n "checking for library containing ECDSA_SIG_set0... " >&6; } | ||
14066 | if ${ac_cv_search_ECDSA_SIG_set0+:} false; then : | ||
14067 | $as_echo_n "(cached) " >&6 | ||
14068 | else | ||
14069 | ac_func_search_save_LIBS=$LIBS | ||
14070 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14071 | /* end confdefs.h. */ | ||
14072 | |||
14073 | /* Override any GCC internal prototype to avoid an error. | ||
14074 | Use char because int might match the return type of a GCC | ||
14075 | builtin and then its argument prototype would still apply. */ | ||
14076 | #ifdef __cplusplus | ||
14077 | extern "C" | ||
14078 | #endif | ||
14079 | char ECDSA_SIG_set0 (); | ||
14080 | int | ||
14081 | main () | ||
14082 | { | ||
14083 | return ECDSA_SIG_set0 (); | ||
14084 | ; | ||
14085 | return 0; | ||
14086 | } | ||
14087 | _ACEOF | ||
14088 | for ac_lib in '' crypto; do | ||
14089 | if test -z "$ac_lib"; then | ||
14090 | ac_res="none required" | ||
14091 | else | ||
14092 | ac_res=-l$ac_lib | ||
14093 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14094 | fi | ||
14095 | if ac_fn_c_try_link "$LINENO"; then : | ||
14096 | ac_cv_search_ECDSA_SIG_set0=$ac_res | ||
14097 | fi | ||
14098 | rm -f core conftest.err conftest.$ac_objext \ | ||
14099 | conftest$ac_exeext | ||
14100 | if ${ac_cv_search_ECDSA_SIG_set0+:} false; then : | ||
14101 | break | ||
14102 | fi | ||
14103 | done | ||
14104 | if ${ac_cv_search_ECDSA_SIG_set0+:} false; then : | ||
14105 | |||
14106 | else | ||
14107 | ac_cv_search_ECDSA_SIG_set0=no | ||
14108 | fi | ||
14109 | rm conftest.$ac_ext | ||
14110 | LIBS=$ac_func_search_save_LIBS | ||
14111 | fi | ||
14112 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ECDSA_SIG_set0" >&5 | ||
14113 | $as_echo "$ac_cv_search_ECDSA_SIG_set0" >&6; } | ||
14114 | ac_res=$ac_cv_search_ECDSA_SIG_set0 | ||
14115 | if test "$ac_res" != no; then : | ||
14116 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14117 | |||
14118 | $as_echo "#define HAVE_ECDSA_SIG_SET0 1" >>confdefs.h | ||
14119 | |||
14120 | fi | ||
14121 | |||
14122 | |||
14123 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_iv" >&5 | ||
14124 | $as_echo_n "checking for library containing EVP_CIPHER_CTX_iv... " >&6; } | ||
14125 | if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then : | ||
14126 | $as_echo_n "(cached) " >&6 | ||
14127 | else | ||
14128 | ac_func_search_save_LIBS=$LIBS | ||
14129 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14130 | /* end confdefs.h. */ | ||
14131 | |||
14132 | /* Override any GCC internal prototype to avoid an error. | ||
14133 | Use char because int might match the return type of a GCC | ||
14134 | builtin and then its argument prototype would still apply. */ | ||
14135 | #ifdef __cplusplus | ||
14136 | extern "C" | ||
14137 | #endif | ||
14138 | char EVP_CIPHER_CTX_iv (); | ||
14139 | int | ||
14140 | main () | ||
14141 | { | ||
14142 | return EVP_CIPHER_CTX_iv (); | ||
14143 | ; | ||
14144 | return 0; | ||
14145 | } | ||
14146 | _ACEOF | ||
14147 | for ac_lib in '' crypto; do | ||
14148 | if test -z "$ac_lib"; then | ||
14149 | ac_res="none required" | ||
14150 | else | ||
14151 | ac_res=-l$ac_lib | ||
14152 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14153 | fi | ||
14154 | if ac_fn_c_try_link "$LINENO"; then : | ||
14155 | ac_cv_search_EVP_CIPHER_CTX_iv=$ac_res | ||
14156 | fi | ||
14157 | rm -f core conftest.err conftest.$ac_objext \ | ||
14158 | conftest$ac_exeext | ||
14159 | if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then : | ||
14160 | break | ||
14161 | fi | ||
14162 | done | ||
14163 | if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then : | ||
14164 | |||
14165 | else | ||
14166 | ac_cv_search_EVP_CIPHER_CTX_iv=no | ||
14167 | fi | ||
14168 | rm conftest.$ac_ext | ||
14169 | LIBS=$ac_func_search_save_LIBS | ||
14170 | fi | ||
14171 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_iv" >&5 | ||
14172 | $as_echo "$ac_cv_search_EVP_CIPHER_CTX_iv" >&6; } | ||
14173 | ac_res=$ac_cv_search_EVP_CIPHER_CTX_iv | ||
14174 | if test "$ac_res" != no; then : | ||
14175 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14176 | |||
14177 | $as_echo "#define HAVE_EVP_CIPHER_CTX_IV 1" >>confdefs.h | ||
14178 | |||
14179 | fi | ||
14180 | |||
14181 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_iv_noconst" >&5 | ||
14182 | $as_echo_n "checking for library containing EVP_CIPHER_CTX_iv_noconst... " >&6; } | ||
14183 | if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then : | ||
14184 | $as_echo_n "(cached) " >&6 | ||
14185 | else | ||
14186 | ac_func_search_save_LIBS=$LIBS | ||
14187 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14188 | /* end confdefs.h. */ | ||
14189 | |||
14190 | /* Override any GCC internal prototype to avoid an error. | ||
14191 | Use char because int might match the return type of a GCC | ||
14192 | builtin and then its argument prototype would still apply. */ | ||
14193 | #ifdef __cplusplus | ||
14194 | extern "C" | ||
14195 | #endif | ||
14196 | char EVP_CIPHER_CTX_iv_noconst (); | ||
14197 | int | ||
14198 | main () | ||
14199 | { | ||
14200 | return EVP_CIPHER_CTX_iv_noconst (); | ||
14201 | ; | ||
14202 | return 0; | ||
14203 | } | ||
14204 | _ACEOF | ||
14205 | for ac_lib in '' crypto; do | ||
14206 | if test -z "$ac_lib"; then | ||
14207 | ac_res="none required" | ||
14208 | else | ||
14209 | ac_res=-l$ac_lib | ||
14210 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14211 | fi | ||
14212 | if ac_fn_c_try_link "$LINENO"; then : | ||
14213 | ac_cv_search_EVP_CIPHER_CTX_iv_noconst=$ac_res | ||
14214 | fi | ||
14215 | rm -f core conftest.err conftest.$ac_objext \ | ||
14216 | conftest$ac_exeext | ||
14217 | if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then : | ||
14218 | break | ||
14219 | fi | ||
14220 | done | ||
14221 | if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then : | ||
14222 | |||
14223 | else | ||
14224 | ac_cv_search_EVP_CIPHER_CTX_iv_noconst=no | ||
14225 | fi | ||
14226 | rm conftest.$ac_ext | ||
14227 | LIBS=$ac_func_search_save_LIBS | ||
14228 | fi | ||
14229 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_iv_noconst" >&5 | ||
14230 | $as_echo "$ac_cv_search_EVP_CIPHER_CTX_iv_noconst" >&6; } | ||
14231 | ac_res=$ac_cv_search_EVP_CIPHER_CTX_iv_noconst | ||
14232 | if test "$ac_res" != no; then : | ||
14233 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14234 | |||
14235 | $as_echo "#define HAVE_EVP_CIPHER_CTX_IV_NOCONST 1" >>confdefs.h | ||
14236 | |||
14237 | fi | ||
14238 | |||
14239 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_get_iv" >&5 | ||
14240 | $as_echo_n "checking for library containing EVP_CIPHER_CTX_get_iv... " >&6; } | ||
14241 | if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then : | ||
14242 | $as_echo_n "(cached) " >&6 | ||
14243 | else | ||
14244 | ac_func_search_save_LIBS=$LIBS | ||
14245 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14246 | /* end confdefs.h. */ | ||
14247 | |||
14248 | /* Override any GCC internal prototype to avoid an error. | ||
14249 | Use char because int might match the return type of a GCC | ||
14250 | builtin and then its argument prototype would still apply. */ | ||
14251 | #ifdef __cplusplus | ||
14252 | extern "C" | ||
14253 | #endif | ||
14254 | char EVP_CIPHER_CTX_get_iv (); | ||
14255 | int | ||
14256 | main () | ||
14257 | { | ||
14258 | return EVP_CIPHER_CTX_get_iv (); | ||
14259 | ; | ||
14260 | return 0; | ||
14261 | } | ||
14262 | _ACEOF | ||
14263 | for ac_lib in '' crypto; do | ||
14264 | if test -z "$ac_lib"; then | ||
14265 | ac_res="none required" | ||
14266 | else | ||
14267 | ac_res=-l$ac_lib | ||
14268 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14269 | fi | ||
14270 | if ac_fn_c_try_link "$LINENO"; then : | ||
14271 | ac_cv_search_EVP_CIPHER_CTX_get_iv=$ac_res | ||
14272 | fi | ||
14273 | rm -f core conftest.err conftest.$ac_objext \ | ||
14274 | conftest$ac_exeext | ||
14275 | if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then : | ||
14276 | break | ||
14277 | fi | ||
14278 | done | ||
14279 | if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then : | ||
14280 | |||
14281 | else | ||
14282 | ac_cv_search_EVP_CIPHER_CTX_get_iv=no | ||
14283 | fi | ||
14284 | rm conftest.$ac_ext | ||
14285 | LIBS=$ac_func_search_save_LIBS | ||
14286 | fi | ||
14287 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_get_iv" >&5 | ||
14288 | $as_echo "$ac_cv_search_EVP_CIPHER_CTX_get_iv" >&6; } | ||
14289 | ac_res=$ac_cv_search_EVP_CIPHER_CTX_get_iv | ||
14290 | if test "$ac_res" != no; then : | ||
14291 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14292 | |||
14293 | $as_echo "#define HAVE_EVP_CIPHER_CTX_GET_IV 1" >>confdefs.h | ||
14294 | |||
14295 | fi | ||
14296 | |||
14297 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_set_iv" >&5 | ||
14298 | $as_echo_n "checking for library containing EVP_CIPHER_CTX_set_iv... " >&6; } | ||
14299 | if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then : | ||
14300 | $as_echo_n "(cached) " >&6 | ||
14301 | else | ||
14302 | ac_func_search_save_LIBS=$LIBS | ||
14303 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14304 | /* end confdefs.h. */ | ||
14305 | |||
14306 | /* Override any GCC internal prototype to avoid an error. | ||
14307 | Use char because int might match the return type of a GCC | ||
14308 | builtin and then its argument prototype would still apply. */ | ||
14309 | #ifdef __cplusplus | ||
14310 | extern "C" | ||
14311 | #endif | ||
14312 | char EVP_CIPHER_CTX_set_iv (); | ||
14313 | int | ||
14314 | main () | ||
14315 | { | ||
14316 | return EVP_CIPHER_CTX_set_iv (); | ||
14317 | ; | ||
14318 | return 0; | ||
14319 | } | ||
14320 | _ACEOF | ||
14321 | for ac_lib in '' crypto; do | ||
14322 | if test -z "$ac_lib"; then | ||
14323 | ac_res="none required" | ||
14324 | else | ||
14325 | ac_res=-l$ac_lib | ||
14326 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14327 | fi | ||
14328 | if ac_fn_c_try_link "$LINENO"; then : | ||
14329 | ac_cv_search_EVP_CIPHER_CTX_set_iv=$ac_res | ||
14330 | fi | ||
14331 | rm -f core conftest.err conftest.$ac_objext \ | ||
14332 | conftest$ac_exeext | ||
14333 | if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then : | ||
14334 | break | ||
14335 | fi | ||
14336 | done | ||
14337 | if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then : | ||
14338 | |||
14339 | else | ||
14340 | ac_cv_search_EVP_CIPHER_CTX_set_iv=no | ||
14341 | fi | ||
14342 | rm conftest.$ac_ext | ||
14343 | LIBS=$ac_func_search_save_LIBS | ||
14344 | fi | ||
14345 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_set_iv" >&5 | ||
14346 | $as_echo "$ac_cv_search_EVP_CIPHER_CTX_set_iv" >&6; } | ||
14347 | ac_res=$ac_cv_search_EVP_CIPHER_CTX_set_iv | ||
14348 | if test "$ac_res" != no; then : | ||
14349 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14350 | |||
14351 | $as_echo "#define HAVE_EVP_CIPHER_CTX_GET_IV 1" >>confdefs.h | ||
14352 | |||
14353 | fi | ||
14354 | |||
14355 | |||
14356 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_crt_params" >&5 | ||
14357 | $as_echo_n "checking for library containing RSA_get0_crt_params... " >&6; } | ||
14358 | if ${ac_cv_search_RSA_get0_crt_params+:} false; then : | ||
14359 | $as_echo_n "(cached) " >&6 | ||
14360 | else | ||
14361 | ac_func_search_save_LIBS=$LIBS | ||
14362 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14363 | /* end confdefs.h. */ | ||
14364 | |||
14365 | /* Override any GCC internal prototype to avoid an error. | ||
14366 | Use char because int might match the return type of a GCC | ||
14367 | builtin and then its argument prototype would still apply. */ | ||
14368 | #ifdef __cplusplus | ||
14369 | extern "C" | ||
14370 | #endif | ||
14371 | char RSA_get0_crt_params (); | ||
14372 | int | ||
14373 | main () | ||
14374 | { | ||
14375 | return RSA_get0_crt_params (); | ||
14376 | ; | ||
14377 | return 0; | ||
14378 | } | ||
14379 | _ACEOF | ||
14380 | for ac_lib in '' crypto; do | ||
14381 | if test -z "$ac_lib"; then | ||
14382 | ac_res="none required" | ||
14383 | else | ||
14384 | ac_res=-l$ac_lib | ||
14385 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14386 | fi | ||
14387 | if ac_fn_c_try_link "$LINENO"; then : | ||
14388 | ac_cv_search_RSA_get0_crt_params=$ac_res | ||
14389 | fi | ||
14390 | rm -f core conftest.err conftest.$ac_objext \ | ||
14391 | conftest$ac_exeext | ||
14392 | if ${ac_cv_search_RSA_get0_crt_params+:} false; then : | ||
14393 | break | ||
14394 | fi | ||
14395 | done | ||
14396 | if ${ac_cv_search_RSA_get0_crt_params+:} false; then : | ||
14397 | |||
14398 | else | ||
14399 | ac_cv_search_RSA_get0_crt_params=no | ||
14400 | fi | ||
14401 | rm conftest.$ac_ext | ||
14402 | LIBS=$ac_func_search_save_LIBS | ||
14403 | fi | ||
14404 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_crt_params" >&5 | ||
14405 | $as_echo "$ac_cv_search_RSA_get0_crt_params" >&6; } | ||
14406 | ac_res=$ac_cv_search_RSA_get0_crt_params | ||
14407 | if test "$ac_res" != no; then : | ||
14408 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14409 | |||
14410 | $as_echo "#define HAVE_RSA_GET0_CRT_PARAMS 1" >>confdefs.h | ||
14411 | |||
14412 | fi | ||
14413 | |||
14414 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_factors" >&5 | ||
14415 | $as_echo_n "checking for library containing RSA_get0_factors... " >&6; } | ||
14416 | if ${ac_cv_search_RSA_get0_factors+:} false; then : | ||
14417 | $as_echo_n "(cached) " >&6 | ||
14418 | else | ||
14419 | ac_func_search_save_LIBS=$LIBS | ||
14420 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14421 | /* end confdefs.h. */ | ||
14422 | |||
14423 | /* Override any GCC internal prototype to avoid an error. | ||
14424 | Use char because int might match the return type of a GCC | ||
14425 | builtin and then its argument prototype would still apply. */ | ||
14426 | #ifdef __cplusplus | ||
14427 | extern "C" | ||
14428 | #endif | ||
14429 | char RSA_get0_factors (); | ||
14430 | int | ||
14431 | main () | ||
14432 | { | ||
14433 | return RSA_get0_factors (); | ||
14434 | ; | ||
14435 | return 0; | ||
14436 | } | ||
14437 | _ACEOF | ||
14438 | for ac_lib in '' crypto; do | ||
14439 | if test -z "$ac_lib"; then | ||
14440 | ac_res="none required" | ||
14441 | else | ||
14442 | ac_res=-l$ac_lib | ||
14443 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14444 | fi | ||
14445 | if ac_fn_c_try_link "$LINENO"; then : | ||
14446 | ac_cv_search_RSA_get0_factors=$ac_res | ||
14447 | fi | ||
14448 | rm -f core conftest.err conftest.$ac_objext \ | ||
14449 | conftest$ac_exeext | ||
14450 | if ${ac_cv_search_RSA_get0_factors+:} false; then : | ||
14451 | break | ||
14452 | fi | ||
14453 | done | ||
14454 | if ${ac_cv_search_RSA_get0_factors+:} false; then : | ||
14455 | |||
14456 | else | ||
14457 | ac_cv_search_RSA_get0_factors=no | ||
14458 | fi | ||
14459 | rm conftest.$ac_ext | ||
14460 | LIBS=$ac_func_search_save_LIBS | ||
14461 | fi | ||
14462 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_factors" >&5 | ||
14463 | $as_echo "$ac_cv_search_RSA_get0_factors" >&6; } | ||
14464 | ac_res=$ac_cv_search_RSA_get0_factors | ||
14465 | if test "$ac_res" != no; then : | ||
14466 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14467 | |||
14468 | $as_echo "#define HAVE_RSA_GET0_FACTORS 1" >>confdefs.h | ||
14469 | |||
14470 | fi | ||
14471 | |||
14472 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_key" >&5 | ||
14473 | $as_echo_n "checking for library containing RSA_get0_key... " >&6; } | ||
14474 | if ${ac_cv_search_RSA_get0_key+:} false; then : | ||
14475 | $as_echo_n "(cached) " >&6 | ||
14476 | else | ||
14477 | ac_func_search_save_LIBS=$LIBS | ||
14478 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14479 | /* end confdefs.h. */ | ||
14480 | |||
14481 | /* Override any GCC internal prototype to avoid an error. | ||
14482 | Use char because int might match the return type of a GCC | ||
14483 | builtin and then its argument prototype would still apply. */ | ||
14484 | #ifdef __cplusplus | ||
14485 | extern "C" | ||
14486 | #endif | ||
14487 | char RSA_get0_key (); | ||
14488 | int | ||
14489 | main () | ||
14490 | { | ||
14491 | return RSA_get0_key (); | ||
14492 | ; | ||
14493 | return 0; | ||
14494 | } | ||
14495 | _ACEOF | ||
14496 | for ac_lib in '' crypto; do | ||
14497 | if test -z "$ac_lib"; then | ||
14498 | ac_res="none required" | ||
14499 | else | ||
14500 | ac_res=-l$ac_lib | ||
14501 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14502 | fi | ||
14503 | if ac_fn_c_try_link "$LINENO"; then : | ||
14504 | ac_cv_search_RSA_get0_key=$ac_res | ||
14505 | fi | ||
14506 | rm -f core conftest.err conftest.$ac_objext \ | ||
14507 | conftest$ac_exeext | ||
14508 | if ${ac_cv_search_RSA_get0_key+:} false; then : | ||
14509 | break | ||
14510 | fi | ||
14511 | done | ||
14512 | if ${ac_cv_search_RSA_get0_key+:} false; then : | ||
14513 | |||
14514 | else | ||
14515 | ac_cv_search_RSA_get0_key=no | ||
14516 | fi | ||
14517 | rm conftest.$ac_ext | ||
14518 | LIBS=$ac_func_search_save_LIBS | ||
14519 | fi | ||
14520 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_key" >&5 | ||
14521 | $as_echo "$ac_cv_search_RSA_get0_key" >&6; } | ||
14522 | ac_res=$ac_cv_search_RSA_get0_key | ||
14523 | if test "$ac_res" != no; then : | ||
14524 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14525 | |||
14526 | $as_echo "#define HAVE_RSA_GET0_KEY 1" >>confdefs.h | ||
14527 | |||
14528 | fi | ||
14529 | |||
14530 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_crt_params" >&5 | ||
14531 | $as_echo_n "checking for library containing RSA_set0_crt_params... " >&6; } | ||
14532 | if ${ac_cv_search_RSA_set0_crt_params+:} false; then : | ||
14533 | $as_echo_n "(cached) " >&6 | ||
14534 | else | ||
14535 | ac_func_search_save_LIBS=$LIBS | ||
14536 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14537 | /* end confdefs.h. */ | ||
14538 | |||
14539 | /* Override any GCC internal prototype to avoid an error. | ||
14540 | Use char because int might match the return type of a GCC | ||
14541 | builtin and then its argument prototype would still apply. */ | ||
14542 | #ifdef __cplusplus | ||
14543 | extern "C" | ||
14544 | #endif | ||
14545 | char RSA_set0_crt_params (); | ||
14546 | int | ||
14547 | main () | ||
14548 | { | ||
14549 | return RSA_set0_crt_params (); | ||
14550 | ; | ||
14551 | return 0; | ||
14552 | } | ||
14553 | _ACEOF | ||
14554 | for ac_lib in '' crypto; do | ||
14555 | if test -z "$ac_lib"; then | ||
14556 | ac_res="none required" | ||
14557 | else | ||
14558 | ac_res=-l$ac_lib | ||
14559 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14560 | fi | ||
14561 | if ac_fn_c_try_link "$LINENO"; then : | ||
14562 | ac_cv_search_RSA_set0_crt_params=$ac_res | ||
14563 | fi | ||
14564 | rm -f core conftest.err conftest.$ac_objext \ | ||
14565 | conftest$ac_exeext | ||
14566 | if ${ac_cv_search_RSA_set0_crt_params+:} false; then : | ||
14567 | break | ||
14568 | fi | ||
14569 | done | ||
14570 | if ${ac_cv_search_RSA_set0_crt_params+:} false; then : | ||
14571 | |||
14572 | else | ||
14573 | ac_cv_search_RSA_set0_crt_params=no | ||
14574 | fi | ||
14575 | rm conftest.$ac_ext | ||
14576 | LIBS=$ac_func_search_save_LIBS | ||
14577 | fi | ||
14578 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_crt_params" >&5 | ||
14579 | $as_echo "$ac_cv_search_RSA_set0_crt_params" >&6; } | ||
14580 | ac_res=$ac_cv_search_RSA_set0_crt_params | ||
14581 | if test "$ac_res" != no; then : | ||
14582 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14583 | |||
14584 | $as_echo "#define HAVE_RSA_SET0_CRT_PARAMS 1" >>confdefs.h | ||
14585 | |||
14586 | fi | ||
14587 | |||
14588 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_factors" >&5 | ||
14589 | $as_echo_n "checking for library containing RSA_set0_factors... " >&6; } | ||
14590 | if ${ac_cv_search_RSA_set0_factors+:} false; then : | ||
14591 | $as_echo_n "(cached) " >&6 | ||
14592 | else | ||
14593 | ac_func_search_save_LIBS=$LIBS | ||
14594 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14595 | /* end confdefs.h. */ | ||
14596 | |||
14597 | /* Override any GCC internal prototype to avoid an error. | ||
14598 | Use char because int might match the return type of a GCC | ||
14599 | builtin and then its argument prototype would still apply. */ | ||
14600 | #ifdef __cplusplus | ||
14601 | extern "C" | ||
14602 | #endif | ||
14603 | char RSA_set0_factors (); | ||
14604 | int | ||
14605 | main () | ||
14606 | { | ||
14607 | return RSA_set0_factors (); | ||
14608 | ; | ||
14609 | return 0; | ||
14610 | } | ||
14611 | _ACEOF | ||
14612 | for ac_lib in '' crypto; do | ||
14613 | if test -z "$ac_lib"; then | ||
14614 | ac_res="none required" | ||
14615 | else | ||
14616 | ac_res=-l$ac_lib | ||
14617 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14618 | fi | ||
14619 | if ac_fn_c_try_link "$LINENO"; then : | ||
14620 | ac_cv_search_RSA_set0_factors=$ac_res | ||
14621 | fi | ||
14622 | rm -f core conftest.err conftest.$ac_objext \ | ||
14623 | conftest$ac_exeext | ||
14624 | if ${ac_cv_search_RSA_set0_factors+:} false; then : | ||
14625 | break | ||
14626 | fi | ||
14627 | done | ||
14628 | if ${ac_cv_search_RSA_set0_factors+:} false; then : | ||
14629 | |||
14630 | else | ||
14631 | ac_cv_search_RSA_set0_factors=no | ||
14632 | fi | ||
14633 | rm conftest.$ac_ext | ||
14634 | LIBS=$ac_func_search_save_LIBS | ||
14635 | fi | ||
14636 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_factors" >&5 | ||
14637 | $as_echo "$ac_cv_search_RSA_set0_factors" >&6; } | ||
14638 | ac_res=$ac_cv_search_RSA_set0_factors | ||
14639 | if test "$ac_res" != no; then : | ||
14640 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14641 | |||
14642 | $as_echo "#define HAVE_RSA_SET0_FACTORS 1" >>confdefs.h | ||
14643 | |||
14644 | fi | ||
14645 | |||
14646 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_key" >&5 | ||
14647 | $as_echo_n "checking for library containing RSA_set0_key... " >&6; } | ||
14648 | if ${ac_cv_search_RSA_set0_key+:} false; then : | ||
14649 | $as_echo_n "(cached) " >&6 | ||
14650 | else | ||
14651 | ac_func_search_save_LIBS=$LIBS | ||
14652 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14653 | /* end confdefs.h. */ | ||
14654 | |||
14655 | /* Override any GCC internal prototype to avoid an error. | ||
14656 | Use char because int might match the return type of a GCC | ||
14657 | builtin and then its argument prototype would still apply. */ | ||
14658 | #ifdef __cplusplus | ||
14659 | extern "C" | ||
14660 | #endif | ||
14661 | char RSA_set0_key (); | ||
14662 | int | ||
14663 | main () | ||
14664 | { | ||
14665 | return RSA_set0_key (); | ||
14666 | ; | ||
14667 | return 0; | ||
14668 | } | ||
14669 | _ACEOF | ||
14670 | for ac_lib in '' crypto; do | ||
14671 | if test -z "$ac_lib"; then | ||
14672 | ac_res="none required" | ||
14673 | else | ||
14674 | ac_res=-l$ac_lib | ||
14675 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14676 | fi | ||
14677 | if ac_fn_c_try_link "$LINENO"; then : | ||
14678 | ac_cv_search_RSA_set0_key=$ac_res | ||
14679 | fi | ||
14680 | rm -f core conftest.err conftest.$ac_objext \ | ||
14681 | conftest$ac_exeext | ||
14682 | if ${ac_cv_search_RSA_set0_key+:} false; then : | ||
14683 | break | ||
14684 | fi | ||
14685 | done | ||
14686 | if ${ac_cv_search_RSA_set0_key+:} false; then : | ||
14687 | |||
14688 | else | ||
14689 | ac_cv_search_RSA_set0_key=no | ||
14690 | fi | ||
14691 | rm conftest.$ac_ext | ||
14692 | LIBS=$ac_func_search_save_LIBS | ||
14693 | fi | ||
14694 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_key" >&5 | ||
14695 | $as_echo "$ac_cv_search_RSA_set0_key" >&6; } | ||
14696 | ac_res=$ac_cv_search_RSA_set0_key | ||
14697 | if test "$ac_res" != no; then : | ||
14698 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14699 | |||
14700 | $as_echo "#define HAVE_RSA_SET0_KEY 1" >>confdefs.h | ||
14701 | |||
14702 | fi | ||
14703 | |||
14704 | |||
14705 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_free" >&5 | ||
14706 | $as_echo_n "checking for library containing RSA_meth_free... " >&6; } | ||
14707 | if ${ac_cv_search_RSA_meth_free+:} false; then : | ||
14708 | $as_echo_n "(cached) " >&6 | ||
14709 | else | ||
14710 | ac_func_search_save_LIBS=$LIBS | ||
14711 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14712 | /* end confdefs.h. */ | ||
14713 | |||
14714 | /* Override any GCC internal prototype to avoid an error. | ||
14715 | Use char because int might match the return type of a GCC | ||
14716 | builtin and then its argument prototype would still apply. */ | ||
14717 | #ifdef __cplusplus | ||
14718 | extern "C" | ||
14719 | #endif | ||
14720 | char RSA_meth_free (); | ||
14721 | int | ||
14722 | main () | ||
14723 | { | ||
14724 | return RSA_meth_free (); | ||
14725 | ; | ||
14726 | return 0; | ||
14727 | } | ||
14728 | _ACEOF | ||
14729 | for ac_lib in '' crypto; do | ||
14730 | if test -z "$ac_lib"; then | ||
14731 | ac_res="none required" | ||
14732 | else | ||
14733 | ac_res=-l$ac_lib | ||
14734 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14735 | fi | ||
14736 | if ac_fn_c_try_link "$LINENO"; then : | ||
14737 | ac_cv_search_RSA_meth_free=$ac_res | ||
14738 | fi | ||
14739 | rm -f core conftest.err conftest.$ac_objext \ | ||
14740 | conftest$ac_exeext | ||
14741 | if ${ac_cv_search_RSA_meth_free+:} false; then : | ||
14742 | break | ||
14743 | fi | ||
14744 | done | ||
14745 | if ${ac_cv_search_RSA_meth_free+:} false; then : | ||
14746 | |||
14747 | else | ||
14748 | ac_cv_search_RSA_meth_free=no | ||
14749 | fi | ||
14750 | rm conftest.$ac_ext | ||
14751 | LIBS=$ac_func_search_save_LIBS | ||
14752 | fi | ||
14753 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_free" >&5 | ||
14754 | $as_echo "$ac_cv_search_RSA_meth_free" >&6; } | ||
14755 | ac_res=$ac_cv_search_RSA_meth_free | ||
14756 | if test "$ac_res" != no; then : | ||
14757 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14758 | |||
14759 | $as_echo "#define HAVE_RSA_METH_FREE 1" >>confdefs.h | ||
14760 | |||
14761 | fi | ||
14762 | |||
14763 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_dup" >&5 | ||
14764 | $as_echo_n "checking for library containing RSA_meth_dup... " >&6; } | ||
14765 | if ${ac_cv_search_RSA_meth_dup+:} false; then : | ||
14766 | $as_echo_n "(cached) " >&6 | ||
14767 | else | ||
14768 | ac_func_search_save_LIBS=$LIBS | ||
14769 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14770 | /* end confdefs.h. */ | ||
14771 | |||
14772 | /* Override any GCC internal prototype to avoid an error. | ||
14773 | Use char because int might match the return type of a GCC | ||
14774 | builtin and then its argument prototype would still apply. */ | ||
14775 | #ifdef __cplusplus | ||
14776 | extern "C" | ||
14777 | #endif | ||
14778 | char RSA_meth_dup (); | ||
14779 | int | ||
14780 | main () | ||
14781 | { | ||
14782 | return RSA_meth_dup (); | ||
14783 | ; | ||
14784 | return 0; | ||
14785 | } | ||
14786 | _ACEOF | ||
14787 | for ac_lib in '' crypto; do | ||
14788 | if test -z "$ac_lib"; then | ||
14789 | ac_res="none required" | ||
14790 | else | ||
14791 | ac_res=-l$ac_lib | ||
14792 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14793 | fi | ||
14794 | if ac_fn_c_try_link "$LINENO"; then : | ||
14795 | ac_cv_search_RSA_meth_dup=$ac_res | ||
14796 | fi | ||
14797 | rm -f core conftest.err conftest.$ac_objext \ | ||
14798 | conftest$ac_exeext | ||
14799 | if ${ac_cv_search_RSA_meth_dup+:} false; then : | ||
14800 | break | ||
14801 | fi | ||
14802 | done | ||
14803 | if ${ac_cv_search_RSA_meth_dup+:} false; then : | ||
14804 | |||
14805 | else | ||
14806 | ac_cv_search_RSA_meth_dup=no | ||
14807 | fi | ||
14808 | rm conftest.$ac_ext | ||
14809 | LIBS=$ac_func_search_save_LIBS | ||
14810 | fi | ||
14811 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_dup" >&5 | ||
14812 | $as_echo "$ac_cv_search_RSA_meth_dup" >&6; } | ||
14813 | ac_res=$ac_cv_search_RSA_meth_dup | ||
14814 | if test "$ac_res" != no; then : | ||
14815 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14816 | |||
14817 | $as_echo "#define HAVE_RSA_METH_DUP 1" >>confdefs.h | ||
14818 | |||
14819 | fi | ||
14820 | |||
14821 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set1_name" >&5 | ||
14822 | $as_echo_n "checking for library containing RSA_meth_set1_name... " >&6; } | ||
14823 | if ${ac_cv_search_RSA_meth_set1_name+:} false; then : | ||
14824 | $as_echo_n "(cached) " >&6 | ||
14825 | else | ||
14826 | ac_func_search_save_LIBS=$LIBS | ||
14827 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14828 | /* end confdefs.h. */ | ||
14829 | |||
14830 | /* Override any GCC internal prototype to avoid an error. | ||
14831 | Use char because int might match the return type of a GCC | ||
14832 | builtin and then its argument prototype would still apply. */ | ||
14833 | #ifdef __cplusplus | ||
14834 | extern "C" | ||
14835 | #endif | ||
14836 | char RSA_meth_set1_name (); | ||
14837 | int | ||
14838 | main () | ||
14839 | { | ||
14840 | return RSA_meth_set1_name (); | ||
14841 | ; | ||
14842 | return 0; | ||
14843 | } | ||
14844 | _ACEOF | ||
14845 | for ac_lib in '' crypto; do | ||
14846 | if test -z "$ac_lib"; then | ||
14847 | ac_res="none required" | ||
14848 | else | ||
14849 | ac_res=-l$ac_lib | ||
14850 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14851 | fi | ||
14852 | if ac_fn_c_try_link "$LINENO"; then : | ||
14853 | ac_cv_search_RSA_meth_set1_name=$ac_res | ||
14854 | fi | ||
14855 | rm -f core conftest.err conftest.$ac_objext \ | ||
14856 | conftest$ac_exeext | ||
14857 | if ${ac_cv_search_RSA_meth_set1_name+:} false; then : | ||
14858 | break | ||
14859 | fi | ||
14860 | done | ||
14861 | if ${ac_cv_search_RSA_meth_set1_name+:} false; then : | ||
14862 | |||
14863 | else | ||
14864 | ac_cv_search_RSA_meth_set1_name=no | ||
14865 | fi | ||
14866 | rm conftest.$ac_ext | ||
14867 | LIBS=$ac_func_search_save_LIBS | ||
14868 | fi | ||
14869 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set1_name" >&5 | ||
14870 | $as_echo "$ac_cv_search_RSA_meth_set1_name" >&6; } | ||
14871 | ac_res=$ac_cv_search_RSA_meth_set1_name | ||
14872 | if test "$ac_res" != no; then : | ||
14873 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14874 | |||
14875 | $as_echo "#define HAVE_RSA_METH_SET1_NAME 1" >>confdefs.h | ||
14876 | |||
14877 | fi | ||
14878 | |||
14879 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_get_finish" >&5 | ||
14880 | $as_echo_n "checking for library containing RSA_meth_get_finish... " >&6; } | ||
14881 | if ${ac_cv_search_RSA_meth_get_finish+:} false; then : | ||
14882 | $as_echo_n "(cached) " >&6 | ||
14883 | else | ||
14884 | ac_func_search_save_LIBS=$LIBS | ||
14885 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14886 | /* end confdefs.h. */ | ||
14887 | |||
14888 | /* Override any GCC internal prototype to avoid an error. | ||
14889 | Use char because int might match the return type of a GCC | ||
14890 | builtin and then its argument prototype would still apply. */ | ||
14891 | #ifdef __cplusplus | ||
14892 | extern "C" | ||
14893 | #endif | ||
14894 | char RSA_meth_get_finish (); | ||
14895 | int | ||
14896 | main () | ||
14897 | { | ||
14898 | return RSA_meth_get_finish (); | ||
14899 | ; | ||
14900 | return 0; | ||
14901 | } | ||
14902 | _ACEOF | ||
14903 | for ac_lib in '' crypto; do | ||
14904 | if test -z "$ac_lib"; then | ||
14905 | ac_res="none required" | ||
14906 | else | ||
14907 | ac_res=-l$ac_lib | ||
14908 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14909 | fi | ||
14910 | if ac_fn_c_try_link "$LINENO"; then : | ||
14911 | ac_cv_search_RSA_meth_get_finish=$ac_res | ||
14912 | fi | ||
14913 | rm -f core conftest.err conftest.$ac_objext \ | ||
14914 | conftest$ac_exeext | ||
14915 | if ${ac_cv_search_RSA_meth_get_finish+:} false; then : | ||
14916 | break | ||
14917 | fi | ||
14918 | done | ||
14919 | if ${ac_cv_search_RSA_meth_get_finish+:} false; then : | ||
14920 | |||
14921 | else | ||
14922 | ac_cv_search_RSA_meth_get_finish=no | ||
14923 | fi | ||
14924 | rm conftest.$ac_ext | ||
14925 | LIBS=$ac_func_search_save_LIBS | ||
14926 | fi | ||
14927 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_get_finish" >&5 | ||
14928 | $as_echo "$ac_cv_search_RSA_meth_get_finish" >&6; } | ||
14929 | ac_res=$ac_cv_search_RSA_meth_get_finish | ||
14930 | if test "$ac_res" != no; then : | ||
14931 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14932 | |||
14933 | $as_echo "#define HAVE_RSA_METH_GET_FINISH 1" >>confdefs.h | ||
14934 | |||
14935 | fi | ||
14936 | |||
14937 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_priv_enc" >&5 | ||
14938 | $as_echo_n "checking for library containing RSA_meth_set_priv_enc... " >&6; } | ||
14939 | if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then : | ||
14940 | $as_echo_n "(cached) " >&6 | ||
14941 | else | ||
14942 | ac_func_search_save_LIBS=$LIBS | ||
14943 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
14944 | /* end confdefs.h. */ | ||
14945 | |||
14946 | /* Override any GCC internal prototype to avoid an error. | ||
14947 | Use char because int might match the return type of a GCC | ||
14948 | builtin and then its argument prototype would still apply. */ | ||
14949 | #ifdef __cplusplus | ||
14950 | extern "C" | ||
14951 | #endif | ||
14952 | char RSA_meth_set_priv_enc (); | ||
14953 | int | ||
14954 | main () | ||
14955 | { | ||
14956 | return RSA_meth_set_priv_enc (); | ||
14957 | ; | ||
14958 | return 0; | ||
14959 | } | ||
14960 | _ACEOF | ||
14961 | for ac_lib in '' crypto; do | ||
14962 | if test -z "$ac_lib"; then | ||
14963 | ac_res="none required" | ||
14964 | else | ||
14965 | ac_res=-l$ac_lib | ||
14966 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
14967 | fi | ||
14968 | if ac_fn_c_try_link "$LINENO"; then : | ||
14969 | ac_cv_search_RSA_meth_set_priv_enc=$ac_res | ||
14970 | fi | ||
14971 | rm -f core conftest.err conftest.$ac_objext \ | ||
14972 | conftest$ac_exeext | ||
14973 | if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then : | ||
14974 | break | ||
14975 | fi | ||
14976 | done | ||
14977 | if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then : | ||
14978 | |||
14979 | else | ||
14980 | ac_cv_search_RSA_meth_set_priv_enc=no | ||
14981 | fi | ||
14982 | rm conftest.$ac_ext | ||
14983 | LIBS=$ac_func_search_save_LIBS | ||
14984 | fi | ||
14985 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_priv_enc" >&5 | ||
14986 | $as_echo "$ac_cv_search_RSA_meth_set_priv_enc" >&6; } | ||
14987 | ac_res=$ac_cv_search_RSA_meth_set_priv_enc | ||
14988 | if test "$ac_res" != no; then : | ||
14989 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
14990 | |||
14991 | $as_echo "#define HAVE_RSA_METH_SET_PRIV_ENC 1" >>confdefs.h | ||
14992 | |||
14993 | fi | ||
14994 | |||
14995 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_priv_dec" >&5 | ||
14996 | $as_echo_n "checking for library containing RSA_meth_set_priv_dec... " >&6; } | ||
14997 | if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then : | ||
14998 | $as_echo_n "(cached) " >&6 | ||
14999 | else | ||
15000 | ac_func_search_save_LIBS=$LIBS | ||
15001 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
15002 | /* end confdefs.h. */ | ||
15003 | |||
15004 | /* Override any GCC internal prototype to avoid an error. | ||
15005 | Use char because int might match the return type of a GCC | ||
15006 | builtin and then its argument prototype would still apply. */ | ||
15007 | #ifdef __cplusplus | ||
15008 | extern "C" | ||
15009 | #endif | ||
15010 | char RSA_meth_set_priv_dec (); | ||
15011 | int | ||
15012 | main () | ||
15013 | { | ||
15014 | return RSA_meth_set_priv_dec (); | ||
15015 | ; | ||
15016 | return 0; | ||
15017 | } | ||
15018 | _ACEOF | ||
15019 | for ac_lib in '' crypto; do | ||
15020 | if test -z "$ac_lib"; then | ||
15021 | ac_res="none required" | ||
15022 | else | ||
15023 | ac_res=-l$ac_lib | ||
15024 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
15025 | fi | ||
15026 | if ac_fn_c_try_link "$LINENO"; then : | ||
15027 | ac_cv_search_RSA_meth_set_priv_dec=$ac_res | ||
15028 | fi | ||
15029 | rm -f core conftest.err conftest.$ac_objext \ | ||
15030 | conftest$ac_exeext | ||
15031 | if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then : | ||
15032 | break | ||
15033 | fi | ||
15034 | done | ||
15035 | if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then : | ||
15036 | |||
15037 | else | ||
15038 | ac_cv_search_RSA_meth_set_priv_dec=no | ||
15039 | fi | ||
15040 | rm conftest.$ac_ext | ||
15041 | LIBS=$ac_func_search_save_LIBS | ||
15042 | fi | ||
15043 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_priv_dec" >&5 | ||
15044 | $as_echo "$ac_cv_search_RSA_meth_set_priv_dec" >&6; } | ||
15045 | ac_res=$ac_cv_search_RSA_meth_set_priv_dec | ||
15046 | if test "$ac_res" != no; then : | ||
15047 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
15048 | |||
15049 | $as_echo "#define HAVE_RSA_METH_SET_PRIV_DEC 1" >>confdefs.h | ||
15050 | |||
15051 | fi | ||
15052 | |||
15053 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_finish" >&5 | ||
15054 | $as_echo_n "checking for library containing RSA_meth_set_finish... " >&6; } | ||
15055 | if ${ac_cv_search_RSA_meth_set_finish+:} false; then : | ||
15056 | $as_echo_n "(cached) " >&6 | ||
15057 | else | ||
15058 | ac_func_search_save_LIBS=$LIBS | ||
15059 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
15060 | /* end confdefs.h. */ | ||
15061 | |||
15062 | /* Override any GCC internal prototype to avoid an error. | ||
15063 | Use char because int might match the return type of a GCC | ||
15064 | builtin and then its argument prototype would still apply. */ | ||
15065 | #ifdef __cplusplus | ||
15066 | extern "C" | ||
15067 | #endif | ||
15068 | char RSA_meth_set_finish (); | ||
15069 | int | ||
15070 | main () | ||
15071 | { | ||
15072 | return RSA_meth_set_finish (); | ||
15073 | ; | ||
15074 | return 0; | ||
15075 | } | ||
15076 | _ACEOF | ||
15077 | for ac_lib in '' crypto; do | ||
15078 | if test -z "$ac_lib"; then | ||
15079 | ac_res="none required" | ||
15080 | else | ||
15081 | ac_res=-l$ac_lib | ||
15082 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
15083 | fi | ||
15084 | if ac_fn_c_try_link "$LINENO"; then : | ||
15085 | ac_cv_search_RSA_meth_set_finish=$ac_res | ||
15086 | fi | ||
15087 | rm -f core conftest.err conftest.$ac_objext \ | ||
15088 | conftest$ac_exeext | ||
15089 | if ${ac_cv_search_RSA_meth_set_finish+:} false; then : | ||
15090 | break | ||
15091 | fi | ||
15092 | done | ||
15093 | if ${ac_cv_search_RSA_meth_set_finish+:} false; then : | ||
15094 | |||
15095 | else | ||
15096 | ac_cv_search_RSA_meth_set_finish=no | ||
15097 | fi | ||
15098 | rm conftest.$ac_ext | ||
15099 | LIBS=$ac_func_search_save_LIBS | ||
15100 | fi | ||
15101 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_finish" >&5 | ||
15102 | $as_echo "$ac_cv_search_RSA_meth_set_finish" >&6; } | ||
15103 | ac_res=$ac_cv_search_RSA_meth_set_finish | ||
15104 | if test "$ac_res" != no; then : | ||
15105 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
15106 | |||
15107 | $as_echo "#define HAVE_RSA_METH_SET_FINISH 1" >>confdefs.h | ||
15108 | |||
15109 | fi | ||
15110 | |||
15111 | |||
15112 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_PKEY_get0_RSA" >&5 | ||
15113 | $as_echo_n "checking for library containing EVP_PKEY_get0_RSA... " >&6; } | ||
15114 | if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then : | ||
15115 | $as_echo_n "(cached) " >&6 | ||
15116 | else | ||
15117 | ac_func_search_save_LIBS=$LIBS | ||
15118 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
15119 | /* end confdefs.h. */ | ||
15120 | |||
15121 | /* Override any GCC internal prototype to avoid an error. | ||
15122 | Use char because int might match the return type of a GCC | ||
15123 | builtin and then its argument prototype would still apply. */ | ||
15124 | #ifdef __cplusplus | ||
15125 | extern "C" | ||
15126 | #endif | ||
15127 | char EVP_PKEY_get0_RSA (); | ||
15128 | int | ||
15129 | main () | ||
15130 | { | ||
15131 | return EVP_PKEY_get0_RSA (); | ||
15132 | ; | ||
15133 | return 0; | ||
15134 | } | ||
15135 | _ACEOF | ||
15136 | for ac_lib in '' crypto; do | ||
15137 | if test -z "$ac_lib"; then | ||
15138 | ac_res="none required" | ||
15139 | else | ||
15140 | ac_res=-l$ac_lib | ||
15141 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
15142 | fi | ||
15143 | if ac_fn_c_try_link "$LINENO"; then : | ||
15144 | ac_cv_search_EVP_PKEY_get0_RSA=$ac_res | ||
15145 | fi | ||
15146 | rm -f core conftest.err conftest.$ac_objext \ | ||
15147 | conftest$ac_exeext | ||
15148 | if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then : | ||
15149 | break | ||
15150 | fi | ||
15151 | done | ||
15152 | if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then : | ||
15153 | |||
15154 | else | ||
15155 | ac_cv_search_EVP_PKEY_get0_RSA=no | ||
15156 | fi | ||
15157 | rm conftest.$ac_ext | ||
15158 | LIBS=$ac_func_search_save_LIBS | ||
15159 | fi | ||
15160 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_PKEY_get0_RSA" >&5 | ||
15161 | $as_echo "$ac_cv_search_EVP_PKEY_get0_RSA" >&6; } | ||
15162 | ac_res=$ac_cv_search_EVP_PKEY_get0_RSA | ||
15163 | if test "$ac_res" != no; then : | ||
15164 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
15165 | |||
15166 | $as_echo "#define HAVE_EVP_PKEY_GET0_RSA 1" >>confdefs.h | ||
15167 | |||
15168 | fi | ||
15169 | |||
15170 | |||
15171 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_MD_CTX_new" >&5 | ||
15172 | $as_echo_n "checking for library containing EVP_MD_CTX_new... " >&6; } | ||
15173 | if ${ac_cv_search_EVP_MD_CTX_new+:} false; then : | ||
15174 | $as_echo_n "(cached) " >&6 | ||
15175 | else | ||
15176 | ac_func_search_save_LIBS=$LIBS | ||
15177 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
15178 | /* end confdefs.h. */ | ||
15179 | |||
15180 | /* Override any GCC internal prototype to avoid an error. | ||
15181 | Use char because int might match the return type of a GCC | ||
15182 | builtin and then its argument prototype would still apply. */ | ||
15183 | #ifdef __cplusplus | ||
15184 | extern "C" | ||
15185 | #endif | ||
15186 | char EVP_MD_CTX_new (); | ||
15187 | int | ||
15188 | main () | ||
15189 | { | ||
15190 | return EVP_MD_CTX_new (); | ||
15191 | ; | ||
15192 | return 0; | ||
15193 | } | ||
15194 | _ACEOF | ||
15195 | for ac_lib in '' crypto; do | ||
15196 | if test -z "$ac_lib"; then | ||
15197 | ac_res="none required" | ||
15198 | else | ||
15199 | ac_res=-l$ac_lib | ||
15200 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
15201 | fi | ||
15202 | if ac_fn_c_try_link "$LINENO"; then : | ||
15203 | ac_cv_search_EVP_MD_CTX_new=$ac_res | ||
15204 | fi | ||
15205 | rm -f core conftest.err conftest.$ac_objext \ | ||
15206 | conftest$ac_exeext | ||
15207 | if ${ac_cv_search_EVP_MD_CTX_new+:} false; then : | ||
15208 | break | ||
15209 | fi | ||
15210 | done | ||
15211 | if ${ac_cv_search_EVP_MD_CTX_new+:} false; then : | ||
15212 | |||
15213 | else | ||
15214 | ac_cv_search_EVP_MD_CTX_new=no | ||
15215 | fi | ||
15216 | rm conftest.$ac_ext | ||
15217 | LIBS=$ac_func_search_save_LIBS | ||
15218 | fi | ||
15219 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_MD_CTX_new" >&5 | ||
15220 | $as_echo "$ac_cv_search_EVP_MD_CTX_new" >&6; } | ||
15221 | ac_res=$ac_cv_search_EVP_MD_CTX_new | ||
15222 | if test "$ac_res" != no; then : | ||
15223 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
15224 | |||
15225 | $as_echo "#define HAVE_EVP_MD_CTX_NEW 1" >>confdefs.h | ||
15226 | |||
15227 | fi | ||
15228 | |||
15229 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_MD_CTX_free" >&5 | ||
15230 | $as_echo_n "checking for library containing EVP_MD_CTX_free... " >&6; } | ||
15231 | if ${ac_cv_search_EVP_MD_CTX_free+:} false; then : | ||
15232 | $as_echo_n "(cached) " >&6 | ||
15233 | else | ||
15234 | ac_func_search_save_LIBS=$LIBS | ||
15235 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
15236 | /* end confdefs.h. */ | ||
15237 | |||
15238 | /* Override any GCC internal prototype to avoid an error. | ||
15239 | Use char because int might match the return type of a GCC | ||
15240 | builtin and then its argument prototype would still apply. */ | ||
15241 | #ifdef __cplusplus | ||
15242 | extern "C" | ||
15243 | #endif | ||
15244 | char EVP_MD_CTX_free (); | ||
15245 | int | ||
15246 | main () | ||
15247 | { | ||
15248 | return EVP_MD_CTX_free (); | ||
15249 | ; | ||
15250 | return 0; | ||
15251 | } | ||
15252 | _ACEOF | ||
15253 | for ac_lib in '' crypto; do | ||
15254 | if test -z "$ac_lib"; then | ||
15255 | ac_res="none required" | ||
15256 | else | ||
15257 | ac_res=-l$ac_lib | ||
15258 | LIBS="-l$ac_lib $ac_func_search_save_LIBS" | ||
15259 | fi | ||
15260 | if ac_fn_c_try_link "$LINENO"; then : | ||
15261 | ac_cv_search_EVP_MD_CTX_free=$ac_res | ||
15262 | fi | ||
15263 | rm -f core conftest.err conftest.$ac_objext \ | ||
15264 | conftest$ac_exeext | ||
15265 | if ${ac_cv_search_EVP_MD_CTX_free+:} false; then : | ||
15266 | break | ||
15267 | fi | ||
15268 | done | ||
15269 | if ${ac_cv_search_EVP_MD_CTX_free+:} false; then : | ||
15270 | |||
15271 | else | ||
15272 | ac_cv_search_EVP_MD_CTX_free=no | ||
15273 | fi | ||
15274 | rm conftest.$ac_ext | ||
15275 | LIBS=$ac_func_search_save_LIBS | ||
15276 | fi | ||
15277 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_MD_CTX_free" >&5 | ||
15278 | $as_echo "$ac_cv_search_EVP_MD_CTX_free" >&6; } | ||
15279 | ac_res=$ac_cv_search_EVP_MD_CTX_free | ||
15280 | if test "$ac_res" != no; then : | ||
15281 | test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" | ||
15282 | |||
15283 | $as_echo "#define HAVE_EVP_MD_CTX_FREE 1" >>confdefs.h | ||
15284 | |||
15285 | fi | ||
15286 | |||
15287 | |||
15288 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5 | 13175 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5 |
15289 | $as_echo_n "checking if EVP_DigestUpdate returns an int... " >&6; } | 13176 | $as_echo_n "checking if EVP_DigestUpdate returns an int... " >&6; } |
15290 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | 13177 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext |
@@ -15626,6 +13513,17 @@ rm -f core conftest.err conftest.$ac_objext \ | |||
15626 | 13513 | ||
15627 | $as_echo "#define OPENSSL_HAS_ECC 1" >>confdefs.h | 13514 | $as_echo "#define OPENSSL_HAS_ECC 1" >>confdefs.h |
15628 | 13515 | ||
13516 | for ac_func in EC_KEY_METHOD_new | ||
13517 | do : | ||
13518 | ac_fn_c_check_func "$LINENO" "EC_KEY_METHOD_new" "ac_cv_func_EC_KEY_METHOD_new" | ||
13519 | if test "x$ac_cv_func_EC_KEY_METHOD_new" = xyes; then : | ||
13520 | cat >>confdefs.h <<_ACEOF | ||
13521 | #define HAVE_EC_KEY_METHOD_NEW 1 | ||
13522 | _ACEOF | ||
13523 | |||
13524 | fi | ||
13525 | done | ||
13526 | |||
15629 | fi | 13527 | fi |
15630 | if test x$enable_nistp256 = x1; then | 13528 | if test x$enable_nistp256 = x1; then |
15631 | 13529 | ||
@@ -20190,8 +18088,8 @@ fi | |||
20190 | 18088 | ||
20191 | 18089 | ||
20192 | fi | 18090 | fi |
20193 | if test ! -z "$need_dash_r" ; then | 18091 | if test -n "${rpath_opt}" ; then |
20194 | LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" | 18092 | LDFLAGS="$LDFLAGS ${rpath_opt}${KRB5ROOT}/lib" |
20195 | fi | 18093 | fi |
20196 | if test ! -z "$blibpath" ; then | 18094 | if test ! -z "$blibpath" ; then |
20197 | blibpath="$blibpath:${KRB5ROOT}/lib" | 18095 | blibpath="$blibpath:${KRB5ROOT}/lib" |
diff --git a/configure.ac b/configure.ac index 8a5db4cb5..de140f578 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -19,7 +19,7 @@ AC_CONFIG_SRCDIR([ssh.c]) | |||
19 | AC_LANG([C]) | 19 | AC_LANG([C]) |
20 | 20 | ||
21 | AC_CONFIG_HEADER([config.h]) | 21 | AC_CONFIG_HEADER([config.h]) |
22 | AC_PROG_CC | 22 | AC_PROG_CC([cc gcc]) |
23 | AC_CANONICAL_HOST | 23 | AC_CANONICAL_HOST |
24 | AC_C_BIGENDIAN | 24 | AC_C_BIGENDIAN |
25 | 25 | ||
@@ -285,10 +285,11 @@ AC_ARG_WITH([rpath], | |||
285 | [ --without-rpath Disable auto-added -R linker paths], | 285 | [ --without-rpath Disable auto-added -R linker paths], |
286 | [ | 286 | [ |
287 | if test "x$withval" = "xno" ; then | 287 | if test "x$withval" = "xno" ; then |
288 | need_dash_r="" | 288 | rpath_opt="" |
289 | fi | 289 | elif test "x$withval" = "xyes" ; then |
290 | if test "x$withval" = "xyes" ; then | 290 | rpath_opt="-R" |
291 | need_dash_r=1 | 291 | else |
292 | rpath_opt="$withval" | ||
292 | fi | 293 | fi |
293 | ] | 294 | ] |
294 | ) | 295 | ) |
@@ -668,7 +669,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
668 | AC_TRY_COMPILE([#include <Security/AuthSession.h>], | 669 | AC_TRY_COMPILE([#include <Security/AuthSession.h>], |
669 | [SessionCreate(0, 0);], | 670 | [SessionCreate(0, 0);], |
670 | [ac_cv_use_security_session_api="yes" | 671 | [ac_cv_use_security_session_api="yes" |
671 | AC_DEFINE([USE_SECURITY_SESSION_API], [1], | 672 | AC_DEFINE([USE_SECURITY_SESSION_API], [1], |
672 | [platform has the Security Authorization Session API]) | 673 | [platform has the Security Authorization Session API]) |
673 | LIBS="$LIBS -framework Security" | 674 | LIBS="$LIBS -framework Security" |
674 | AC_MSG_RESULT([yes])], | 675 | AC_MSG_RESULT([yes])], |
@@ -679,7 +680,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
679 | [#include <Kerberos/Kerberos.h>], | 680 | [#include <Kerberos/Kerberos.h>], |
680 | [cc_context_t c; | 681 | [cc_context_t c; |
681 | (void) cc_initialize (&c, 0, NULL, NULL);], | 682 | (void) cc_initialize (&c, 0, NULL, NULL);], |
682 | [AC_DEFINE([USE_CCAPI], [1], | 683 | [AC_DEFINE([USE_CCAPI], [1], |
683 | [platform uses an in-memory credentials cache]) | 684 | [platform uses an in-memory credentials cache]) |
684 | LIBS="$LIBS -framework Security" | 685 | LIBS="$LIBS -framework Security" |
685 | AC_MSG_RESULT([yes]) | 686 | AC_MSG_RESULT([yes]) |
@@ -935,7 +936,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
935 | *-*-netbsd*) | 936 | *-*-netbsd*) |
936 | check_for_libcrypt_before=1 | 937 | check_for_libcrypt_before=1 |
937 | if test "x$withval" != "xno" ; then | 938 | if test "x$withval" != "xno" ; then |
938 | need_dash_r=1 | 939 | rpath_opt="-R" |
939 | fi | 940 | fi |
940 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" | 941 | CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" |
941 | AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) | 942 | AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) |
@@ -986,7 +987,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
986 | ;; | 987 | ;; |
987 | *-*-solaris*) | 988 | *-*-solaris*) |
988 | if test "x$withval" != "xno" ; then | 989 | if test "x$withval" != "xno" ; then |
989 | need_dash_r=1 | 990 | rpath_opt="-R" |
990 | fi | 991 | fi |
991 | AC_DEFINE([PAM_SUN_CODEBASE]) | 992 | AC_DEFINE([PAM_SUN_CODEBASE]) |
992 | AC_DEFINE([LOGIN_NEEDS_UTMPX]) | 993 | AC_DEFINE([LOGIN_NEEDS_UTMPX]) |
@@ -1287,14 +1288,14 @@ AC_ARG_WITH([zlib], | |||
1287 | AC_MSG_ERROR([*** zlib is required ***]) | 1288 | AC_MSG_ERROR([*** zlib is required ***]) |
1288 | elif test "x$withval" != "xyes"; then | 1289 | elif test "x$withval" != "xyes"; then |
1289 | if test -d "$withval/lib"; then | 1290 | if test -d "$withval/lib"; then |
1290 | if test -n "${need_dash_r}"; then | 1291 | if test -n "${rpath_opt}"; then |
1291 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 1292 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
1292 | else | 1293 | else |
1293 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 1294 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
1294 | fi | 1295 | fi |
1295 | else | 1296 | else |
1296 | if test -n "${need_dash_r}"; then | 1297 | if test -n "${rpath_opt}"; then |
1297 | LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" | 1298 | LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}" |
1298 | else | 1299 | else |
1299 | LDFLAGS="-L${withval} ${LDFLAGS}" | 1300 | LDFLAGS="-L${withval} ${LDFLAGS}" |
1300 | fi | 1301 | fi |
@@ -1314,8 +1315,8 @@ AC_CHECK_LIB([z], [deflate], , | |||
1314 | saved_LDFLAGS="$LDFLAGS" | 1315 | saved_LDFLAGS="$LDFLAGS" |
1315 | save_LIBS="$LIBS" | 1316 | save_LIBS="$LIBS" |
1316 | dnl Check default zlib install dir | 1317 | dnl Check default zlib install dir |
1317 | if test -n "${need_dash_r}"; then | 1318 | if test -n "${rpath_opt}"; then |
1318 | LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" | 1319 | LDFLAGS="-L/usr/local/lib ${rpath_opt}/usr/local/lib ${saved_LDFLAGS}" |
1319 | else | 1320 | else |
1320 | LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" | 1321 | LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" |
1321 | fi | 1322 | fi |
@@ -1638,8 +1639,8 @@ AC_ARG_WITH([libedit], | |||
1638 | fi | 1639 | fi |
1639 | else | 1640 | else |
1640 | CPPFLAGS="$CPPFLAGS -I${withval}/include" | 1641 | CPPFLAGS="$CPPFLAGS -I${withval}/include" |
1641 | if test -n "${need_dash_r}"; then | 1642 | if test -n "${rpath_opt}"; then |
1642 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 1643 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
1643 | else | 1644 | else |
1644 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 1645 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
1645 | fi | 1646 | fi |
@@ -1799,7 +1800,9 @@ AC_CHECK_FUNCS([ \ | |||
1799 | errx \ | 1800 | errx \ |
1800 | explicit_bzero \ | 1801 | explicit_bzero \ |
1801 | fchmod \ | 1802 | fchmod \ |
1803 | fchmodat \ | ||
1802 | fchown \ | 1804 | fchown \ |
1805 | fchownat \ | ||
1803 | flock \ | 1806 | flock \ |
1804 | freeaddrinfo \ | 1807 | freeaddrinfo \ |
1805 | freezero \ | 1808 | freezero \ |
@@ -1892,6 +1895,7 @@ AC_CHECK_FUNCS([ \ | |||
1892 | truncate \ | 1895 | truncate \ |
1893 | unsetenv \ | 1896 | unsetenv \ |
1894 | updwtmpx \ | 1897 | updwtmpx \ |
1898 | utimensat \ | ||
1895 | user_from_uid \ | 1899 | user_from_uid \ |
1896 | usleep \ | 1900 | usleep \ |
1897 | vasprintf \ | 1901 | vasprintf \ |
@@ -2556,20 +2560,20 @@ AC_ARG_WITH([ssl-dir], | |||
2556 | ./*|../*) withval="`pwd`/$withval" | 2560 | ./*|../*) withval="`pwd`/$withval" |
2557 | esac | 2561 | esac |
2558 | if test -d "$withval/lib"; then | 2562 | if test -d "$withval/lib"; then |
2559 | if test -n "${need_dash_r}"; then | 2563 | if test -n "${rpath_opt}"; then |
2560 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 2564 | LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}" |
2561 | else | 2565 | else |
2562 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | 2566 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" |
2563 | fi | 2567 | fi |
2564 | elif test -d "$withval/lib64"; then | 2568 | elif test -d "$withval/lib64"; then |
2565 | if test -n "${need_dash_r}"; then | 2569 | if test -n "${rpath_opt}"; then |
2566 | LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" | 2570 | LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}" |
2567 | else | 2571 | else |
2568 | LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" | 2572 | LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" |
2569 | fi | 2573 | fi |
2570 | else | 2574 | else |
2571 | if test -n "${need_dash_r}"; then | 2575 | if test -n "${rpath_opt}"; then |
2572 | LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" | 2576 | LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}" |
2573 | else | 2577 | else |
2574 | LDFLAGS="-L${withval} ${LDFLAGS}" | 2578 | LDFLAGS="-L${withval} ${LDFLAGS}" |
2575 | fi | 2579 | fi |
@@ -2607,26 +2611,10 @@ AC_ARG_WITH([ssl-engine], | |||
2607 | 2611 | ||
2608 | if test "x$openssl" = "xyes" ; then | 2612 | if test "x$openssl" = "xyes" ; then |
2609 | LIBS="-lcrypto $LIBS" | 2613 | LIBS="-lcrypto $LIBS" |
2610 | AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1], | 2614 | AC_TRY_LINK_FUNC([RAND_add], , |
2611 | [Define if your ssl headers are included | 2615 | [AC_MSG_ERROR([*** working libcrypto not found, check config.log])]) |
2612 | with #include <openssl/header.h>])], | 2616 | AC_CHECK_HEADER([openssl/opensslv.h], , |
2613 | [ | 2617 | [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])]) |
2614 | dnl Check default openssl install dir | ||
2615 | if test -n "${need_dash_r}"; then | ||
2616 | LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" | ||
2617 | else | ||
2618 | LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" | ||
2619 | fi | ||
2620 | CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" | ||
2621 | AC_CHECK_HEADER([openssl/opensslv.h], , | ||
2622 | [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])]) | ||
2623 | AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])], | ||
2624 | [ | ||
2625 | AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) | ||
2626 | ] | ||
2627 | ) | ||
2628 | ] | ||
2629 | ) | ||
2630 | 2618 | ||
2631 | # Determine OpenSSL header version | 2619 | # Determine OpenSSL header version |
2632 | AC_MSG_CHECKING([OpenSSL header version]) | 2620 | AC_MSG_CHECKING([OpenSSL header version]) |
@@ -2665,6 +2653,9 @@ if test "x$openssl" = "xyes" ; then | |||
2665 | ] | 2653 | ] |
2666 | ) | 2654 | ) |
2667 | 2655 | ||
2656 | # Determining OpenSSL library version is version dependent. | ||
2657 | AC_CHECK_FUNCS([OpenSSL_version OpenSSL_version_num]) | ||
2658 | |||
2668 | # Determine OpenSSL library version | 2659 | # Determine OpenSSL library version |
2669 | AC_MSG_CHECKING([OpenSSL library version]) | 2660 | AC_MSG_CHECKING([OpenSSL library version]) |
2670 | AC_RUN_IFELSE( | 2661 | AC_RUN_IFELSE( |
@@ -2681,9 +2672,18 @@ if test "x$openssl" = "xyes" ; then | |||
2681 | fd = fopen(DATA,"w"); | 2672 | fd = fopen(DATA,"w"); |
2682 | if(fd == NULL) | 2673 | if(fd == NULL) |
2683 | exit(1); | 2674 | exit(1); |
2684 | 2675 | #ifndef OPENSSL_VERSION | |
2685 | if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(), | 2676 | # define OPENSSL_VERSION SSLEAY_VERSION |
2686 | SSLeay_version(SSLEAY_VERSION))) < 0) | 2677 | #endif |
2678 | #ifndef HAVE_OPENSSL_VERSION | ||
2679 | # define OpenSSL_version SSLeay_version | ||
2680 | #endif | ||
2681 | #ifndef HAVE_OPENSSL_VERSION_NUM | ||
2682 | # define OpenSSL_version_num SSLeay | ||
2683 | #endif | ||
2684 | if ((rc = fprintf(fd, "%08lx (%s)\n", | ||
2685 | (unsigned long)OpenSSL_version_num(), | ||
2686 | OpenSSL_version(OPENSSL_VERSION))) < 0) | ||
2687 | exit(1); | 2687 | exit(1); |
2688 | 2688 | ||
2689 | exit(0); | 2689 | exit(0); |
@@ -2696,14 +2696,15 @@ if test "x$openssl" = "xyes" ; then | |||
2696 | AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) | 2696 | AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) |
2697 | ;; | 2697 | ;; |
2698 | 100*) ;; # 1.0.x | 2698 | 100*) ;; # 1.0.x |
2699 | 101000[0123456]*) | 2699 | 101000[[0123456]]*) |
2700 | # https://github.com/openssl/openssl/pull/4613 | 2700 | # https://github.com/openssl/openssl/pull/4613 |
2701 | AC_MSG_ERROR([OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have "$ssl_library_ver")]) | 2701 | AC_MSG_ERROR([OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have "$ssl_library_ver")]) |
2702 | ;; | 2702 | ;; |
2703 | 101*) ;; # 1.1.x | 2703 | 101*) ;; # 1.1.x |
2704 | 200*) ;; # LibreSSL | 2704 | 200*) ;; # LibreSSL |
2705 | 300*) ;; # OpenSSL development branch. | ||
2705 | *) | 2706 | *) |
2706 | AC_MSG_ERROR([OpenSSL > 1.1.x is not yet supported (have "$ssl_library_ver")]) | 2707 | AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_library_ver")]) |
2707 | ;; | 2708 | ;; |
2708 | esac | 2709 | esac |
2709 | AC_MSG_RESULT([$ssl_library_ver]) | 2710 | AC_MSG_RESULT([$ssl_library_ver]) |
@@ -2725,7 +2726,10 @@ if test "x$openssl" = "xyes" ; then | |||
2725 | #include <openssl/opensslv.h> | 2726 | #include <openssl/opensslv.h> |
2726 | #include <openssl/crypto.h> | 2727 | #include <openssl/crypto.h> |
2727 | ]], [[ | 2728 | ]], [[ |
2728 | exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); | 2729 | #ifndef HAVE_OPENSSL_VERSION_NUM |
2730 | # define OpenSSL_version_num SSLeay | ||
2731 | #endif | ||
2732 | exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); | ||
2729 | ]])], | 2733 | ]])], |
2730 | [ | 2734 | [ |
2731 | AC_MSG_RESULT([yes]) | 2735 | AC_MSG_RESULT([yes]) |
@@ -2752,8 +2756,8 @@ if test "x$openssl" = "xyes" ; then | |||
2752 | 2756 | ||
2753 | AC_MSG_CHECKING([if programs using OpenSSL functions will link]) | 2757 | AC_MSG_CHECKING([if programs using OpenSSL functions will link]) |
2754 | AC_LINK_IFELSE( | 2758 | AC_LINK_IFELSE( |
2755 | [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], | 2759 | [AC_LANG_PROGRAM([[ #include <openssl/err.h> ]], |
2756 | [[ SSLeay_add_all_algorithms(); ]])], | 2760 | [[ ERR_load_crypto_strings(); ]])], |
2757 | [ | 2761 | [ |
2758 | AC_MSG_RESULT([yes]) | 2762 | AC_MSG_RESULT([yes]) |
2759 | ], | 2763 | ], |
@@ -2763,8 +2767,8 @@ if test "x$openssl" = "xyes" ; then | |||
2763 | LIBS="$LIBS -ldl" | 2767 | LIBS="$LIBS -ldl" |
2764 | AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) | 2768 | AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) |
2765 | AC_LINK_IFELSE( | 2769 | AC_LINK_IFELSE( |
2766 | [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], | 2770 | [AC_LANG_PROGRAM([[ #include <openssl/err.h> ]], |
2767 | [[ SSLeay_add_all_algorithms(); ]])], | 2771 | [[ ERR_load_crypto_strings(); ]])], |
2768 | [ | 2772 | [ |
2769 | AC_MSG_RESULT([yes]) | 2773 | AC_MSG_RESULT([yes]) |
2770 | ], | 2774 | ], |
@@ -2779,16 +2783,64 @@ if test "x$openssl" = "xyes" ; then | |||
2779 | AC_CHECK_FUNCS([ \ | 2783 | AC_CHECK_FUNCS([ \ |
2780 | BN_is_prime_ex \ | 2784 | BN_is_prime_ex \ |
2781 | DSA_generate_parameters_ex \ | 2785 | DSA_generate_parameters_ex \ |
2782 | EVP_DigestInit_ex \ | 2786 | EVP_CIPHER_CTX_ctrl \ |
2783 | EVP_DigestFinal_ex \ | 2787 | EVP_DigestFinal_ex \ |
2784 | EVP_MD_CTX_init \ | 2788 | EVP_DigestInit_ex \ |
2785 | EVP_MD_CTX_cleanup \ | 2789 | EVP_MD_CTX_cleanup \ |
2786 | EVP_MD_CTX_copy_ex \ | 2790 | EVP_MD_CTX_copy_ex \ |
2791 | EVP_MD_CTX_init \ | ||
2787 | HMAC_CTX_init \ | 2792 | HMAC_CTX_init \ |
2788 | RSA_generate_key_ex \ | 2793 | RSA_generate_key_ex \ |
2789 | RSA_get_default_method \ | 2794 | RSA_get_default_method \ |
2790 | ]) | 2795 | ]) |
2791 | 2796 | ||
2797 | # OpenSSL_add_all_algorithms may be a macro. | ||
2798 | AC_CHECK_FUNC(OpenSSL_add_all_algorithms, | ||
2799 | AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a function]), | ||
2800 | AC_CHECK_DECL(OpenSSL_add_all_algorithms, | ||
2801 | AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a macro]), , | ||
2802 | [[#include <openssl/evp.h>]] | ||
2803 | ) | ||
2804 | ) | ||
2805 | |||
2806 | # LibreSSL/OpenSSL 1.1x API | ||
2807 | AC_CHECK_FUNCS([ \ | ||
2808 | OPENSSL_init_crypto \ | ||
2809 | DH_get0_key \ | ||
2810 | DH_get0_pqg \ | ||
2811 | DH_set0_key \ | ||
2812 | DH_set_length \ | ||
2813 | DH_set0_pqg \ | ||
2814 | DSA_get0_key \ | ||
2815 | DSA_get0_pqg \ | ||
2816 | DSA_set0_key \ | ||
2817 | DSA_set0_pqg \ | ||
2818 | DSA_SIG_get0 \ | ||
2819 | DSA_SIG_set0 \ | ||
2820 | ECDSA_SIG_get0 \ | ||
2821 | ECDSA_SIG_set0 \ | ||
2822 | EVP_CIPHER_CTX_iv \ | ||
2823 | EVP_CIPHER_CTX_iv_noconst \ | ||
2824 | EVP_CIPHER_CTX_get_iv \ | ||
2825 | EVP_CIPHER_CTX_set_iv \ | ||
2826 | RSA_get0_crt_params \ | ||
2827 | RSA_get0_factors \ | ||
2828 | RSA_get0_key \ | ||
2829 | RSA_set0_crt_params \ | ||
2830 | RSA_set0_factors \ | ||
2831 | RSA_set0_key \ | ||
2832 | RSA_meth_free \ | ||
2833 | RSA_meth_dup \ | ||
2834 | RSA_meth_set1_name \ | ||
2835 | RSA_meth_get_finish \ | ||
2836 | RSA_meth_set_priv_enc \ | ||
2837 | RSA_meth_set_priv_dec \ | ||
2838 | RSA_meth_set_finish \ | ||
2839 | EVP_PKEY_get0_RSA \ | ||
2840 | EVP_MD_CTX_new \ | ||
2841 | EVP_MD_CTX_free \ | ||
2842 | ]) | ||
2843 | |||
2792 | if test "x$openssl_engine" = "xyes" ; then | 2844 | if test "x$openssl_engine" = "xyes" ; then |
2793 | AC_MSG_CHECKING([for OpenSSL ENGINE support]) | 2845 | AC_MSG_CHECKING([for OpenSSL ENGINE support]) |
2794 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ | 2846 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ |
@@ -2872,119 +2924,6 @@ if test "x$openssl" = "xyes" ; then | |||
2872 | ] | 2924 | ] |
2873 | ) | 2925 | ) |
2874 | 2926 | ||
2875 | AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto], | ||
2876 | [AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1], | ||
2877 | [Define if libcrypto has EVP_CIPHER_CTX_ctrl])]) | ||
2878 | |||
2879 | # LibreSSL/OpenSSL 1.1x API | ||
2880 | AC_SEARCH_LIBS([DH_get0_key], [crypto], | ||
2881 | [AC_DEFINE([HAVE_DH_GET0_KEY], [1], | ||
2882 | [Define if libcrypto has DH_get0_key])]) | ||
2883 | AC_SEARCH_LIBS([DH_get0_pqg], [crypto], | ||
2884 | [AC_DEFINE([HAVE_DH_GET0_PQG], [1], | ||
2885 | [Define if libcrypto has DH_get0_pqg])]) | ||
2886 | AC_SEARCH_LIBS([DH_set0_key], [crypto], | ||
2887 | [AC_DEFINE([HAVE_DH_SET0_KEY], [1], | ||
2888 | [Define if libcrypto has DH_set0_key])]) | ||
2889 | AC_SEARCH_LIBS([DH_set_length], [crypto], | ||
2890 | [AC_DEFINE([HAVE_DH_SET_LENGTH], [1], | ||
2891 | [Define if libcrypto has DH_set_length])]) | ||
2892 | AC_SEARCH_LIBS([DH_set0_pqg], [crypto], | ||
2893 | [AC_DEFINE([HAVE_DH_SET0_PQG], [1], | ||
2894 | [Define if libcrypto has DH_set0_pqg])]) | ||
2895 | |||
2896 | AC_SEARCH_LIBS([DSA_get0_key], [crypto], | ||
2897 | [AC_DEFINE([HAVE_DSA_GET0_KEY], [1], | ||
2898 | [Define if libcrypto has DSA_get0_key])]) | ||
2899 | AC_SEARCH_LIBS([DSA_get0_pqg], [crypto], | ||
2900 | [AC_DEFINE([HAVE_DSA_GET0_PQG], [1], | ||
2901 | [Define if libcrypto has DSA_get0_pqg])]) | ||
2902 | AC_SEARCH_LIBS([DSA_set0_key], [crypto], | ||
2903 | [AC_DEFINE([HAVE_DSA_SET0_KEY], [1], | ||
2904 | [Define if libcrypto has DSA_set0_key])]) | ||
2905 | AC_SEARCH_LIBS([DSA_set0_pqg], [crypto], | ||
2906 | [AC_DEFINE([HAVE_DSA_SET0_PQG], [1], | ||
2907 | [Define if libcrypto has DSA_set0_pqg])]) | ||
2908 | |||
2909 | AC_SEARCH_LIBS([DSA_SIG_get0], [crypto], | ||
2910 | [AC_DEFINE([HAVE_DSA_SIG_GET0], [1], | ||
2911 | [Define if libcrypto has DSA_SIG_get0])]) | ||
2912 | AC_SEARCH_LIBS([DSA_SIG_set0], [crypto], | ||
2913 | [AC_DEFINE([HAVE_DSA_SIG_SET0], [1], | ||
2914 | [Define if libcrypto has DSA_SIG_set0])]) | ||
2915 | |||
2916 | AC_SEARCH_LIBS([ECDSA_SIG_get0], [crypto], | ||
2917 | [AC_DEFINE([HAVE_ECDSA_SIG_GET0], [1], | ||
2918 | [Define if libcrypto has ECDSA_SIG_get0])]) | ||
2919 | AC_SEARCH_LIBS([ECDSA_SIG_set0], [crypto], | ||
2920 | [AC_DEFINE([HAVE_ECDSA_SIG_SET0], [1], | ||
2921 | [Define if libcrypto has ECDSA_SIG_set0])]) | ||
2922 | |||
2923 | AC_SEARCH_LIBS([EVP_CIPHER_CTX_iv], [crypto], | ||
2924 | [AC_DEFINE([HAVE_EVP_CIPHER_CTX_IV], [1], | ||
2925 | [Define if libcrypto has EVP_CIPHER_CTX_iv])]) | ||
2926 | AC_SEARCH_LIBS([EVP_CIPHER_CTX_iv_noconst], [crypto], | ||
2927 | [AC_DEFINE([HAVE_EVP_CIPHER_CTX_IV_NOCONST], [1], | ||
2928 | [Define if libcrypto has EVP_CIPHER_CTX_iv_noconst])]) | ||
2929 | AC_SEARCH_LIBS([EVP_CIPHER_CTX_get_iv], [crypto], | ||
2930 | [AC_DEFINE([HAVE_EVP_CIPHER_CTX_GET_IV], [1], | ||
2931 | [Define if libcrypto has EVP_CIPHER_CTX_get_iv])]) | ||
2932 | AC_SEARCH_LIBS([EVP_CIPHER_CTX_set_iv], [crypto], | ||
2933 | [AC_DEFINE([HAVE_EVP_CIPHER_CTX_GET_IV], [1], | ||
2934 | [Define if libcrypto has EVP_CIPHER_CTX_set_iv])]) | ||
2935 | |||
2936 | AC_SEARCH_LIBS([RSA_get0_crt_params], [crypto], | ||
2937 | [AC_DEFINE([HAVE_RSA_GET0_CRT_PARAMS], [1], | ||
2938 | [Define if libcrypto has RSA_get0_crt_params])]) | ||
2939 | AC_SEARCH_LIBS([RSA_get0_factors], [crypto], | ||
2940 | [AC_DEFINE([HAVE_RSA_GET0_FACTORS], [1], | ||
2941 | [Define if libcrypto has RSA_get0_factors])]) | ||
2942 | AC_SEARCH_LIBS([RSA_get0_key], [crypto], | ||
2943 | [AC_DEFINE([HAVE_RSA_GET0_KEY], [1], | ||
2944 | [Define if libcrypto has RSA_get0_key])]) | ||
2945 | AC_SEARCH_LIBS([RSA_set0_crt_params], [crypto], | ||
2946 | [AC_DEFINE([HAVE_RSA_SET0_CRT_PARAMS], [1], | ||
2947 | [Define if libcrypto has RSA_get0_srt_params])]) | ||
2948 | AC_SEARCH_LIBS([RSA_set0_factors], [crypto], | ||
2949 | [AC_DEFINE([HAVE_RSA_SET0_FACTORS], [1], | ||
2950 | [Define if libcrypto has RSA_set0_factors])]) | ||
2951 | AC_SEARCH_LIBS([RSA_set0_key], [crypto], | ||
2952 | [AC_DEFINE([HAVE_RSA_SET0_KEY], [1], | ||
2953 | [Define if libcrypto has RSA_set0_key])]) | ||
2954 | |||
2955 | AC_SEARCH_LIBS([RSA_meth_free], [crypto], | ||
2956 | [AC_DEFINE([HAVE_RSA_METH_FREE], [1], | ||
2957 | [Define if libcrypto has RSA_meth_free])]) | ||
2958 | AC_SEARCH_LIBS([RSA_meth_dup], [crypto], | ||
2959 | [AC_DEFINE([HAVE_RSA_METH_DUP], [1], | ||
2960 | [Define if libcrypto has RSA_meth_dup])]) | ||
2961 | AC_SEARCH_LIBS([RSA_meth_set1_name], [crypto], | ||
2962 | [AC_DEFINE([HAVE_RSA_METH_SET1_NAME], [1], | ||
2963 | [Define if libcrypto has RSA_meth_set1_name])]) | ||
2964 | AC_SEARCH_LIBS([RSA_meth_get_finish], [crypto], | ||
2965 | [AC_DEFINE([HAVE_RSA_METH_GET_FINISH], [1], | ||
2966 | [Define if libcrypto has RSA_meth_get_finish])]) | ||
2967 | AC_SEARCH_LIBS([RSA_meth_set_priv_enc], [crypto], | ||
2968 | [AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1], | ||
2969 | [Define if libcrypto has RSA_meth_set_priv_enc])]) | ||
2970 | AC_SEARCH_LIBS([RSA_meth_set_priv_dec], [crypto], | ||
2971 | [AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1], | ||
2972 | [Define if libcrypto has RSA_meth_set_priv_dec])]) | ||
2973 | AC_SEARCH_LIBS([RSA_meth_set_finish], [crypto], | ||
2974 | [AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1], | ||
2975 | [Define if libcrypto has RSA_meth_set_finish])]) | ||
2976 | |||
2977 | AC_SEARCH_LIBS([EVP_PKEY_get0_RSA], [crypto], | ||
2978 | [AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1], | ||
2979 | [Define if libcrypto has EVP_PKEY_get0_RSA])]) | ||
2980 | |||
2981 | AC_SEARCH_LIBS([EVP_MD_CTX_new], [crypto], | ||
2982 | [AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1], | ||
2983 | [Define if libcrypto has EVP_MD_CTX_new])]) | ||
2984 | AC_SEARCH_LIBS([EVP_MD_CTX_free], [crypto], | ||
2985 | [AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1], | ||
2986 | [Define if libcrypto has EVP_MD_CTX_free])]) | ||
2987 | |||
2988 | AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) | 2927 | AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) |
2989 | AC_LINK_IFELSE( | 2928 | AC_LINK_IFELSE( |
2990 | [AC_LANG_PROGRAM([[ | 2929 | [AC_LANG_PROGRAM([[ |
@@ -3116,6 +3055,7 @@ if test "x$openssl" = "xyes" ; then | |||
3116 | if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \ | 3055 | if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \ |
3117 | test x$enable_nistp521 = x1; then | 3056 | test x$enable_nistp521 = x1; then |
3118 | AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC]) | 3057 | AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC]) |
3058 | AC_CHECK_FUNCS([EC_KEY_METHOD_new]) | ||
3119 | fi | 3059 | fi |
3120 | if test x$enable_nistp256 = x1; then | 3060 | if test x$enable_nistp256 = x1; then |
3121 | AC_DEFINE([OPENSSL_HAS_NISTP256], [1], | 3061 | AC_DEFINE([OPENSSL_HAS_NISTP256], [1], |
@@ -3596,10 +3536,10 @@ fi | |||
3596 | AC_CHECK_TYPES([long long, unsigned long long, long double]) | 3536 | AC_CHECK_TYPES([long long, unsigned long long, long double]) |
3597 | 3537 | ||
3598 | # Check datatype sizes | 3538 | # Check datatype sizes |
3599 | AC_CHECK_SIZEOF([short int], [2]) | 3539 | AC_CHECK_SIZEOF([short int]) |
3600 | AC_CHECK_SIZEOF([int], [4]) | 3540 | AC_CHECK_SIZEOF([int]) |
3601 | AC_CHECK_SIZEOF([long int], [4]) | 3541 | AC_CHECK_SIZEOF([long int]) |
3602 | AC_CHECK_SIZEOF([long long int], [8]) | 3542 | AC_CHECK_SIZEOF([long long int]) |
3603 | 3543 | ||
3604 | # Sanity check long long for some platforms (AIX) | 3544 | # Sanity check long long for some platforms (AIX) |
3605 | if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then | 3545 | if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then |
@@ -4548,8 +4488,8 @@ AC_ARG_WITH([kerberos5], | |||
4548 | [ CPPFLAGS="$oldCPP" ]) | 4488 | [ CPPFLAGS="$oldCPP" ]) |
4549 | 4489 | ||
4550 | fi | 4490 | fi |
4551 | if test ! -z "$need_dash_r" ; then | 4491 | if test -n "${rpath_opt}" ; then |
4552 | LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" | 4492 | LDFLAGS="$LDFLAGS ${rpath_opt}${KRB5ROOT}/lib" |
4553 | fi | 4493 | fi |
4554 | if test ! -z "$blibpath" ; then | 4494 | if test ! -z "$blibpath" ; then |
4555 | blibpath="$blibpath:${KRB5ROOT}/lib" | 4495 | blibpath="$blibpath:${KRB5ROOT}/lib" |
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 261020af3..a8572e2ac 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
@@ -61,7 +61,7 @@ LOCALSTATEDIR=/var | |||
61 | 61 | ||
62 | sshd_config_configured=no | 62 | sshd_config_configured=no |
63 | port_number=22 | 63 | port_number=22 |
64 | service_name=sshd | 64 | service_name=cygsshd |
65 | strictmodes=yes | 65 | strictmodes=yes |
66 | cygwin_value="" | 66 | cygwin_value="" |
67 | user_account= | 67 | user_account= |
@@ -307,7 +307,7 @@ check_service_files_ownership() { | |||
307 | 307 | ||
308 | if [ -z "${run_service_as}" ] | 308 | if [ -z "${run_service_as}" ] |
309 | then | 309 | then |
310 | accnt_name=$(/usr/bin/cygrunsrv -VQ sshd | | 310 | accnt_name=$(/usr/bin/cygrunsrv -VQ "${service_name}" | |
311 | /usr/bin/sed -ne 's/^Account *: *//gp') | 311 | /usr/bin/sed -ne 's/^Account *: *//gp') |
312 | if [ "${accnt_name}" = "LocalSystem" ] | 312 | if [ "${accnt_name}" = "LocalSystem" ] |
313 | then | 313 | then |
@@ -329,9 +329,9 @@ check_service_files_ownership() { | |||
329 | fi | 329 | fi |
330 | if [ -z "${run_service_as}" ] | 330 | if [ -z "${run_service_as}" ] |
331 | then | 331 | then |
332 | csih_warning "Couldn't determine name of user running sshd service from account database!" | 332 | csih_warning "Couldn't determine name of user running ${service_name} service from account database!" |
333 | csih_warning "As a result, this script cannot make sure that the files used" | 333 | csih_warning "As a result, this script cannot make sure that the files used" |
334 | csih_warning "by the sshd service belong to the user running the service." | 334 | csih_warning "by the ${service_name} service belong to the user running the service." |
335 | return 1 | 335 | return 1 |
336 | fi | 336 | fi |
337 | fi | 337 | fi |
@@ -367,8 +367,8 @@ check_service_files_ownership() { | |||
367 | if [ $ret -ne 0 ] | 367 | if [ $ret -ne 0 ] |
368 | then | 368 | then |
369 | csih_warning "Couldn't change owner of important files to ${run_service_as}!" | 369 | csih_warning "Couldn't change owner of important files to ${run_service_as}!" |
370 | csih_warning "This may cause the sshd service to fail! Please make sure that" | 370 | csih_warning "This may cause the ${service_name} service to fail! Please make sure that" |
371 | csih_warning "you have suufficient permissions to change the ownership of files" | 371 | csih_warning "you have sufficient permissions to change the ownership of files" |
372 | csih_warning "and try to run the ssh-host-config script again." | 372 | csih_warning "and try to run the ssh-host-config script again." |
373 | fi | 373 | fi |
374 | return $ret | 374 | return $ret |
@@ -394,14 +394,24 @@ install_service() { | |||
394 | then | 394 | then |
395 | csih_get_cygenv "${cygwin_value}" | 395 | csih_get_cygenv "${cygwin_value}" |
396 | 396 | ||
397 | if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] ) | 397 | if ( [ "$csih_FORCE_PRIVILEGED_USER" != "yes" ] ) |
398 | then | 398 | then |
399 | csih_inform "On Windows Server 2003, Windows Vista, and above, the" | 399 | # Enforce using privileged user on 64 bit Vista or W7 under WOW64 |
400 | csih_inform "SYSTEM account cannot setuid to other users -- a capability" | 400 | is_wow64=$(/usr/bin/uname | /usr/bin/grep -q 'WOW' && echo 1 || echo 0) |
401 | csih_inform "sshd requires. You need to have or to create a privileged" | ||
402 | csih_inform "account. This script will help you do so." | ||
403 | echo | ||
404 | 401 | ||
402 | if ( csih_is_nt2003 && ! csih_is_windows8 && [ "${is_wow64}" = "1" ] ) | ||
403 | then | ||
404 | csih_inform "Running 32 bit Cygwin on 64 bit Windows Vista or Windows 7" | ||
405 | csih_inform "the SYSTEM account is not sufficient to setuid to a local" | ||
406 | csih_inform "user account. You need to have or to create a privileged" | ||
407 | csih_inform "account. This script will help you do so." | ||
408 | echo | ||
409 | csih_FORCE_PRIVILEGED_USER=yes | ||
410 | fi | ||
411 | fi | ||
412 | |||
413 | if ( [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] ) | ||
414 | then | ||
405 | [ "${opt_force}" = "yes" ] && opt_f=-f | 415 | [ "${opt_force}" = "yes" ] && opt_f=-f |
406 | [ -n "${user_account}" ] && opt_u="-u ""${user_account}""" | 416 | [ -n "${user_account}" ] && opt_u="-u ""${user_account}""" |
407 | csih_select_privileged_username ${opt_f} ${opt_u} sshd | 417 | csih_select_privileged_username ${opt_f} ${opt_u} sshd |
@@ -412,11 +422,12 @@ install_service() { | |||
412 | csih_request "Do you want to proceed anyway?" || exit 1 | 422 | csih_request "Do you want to proceed anyway?" || exit 1 |
413 | let ++ret | 423 | let ++ret |
414 | fi | 424 | fi |
425 | # Never returns empty if NT or above | ||
426 | run_service_as=$(csih_service_should_run_as) | ||
427 | else | ||
428 | run_service_as="SYSTEM" | ||
415 | fi | 429 | fi |
416 | 430 | ||
417 | # Never returns empty if NT or above | ||
418 | run_service_as=$(csih_service_should_run_as) | ||
419 | |||
420 | if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ] | 431 | if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ] |
421 | then | 432 | then |
422 | password="${csih_PRIVILEGED_PASSWORD}" | 433 | password="${csih_PRIVILEGED_PASSWORD}" |
@@ -446,7 +457,7 @@ install_service() { | |||
446 | echo | 457 | echo |
447 | csih_inform "The sshd service has been installed under the LocalSystem" | 458 | csih_inform "The sshd service has been installed under the LocalSystem" |
448 | csih_inform "account (also known as SYSTEM). To start the service now, call" | 459 | csih_inform "account (also known as SYSTEM). To start the service now, call" |
449 | csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'. Otherwise, it" | 460 | csih_inform "\`net start ${service_name}' or \`cygrunsrv -S ${service_name}'. Otherwise, it" |
450 | csih_inform "will start automatically after the next reboot." | 461 | csih_inform "will start automatically after the next reboot." |
451 | fi | 462 | fi |
452 | else | 463 | else |
@@ -669,14 +680,24 @@ then | |||
669 | fi | 680 | fi |
670 | 681 | ||
671 | # handle sshd_config | 682 | # handle sshd_config |
683 | # make sure not to change the existing file | ||
684 | mod_before="" | ||
685 | if [ -e "${SYSCONFDIR}/sshd_config" ] | ||
686 | then | ||
687 | mod_before=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:') | ||
688 | fi | ||
672 | csih_install_config "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults" || let ++warning_cnt | 689 | csih_install_config "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults" || let ++warning_cnt |
690 | mod_now=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:') | ||
673 | if ! /usr/bin/cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1 | 691 | if ! /usr/bin/cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1 |
674 | then | 692 | then |
675 | sshd_config_configured=yes | 693 | sshd_config_configured=yes |
676 | fi | 694 | fi |
677 | sshd_strictmodes || let warning_cnt+=$? | 695 | if [ "${mod_before}" != "${mod_now}" ] |
678 | sshd_privsep || let warning_cnt+=$? | 696 | then |
679 | sshd_config_tweak || let warning_cnt+=$? | 697 | sshd_strictmodes || let warning_cnt+=$? |
698 | sshd_config_tweak || let warning_cnt+=$? | ||
699 | fi | ||
700 | #sshd_privsep || let warning_cnt+=$? | ||
680 | update_services_file || let warning_cnt+=$? | 701 | update_services_file || let warning_cnt+=$? |
681 | update_inetd_conf || let warning_cnt+=$? | 702 | update_inetd_conf || let warning_cnt+=$? |
682 | install_service || let warning_cnt+=$? | 703 | install_service || let warning_cnt+=$? |
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index d7823483d..f3c175523 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec | |||
@@ -1,4 +1,4 @@ | |||
1 | %define ver 7.9p1 | 1 | %define ver 8.0p1 |
2 | %define rel 1%{?dist} | 2 | %define rel 1%{?dist} |
3 | 3 | ||
4 | # OpenSSH privilege separation requires a user & group ID | 4 | # OpenSSH privilege separation requires a user & group ID |
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index b43d8985a..478871815 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec | |||
@@ -13,7 +13,7 @@ | |||
13 | 13 | ||
14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation | 14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation |
15 | Name: openssh | 15 | Name: openssh |
16 | Version: 7.9p1 | 16 | Version: 8.0p1 |
17 | URL: https://www.openssh.com/ | 17 | URL: https://www.openssh.com/ |
18 | Release: 1 | 18 | Release: 1 |
19 | Source0: openssh-%{version}.tar.gz | 19 | Source0: openssh-%{version}.tar.gz |
diff --git a/crypto_api.h b/crypto_api.h index 7f45bbd69..eb05251ff 100644 --- a/crypto_api.h +++ b/crypto_api.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */ | 1 | /* $OpenBSD: crypto_api.h,v 1.5 2019/01/21 10:20:12 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Assembled from generated headers and source files by Markus Friedl. | 4 | * Assembled from generated headers and source files by Markus Friedl. |
@@ -15,10 +15,15 @@ | |||
15 | #endif | 15 | #endif |
16 | #include <stdlib.h> | 16 | #include <stdlib.h> |
17 | 17 | ||
18 | typedef int8_t crypto_int8; | ||
19 | typedef uint8_t crypto_uint8; | ||
20 | typedef int16_t crypto_int16; | ||
21 | typedef uint16_t crypto_uint16; | ||
18 | typedef int32_t crypto_int32; | 22 | typedef int32_t crypto_int32; |
19 | typedef uint32_t crypto_uint32; | 23 | typedef uint32_t crypto_uint32; |
20 | 24 | ||
21 | #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len)) | 25 | #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len)) |
26 | #define small_random32() arc4random() | ||
22 | 27 | ||
23 | #define crypto_hash_sha512_BYTES 64U | 28 | #define crypto_hash_sha512_BYTES 64U |
24 | 29 | ||
@@ -37,4 +42,15 @@ int crypto_sign_ed25519_open(unsigned char *, unsigned long long *, | |||
37 | const unsigned char *, unsigned long long, const unsigned char *); | 42 | const unsigned char *, unsigned long long, const unsigned char *); |
38 | int crypto_sign_ed25519_keypair(unsigned char *, unsigned char *); | 43 | int crypto_sign_ed25519_keypair(unsigned char *, unsigned char *); |
39 | 44 | ||
45 | #define crypto_kem_sntrup4591761_PUBLICKEYBYTES 1218 | ||
46 | #define crypto_kem_sntrup4591761_SECRETKEYBYTES 1600 | ||
47 | #define crypto_kem_sntrup4591761_CIPHERTEXTBYTES 1047 | ||
48 | #define crypto_kem_sntrup4591761_BYTES 32 | ||
49 | |||
50 | int crypto_kem_sntrup4591761_enc(unsigned char *cstr, unsigned char *k, | ||
51 | const unsigned char *pk); | ||
52 | int crypto_kem_sntrup4591761_dec(unsigned char *k, | ||
53 | const unsigned char *cstr, const unsigned char *sk); | ||
54 | int crypto_kem_sntrup4591761_keypair(unsigned char *pk, unsigned char *sk); | ||
55 | |||
40 | #endif /* crypto_api_h */ | 56 | #endif /* crypto_api_h */ |
diff --git a/debian/.git-dpm b/debian/.git-dpm index 65e73673d..46a4f4209 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm | |||
@@ -1,11 +1,12 @@ | |||
1 | # see git-dpm(1) from git-dpm package | 1 | # see git-dpm(1) from git-dpm package |
2 | 6b56cd57db9061296231f14d537f1ebaf25e8877 | 2 | 7d50f9e5be88179325983a1f58c9d51bb58f025a |
3 | 6b56cd57db9061296231f14d537f1ebaf25e8877 | 3 | 7d50f9e5be88179325983a1f58c9d51bb58f025a |
4 | 3d246f10429fc9a37b98eabef94fe8dc7c61002b | 4 | 102062f825fb26a74295a1c089c00c4c4c76b68a |
5 | 3d246f10429fc9a37b98eabef94fe8dc7c61002b | 5 | 102062f825fb26a74295a1c089c00c4c4c76b68a |
6 | openssh_7.9p1.orig.tar.gz | 6 | openssh_8.0p1.orig.tar.gz |
7 | 993aceedea8ecabb1d0dd7293508a361891c4eaa | 7 | 756dbb99193f9541c9206a667eaa27b0fa184a4f |
8 | 1565384 | 8 | 1597697 |
9 | debianTag="debian/%e%%%V" | 9 | debianTag="debian/%e%%%V" |
10 | patchedTag="patched/%e%%%V" | 10 | patchedTag="patched/%e%%%V" |
11 | upstreamTag="upstream/%U" | 11 | upstreamTag="upstream/%U" |
12 | signature:a287987d9d505aaa8a89e693920f14b9b9e27a5f:683:openssh_8.0p1.orig.tar.gz.asc | ||
diff --git a/debian/NEWS b/debian/NEWS index c0a535cf2..c8d01545f 100644 --- a/debian/NEWS +++ b/debian/NEWS | |||
@@ -1,3 +1,17 @@ | |||
1 | openssh (1:8.0p1-1) unstable; urgency=medium | ||
2 | |||
3 | OpenSSH 8.0 includes a number of changes that may affect existing | ||
4 | configurations: | ||
5 | |||
6 | * sshd(8): Remove support for obsolete "host/port" syntax. | ||
7 | Slash-separated host/port was added in 2001 as an alternative to | ||
8 | host:port syntax for the benefit of IPv6 users. These days there are | ||
9 | established standards for this like [::1]:22 and the slash syntax is | ||
10 | easily mistaken for CIDR notation, which OpenSSH supports for some | ||
11 | things. Remove the slash notation from ListenAddress and PermitOpen. | ||
12 | |||
13 | -- Colin Watson <cjwatson@debian.org> Wed, 05 Jun 2019 07:09:47 +0100 | ||
14 | |||
1 | openssh (1:7.9p1-1) unstable; urgency=medium | 15 | openssh (1:7.9p1-1) unstable; urgency=medium |
2 | 16 | ||
3 | OpenSSH 7.9 includes a number of changes that may affect existing | 17 | OpenSSH 7.9 includes a number of changes that may affect existing |
diff --git a/debian/changelog b/debian/changelog index 8b18f3506..c272f8fc8 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,129 @@ | |||
1 | openssh (1:8.0p1-1) UNRELEASED; urgency=medium | ||
2 | |||
3 | * New upstream release (https://www.openssh.com/txt/release-8.0, closes: | ||
4 | #927792): | ||
5 | - ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in | ||
6 | PKCS#11 tokens (LP: #1665695). | ||
7 | - ssh(1), sshd(8): Add experimental quantum-computing resistant key | ||
8 | exchange method, based on a combination of Streamlined NTRU Prime | ||
9 | 4591^761 and X25519. | ||
10 | - ssh-keygen(1): Increase the default RSA key size to 3072 bits, | ||
11 | following NIST Special Publication 800-57's guidance for a 128-bit | ||
12 | equivalent symmetric security level (LP: #1445625). | ||
13 | - ssh(1): Allow "PKCS11Provider=none" to override later instances of the | ||
14 | PKCS11Provider directive in ssh_config. | ||
15 | - sshd(8): Add a log message for situations where a connection is | ||
16 | dropped for attempting to run a command but a sshd_config | ||
17 | ForceCommand=internal-sftp restriction is in effect. | ||
18 | - ssh(1): When prompting whether to record a new host key, accept the | ||
19 | key fingerprint as a synonym for "yes". This allows the user to paste | ||
20 | a fingerprint obtained out of band at the prompt and have the client | ||
21 | do the comparison for you. | ||
22 | - ssh-keygen(1): When signing multiple certificates on a single | ||
23 | command-line invocation, allow automatically incrementing the | ||
24 | certificate serial number. | ||
25 | - scp(1), sftp(1): Accept -J option as an alias to ProxyJump on the scp | ||
26 | and sftp command-lines. | ||
27 | - ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v" | ||
28 | command-line flags to increase the verbosity of output; pass verbose | ||
29 | flags though to subprocesses, such as ssh-pkcs11-helper started from | ||
30 | ssh-agent. | ||
31 | - ssh-add(1): Add a "-T" option to allowing testing whether keys in an | ||
32 | agent are usable by performing a signature and a verification. | ||
33 | - sftp-server(8): Add a "lsetstat@openssh.com" protocol extension that | ||
34 | replicates the functionality of the existing SSH2_FXP_SETSTAT | ||
35 | operation but does not follow symlinks. | ||
36 | - sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request they | ||
37 | do not follow symlinks. | ||
38 | - sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes | ||
39 | the connection 4-tuple available to PAM modules that wish to use it in | ||
40 | decision-making. | ||
41 | - sshd(8): Add a ssh_config "Match final" predicate. Matches in same | ||
42 | pass as "Match canonical" but doesn't require hostname | ||
43 | canonicalisation be enabled. | ||
44 | - sftp(1): Support a prefix of '@' to suppress echo of sftp batch | ||
45 | commands. | ||
46 | - ssh-keygen(1): When printing certificate contents using "ssh-keygen | ||
47 | -Lf /path/certificate", include the algorithm that the CA used to sign | ||
48 | the cert. | ||
49 | - sshd(8): Fix authentication failures when sshd_config contains | ||
50 | "AuthenticationMethods any" inside a Match block that overrides a more | ||
51 | restrictive default. | ||
52 | - sshd(8): Avoid sending duplicate keepalives when ClientAliveCount is | ||
53 | enabled. | ||
54 | - sshd(8): Fix two race conditions related to SIGHUP daemon restart. | ||
55 | Remnant file descriptors in recently-forked child processes could | ||
56 | block the parent sshd's attempt to listen(2) to the configured | ||
57 | addresses. Also, the restarting parent sshd could exit before any | ||
58 | child processes that were awaiting their re-execution state had | ||
59 | completed reading it, leaving them in a fallback path. | ||
60 | - ssh(1): Fix stdout potentially being redirected to /dev/null when | ||
61 | ProxyCommand=- was in use. | ||
62 | - sshd(8): Avoid sending SIGPIPE to child processes if they attempt to | ||
63 | write to stderr after their parent processes have exited. | ||
64 | - ssh(1): Fix bad interaction between the ssh_config ConnectTimeout and | ||
65 | ConnectionAttempts directives - connection attempts after the first | ||
66 | were ignoring the requested timeout (LP: #1798049). | ||
67 | - ssh-keyscan(1): Return a non-zero exit status if no keys were found | ||
68 | (closes: #374980, LP: #1661745). | ||
69 | - scp(1): Sanitize scp filenames to allow UTF-8 characters without | ||
70 | terminal control sequences. | ||
71 | - sshd(8): Fix confusion between ClientAliveInterval and time-based | ||
72 | RekeyLimit that could cause connections to be incorrectly closed. | ||
73 | - ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN handling at | ||
74 | initial token login. The attempt to read the PIN could be skipped in | ||
75 | some cases, particularly on devices with integrated PIN readers. This | ||
76 | would lead to an inability to retrieve keys from these tokens. | ||
77 | - ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the | ||
78 | CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the | ||
79 | C_SignInit operation. | ||
80 | - ssh(1): Improve documentation for ProxyJump/-J, clarifying that local | ||
81 | configuration does not apply to jump hosts. | ||
82 | - ssh-keygen(1): Clarify manual - ssh-keygen -e only writes public keys, | ||
83 | not private. | ||
84 | - ssh(1), sshd(8): be more strict in processing protocol banners, | ||
85 | allowing \r characters only immediately before \n. | ||
86 | - Various: fix a number of memory leaks. | ||
87 | - scp(1), sftp(1): fix calculation of initial bandwidth limits. Account | ||
88 | for bytes written before the timer starts and adjust the schedule on | ||
89 | which recalculations are performed. Avoids an initial burst of | ||
90 | traffic and yields more accurate bandwidth limits. | ||
91 | - sshd(8): Only consider the ext-info-c extension during the initial key | ||
92 | eschange. It shouldn't be sent in subsequent ones, but if it is | ||
93 | present we should ignore it. This prevents sshd from sending a | ||
94 | SSH_MSG_EXT_INFO for REKEX for these buggy clients. | ||
95 | - ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in | ||
96 | authorized_keys) and -R (remove host from authorized_keys) options may | ||
97 | accept either a bare hostname or a [hostname]:port combo. | ||
98 | - ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK. | ||
99 | - sshd(8): Silence error messages when sshd fails to load some of the | ||
100 | default host keys. Failure to load an explicitly-configured hostkey | ||
101 | is still an error, and failure to load any host key is still fatal. | ||
102 | - ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is | ||
103 | started with ControlPersist; prevents random ProxyCommand output from | ||
104 | interfering with session output. | ||
105 | - ssh(1): The ssh client was keeping a redundant ssh-agent socket | ||
106 | (leftover from authentication) around for the life of the connection. | ||
107 | - sshd(8): Fix bug in HostbasedAcceptedKeyTypes and | ||
108 | PubkeyAcceptedKeyTypes options. If only RSA-SHA2 signature types were | ||
109 | specified, then authentication would always fail for RSA keys as the | ||
110 | monitor checks only the base key (not the signature algorithm) type | ||
111 | against *AcceptedKeyTypes. | ||
112 | - ssh(1): Request correct signature types from ssh-agent when | ||
113 | certificate keys and RSA-SHA2 signatures are in use. | ||
114 | - sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies the | ||
115 | user environment if it's enabled (closes: #189920, #532754). | ||
116 | * Mostly resynced GSSAPI key exchange patch with Fedora. Major changes: | ||
117 | - Support selection of GSSAPI key exchange algorithms. | ||
118 | - Support GSSAPI key exchange methods with DH and SHA2. | ||
119 | - Support GSSAPI key exchange using ECDH and SHA2. | ||
120 | - Make sure the Kerberos tickets are cleaned up with the user context. | ||
121 | - Enable gssapi-keyex authentication without gssapi-with-mic. | ||
122 | - Allow querying for GSSAPI key exchange algorithms from ssh (-Q | ||
123 | kex-gss). | ||
124 | |||
125 | -- Colin Watson <cjwatson@debian.org> Wed, 05 Jun 2019 07:09:47 +0100 | ||
126 | |||
1 | openssh (1:7.9p1-10) unstable; urgency=medium | 127 | openssh (1:7.9p1-10) unstable; urgency=medium |
2 | 128 | ||
3 | * Temporarily revert IPQoS defaults to pre-7.8 values until issues with | 129 | * Temporarily revert IPQoS defaults to pre-7.8 values until issues with |
diff --git a/debian/openssh-client.docs b/debian/openssh-client.docs index d80ec1262..11aa99402 100644 --- a/debian/openssh-client.docs +++ b/debian/openssh-client.docs | |||
@@ -1,4 +1,3 @@ | |||
1 | ChangeLog.gssapi | ||
2 | OVERVIEW | 1 | OVERVIEW |
3 | README | 2 | README |
4 | README.dns | 3 | README.dns |
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch index c895e63db..3e5fac6e1 100644 --- a/debian/patches/authorized-keys-man-symlink.patch +++ b/debian/patches/authorized-keys-man-symlink.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 67a6cbb29f77920718884e783238f4a00fe64001 Mon Sep 17 00:00:00 2001 | 1 | From f9a76ef65bfb6c17d613ab3db2bf39db5087adfc Mon Sep 17 00:00:00 2001 |
2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> | 2 | From: Tomas Pospisek <tpo_deb@sourcepole.ch> |
3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:07 +0000 |
4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) | 4 | Subject: Install authorized_keys(5) as a symlink to sshd(8) |
@@ -13,10 +13,10 @@ Patch-Name: authorized-keys-man-symlink.patch | |||
13 | 1 file changed, 1 insertion(+) | 13 | 1 file changed, 1 insertion(+) |
14 | 14 | ||
15 | diff --git a/Makefile.in b/Makefile.in | 15 | diff --git a/Makefile.in b/Makefile.in |
16 | index 70050ffb6..ee166114d 100644 | 16 | index c31821acc..0960a6a03 100644 |
17 | --- a/Makefile.in | 17 | --- a/Makefile.in |
18 | +++ b/Makefile.in | 18 | +++ b/Makefile.in |
19 | @@ -356,6 +356,7 @@ install-files: | 19 | @@ -357,6 +357,7 @@ install-files: |
20 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 | 20 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 |
21 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 | 21 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 |
22 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 | 22 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 |
diff --git a/debian/patches/check-filenames-in-scp-client.patch b/debian/patches/check-filenames-in-scp-client.patch deleted file mode 100644 index 519358ce6..000000000 --- a/debian/patches/check-filenames-in-scp-client.patch +++ /dev/null | |||
@@ -1,187 +0,0 @@ | |||
1 | From 125924e47db3713a85a70e0f8d6c23818d2ea054 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Sat, 26 Jan 2019 22:41:28 +0000 | ||
4 | Subject: upstream: check in scp client that filenames sent during | ||
5 | |||
6 | remote->local directory copies satisfy the wildcard specified by the user. | ||
7 | |||
8 | This checking provides some protection against a malicious server | ||
9 | sending unexpected filenames, but it comes at a risk of rejecting wanted | ||
10 | files due to differences between client and server wildcard expansion rules. | ||
11 | |||
12 | For this reason, this also adds a new -T flag to disable the check. | ||
13 | |||
14 | reported by Harry Sintonen | ||
15 | fix approach suggested by markus@; | ||
16 | has been in snaps for ~1wk courtesy deraadt@ | ||
17 | |||
18 | OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda | ||
19 | |||
20 | CVE-2019-6111 | ||
21 | |||
22 | Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=391ffc4b9d31fa1f4ad566499fef9176ff8a07dc | ||
23 | Last-Update: 2019-02-08 | ||
24 | |||
25 | Patch-Name: check-filenames-in-scp-client.patch | ||
26 | --- | ||
27 | scp.1 | 12 +++++++++++- | ||
28 | scp.c | 37 +++++++++++++++++++++++++++++-------- | ||
29 | 2 files changed, 40 insertions(+), 9 deletions(-) | ||
30 | |||
31 | diff --git a/scp.1 b/scp.1 | ||
32 | index 0e5cc1b2d..397e77091 100644 | ||
33 | --- a/scp.1 | ||
34 | +++ b/scp.1 | ||
35 | @@ -18,7 +18,7 @@ | ||
36 | .Nd secure copy (remote file copy program) | ||
37 | .Sh SYNOPSIS | ||
38 | .Nm scp | ||
39 | -.Op Fl 346BCpqrv | ||
40 | +.Op Fl 346BCpqrTv | ||
41 | .Op Fl c Ar cipher | ||
42 | .Op Fl F Ar ssh_config | ||
43 | .Op Fl i Ar identity_file | ||
44 | @@ -208,6 +208,16 @@ to use for the encrypted connection. | ||
45 | The program must understand | ||
46 | .Xr ssh 1 | ||
47 | options. | ||
48 | +.It Fl T | ||
49 | +Disable strict filename checking. | ||
50 | +By default when copying files from a remote host to a local directory | ||
51 | +.Nm | ||
52 | +checks that the received filenames match those requested on the command-line | ||
53 | +to prevent the remote end from sending unexpected or unwanted files. | ||
54 | +Because of differences in how various operating systems and shells interpret | ||
55 | +filename wildcards, these checks may cause wanted files to be rejected. | ||
56 | +This option disables these checks at the expense of fully trusting that | ||
57 | +the server will not send unexpected filenames. | ||
58 | .It Fl v | ||
59 | Verbose mode. | ||
60 | Causes | ||
61 | diff --git a/scp.c b/scp.c | ||
62 | index 1971c80cd..035037bcc 100644 | ||
63 | --- a/scp.c | ||
64 | +++ b/scp.c | ||
65 | @@ -94,6 +94,7 @@ | ||
66 | #include <dirent.h> | ||
67 | #include <errno.h> | ||
68 | #include <fcntl.h> | ||
69 | +#include <fnmatch.h> | ||
70 | #include <limits.h> | ||
71 | #include <locale.h> | ||
72 | #include <pwd.h> | ||
73 | @@ -383,14 +384,14 @@ void verifydir(char *); | ||
74 | struct passwd *pwd; | ||
75 | uid_t userid; | ||
76 | int errs, remin, remout; | ||
77 | -int pflag, iamremote, iamrecursive, targetshouldbedirectory; | ||
78 | +int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; | ||
79 | |||
80 | #define CMDNEEDS 64 | ||
81 | char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ | ||
82 | |||
83 | int response(void); | ||
84 | void rsource(char *, struct stat *); | ||
85 | -void sink(int, char *[]); | ||
86 | +void sink(int, char *[], const char *); | ||
87 | void source(int, char *[]); | ||
88 | void tolocal(int, char *[]); | ||
89 | void toremote(int, char *[]); | ||
90 | @@ -429,8 +430,9 @@ main(int argc, char **argv) | ||
91 | addargs(&args, "-oRemoteCommand=none"); | ||
92 | addargs(&args, "-oRequestTTY=no"); | ||
93 | |||
94 | - fflag = tflag = 0; | ||
95 | - while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) | ||
96 | + fflag = Tflag = tflag = 0; | ||
97 | + while ((ch = getopt(argc, argv, | ||
98 | + "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { | ||
99 | switch (ch) { | ||
100 | /* User-visible flags. */ | ||
101 | case '1': | ||
102 | @@ -509,9 +511,13 @@ main(int argc, char **argv) | ||
103 | setmode(0, O_BINARY); | ||
104 | #endif | ||
105 | break; | ||
106 | + case 'T': | ||
107 | + Tflag = 1; | ||
108 | + break; | ||
109 | default: | ||
110 | usage(); | ||
111 | } | ||
112 | + } | ||
113 | argc -= optind; | ||
114 | argv += optind; | ||
115 | |||
116 | @@ -542,7 +548,7 @@ main(int argc, char **argv) | ||
117 | } | ||
118 | if (tflag) { | ||
119 | /* Receive data. */ | ||
120 | - sink(argc, argv); | ||
121 | + sink(argc, argv, NULL); | ||
122 | exit(errs != 0); | ||
123 | } | ||
124 | if (argc < 2) | ||
125 | @@ -800,7 +806,7 @@ tolocal(int argc, char **argv) | ||
126 | continue; | ||
127 | } | ||
128 | free(bp); | ||
129 | - sink(1, argv + argc - 1); | ||
130 | + sink(1, argv + argc - 1, src); | ||
131 | (void) close(remin); | ||
132 | remin = remout = -1; | ||
133 | } | ||
134 | @@ -976,7 +982,7 @@ rsource(char *name, struct stat *statp) | ||
135 | (sizeof(type) != 4 && sizeof(type) != 8)) | ||
136 | |||
137 | void | ||
138 | -sink(int argc, char **argv) | ||
139 | +sink(int argc, char **argv, const char *src) | ||
140 | { | ||
141 | static BUF buffer; | ||
142 | struct stat stb; | ||
143 | @@ -992,6 +998,7 @@ sink(int argc, char **argv) | ||
144 | unsigned long long ull; | ||
145 | int setimes, targisdir, wrerrno = 0; | ||
146 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; | ||
147 | + char *src_copy = NULL, *restrict_pattern = NULL; | ||
148 | struct timeval tv[2]; | ||
149 | |||
150 | #define atime tv[0] | ||
151 | @@ -1016,6 +1023,17 @@ sink(int argc, char **argv) | ||
152 | (void) atomicio(vwrite, remout, "", 1); | ||
153 | if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) | ||
154 | targisdir = 1; | ||
155 | + if (src != NULL && !iamrecursive && !Tflag) { | ||
156 | + /* | ||
157 | + * Prepare to try to restrict incoming filenames to match | ||
158 | + * the requested destination file glob. | ||
159 | + */ | ||
160 | + if ((src_copy = strdup(src)) == NULL) | ||
161 | + fatal("strdup failed"); | ||
162 | + if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { | ||
163 | + *restrict_pattern++ = '\0'; | ||
164 | + } | ||
165 | + } | ||
166 | for (first = 1;; first = 0) { | ||
167 | cp = buf; | ||
168 | if (atomicio(read, remin, cp, 1) != 1) | ||
169 | @@ -1120,6 +1138,9 @@ sink(int argc, char **argv) | ||
170 | run_err("error: unexpected filename: %s", cp); | ||
171 | exit(1); | ||
172 | } | ||
173 | + if (restrict_pattern != NULL && | ||
174 | + fnmatch(restrict_pattern, cp, 0) != 0) | ||
175 | + SCREWUP("filename does not match request"); | ||
176 | if (targisdir) { | ||
177 | static char *namebuf; | ||
178 | static size_t cursize; | ||
179 | @@ -1157,7 +1178,7 @@ sink(int argc, char **argv) | ||
180 | goto bad; | ||
181 | } | ||
182 | vect[0] = xstrdup(np); | ||
183 | - sink(1, vect); | ||
184 | + sink(1, vect, src); | ||
185 | if (setimes) { | ||
186 | setimes = 0; | ||
187 | if (utimes(vect[0], tv) < 0) | ||
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch index 90bb3e995..40fe32898 100644 --- a/debian/patches/conch-old-privkey-format.patch +++ b/debian/patches/conch-old-privkey-format.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 1d2a55436d4b556269f42ad5f7e16608b5a8ed74 Mon Sep 17 00:00:00 2001 | 1 | From 9c01e0ae9889c05bfe68b2f1f1c5e5019e63ff0b Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Thu, 30 Aug 2018 00:58:56 +0100 | 3 | Date: Thu, 30 Aug 2018 00:58:56 +0100 |
4 | Subject: Work around conch interoperability failure | 4 | Subject: Work around conch interoperability failure |
@@ -18,7 +18,7 @@ Patch-Name: conch-old-privkey-format.patch | |||
18 | 3 files changed, 16 insertions(+), 3 deletions(-) | 18 | 3 files changed, 16 insertions(+), 3 deletions(-) |
19 | 19 | ||
20 | diff --git a/regress/Makefile b/regress/Makefile | 20 | diff --git a/regress/Makefile b/regress/Makefile |
21 | index 647b4a049..6e462a4f6 100644 | 21 | index 925edf71a..6fdfcc8ca 100644 |
22 | --- a/regress/Makefile | 22 | --- a/regress/Makefile |
23 | +++ b/regress/Makefile | 23 | +++ b/regress/Makefile |
24 | @@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ | 24 | @@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ |
@@ -47,10 +47,10 @@ index 199d863a0..c7df19fd4 100644 | |||
47 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} | 47 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} |
48 | if [ $? -ne 0 ]; then | 48 | if [ $? -ne 0 ]; then |
49 | diff --git a/regress/test-exec.sh b/regress/test-exec.sh | 49 | diff --git a/regress/test-exec.sh b/regress/test-exec.sh |
50 | index 40d46e3cd..1bbd47f25 100644 | 50 | index b8e2009de..08338121b 100644 |
51 | --- a/regress/test-exec.sh | 51 | --- a/regress/test-exec.sh |
52 | +++ b/regress/test-exec.sh | 52 | +++ b/regress/test-exec.sh |
53 | @@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no | 53 | @@ -500,6 +500,18 @@ REGRESS_INTEROP_CONCH=no |
54 | if test -x "$CONCH" ; then | 54 | if test -x "$CONCH" ; then |
55 | REGRESS_INTEROP_CONCH=yes | 55 | REGRESS_INTEROP_CONCH=yes |
56 | fi | 56 | fi |
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch index 7963b03ed..61e58e553 100644 --- a/debian/patches/debian-banner.patch +++ b/debian/patches/debian-banner.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From a18385c6866da4d69f46b64626ae5d60b4cf4a66 Mon Sep 17 00:00:00 2001 | 1 | From 085c44daefaee16df97e1b2a0967b2140cc86de0 Mon Sep 17 00:00:00 2001 |
2 | From: Kees Cook <kees@debian.org> | 2 | From: Kees Cook <kees@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:06 +0000 |
4 | Subject: Add DebianBanner server configuration option | 4 | Subject: Add DebianBanner server configuration option |
@@ -8,21 +8,60 @@ initial protocol handshake, for those scared by package-versioning.patch. | |||
8 | 8 | ||
9 | Bug-Debian: http://bugs.debian.org/562048 | 9 | Bug-Debian: http://bugs.debian.org/562048 |
10 | Forwarded: not-needed | 10 | Forwarded: not-needed |
11 | Last-Update: 2018-10-19 | 11 | Last-Update: 2019-06-05 |
12 | 12 | ||
13 | Patch-Name: debian-banner.patch | 13 | Patch-Name: debian-banner.patch |
14 | --- | 14 | --- |
15 | kex.c | 5 +++-- | ||
16 | kex.h | 2 +- | ||
15 | servconf.c | 9 +++++++++ | 17 | servconf.c | 9 +++++++++ |
16 | servconf.h | 2 ++ | 18 | servconf.h | 2 ++ |
19 | sshconnect.c | 2 +- | ||
17 | sshd.c | 3 ++- | 20 | sshd.c | 3 ++- |
18 | sshd_config.5 | 5 +++++ | 21 | sshd_config.5 | 5 +++++ |
19 | 4 files changed, 18 insertions(+), 1 deletion(-) | 22 | 7 files changed, 23 insertions(+), 5 deletions(-) |
20 | 23 | ||
24 | diff --git a/kex.c b/kex.c | ||
25 | index be354206d..bbb7a2340 100644 | ||
26 | --- a/kex.c | ||
27 | +++ b/kex.c | ||
28 | @@ -1168,7 +1168,7 @@ send_error(struct ssh *ssh, char *msg) | ||
29 | */ | ||
30 | int | ||
31 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, | ||
32 | - const char *version_addendum) | ||
33 | + int debian_banner, const char *version_addendum) | ||
34 | { | ||
35 | int remote_major, remote_minor, mismatch; | ||
36 | size_t len, i, n; | ||
37 | @@ -1186,7 +1186,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | ||
38 | if (version_addendum != NULL && *version_addendum == '\0') | ||
39 | version_addendum = NULL; | ||
40 | if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", | ||
41 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, | ||
42 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, | ||
43 | + debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, | ||
44 | version_addendum == NULL ? "" : " ", | ||
45 | version_addendum == NULL ? "" : version_addendum)) != 0) { | ||
46 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | ||
47 | diff --git a/kex.h b/kex.h | ||
48 | index 2d5f1d4ed..39f67bbc1 100644 | ||
49 | --- a/kex.h | ||
50 | +++ b/kex.h | ||
51 | @@ -195,7 +195,7 @@ char *kex_names_cat(const char *, const char *); | ||
52 | int kex_assemble_names(char **, const char *, const char *); | ||
53 | int kex_gss_names_valid(const char *); | ||
54 | |||
55 | -int kex_exchange_identification(struct ssh *, int, const char *); | ||
56 | +int kex_exchange_identification(struct ssh *, int, int, const char *); | ||
57 | |||
58 | struct kex *kex_new(void); | ||
59 | int kex_ready(struct ssh *, char *[PROPOSAL_MAX]); | ||
21 | diff --git a/servconf.c b/servconf.c | 60 | diff --git a/servconf.c b/servconf.c |
22 | index 6caf1db38..c5dd617ef 100644 | 61 | index c01e0690e..8d2bced52 100644 |
23 | --- a/servconf.c | 62 | --- a/servconf.c |
24 | +++ b/servconf.c | 63 | +++ b/servconf.c |
25 | @@ -182,6 +182,7 @@ initialize_server_options(ServerOptions *options) | 64 | @@ -184,6 +184,7 @@ initialize_server_options(ServerOptions *options) |
26 | options->fingerprint_hash = -1; | 65 | options->fingerprint_hash = -1; |
27 | options->disable_forwarding = -1; | 66 | options->disable_forwarding = -1; |
28 | options->expose_userauth_info = -1; | 67 | options->expose_userauth_info = -1; |
@@ -30,7 +69,7 @@ index 6caf1db38..c5dd617ef 100644 | |||
30 | } | 69 | } |
31 | 70 | ||
32 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | 71 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ |
33 | @@ -417,6 +418,8 @@ fill_default_server_options(ServerOptions *options) | 72 | @@ -437,6 +438,8 @@ fill_default_server_options(ServerOptions *options) |
34 | options->disable_forwarding = 0; | 73 | options->disable_forwarding = 0; |
35 | if (options->expose_userauth_info == -1) | 74 | if (options->expose_userauth_info == -1) |
36 | options->expose_userauth_info = 0; | 75 | options->expose_userauth_info = 0; |
@@ -39,7 +78,7 @@ index 6caf1db38..c5dd617ef 100644 | |||
39 | 78 | ||
40 | assemble_algorithms(options); | 79 | assemble_algorithms(options); |
41 | 80 | ||
42 | @@ -504,6 +507,7 @@ typedef enum { | 81 | @@ -523,6 +526,7 @@ typedef enum { |
43 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 82 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
44 | sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, | 83 | sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, |
45 | sExposeAuthInfo, sRDomain, | 84 | sExposeAuthInfo, sRDomain, |
@@ -47,7 +86,7 @@ index 6caf1db38..c5dd617ef 100644 | |||
47 | sDeprecated, sIgnore, sUnsupported | 86 | sDeprecated, sIgnore, sUnsupported |
48 | } ServerOpCodes; | 87 | } ServerOpCodes; |
49 | 88 | ||
50 | @@ -661,6 +665,7 @@ static struct { | 89 | @@ -682,6 +686,7 @@ static struct { |
51 | { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, | 90 | { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, |
52 | { "rdomain", sRDomain, SSHCFG_ALL }, | 91 | { "rdomain", sRDomain, SSHCFG_ALL }, |
53 | { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, | 92 | { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, |
@@ -55,7 +94,7 @@ index 6caf1db38..c5dd617ef 100644 | |||
55 | { NULL, sBadOption, 0 } | 94 | { NULL, sBadOption, 0 } |
56 | }; | 95 | }; |
57 | 96 | ||
58 | @@ -2173,6 +2178,10 @@ process_server_config_line(ServerOptions *options, char *line, | 97 | @@ -2211,6 +2216,10 @@ process_server_config_line(ServerOptions *options, char *line, |
59 | *charptr = xstrdup(arg); | 98 | *charptr = xstrdup(arg); |
60 | break; | 99 | break; |
61 | 100 | ||
@@ -67,10 +106,10 @@ index 6caf1db38..c5dd617ef 100644 | |||
67 | case sIgnore: | 106 | case sIgnore: |
68 | case sUnsupported: | 107 | case sUnsupported: |
69 | diff --git a/servconf.h b/servconf.h | 108 | diff --git a/servconf.h b/servconf.h |
70 | index 3b76da816..4e3c54042 100644 | 109 | index a476d5220..986093ffa 100644 |
71 | --- a/servconf.h | 110 | --- a/servconf.h |
72 | +++ b/servconf.h | 111 | +++ b/servconf.h |
73 | @@ -212,6 +212,8 @@ typedef struct { | 112 | @@ -214,6 +214,8 @@ typedef struct { |
74 | int fingerprint_hash; | 113 | int fingerprint_hash; |
75 | int expose_userauth_info; | 114 | int expose_userauth_info; |
76 | u_int64_t timing_secret; | 115 | u_int64_t timing_secret; |
@@ -79,22 +118,35 @@ index 3b76da816..4e3c54042 100644 | |||
79 | } ServerOptions; | 118 | } ServerOptions; |
80 | 119 | ||
81 | /* Information about the incoming connection as used by Match */ | 120 | /* Information about the incoming connection as used by Match */ |
121 | diff --git a/sshconnect.c b/sshconnect.c | ||
122 | index 0b6f6af4b..1183ffe0e 100644 | ||
123 | --- a/sshconnect.c | ||
124 | +++ b/sshconnect.c | ||
125 | @@ -1287,7 +1287,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, | ||
126 | lowercase(host); | ||
127 | |||
128 | /* Exchange protocol version identification strings with the server. */ | ||
129 | - if (kex_exchange_identification(ssh, timeout_ms, NULL) != 0) | ||
130 | + if (kex_exchange_identification(ssh, timeout_ms, 1, NULL) != 0) | ||
131 | cleanup_exit(255); /* error already logged */ | ||
132 | |||
133 | /* Put the connection into non-blocking mode. */ | ||
82 | diff --git a/sshd.c b/sshd.c | 134 | diff --git a/sshd.c b/sshd.c |
83 | index 9481272fc..d7e77d343 100644 | 135 | index e3e96426e..1e7ece588 100644 |
84 | --- a/sshd.c | 136 | --- a/sshd.c |
85 | +++ b/sshd.c | 137 | +++ b/sshd.c |
86 | @@ -384,7 +384,8 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) | 138 | @@ -2160,7 +2160,8 @@ main(int ac, char **av) |
87 | char remote_version[256]; /* Must be at least as big as buf. */ | 139 | if (!debug_flag) |
140 | alarm(options.login_grace_time); | ||
88 | 141 | ||
89 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n", | 142 | - if (kex_exchange_identification(ssh, -1, options.version_addendum) != 0) |
90 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, | 143 | + if (kex_exchange_identification(ssh, -1, options.debian_banner, |
91 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, | 144 | + options.version_addendum) != 0) |
92 | + options.debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, | 145 | cleanup_exit(255); /* error already logged */ |
93 | *options.version_addendum == '\0' ? "" : " ", | ||
94 | options.version_addendum); | ||
95 | 146 | ||
147 | ssh_packet_set_nonblocking(ssh); | ||
96 | diff --git a/sshd_config.5 b/sshd_config.5 | 148 | diff --git a/sshd_config.5 b/sshd_config.5 |
97 | index e7e55dd71..37e6be38f 100644 | 149 | index 2ef671d1b..addea54a0 100644 |
98 | --- a/sshd_config.5 | 150 | --- a/sshd_config.5 |
99 | +++ b/sshd_config.5 | 151 | +++ b/sshd_config.5 |
100 | @@ -543,6 +543,11 @@ or | 152 | @@ -543,6 +543,11 @@ or |
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index 4866d52ad..0d47f6706 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From a433d9baa031d7136a8cf3e3807ebff83a3a8634 Mon Sep 17 00:00:00 2001 | 1 | From ebd590550bb09fe129b103994d53143788683d05 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 |
4 | Subject: Various Debian-specific configuration changes | 4 | Subject: Various Debian-specific configuration changes |
@@ -39,10 +39,10 @@ Patch-Name: debian-config.patch | |||
39 | 6 files changed, 77 insertions(+), 9 deletions(-) | 39 | 6 files changed, 77 insertions(+), 9 deletions(-) |
40 | 40 | ||
41 | diff --git a/readconf.c b/readconf.c | 41 | diff --git a/readconf.c b/readconf.c |
42 | index 6b01f20d2..661b8bf40 100644 | 42 | index cd60007f8..f35bde6e6 100644 |
43 | --- a/readconf.c | 43 | --- a/readconf.c |
44 | +++ b/readconf.c | 44 | +++ b/readconf.c |
45 | @@ -2000,7 +2000,7 @@ fill_default_options(Options * options) | 45 | @@ -2028,7 +2028,7 @@ fill_default_options(Options * options) |
46 | if (options->forward_x11 == -1) | 46 | if (options->forward_x11 == -1) |
47 | options->forward_x11 = 0; | 47 | options->forward_x11 = 0; |
48 | if (options->forward_x11_trusted == -1) | 48 | if (options->forward_x11_trusted == -1) |
@@ -52,10 +52,10 @@ index 6b01f20d2..661b8bf40 100644 | |||
52 | options->forward_x11_timeout = 1200; | 52 | options->forward_x11_timeout = 1200; |
53 | /* | 53 | /* |
54 | diff --git a/ssh.1 b/ssh.1 | 54 | diff --git a/ssh.1 b/ssh.1 |
55 | index ad1ed0f86..1bcc8edab 100644 | 55 | index 8d2b08a29..4e298cb56 100644 |
56 | --- a/ssh.1 | 56 | --- a/ssh.1 |
57 | +++ b/ssh.1 | 57 | +++ b/ssh.1 |
58 | @@ -782,6 +782,16 @@ directive in | 58 | @@ -795,6 +795,16 @@ directive in |
59 | .Xr ssh_config 5 | 59 | .Xr ssh_config 5 |
60 | for more information. | 60 | for more information. |
61 | .Pp | 61 | .Pp |
@@ -72,7 +72,7 @@ index ad1ed0f86..1bcc8edab 100644 | |||
72 | .It Fl x | 72 | .It Fl x |
73 | Disables X11 forwarding. | 73 | Disables X11 forwarding. |
74 | .Pp | 74 | .Pp |
75 | @@ -790,6 +800,17 @@ Enables trusted X11 forwarding. | 75 | @@ -803,6 +813,17 @@ Enables trusted X11 forwarding. |
76 | Trusted X11 forwardings are not subjected to the X11 SECURITY extension | 76 | Trusted X11 forwardings are not subjected to the X11 SECURITY extension |
77 | controls. | 77 | controls. |
78 | .Pp | 78 | .Pp |
@@ -91,7 +91,7 @@ index ad1ed0f86..1bcc8edab 100644 | |||
91 | Send log information using the | 91 | Send log information using the |
92 | .Xr syslog 3 | 92 | .Xr syslog 3 |
93 | diff --git a/ssh_config b/ssh_config | 93 | diff --git a/ssh_config b/ssh_config |
94 | index bcb9f153d..1b676fb2c 100644 | 94 | index 1ff999b68..6dd6ecf87 100644 |
95 | --- a/ssh_config | 95 | --- a/ssh_config |
96 | +++ b/ssh_config | 96 | +++ b/ssh_config |
97 | @@ -17,9 +17,10 @@ | 97 | @@ -17,9 +17,10 @@ |
@@ -106,7 +106,7 @@ index bcb9f153d..1b676fb2c 100644 | |||
106 | # PasswordAuthentication yes | 106 | # PasswordAuthentication yes |
107 | # HostbasedAuthentication no | 107 | # HostbasedAuthentication no |
108 | # GSSAPIAuthentication no | 108 | # GSSAPIAuthentication no |
109 | @@ -46,3 +47,6 @@ | 109 | @@ -45,3 +46,6 @@ |
110 | # VisualHostKey no | 110 | # VisualHostKey no |
111 | # ProxyCommand ssh -q -W %h:%p gateway.example.com | 111 | # ProxyCommand ssh -q -W %h:%p gateway.example.com |
112 | # RekeyLimit 1G 1h | 112 | # RekeyLimit 1G 1h |
@@ -114,7 +114,7 @@ index bcb9f153d..1b676fb2c 100644 | |||
114 | + HashKnownHosts yes | 114 | + HashKnownHosts yes |
115 | + GSSAPIAuthentication yes | 115 | + GSSAPIAuthentication yes |
116 | diff --git a/ssh_config.5 b/ssh_config.5 | 116 | diff --git a/ssh_config.5 b/ssh_config.5 |
117 | index a91355726..1a8e24bd1 100644 | 117 | index 39535c4f8..a27631ae9 100644 |
118 | --- a/ssh_config.5 | 118 | --- a/ssh_config.5 |
119 | +++ b/ssh_config.5 | 119 | +++ b/ssh_config.5 |
120 | @@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more | 120 | @@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more |
@@ -140,7 +140,7 @@ index a91355726..1a8e24bd1 100644 | |||
140 | The file contains keyword-argument pairs, one per line. | 140 | The file contains keyword-argument pairs, one per line. |
141 | Lines starting with | 141 | Lines starting with |
142 | .Ql # | 142 | .Ql # |
143 | @@ -699,11 +715,12 @@ elapsed. | 143 | @@ -717,11 +733,12 @@ elapsed. |
144 | .It Cm ForwardX11Trusted | 144 | .It Cm ForwardX11Trusted |
145 | If this option is set to | 145 | If this option is set to |
146 | .Cm yes , | 146 | .Cm yes , |
@@ -204,7 +204,7 @@ index 2c48105f8..ed8272f6d 100644 | |||
204 | # Example of overriding settings on a per-user basis | 204 | # Example of overriding settings on a per-user basis |
205 | #Match User anoncvs | 205 | #Match User anoncvs |
206 | diff --git a/sshd_config.5 b/sshd_config.5 | 206 | diff --git a/sshd_config.5 b/sshd_config.5 |
207 | index 23f71fd1d..ba50a30f1 100644 | 207 | index f995e4ab0..c0c4ebd66 100644 |
208 | --- a/sshd_config.5 | 208 | --- a/sshd_config.5 |
209 | +++ b/sshd_config.5 | 209 | +++ b/sshd_config.5 |
210 | @@ -56,6 +56,28 @@ Arguments may optionally be enclosed in double quotes | 210 | @@ -56,6 +56,28 @@ Arguments may optionally be enclosed in double quotes |
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch index e2acdf1a2..6879e11ba 100644 --- a/debian/patches/dnssec-sshfp.patch +++ b/debian/patches/dnssec-sshfp.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 0ee33d93c5c7a5fbb8b027aa24e7c9668125fda9 Mon Sep 17 00:00:00 2001 | 1 | From 13a16baaf467fae5d507cdb17e3bc753639bca4f Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:01 +0000 |
4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf | 4 | Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf |
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch index c6bc43299..60ded7c30 100644 --- a/debian/patches/doc-hash-tab-completion.patch +++ b/debian/patches/doc-hash-tab-completion.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 1d0c41a7e0b2426733ddb598248d0488c9c00a8b Mon Sep 17 00:00:00 2001 | 1 | From 099b0bdc57b9a21842c457d83ff9488fa814c9c4 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:11 +0000 |
4 | Subject: Document that HashKnownHosts may break tab-completion | 4 | Subject: Document that HashKnownHosts may break tab-completion |
@@ -13,10 +13,10 @@ Patch-Name: doc-hash-tab-completion.patch | |||
13 | 1 file changed, 3 insertions(+) | 13 | 1 file changed, 3 insertions(+) |
14 | 14 | ||
15 | diff --git a/ssh_config.5 b/ssh_config.5 | 15 | diff --git a/ssh_config.5 b/ssh_config.5 |
16 | index 7d55fa820..a91355726 100644 | 16 | index bd1e9311d..39535c4f8 100644 |
17 | --- a/ssh_config.5 | 17 | --- a/ssh_config.5 |
18 | +++ b/ssh_config.5 | 18 | +++ b/ssh_config.5 |
19 | @@ -793,6 +793,9 @@ Note that existing names and addresses in known hosts files | 19 | @@ -836,6 +836,9 @@ Note that existing names and addresses in known hosts files |
20 | will not be converted automatically, | 20 | will not be converted automatically, |
21 | but may be manually hashed using | 21 | but may be manually hashed using |
22 | .Xr ssh-keygen 1 . | 22 | .Xr ssh-keygen 1 . |
diff --git a/debian/patches/fix-key-type-check.patch b/debian/patches/fix-key-type-check.patch deleted file mode 100644 index 846df5768..000000000 --- a/debian/patches/fix-key-type-check.patch +++ /dev/null | |||
@@ -1,88 +0,0 @@ | |||
1 | From 5e021158aa22cc64da4fca1618ee0bfd2d031049 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 16 Nov 2018 02:43:56 +0000 | ||
4 | Subject: upstream: fix bug in HostbasedAcceptedKeyTypes and | ||
5 | |||
6 | PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types were | ||
7 | specified, then authentication would always fail for RSA keys as the monitor | ||
8 | checks only the base key (not the signature algorithm) type against | ||
9 | *AcceptedKeyTypes. bz#2746; reported by Jakub Jelen; ok dtucker | ||
10 | |||
11 | OpenBSD-Commit-ID: 117bc3dc54578dbdb515a1d3732988cb5b00461b | ||
12 | |||
13 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=cd9467318b56e6e93ff9575c906ff8350af9b8a2 | ||
14 | Last-Update: 2019-02-28 | ||
15 | |||
16 | Patch-Name: fix-key-type-check.patch | ||
17 | --- | ||
18 | monitor.c | 39 ++++++++++++++++++++++++++++++++++----- | ||
19 | 1 file changed, 34 insertions(+), 5 deletions(-) | ||
20 | |||
21 | diff --git a/monitor.c b/monitor.c | ||
22 | index 08fddabd7..037d6d333 100644 | ||
23 | --- a/monitor.c | ||
24 | +++ b/monitor.c | ||
25 | @@ -1,4 +1,4 @@ | ||
26 | -/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */ | ||
27 | +/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */ | ||
28 | /* | ||
29 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | ||
30 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | ||
31 | @@ -892,6 +892,35 @@ mm_answer_authrole(int sock, struct sshbuf *m) | ||
32 | return (0); | ||
33 | } | ||
34 | |||
35 | +/* | ||
36 | + * Check that the key type appears in the supplied pattern list, ignoring | ||
37 | + * mismatches in the signature algorithm. (Signature algorithm checks are | ||
38 | + * performed in the unprivileged authentication code). | ||
39 | + * Returns 1 on success, 0 otherwise. | ||
40 | + */ | ||
41 | +static int | ||
42 | +key_base_type_match(const char *method, const struct sshkey *key, | ||
43 | + const char *list) | ||
44 | +{ | ||
45 | + char *s, *l, *ol = xstrdup(list); | ||
46 | + int found = 0; | ||
47 | + | ||
48 | + l = ol; | ||
49 | + for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) { | ||
50 | + if (sshkey_type_from_name(s) == key->type) { | ||
51 | + found = 1; | ||
52 | + break; | ||
53 | + } | ||
54 | + } | ||
55 | + if (!found) { | ||
56 | + error("%s key type %s is not in permitted list %s", method, | ||
57 | + sshkey_ssh_name(key), list); | ||
58 | + } | ||
59 | + | ||
60 | + free(ol); | ||
61 | + return found; | ||
62 | +} | ||
63 | + | ||
64 | int | ||
65 | mm_answer_authpassword(int sock, struct sshbuf *m) | ||
66 | { | ||
67 | @@ -1197,8 +1226,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) | ||
68 | break; | ||
69 | if (auth2_key_already_used(authctxt, key)) | ||
70 | break; | ||
71 | - if (match_pattern_list(sshkey_ssh_name(key), | ||
72 | - options.pubkey_key_types, 0) != 1) | ||
73 | + if (!key_base_type_match(auth_method, key, | ||
74 | + options.pubkey_key_types)) | ||
75 | break; | ||
76 | allowed = user_key_allowed(ssh, authctxt->pw, key, | ||
77 | pubkey_auth_attempt, &opts); | ||
78 | @@ -1209,8 +1238,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) | ||
79 | break; | ||
80 | if (auth2_key_already_used(authctxt, key)) | ||
81 | break; | ||
82 | - if (match_pattern_list(sshkey_ssh_name(key), | ||
83 | - options.hostbased_key_types, 0) != 1) | ||
84 | + if (!key_base_type_match(auth_method, key, | ||
85 | + options.hostbased_key_types)) | ||
86 | break; | ||
87 | allowed = hostbased_key_allowed(authctxt->pw, | ||
88 | cuser, chost, key); | ||
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch index b6d4f1239..35f3327df 100644 --- a/debian/patches/gnome-ssh-askpass2-icon.patch +++ b/debian/patches/gnome-ssh-askpass2-icon.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From df56506f727e37c13346259bdcd5975e257a259d Mon Sep 17 00:00:00 2001 | 1 | From 601332e5cc1198d6dabddc8168249a81c5dc822a Mon Sep 17 00:00:00 2001 |
2 | From: Vincent Untz <vuntz@ubuntu.com> | 2 | From: Vincent Untz <vuntz@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:16 +0000 |
4 | Subject: Give the ssh-askpass-gnome window a default icon | 4 | Subject: Give the ssh-askpass-gnome window a default icon |
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index f62bf6672..45d131d27 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 72b1d308e6400194ef6e4e7dd45bfa48fa39b5e6 Mon Sep 17 00:00:00 2001 | 1 | From 7ce79be85036c4b36937f1b1ba85f6094068412c Mon Sep 17 00:00:00 2001 |
2 | From: Simon Wilkinson <simon@sxw.org.uk> | 2 | From: Simon Wilkinson <simon@sxw.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:48 +0000 |
4 | Subject: GSSAPI key exchange support | 4 | Subject: GSSAPI key exchange support |
@@ -16,185 +16,69 @@ have it merged into the main openssh package rather than having separate | |||
16 | -krb5 packages (as we used to have). It seems to have a generally good | 16 | -krb5 packages (as we used to have). It seems to have a generally good |
17 | security history. | 17 | security history. |
18 | 18 | ||
19 | Origin: other, https://github.com/openssh-gsskex/openssh-gsskex/commits/debian/master | ||
19 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 | 20 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 |
20 | Last-Updated: 2018-10-20 | 21 | Last-Updated: 2019-06-05 |
21 | 22 | ||
22 | Patch-Name: gssapi.patch | 23 | Patch-Name: gssapi.patch |
23 | --- | 24 | --- |
24 | ChangeLog.gssapi | 113 ++++++++++++++++ | 25 | Makefile.in | 3 +- |
25 | Makefile.in | 3 +- | 26 | auth-krb5.c | 17 +- |
26 | auth-krb5.c | 17 ++- | 27 | auth.c | 96 +------- |
27 | auth.c | 96 +------------ | 28 | auth2-gss.c | 56 ++++- |
28 | auth2-gss.c | 54 +++++++- | 29 | auth2.c | 2 + |
29 | auth2.c | 2 + | 30 | canohost.c | 93 ++++++++ |
30 | canohost.c | 93 +++++++++++++ | 31 | canohost.h | 3 + |
31 | canohost.h | 3 + | 32 | clientloop.c | 15 +- |
32 | clientloop.c | 15 ++- | 33 | configure.ac | 24 ++ |
33 | config.h.in | 6 + | 34 | gss-genr.c | 300 +++++++++++++++++++++++- |
34 | configure.ac | 24 ++++ | 35 | gss-serv-krb5.c | 85 ++++++- |
35 | gss-genr.c | 280 +++++++++++++++++++++++++++++++++++++- | 36 | gss-serv.c | 186 +++++++++++++-- |
36 | gss-serv-krb5.c | 85 +++++++++++- | 37 | hmac.c | 1 + |
37 | gss-serv.c | 184 +++++++++++++++++++++++-- | 38 | kex.c | 66 +++++- |
38 | kex.c | 19 +++ | 39 | kex.h | 29 +++ |
39 | kex.h | 14 ++ | 40 | kexdh.c | 10 + |
40 | kexgssc.c | 341 +++++++++++++++++++++++++++++++++++++++++++++++ | 41 | kexgen.c | 2 +- |
41 | kexgsss.c | 300 +++++++++++++++++++++++++++++++++++++++++ | 42 | kexgssc.c | 606 ++++++++++++++++++++++++++++++++++++++++++++++++ |
42 | monitor.c | 122 +++++++++++++++-- | 43 | kexgsss.c | 474 +++++++++++++++++++++++++++++++++++++ |
43 | monitor.h | 3 + | 44 | mac.c | 1 + |
44 | monitor_wrap.c | 53 +++++++- | 45 | monitor.c | 139 ++++++++++- |
45 | monitor_wrap.h | 4 +- | 46 | monitor.h | 2 + |
46 | opacket.c | 2 +- | 47 | monitor_wrap.c | 57 ++++- |
47 | opacket.h | 2 +- | 48 | monitor_wrap.h | 4 +- |
48 | readconf.c | 43 ++++++ | 49 | readconf.c | 70 ++++++ |
49 | readconf.h | 5 + | 50 | readconf.h | 6 + |
50 | servconf.c | 26 ++++ | 51 | servconf.c | 47 ++++ |
51 | servconf.h | 2 + | 52 | servconf.h | 3 + |
52 | ssh-gss.h | 41 +++++- | 53 | session.c | 10 +- |
53 | ssh_config | 2 + | 54 | ssh-gss.h | 50 +++- |
54 | ssh_config.5 | 32 +++++ | 55 | ssh.1 | 8 + |
55 | sshconnect2.c | 133 +++++++++++++++++- | 56 | ssh.c | 4 +- |
56 | sshd.c | 110 +++++++++++++++ | 57 | ssh_config | 2 + |
57 | sshd_config | 2 + | 58 | ssh_config.5 | 57 +++++ |
58 | sshd_config.5 | 10 ++ | 59 | sshconnect2.c | 140 ++++++++++- |
59 | sshkey.c | 3 +- | 60 | sshd.c | 120 +++++++++- |
60 | sshkey.h | 1 + | 61 | sshd_config | 2 + |
61 | 37 files changed, 2099 insertions(+), 146 deletions(-) | 62 | sshd_config.5 | 30 +++ |
62 | create mode 100644 ChangeLog.gssapi | 63 | sshkey.c | 3 +- |
64 | sshkey.h | 1 + | ||
65 | 40 files changed, 2664 insertions(+), 160 deletions(-) | ||
63 | create mode 100644 kexgssc.c | 66 | create mode 100644 kexgssc.c |
64 | create mode 100644 kexgsss.c | 67 | create mode 100644 kexgsss.c |
65 | 68 | ||
66 | diff --git a/ChangeLog.gssapi b/ChangeLog.gssapi | ||
67 | new file mode 100644 | ||
68 | index 000000000..f117a336a | ||
69 | --- /dev/null | ||
70 | +++ b/ChangeLog.gssapi | ||
71 | @@ -0,0 +1,113 @@ | ||
72 | +20110101 | ||
73 | + - Finally update for OpenSSH 5.6p1 | ||
74 | + - Add GSSAPIServerIdentity option from Jim Basney | ||
75 | + | ||
76 | +20100308 | ||
77 | + - [ Makefile.in, key.c, key.h ] | ||
78 | + Updates for OpenSSH 5.4p1 | ||
79 | + - [ servconf.c ] | ||
80 | + Include GSSAPI options in the sshd -T configuration dump, and flag | ||
81 | + some older configuration options as being unsupported. Thanks to Colin | ||
82 | + Watson. | ||
83 | + - | ||
84 | + | ||
85 | +20100124 | ||
86 | + - [ sshconnect2.c ] | ||
87 | + Adapt to deal with additional element in Authmethod structure. Thanks to | ||
88 | + Colin Watson | ||
89 | + | ||
90 | +20090615 | ||
91 | + - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c | ||
92 | + sshd.c ] | ||
93 | + Fix issues identified by Greg Hudson following a code review | ||
94 | + Check return value of gss_indicate_mechs | ||
95 | + Protect GSSAPI calls in monitor, so they can only be used if enabled | ||
96 | + Check return values of bignum functions in key exchange | ||
97 | + Use BN_clear_free to clear other side's DH value | ||
98 | + Make ssh_gssapi_id_kex more robust | ||
99 | + Only configure kex table pointers if GSSAPI is enabled | ||
100 | + Don't leak mechanism list, or gss mechanism list | ||
101 | + Cast data.length before printing | ||
102 | + If serverkey isn't provided, use an empty string, rather than NULL | ||
103 | + | ||
104 | +20090201 | ||
105 | + - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h | ||
106 | + ssh_config.5 sshconnet2.c ] | ||
107 | + Add support for the GSSAPIClientIdentity option, which allows the user | ||
108 | + to specify which GSSAPI identity to use to contact a given server | ||
109 | + | ||
110 | +20080404 | ||
111 | + - [ gss-serv.c ] | ||
112 | + Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow | ||
113 | + been omitted from a previous version of this patch. Reported by Borislav | ||
114 | + Stoichkov | ||
115 | + | ||
116 | +20070317 | ||
117 | + - [ gss-serv-krb5.c ] | ||
118 | + Remove C99ism, where new_ccname was being declared in the middle of a | ||
119 | + function | ||
120 | + | ||
121 | +20061220 | ||
122 | + - [ servconf.c ] | ||
123 | + Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and | ||
124 | + documented, behaviour. Reported by Dan Watson. | ||
125 | + | ||
126 | +20060910 | ||
127 | + - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c | ||
128 | + ssh-gss.h ] | ||
129 | + add support for gss-group14-sha1 key exchange mechanisms | ||
130 | + - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ] | ||
131 | + Add GSSAPIStrictAcceptorCheck option to allow the disabling of | ||
132 | + acceptor principal checking on multi-homed machines. | ||
133 | + <Bugzilla #928> | ||
134 | + - [ sshd_config ssh_config ] | ||
135 | + Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample | ||
136 | + configuration files | ||
137 | + - [ kexgss.c kegsss.c sshconnect2.c sshd.c ] | ||
138 | + Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf() | ||
139 | + Limit length of error messages displayed by client | ||
140 | + | ||
141 | +20060909 | ||
142 | + - [ gss-genr.c gss-serv.c ] | ||
143 | + move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server | ||
144 | + only, where they belong | ||
145 | + <Bugzilla #1225> | ||
146 | + | ||
147 | +20060829 | ||
148 | + - [ gss-serv-krb5.c ] | ||
149 | + Fix CCAPI credentials cache name when creating KRB5CCNAME environment | ||
150 | + variable | ||
151 | + | ||
152 | +20060828 | ||
153 | + - [ gss-genr.c ] | ||
154 | + Avoid Heimdal context freeing problem | ||
155 | + <Fixed upstream 20060829> | ||
156 | + | ||
157 | +20060818 | ||
158 | + - [ gss-genr.c ssh-gss.h sshconnect2.c ] | ||
159 | + Make sure that SPENGO is disabled | ||
160 | + <Bugzilla #1218 - Fixed upstream 20060818> | ||
161 | + | ||
162 | +20060421 | ||
163 | + - [ gssgenr.c, sshconnect2.c ] | ||
164 | + a few type changes (signed versus unsigned, int versus size_t) to | ||
165 | + fix compiler errors/warnings | ||
166 | + (from jbasney AT ncsa.uiuc.edu) | ||
167 | + - [ kexgssc.c, sshconnect2.c ] | ||
168 | + fix uninitialized variable warnings | ||
169 | + (from jbasney AT ncsa.uiuc.edu) | ||
170 | + - [ gssgenr.c ] | ||
171 | + pass oid to gss_display_status (helpful when using GSSAPI mechglue) | ||
172 | + (from jbasney AT ncsa.uiuc.edu) | ||
173 | + <Bugzilla #1220 > | ||
174 | + - [ gss-serv-krb5.c ] | ||
175 | + #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H | ||
176 | + (from jbasney AT ncsa.uiuc.edu) | ||
177 | + <Fixed upstream 20060304> | ||
178 | + - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c | ||
179 | + add client-side GssapiKeyExchange option | ||
180 | + (from jbasney AT ncsa.uiuc.edu) | ||
181 | + - [ sshconnect2.c ] | ||
182 | + add support for GssapiTrustDns option for gssapi-with-mic | ||
183 | + (from jbasney AT ncsa.uiuc.edu) | ||
184 | + <gssapi-with-mic support is Bugzilla #1008> | ||
185 | diff --git a/Makefile.in b/Makefile.in | 69 | diff --git a/Makefile.in b/Makefile.in |
186 | index 126b2c742..70050ffb6 100644 | 70 | index 6f001bb36..c31821acc 100644 |
187 | --- a/Makefile.in | 71 | --- a/Makefile.in |
188 | +++ b/Makefile.in | 72 | +++ b/Makefile.in |
189 | @@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ | 73 | @@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ |
190 | kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ | 74 | kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ |
191 | kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ | 75 | kexgexc.o kexgexs.o \ |
192 | kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \ | 76 | sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \ |
193 | + kexgssc.o \ | 77 | + kexgssc.o \ |
194 | platform-pledge.o platform-tracing.o platform-misc.o | 78 | platform-pledge.o platform-tracing.o platform-misc.o |
195 | 79 | ||
196 | SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ | 80 | |
197 | @@ -113,7 +114,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ | 81 | @@ -114,7 +115,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ |
198 | auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ | 82 | auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ |
199 | auth2-none.o auth2-passwd.o auth2-pubkey.o \ | 83 | auth2-none.o auth2-passwd.o auth2-pubkey.o \ |
200 | monitor.o monitor_wrap.o auth-krb5.o \ | 84 | monitor.o monitor_wrap.o auth-krb5.o \ |
@@ -255,7 +139,7 @@ index 3096f1c8e..204752e1b 100644 | |||
255 | return (krb5_cc_resolve(ctx, ccname, ccache)); | 139 | return (krb5_cc_resolve(ctx, ccname, ccache)); |
256 | } | 140 | } |
257 | diff --git a/auth.c b/auth.c | 141 | diff --git a/auth.c b/auth.c |
258 | index 3ca3762cc..d8e6b4a3d 100644 | 142 | index 8696f258e..f7a23afba 100644 |
259 | --- a/auth.c | 143 | --- a/auth.c |
260 | +++ b/auth.c | 144 | +++ b/auth.c |
261 | @@ -399,7 +399,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) | 145 | @@ -399,7 +399,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) |
@@ -268,7 +152,7 @@ index 3ca3762cc..d8e6b4a3d 100644 | |||
268 | return 1; | 152 | return 1; |
269 | break; | 153 | break; |
270 | case PERMIT_FORCED_ONLY: | 154 | case PERMIT_FORCED_ONLY: |
271 | @@ -737,99 +738,6 @@ fakepw(void) | 155 | @@ -723,99 +724,6 @@ fakepw(void) |
272 | return (&fake); | 156 | return (&fake); |
273 | } | 157 | } |
274 | 158 | ||
@@ -369,7 +253,7 @@ index 3ca3762cc..d8e6b4a3d 100644 | |||
369 | * Return the canonical name of the host in the other side of the current | 253 | * Return the canonical name of the host in the other side of the current |
370 | * connection. The host name is cached, so it is efficient to call this | 254 | * connection. The host name is cached, so it is efficient to call this |
371 | diff --git a/auth2-gss.c b/auth2-gss.c | 255 | diff --git a/auth2-gss.c b/auth2-gss.c |
372 | index 9351e0428..1f12bb113 100644 | 256 | index 9351e0428..d6446c0cf 100644 |
373 | --- a/auth2-gss.c | 257 | --- a/auth2-gss.c |
374 | +++ b/auth2-gss.c | 258 | +++ b/auth2-gss.c |
375 | @@ -1,7 +1,7 @@ | 259 | @@ -1,7 +1,7 @@ |
@@ -381,11 +265,11 @@ index 9351e0428..1f12bb113 100644 | |||
381 | * | 265 | * |
382 | * Redistribution and use in source and binary forms, with or without | 266 | * Redistribution and use in source and binary forms, with or without |
383 | * modification, are permitted provided that the following conditions | 267 | * modification, are permitted provided that the following conditions |
384 | @@ -54,6 +54,46 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); | 268 | @@ -54,6 +54,48 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); |
385 | static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); | 269 | static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); |
386 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); | 270 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); |
387 | 271 | ||
388 | +/* | 272 | +/* |
389 | + * The 'gssapi_keyex' userauth mechanism. | 273 | + * The 'gssapi_keyex' userauth mechanism. |
390 | + */ | 274 | + */ |
391 | +static int | 275 | +static int |
@@ -393,7 +277,7 @@ index 9351e0428..1f12bb113 100644 | |||
393 | +{ | 277 | +{ |
394 | + Authctxt *authctxt = ssh->authctxt; | 278 | + Authctxt *authctxt = ssh->authctxt; |
395 | + int r, authenticated = 0; | 279 | + int r, authenticated = 0; |
396 | + struct sshbuf *b; | 280 | + struct sshbuf *b = NULL; |
397 | + gss_buffer_desc mic, gssbuf; | 281 | + gss_buffer_desc mic, gssbuf; |
398 | + u_char *p; | 282 | + u_char *p; |
399 | + size_t len; | 283 | + size_t len; |
@@ -401,8 +285,10 @@ index 9351e0428..1f12bb113 100644 | |||
401 | + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || | 285 | + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 || |
402 | + (r = sshpkt_get_end(ssh)) != 0) | 286 | + (r = sshpkt_get_end(ssh)) != 0) |
403 | + fatal("%s: %s", __func__, ssh_err(r)); | 287 | + fatal("%s: %s", __func__, ssh_err(r)); |
288 | + | ||
404 | + if ((b = sshbuf_new()) == NULL) | 289 | + if ((b = sshbuf_new()) == NULL) |
405 | + fatal("%s: sshbuf_new failed", __func__); | 290 | + fatal("%s: sshbuf_new failed", __func__); |
291 | + | ||
406 | + mic.value = p; | 292 | + mic.value = p; |
407 | + mic.length = len; | 293 | + mic.length = len; |
408 | + | 294 | + |
@@ -414,11 +300,11 @@ index 9351e0428..1f12bb113 100644 | |||
414 | + gssbuf.length = sshbuf_len(b); | 300 | + gssbuf.length = sshbuf_len(b); |
415 | + | 301 | + |
416 | + /* gss_kex_context is NULL with privsep, so we can't check it here */ | 302 | + /* gss_kex_context is NULL with privsep, so we can't check it here */ |
417 | + if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, | 303 | + if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, |
418 | + &gssbuf, &mic)))) | 304 | + &gssbuf, &mic)))) |
419 | + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, | 305 | + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
420 | + authctxt->pw)); | 306 | + authctxt->pw, 1)); |
421 | + | 307 | + |
422 | + sshbuf_free(b); | 308 | + sshbuf_free(b); |
423 | + free(mic.value); | 309 | + free(mic.value); |
424 | + | 310 | + |
@@ -428,27 +314,27 @@ index 9351e0428..1f12bb113 100644 | |||
428 | /* | 314 | /* |
429 | * We only support those mechanisms that we know about (ie ones that we know | 315 | * We only support those mechanisms that we know about (ie ones that we know |
430 | * how to check local user kuserok and the like) | 316 | * how to check local user kuserok and the like) |
431 | @@ -260,7 +300,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) | 317 | @@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) |
432 | if ((r = sshpkt_get_end(ssh)) != 0) | 318 | if ((r = sshpkt_get_end(ssh)) != 0) |
433 | fatal("%s: %s", __func__, ssh_err(r)); | 319 | fatal("%s: %s", __func__, ssh_err(r)); |
434 | 320 | ||
435 | - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); | 321 | - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); |
436 | + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, | 322 | + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
437 | + authctxt->pw)); | 323 | + authctxt->pw, 1)); |
438 | 324 | ||
439 | if ((!use_privsep || mm_is_monitor()) && | 325 | if ((!use_privsep || mm_is_monitor()) && |
440 | (displayname = ssh_gssapi_displayname()) != NULL) | 326 | (displayname = ssh_gssapi_displayname()) != NULL) |
441 | @@ -306,7 +347,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) | 327 | @@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) |
442 | gssbuf.length = sshbuf_len(b); | 328 | gssbuf.length = sshbuf_len(b); |
443 | 329 | ||
444 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) | 330 | if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) |
445 | - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); | 331 | - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); |
446 | + authenticated = | 332 | + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, |
447 | + PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw)); | 333 | + authctxt->pw, 0)); |
448 | else | 334 | else |
449 | logit("GSSAPI MIC check failed"); | 335 | logit("GSSAPI MIC check failed"); |
450 | 336 | ||
451 | @@ -326,6 +368,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) | 337 | @@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) |
452 | return 0; | 338 | return 0; |
453 | } | 339 | } |
454 | 340 | ||
@@ -462,10 +348,10 @@ index 9351e0428..1f12bb113 100644 | |||
462 | "gssapi-with-mic", | 348 | "gssapi-with-mic", |
463 | userauth_gssapi, | 349 | userauth_gssapi, |
464 | diff --git a/auth2.c b/auth2.c | 350 | diff --git a/auth2.c b/auth2.c |
465 | index 4d19957a6..a77742819 100644 | 351 | index 16ae1a363..7417eafa4 100644 |
466 | --- a/auth2.c | 352 | --- a/auth2.c |
467 | +++ b/auth2.c | 353 | +++ b/auth2.c |
468 | @@ -74,6 +74,7 @@ extern Authmethod method_passwd; | 354 | @@ -75,6 +75,7 @@ extern Authmethod method_passwd; |
469 | extern Authmethod method_kbdint; | 355 | extern Authmethod method_kbdint; |
470 | extern Authmethod method_hostbased; | 356 | extern Authmethod method_hostbased; |
471 | #ifdef GSSAPI | 357 | #ifdef GSSAPI |
@@ -473,7 +359,7 @@ index 4d19957a6..a77742819 100644 | |||
473 | extern Authmethod method_gssapi; | 359 | extern Authmethod method_gssapi; |
474 | #endif | 360 | #endif |
475 | 361 | ||
476 | @@ -81,6 +82,7 @@ Authmethod *authmethods[] = { | 362 | @@ -82,6 +83,7 @@ Authmethod *authmethods[] = { |
477 | &method_none, | 363 | &method_none, |
478 | &method_pubkey, | 364 | &method_pubkey, |
479 | #ifdef GSSAPI | 365 | #ifdef GSSAPI |
@@ -600,7 +486,7 @@ index 26d62855a..0cadc9f18 100644 | |||
600 | int get_peer_port(int); | 486 | int get_peer_port(int); |
601 | char *get_local_ipaddr(int); | 487 | char *get_local_ipaddr(int); |
602 | diff --git a/clientloop.c b/clientloop.c | 488 | diff --git a/clientloop.c b/clientloop.c |
603 | index 8d312cdaa..1464634b0 100644 | 489 | index 086c0dfe8..9b90c64f3 100644 |
604 | --- a/clientloop.c | 490 | --- a/clientloop.c |
605 | +++ b/clientloop.c | 491 | +++ b/clientloop.c |
606 | @@ -112,6 +112,10 @@ | 492 | @@ -112,6 +112,10 @@ |
@@ -614,7 +500,7 @@ index 8d312cdaa..1464634b0 100644 | |||
614 | /* import options */ | 500 | /* import options */ |
615 | extern Options options; | 501 | extern Options options; |
616 | 502 | ||
617 | @@ -1370,9 +1374,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | 503 | @@ -1374,9 +1378,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, |
618 | break; | 504 | break; |
619 | 505 | ||
620 | /* Do channel operations unless rekeying in progress. */ | 506 | /* Do channel operations unless rekeying in progress. */ |
@@ -632,37 +518,13 @@ index 8d312cdaa..1464634b0 100644 | |||
632 | + } | 518 | + } |
633 | + | 519 | + |
634 | /* Buffer input from the connection. */ | 520 | /* Buffer input from the connection. */ |
635 | client_process_net_input(readset); | 521 | client_process_net_input(ssh, readset); |
636 | |||
637 | diff --git a/config.h.in b/config.h.in | ||
638 | index 91b65db8f..209760c7c 100644 | ||
639 | --- a/config.h.in | ||
640 | +++ b/config.h.in | ||
641 | @@ -1845,6 +1845,9 @@ | ||
642 | /* Use btmp to log bad logins */ | ||
643 | #undef USE_BTMP | ||
644 | |||
645 | +/* platform uses an in-memory credentials cache */ | ||
646 | +#undef USE_CCAPI | ||
647 | + | ||
648 | /* Use libedit for sftp */ | ||
649 | #undef USE_LIBEDIT | ||
650 | |||
651 | @@ -1860,6 +1863,9 @@ | ||
652 | /* Use PIPES instead of a socketpair() */ | ||
653 | #undef USE_PIPES | ||
654 | |||
655 | +/* platform has the Security Authorization Session API */ | ||
656 | +#undef USE_SECURITY_SESSION_API | ||
657 | + | ||
658 | /* Define if you have Solaris privileges */ | ||
659 | #undef USE_SOLARIS_PRIVS | ||
660 | 522 | ||
661 | diff --git a/configure.ac b/configure.ac | 523 | diff --git a/configure.ac b/configure.ac |
662 | index 7379ab358..023e7cc55 100644 | 524 | index 30be6c182..2869f7042 100644 |
663 | --- a/configure.ac | 525 | --- a/configure.ac |
664 | +++ b/configure.ac | 526 | +++ b/configure.ac |
665 | @@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | 527 | @@ -665,6 +665,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) |
666 | [Use tunnel device compatibility to OpenBSD]) | 528 | [Use tunnel device compatibility to OpenBSD]) |
667 | AC_DEFINE([SSH_TUN_PREPEND_AF], [1], | 529 | AC_DEFINE([SSH_TUN_PREPEND_AF], [1], |
668 | [Prepend the address family to IP tunnel traffic]) | 530 | [Prepend the address family to IP tunnel traffic]) |
@@ -670,7 +532,7 @@ index 7379ab358..023e7cc55 100644 | |||
670 | + AC_TRY_COMPILE([#include <Security/AuthSession.h>], | 532 | + AC_TRY_COMPILE([#include <Security/AuthSession.h>], |
671 | + [SessionCreate(0, 0);], | 533 | + [SessionCreate(0, 0);], |
672 | + [ac_cv_use_security_session_api="yes" | 534 | + [ac_cv_use_security_session_api="yes" |
673 | + AC_DEFINE([USE_SECURITY_SESSION_API], [1], | 535 | + AC_DEFINE([USE_SECURITY_SESSION_API], [1], |
674 | + [platform has the Security Authorization Session API]) | 536 | + [platform has the Security Authorization Session API]) |
675 | + LIBS="$LIBS -framework Security" | 537 | + LIBS="$LIBS -framework Security" |
676 | + AC_MSG_RESULT([yes])], | 538 | + AC_MSG_RESULT([yes])], |
@@ -681,7 +543,7 @@ index 7379ab358..023e7cc55 100644 | |||
681 | + [#include <Kerberos/Kerberos.h>], | 543 | + [#include <Kerberos/Kerberos.h>], |
682 | + [cc_context_t c; | 544 | + [cc_context_t c; |
683 | + (void) cc_initialize (&c, 0, NULL, NULL);], | 545 | + (void) cc_initialize (&c, 0, NULL, NULL);], |
684 | + [AC_DEFINE([USE_CCAPI], [1], | 546 | + [AC_DEFINE([USE_CCAPI], [1], |
685 | + [platform uses an in-memory credentials cache]) | 547 | + [platform uses an in-memory credentials cache]) |
686 | + LIBS="$LIBS -framework Security" | 548 | + LIBS="$LIBS -framework Security" |
687 | + AC_MSG_RESULT([yes]) | 549 | + AC_MSG_RESULT([yes]) |
@@ -694,7 +556,7 @@ index 7379ab358..023e7cc55 100644 | |||
694 | AC_CHECK_DECL([AU_IPv4], [], | 556 | AC_CHECK_DECL([AU_IPv4], [], |
695 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) | 557 | AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) |
696 | diff --git a/gss-genr.c b/gss-genr.c | 558 | diff --git a/gss-genr.c b/gss-genr.c |
697 | index d56257b4a..491e62cee 100644 | 559 | index d56257b4a..763a63ffa 100644 |
698 | --- a/gss-genr.c | 560 | --- a/gss-genr.c |
699 | +++ b/gss-genr.c | 561 | +++ b/gss-genr.c |
700 | @@ -1,7 +1,7 @@ | 562 | @@ -1,7 +1,7 @@ |
@@ -706,16 +568,15 @@ index d56257b4a..491e62cee 100644 | |||
706 | * | 568 | * |
707 | * Redistribution and use in source and binary forms, with or without | 569 | * Redistribution and use in source and binary forms, with or without |
708 | * modification, are permitted provided that the following conditions | 570 | * modification, are permitted provided that the following conditions |
709 | @@ -39,14 +39,37 @@ | 571 | @@ -41,12 +41,36 @@ |
710 | #include "xmalloc.h" | ||
711 | #include "ssherr.h" | ||
712 | #include "sshbuf.h" | 572 | #include "sshbuf.h" |
713 | +#include "sshkey.h" | ||
714 | #include "log.h" | 573 | #include "log.h" |
715 | #include "ssh2.h" | 574 | #include "ssh2.h" |
716 | +#include "cipher.h" | 575 | +#include "cipher.h" |
576 | +#include "sshkey.h" | ||
717 | +#include "kex.h" | 577 | +#include "kex.h" |
718 | +#include "digest.h" | 578 | +#include "digest.h" |
579 | +#include "packet.h" | ||
719 | 580 | ||
720 | #include "ssh-gss.h" | 581 | #include "ssh-gss.h" |
721 | 582 | ||
@@ -736,7 +597,7 @@ index d56257b4a..491e62cee 100644 | |||
736 | + | 597 | + |
737 | +static ssh_gss_kex_mapping *gss_enc2oid = NULL; | 598 | +static ssh_gss_kex_mapping *gss_enc2oid = NULL; |
738 | + | 599 | + |
739 | +int | 600 | +int |
740 | +ssh_gssapi_oid_table_ok(void) { | 601 | +ssh_gssapi_oid_table_ok(void) { |
741 | + return (gss_enc2oid != NULL); | 602 | + return (gss_enc2oid != NULL); |
742 | +} | 603 | +} |
@@ -744,10 +605,25 @@ index d56257b4a..491e62cee 100644 | |||
744 | /* sshbuf_get for gss_buffer_desc */ | 605 | /* sshbuf_get for gss_buffer_desc */ |
745 | int | 606 | int |
746 | ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) | 607 | ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) |
747 | @@ -62,6 +85,143 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) | 608 | @@ -62,6 +86,162 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) |
748 | return 0; | 609 | return 0; |
749 | } | 610 | } |
750 | 611 | ||
612 | +/* sshpkt_get of gss_buffer_desc */ | ||
613 | +int | ||
614 | +ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *ssh, gss_buffer_desc *g) | ||
615 | +{ | ||
616 | + int r; | ||
617 | + u_char *p; | ||
618 | + size_t len; | ||
619 | + | ||
620 | + if ((r = sshpkt_get_string(ssh, &p, &len)) != 0) | ||
621 | + return r; | ||
622 | + g->value = p; | ||
623 | + g->length = len; | ||
624 | + return 0; | ||
625 | +} | ||
626 | + | ||
751 | +/* | 627 | +/* |
752 | + * Return a list of the gss-group1-sha1 mechanisms supported by this program | 628 | + * Return a list of the gss-group1-sha1 mechanisms supported by this program |
753 | + * | 629 | + * |
@@ -756,27 +632,30 @@ index d56257b4a..491e62cee 100644 | |||
756 | + */ | 632 | + */ |
757 | + | 633 | + |
758 | +char * | 634 | +char * |
759 | +ssh_gssapi_client_mechanisms(const char *host, const char *client) { | 635 | +ssh_gssapi_client_mechanisms(const char *host, const char *client, |
760 | + gss_OID_set gss_supported; | 636 | + const char *kex) { |
637 | + gss_OID_set gss_supported = NULL; | ||
761 | + OM_uint32 min_status; | 638 | + OM_uint32 min_status; |
762 | + | 639 | + |
763 | + if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) | 640 | + if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) |
764 | + return NULL; | 641 | + return NULL; |
765 | + | 642 | + |
766 | + return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, | 643 | + return ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, |
767 | + host, client)); | 644 | + host, client, kex); |
768 | +} | 645 | +} |
769 | + | 646 | + |
770 | +char * | 647 | +char * |
771 | +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | 648 | +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, |
772 | + const char *host, const char *client) { | 649 | + const char *host, const char *client, const char *kex) { |
773 | + struct sshbuf *buf; | 650 | + struct sshbuf *buf = NULL; |
774 | + size_t i; | 651 | + size_t i; |
775 | + int r, oidpos, enclen; | 652 | + int r = SSH_ERR_ALLOC_FAIL; |
653 | + int oidpos, enclen; | ||
776 | + char *mechs, *encoded; | 654 | + char *mechs, *encoded; |
777 | + u_char digest[SSH_DIGEST_MAX_LENGTH]; | 655 | + u_char digest[SSH_DIGEST_MAX_LENGTH]; |
778 | + char deroid[2]; | 656 | + char deroid[2]; |
779 | + struct ssh_digest_ctx *md; | 657 | + struct ssh_digest_ctx *md = NULL; |
658 | + char *s, *cp, *p; | ||
780 | + | 659 | + |
781 | + if (gss_enc2oid != NULL) { | 660 | + if (gss_enc2oid != NULL) { |
782 | + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) | 661 | + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) |
@@ -791,6 +670,7 @@ index d56257b4a..491e62cee 100644 | |||
791 | + fatal("%s: sshbuf_new failed", __func__); | 670 | + fatal("%s: sshbuf_new failed", __func__); |
792 | + | 671 | + |
793 | + oidpos = 0; | 672 | + oidpos = 0; |
673 | + s = cp = xstrdup(kex); | ||
794 | + for (i = 0; i < gss_supported->count; i++) { | 674 | + for (i = 0; i < gss_supported->count; i++) { |
795 | + if (gss_supported->elements[i].length < 128 && | 675 | + if (gss_supported->elements[i].length < 128 && |
796 | + (*check)(NULL, &(gss_supported->elements[i]), host, client)) { | 676 | + (*check)(NULL, &(gss_supported->elements[i]), host, client)) { |
@@ -799,12 +679,15 @@ index d56257b4a..491e62cee 100644 | |||
799 | + deroid[1] = gss_supported->elements[i].length; | 679 | + deroid[1] = gss_supported->elements[i].length; |
800 | + | 680 | + |
801 | + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || | 681 | + if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || |
802 | + ssh_digest_update(md, deroid, 2) != 0 || | 682 | + (r = ssh_digest_update(md, deroid, 2)) != 0 || |
803 | + ssh_digest_update(md, | 683 | + (r = ssh_digest_update(md, |
804 | + gss_supported->elements[i].elements, | 684 | + gss_supported->elements[i].elements, |
805 | + gss_supported->elements[i].length) != 0 || | 685 | + gss_supported->elements[i].length)) != 0 || |
806 | + ssh_digest_final(md, digest, sizeof(digest)) != 0) | 686 | + (r = ssh_digest_final(md, digest, sizeof(digest))) != 0) |
807 | + fatal("%s: digest failed", __func__); | 687 | + fatal("%s: digest failed: %s", __func__, |
688 | + ssh_err(r)); | ||
689 | + ssh_digest_free(md); | ||
690 | + md = NULL; | ||
808 | + | 691 | + |
809 | + encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5) | 692 | + encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5) |
810 | + * 2); | 693 | + * 2); |
@@ -812,69 +695,66 @@ index d56257b4a..491e62cee 100644 | |||
812 | + ssh_digest_bytes(SSH_DIGEST_MD5), encoded, | 695 | + ssh_digest_bytes(SSH_DIGEST_MD5), encoded, |
813 | + ssh_digest_bytes(SSH_DIGEST_MD5) * 2); | 696 | + ssh_digest_bytes(SSH_DIGEST_MD5) * 2); |
814 | + | 697 | + |
815 | + if (oidpos != 0) { | 698 | + cp = strncpy(s, kex, strlen(kex)); |
816 | + if ((r = sshbuf_put_u8(buf, ',')) != 0) | 699 | + for ((p = strsep(&cp, ",")); p && *p != '\0'; |
817 | + fatal("%s: buffer error: %s", | 700 | + (p = strsep(&cp, ","))) { |
701 | + if (sshbuf_len(buf) != 0 && | ||
702 | + (r = sshbuf_put_u8(buf, ',')) != 0) | ||
703 | + fatal("%s: sshbuf_put_u8 error: %s", | ||
704 | + __func__, ssh_err(r)); | ||
705 | + if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || | ||
706 | + (r = sshbuf_put(buf, encoded, enclen)) != 0) | ||
707 | + fatal("%s: sshbuf_put error: %s", | ||
818 | + __func__, ssh_err(r)); | 708 | + __func__, ssh_err(r)); |
819 | + } | 709 | + } |
820 | + | 710 | + |
821 | + if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID, | ||
822 | + sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 || | ||
823 | + (r = sshbuf_put(buf, encoded, enclen)) != 0 || | ||
824 | + (r = sshbuf_put_u8(buf, ',')) != 0 || | ||
825 | + (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID, | ||
826 | + sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 || | ||
827 | + (r = sshbuf_put(buf, encoded, enclen)) != 0 || | ||
828 | + (r = sshbuf_put_u8(buf, ',')) != 0 || | ||
829 | + (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID, | ||
830 | + sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 || | ||
831 | + (r = sshbuf_put(buf, encoded, enclen)) != 0) | ||
832 | + fatal("%s: buffer error: %s", | ||
833 | + __func__, ssh_err(r)); | ||
834 | + | ||
835 | + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); | 711 | + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); |
836 | + gss_enc2oid[oidpos].encoded = encoded; | 712 | + gss_enc2oid[oidpos].encoded = encoded; |
837 | + oidpos++; | 713 | + oidpos++; |
838 | + } | 714 | + } |
839 | + } | 715 | + } |
716 | + free(s); | ||
840 | + gss_enc2oid[oidpos].oid = NULL; | 717 | + gss_enc2oid[oidpos].oid = NULL; |
841 | + gss_enc2oid[oidpos].encoded = NULL; | 718 | + gss_enc2oid[oidpos].encoded = NULL; |
842 | + | 719 | + |
843 | + if ((mechs = sshbuf_dup_string(buf)) == NULL) | 720 | + if ((mechs = sshbuf_dup_string(buf)) == NULL) |
844 | + fatal("%s: sshbuf_dup_string failed", __func__); | 721 | + fatal("%s: sshbuf_dup_string failed", __func__); |
845 | + | 722 | + |
723 | + sshbuf_free(buf); | ||
724 | + | ||
846 | + if (strlen(mechs) == 0) { | 725 | + if (strlen(mechs) == 0) { |
847 | + free(mechs); | 726 | + free(mechs); |
848 | + mechs = NULL; | 727 | + mechs = NULL; |
849 | + } | 728 | + } |
850 | + | 729 | + |
851 | + return (mechs); | 730 | + return (mechs); |
852 | +} | 731 | +} |
853 | + | 732 | + |
854 | +gss_OID | 733 | +gss_OID |
855 | +ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { | 734 | +ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { |
856 | + int i = 0; | 735 | + int i = 0; |
857 | + | 736 | + |
858 | + switch (kex_type) { | 737 | +#define SKIP_KEX_NAME(type) \ |
859 | + case KEX_GSS_GRP1_SHA1: | 738 | + case type: \ |
860 | + if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID)) | 739 | + if (strlen(name) < sizeof(type##_ID)) \ |
861 | + return GSS_C_NO_OID; | 740 | + return GSS_C_NO_OID; \ |
862 | + name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1; | 741 | + name += sizeof(type##_ID) - 1; \ |
863 | + break; | ||
864 | + case KEX_GSS_GRP14_SHA1: | ||
865 | + if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID)) | ||
866 | + return GSS_C_NO_OID; | ||
867 | + name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1; | ||
868 | + break; | ||
869 | + case KEX_GSS_GEX_SHA1: | ||
870 | + if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID)) | ||
871 | + return GSS_C_NO_OID; | ||
872 | + name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1; | ||
873 | + break; | 742 | + break; |
743 | + | ||
744 | + switch (kex_type) { | ||
745 | + SKIP_KEX_NAME(KEX_GSS_GRP1_SHA1) | ||
746 | + SKIP_KEX_NAME(KEX_GSS_GRP14_SHA1) | ||
747 | + SKIP_KEX_NAME(KEX_GSS_GRP14_SHA256) | ||
748 | + SKIP_KEX_NAME(KEX_GSS_GRP16_SHA512) | ||
749 | + SKIP_KEX_NAME(KEX_GSS_GEX_SHA1) | ||
750 | + SKIP_KEX_NAME(KEX_GSS_NISTP256_SHA256) | ||
751 | + SKIP_KEX_NAME(KEX_GSS_C25519_SHA256) | ||
874 | + default: | 752 | + default: |
875 | + return GSS_C_NO_OID; | 753 | + return GSS_C_NO_OID; |
876 | + } | 754 | + } |
877 | + | 755 | + |
756 | +#undef SKIP_KEX_NAME | ||
757 | + | ||
878 | + while (gss_enc2oid[i].encoded != NULL && | 758 | + while (gss_enc2oid[i].encoded != NULL && |
879 | + strcmp(name, gss_enc2oid[i].encoded) != 0) | 759 | + strcmp(name, gss_enc2oid[i].encoded) != 0) |
880 | + i++; | 760 | + i++; |
@@ -888,7 +768,7 @@ index d56257b4a..491e62cee 100644 | |||
888 | /* Check that the OID in a data stream matches that in the context */ | 768 | /* Check that the OID in a data stream matches that in the context */ |
889 | int | 769 | int |
890 | ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) | 770 | ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) |
891 | @@ -218,7 +378,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, | 771 | @@ -218,7 +398,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, |
892 | } | 772 | } |
893 | 773 | ||
894 | ctx->major = gss_init_sec_context(&ctx->minor, | 774 | ctx->major = gss_init_sec_context(&ctx->minor, |
@@ -897,7 +777,7 @@ index d56257b4a..491e62cee 100644 | |||
897 | GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, | 777 | GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, |
898 | 0, NULL, recv_tok, NULL, send_tok, flags, NULL); | 778 | 0, NULL, recv_tok, NULL, send_tok, flags, NULL); |
899 | 779 | ||
900 | @@ -247,9 +407,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) | 780 | @@ -247,9 +427,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) |
901 | return (ctx->major); | 781 | return (ctx->major); |
902 | } | 782 | } |
903 | 783 | ||
@@ -919,8 +799,8 @@ index d56257b4a..491e62cee 100644 | |||
919 | + GSS_C_NT_USER_NAME, &gssname); | 799 | + GSS_C_NT_USER_NAME, &gssname); |
920 | + | 800 | + |
921 | + if (!ctx->major) | 801 | + if (!ctx->major) |
922 | + ctx->major = gss_acquire_cred(&ctx->minor, | 802 | + ctx->major = gss_acquire_cred(&ctx->minor, |
923 | + gssname, 0, oidset, GSS_C_INITIATE, | 803 | + gssname, 0, oidset, GSS_C_INITIATE, |
924 | + &ctx->client_creds, NULL, NULL); | 804 | + &ctx->client_creds, NULL, NULL); |
925 | + | 805 | + |
926 | + gss_release_name(&status, &gssname); | 806 | + gss_release_name(&status, &gssname); |
@@ -935,13 +815,13 @@ index d56257b4a..491e62cee 100644 | |||
935 | OM_uint32 | 815 | OM_uint32 |
936 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) | 816 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) |
937 | { | 817 | { |
938 | + if (ctx == NULL) | 818 | + if (ctx == NULL) |
939 | + return -1; | 819 | + return -1; |
940 | + | 820 | + |
941 | if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, | 821 | if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, |
942 | GSS_C_QOP_DEFAULT, buffer, hash))) | 822 | GSS_C_QOP_DEFAULT, buffer, hash))) |
943 | ssh_gssapi_error(ctx); | 823 | ssh_gssapi_error(ctx); |
944 | @@ -257,6 +451,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) | 824 | @@ -257,6 +471,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) |
945 | return (ctx->major); | 825 | return (ctx->major); |
946 | } | 826 | } |
947 | 827 | ||
@@ -961,12 +841,12 @@ index d56257b4a..491e62cee 100644 | |||
961 | void | 841 | void |
962 | ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, | 842 | ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, |
963 | const char *context) | 843 | const char *context) |
964 | @@ -273,11 +480,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, | 844 | @@ -273,11 +500,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, |
965 | } | 845 | } |
966 | 846 | ||
967 | int | 847 | int |
968 | -ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) | 848 | -ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) |
969 | +ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, | 849 | +ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, |
970 | + const char *client) | 850 | + const char *client) |
971 | { | 851 | { |
972 | gss_buffer_desc token = GSS_C_EMPTY_BUFFER; | 852 | gss_buffer_desc token = GSS_C_EMPTY_BUFFER; |
@@ -979,7 +859,7 @@ index d56257b4a..491e62cee 100644 | |||
979 | 859 | ||
980 | /* RFC 4462 says we MUST NOT do SPNEGO */ | 860 | /* RFC 4462 says we MUST NOT do SPNEGO */ |
981 | if (oid->length == spnego_oid.length && | 861 | if (oid->length == spnego_oid.length && |
982 | @@ -287,6 +499,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) | 862 | @@ -287,6 +519,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) |
983 | ssh_gssapi_build_ctx(ctx); | 863 | ssh_gssapi_build_ctx(ctx); |
984 | ssh_gssapi_set_oid(*ctx, oid); | 864 | ssh_gssapi_set_oid(*ctx, oid); |
985 | major = ssh_gssapi_import_name(*ctx, host); | 865 | major = ssh_gssapi_import_name(*ctx, host); |
@@ -990,12 +870,12 @@ index d56257b4a..491e62cee 100644 | |||
990 | if (!GSS_ERROR(major)) { | 870 | if (!GSS_ERROR(major)) { |
991 | major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, | 871 | major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, |
992 | NULL); | 872 | NULL); |
993 | @@ -296,10 +512,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) | 873 | @@ -296,10 +532,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) |
994 | GSS_C_NO_BUFFER); | 874 | GSS_C_NO_BUFFER); |
995 | } | 875 | } |
996 | 876 | ||
997 | - if (GSS_ERROR(major)) | 877 | - if (GSS_ERROR(major)) |
998 | + if (GSS_ERROR(major) || intctx != NULL) | 878 | + if (GSS_ERROR(major) || intctx != NULL) |
999 | ssh_gssapi_delete_ctx(ctx); | 879 | ssh_gssapi_delete_ctx(ctx); |
1000 | 880 | ||
1001 | return (!GSS_ERROR(major)); | 881 | return (!GSS_ERROR(major)); |
@@ -1010,7 +890,7 @@ index d56257b4a..491e62cee 100644 | |||
1010 | + static OM_uint32 last_call = 0; | 890 | + static OM_uint32 last_call = 0; |
1011 | + OM_uint32 lifetime, now, major, minor; | 891 | + OM_uint32 lifetime, now, major, minor; |
1012 | + int equal; | 892 | + int equal; |
1013 | + | 893 | + |
1014 | + now = time(NULL); | 894 | + now = time(NULL); |
1015 | + | 895 | + |
1016 | + if (ctxt) { | 896 | + if (ctxt) { |
@@ -1038,8 +918,8 @@ index d56257b4a..491e62cee 100644 | |||
1038 | + | 918 | + |
1039 | + if (saved_mech == GSS_C_NO_OID) | 919 | + if (saved_mech == GSS_C_NO_OID) |
1040 | + return 0; | 920 | + return 0; |
1041 | + | 921 | + |
1042 | + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, | 922 | + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, |
1043 | + &name, &lifetime, NULL, NULL); | 923 | + &name, &lifetime, NULL, NULL); |
1044 | + if (major == GSS_S_CREDENTIALS_EXPIRED) | 924 | + if (major == GSS_S_CREDENTIALS_EXPIRED) |
1045 | + return 0; | 925 | + return 0; |
@@ -1059,7 +939,7 @@ index d56257b4a..491e62cee 100644 | |||
1059 | + | 939 | + |
1060 | #endif /* GSSAPI */ | 940 | #endif /* GSSAPI */ |
1061 | diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c | 941 | diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c |
1062 | index a151bc1e4..90f8692f5 100644 | 942 | index a151bc1e4..ef9beb67c 100644 |
1063 | --- a/gss-serv-krb5.c | 943 | --- a/gss-serv-krb5.c |
1064 | +++ b/gss-serv-krb5.c | 944 | +++ b/gss-serv-krb5.c |
1065 | @@ -1,7 +1,7 @@ | 945 | @@ -1,7 +1,7 @@ |
@@ -1107,7 +987,7 @@ index a151bc1e4..90f8692f5 100644 | |||
1107 | } | 987 | } |
1108 | 988 | ||
1109 | +int | 989 | +int |
1110 | +ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, | 990 | +ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, |
1111 | + ssh_gssapi_client *client) | 991 | + ssh_gssapi_client *client) |
1112 | +{ | 992 | +{ |
1113 | + krb5_ccache ccache = NULL; | 993 | + krb5_ccache ccache = NULL; |
@@ -1116,14 +996,14 @@ index a151bc1e4..90f8692f5 100644 | |||
1116 | + krb5_error_code problem; | 996 | + krb5_error_code problem; |
1117 | + OM_uint32 maj_status, min_status; | 997 | + OM_uint32 maj_status, min_status; |
1118 | + | 998 | + |
1119 | + if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { | 999 | + if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { |
1120 | + logit("krb5_cc_resolve(): %.100s", | 1000 | + logit("krb5_cc_resolve(): %.100s", |
1121 | + krb5_get_err_text(krb_context, problem)); | 1001 | + krb5_get_err_text(krb_context, problem)); |
1122 | + return 0; | 1002 | + return 0; |
1123 | + } | 1003 | + } |
1124 | + | 1004 | + |
1125 | + /* Find out who the principal in this cache is */ | 1005 | + /* Find out who the principal in this cache is */ |
1126 | + if ((problem = krb5_cc_get_principal(krb_context, ccache, | 1006 | + if ((problem = krb5_cc_get_principal(krb_context, ccache, |
1127 | + &principal))) { | 1007 | + &principal))) { |
1128 | + logit("krb5_cc_get_principal(): %.100s", | 1008 | + logit("krb5_cc_get_principal(): %.100s", |
1129 | + krb5_get_err_text(krb_context, problem)); | 1009 | + krb5_get_err_text(krb_context, problem)); |
@@ -1185,7 +1065,7 @@ index a151bc1e4..90f8692f5 100644 | |||
1185 | 1065 | ||
1186 | #endif /* KRB5 */ | 1066 | #endif /* KRB5 */ |
1187 | diff --git a/gss-serv.c b/gss-serv.c | 1067 | diff --git a/gss-serv.c b/gss-serv.c |
1188 | index ab3a15f0f..6c087a1b1 100644 | 1068 | index ab3a15f0f..1d47870e7 100644 |
1189 | --- a/gss-serv.c | 1069 | --- a/gss-serv.c |
1190 | +++ b/gss-serv.c | 1070 | +++ b/gss-serv.c |
1191 | @@ -1,7 +1,7 @@ | 1071 | @@ -1,7 +1,7 @@ |
@@ -1197,7 +1077,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1197 | * | 1077 | * |
1198 | * Redistribution and use in source and binary forms, with or without | 1078 | * Redistribution and use in source and binary forms, with or without |
1199 | * modification, are permitted provided that the following conditions | 1079 | * modification, are permitted provided that the following conditions |
1200 | @@ -44,17 +44,22 @@ | 1080 | @@ -44,17 +44,19 @@ |
1201 | #include "session.h" | 1081 | #include "session.h" |
1202 | #include "misc.h" | 1082 | #include "misc.h" |
1203 | #include "servconf.h" | 1083 | #include "servconf.h" |
@@ -1205,16 +1085,14 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1205 | 1085 | ||
1206 | #include "ssh-gss.h" | 1086 | #include "ssh-gss.h" |
1207 | +#include "monitor_wrap.h" | 1087 | +#include "monitor_wrap.h" |
1208 | + | ||
1209 | +extern ServerOptions options; | ||
1210 | 1088 | ||
1211 | extern ServerOptions options; | 1089 | extern ServerOptions options; |
1212 | 1090 | ||
1213 | static ssh_gssapi_client gssapi_client = | 1091 | static ssh_gssapi_client gssapi_client = |
1214 | { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, | 1092 | - { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, |
1215 | - GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; | 1093 | - GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; |
1216 | + GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, NULL, | 1094 | + { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, |
1217 | + {NULL, NULL, NULL, NULL, NULL}, 0, 0}; | 1095 | + GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; |
1218 | 1096 | ||
1219 | ssh_gssapi_mech gssapi_null_mech = | 1097 | ssh_gssapi_mech gssapi_null_mech = |
1220 | - { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; | 1098 | - { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; |
@@ -1222,7 +1100,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1222 | 1100 | ||
1223 | #ifdef KRB5 | 1101 | #ifdef KRB5 |
1224 | extern ssh_gssapi_mech gssapi_kerberos_mech; | 1102 | extern ssh_gssapi_mech gssapi_kerberos_mech; |
1225 | @@ -140,6 +145,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) | 1103 | @@ -140,6 +142,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) |
1226 | return (ssh_gssapi_acquire_cred(*ctx)); | 1104 | return (ssh_gssapi_acquire_cred(*ctx)); |
1227 | } | 1105 | } |
1228 | 1106 | ||
@@ -1232,7 +1110,8 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1232 | + if (supported_oids == NULL) | 1110 | + if (supported_oids == NULL) |
1233 | + ssh_gssapi_prepare_supported_oids(); | 1111 | + ssh_gssapi_prepare_supported_oids(); |
1234 | + return (ssh_gssapi_kex_mechs(supported_oids, | 1112 | + return (ssh_gssapi_kex_mechs(supported_oids, |
1235 | + &ssh_gssapi_server_check_mech, NULL, NULL)); | 1113 | + &ssh_gssapi_server_check_mech, NULL, NULL, |
1114 | + options.gss_kex_algorithms)); | ||
1236 | +} | 1115 | +} |
1237 | + | 1116 | + |
1238 | +/* Unprivileged */ | 1117 | +/* Unprivileged */ |
@@ -1241,7 +1120,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1241 | + const char *dummy) { | 1120 | + const char *dummy) { |
1242 | + Gssctxt *ctx = NULL; | 1121 | + Gssctxt *ctx = NULL; |
1243 | + int res; | 1122 | + int res; |
1244 | + | 1123 | + |
1245 | + res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); | 1124 | + res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); |
1246 | + ssh_gssapi_delete_ctx(&ctx); | 1125 | + ssh_gssapi_delete_ctx(&ctx); |
1247 | + | 1126 | + |
@@ -1251,7 +1130,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1251 | /* Unprivileged */ | 1130 | /* Unprivileged */ |
1252 | void | 1131 | void |
1253 | ssh_gssapi_supported_oids(gss_OID_set *oidset) | 1132 | ssh_gssapi_supported_oids(gss_OID_set *oidset) |
1254 | @@ -150,7 +177,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) | 1133 | @@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) |
1255 | gss_OID_set supported; | 1134 | gss_OID_set supported; |
1256 | 1135 | ||
1257 | gss_create_empty_oid_set(&min_status, oidset); | 1136 | gss_create_empty_oid_set(&min_status, oidset); |
@@ -1262,7 +1141,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1262 | 1141 | ||
1263 | while (supported_mechs[i]->name != NULL) { | 1142 | while (supported_mechs[i]->name != NULL) { |
1264 | if (GSS_ERROR(gss_test_oid_set_member(&min_status, | 1143 | if (GSS_ERROR(gss_test_oid_set_member(&min_status, |
1265 | @@ -276,8 +305,48 @@ OM_uint32 | 1144 | @@ -276,8 +303,48 @@ OM_uint32 |
1266 | ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) | 1145 | ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) |
1267 | { | 1146 | { |
1268 | int i = 0; | 1147 | int i = 0; |
@@ -1278,21 +1157,21 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1278 | + return GSS_S_COMPLETE; | 1157 | + return GSS_S_COMPLETE; |
1279 | + } | 1158 | + } |
1280 | + | 1159 | + |
1281 | + if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, | 1160 | + if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, |
1282 | + ctx->client_creds, ctx->oid, &new_name, | 1161 | + ctx->client_creds, ctx->oid, &new_name, |
1283 | + NULL, NULL, NULL))) { | 1162 | + NULL, NULL, NULL))) { |
1284 | + ssh_gssapi_error(ctx); | 1163 | + ssh_gssapi_error(ctx); |
1285 | + return (ctx->major); | 1164 | + return (ctx->major); |
1286 | + } | 1165 | + } |
1287 | + | 1166 | + |
1288 | + ctx->major = gss_compare_name(&ctx->minor, client->name, | 1167 | + ctx->major = gss_compare_name(&ctx->minor, client->name, |
1289 | + new_name, &equal); | 1168 | + new_name, &equal); |
1290 | + | 1169 | + |
1291 | + if (GSS_ERROR(ctx->major)) { | 1170 | + if (GSS_ERROR(ctx->major)) { |
1292 | + ssh_gssapi_error(ctx); | 1171 | + ssh_gssapi_error(ctx); |
1293 | + return (ctx->major); | 1172 | + return (ctx->major); |
1294 | + } | 1173 | + } |
1295 | + | 1174 | + |
1296 | + if (!equal) { | 1175 | + if (!equal) { |
1297 | + debug("Rekeyed credentials have different name"); | 1176 | + debug("Rekeyed credentials have different name"); |
1298 | + return GSS_S_COMPLETE; | 1177 | + return GSS_S_COMPLETE; |
@@ -1305,14 +1184,14 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1305 | + gss_release_cred(&ctx->minor, &client->creds); | 1184 | + gss_release_cred(&ctx->minor, &client->creds); |
1306 | + client->name = new_name; | 1185 | + client->name = new_name; |
1307 | + client->creds = ctx->client_creds; | 1186 | + client->creds = ctx->client_creds; |
1308 | + ctx->client_creds = GSS_C_NO_CREDENTIAL; | 1187 | + ctx->client_creds = GSS_C_NO_CREDENTIAL; |
1309 | + client->updated = 1; | 1188 | + client->updated = 1; |
1310 | + return GSS_S_COMPLETE; | 1189 | + return GSS_S_COMPLETE; |
1311 | + } | 1190 | + } |
1312 | 1191 | ||
1313 | client->mech = NULL; | 1192 | client->mech = NULL; |
1314 | 1193 | ||
1315 | @@ -292,6 +361,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) | 1194 | @@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) |
1316 | if (client->mech == NULL) | 1195 | if (client->mech == NULL) |
1317 | return GSS_S_FAILURE; | 1196 | return GSS_S_FAILURE; |
1318 | 1197 | ||
@@ -1326,7 +1205,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1326 | if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, | 1205 | if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, |
1327 | &client->displayname, NULL))) { | 1206 | &client->displayname, NULL))) { |
1328 | ssh_gssapi_error(ctx); | 1207 | ssh_gssapi_error(ctx); |
1329 | @@ -309,6 +385,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) | 1208 | @@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) |
1330 | return (ctx->major); | 1209 | return (ctx->major); |
1331 | } | 1210 | } |
1332 | 1211 | ||
@@ -1335,16 +1214,20 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1335 | /* We can't copy this structure, so we just move the pointer to it */ | 1214 | /* We can't copy this structure, so we just move the pointer to it */ |
1336 | client->creds = ctx->client_creds; | 1215 | client->creds = ctx->client_creds; |
1337 | ctx->client_creds = GSS_C_NO_CREDENTIAL; | 1216 | ctx->client_creds = GSS_C_NO_CREDENTIAL; |
1338 | @@ -356,7 +434,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) | 1217 | @@ -356,19 +432,23 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) |
1339 | 1218 | ||
1340 | /* Privileged */ | 1219 | /* Privileged */ |
1341 | int | 1220 | int |
1342 | -ssh_gssapi_userok(char *user) | 1221 | -ssh_gssapi_userok(char *user) |
1343 | +ssh_gssapi_userok(char *user, struct passwd *pw) | 1222 | +ssh_gssapi_userok(char *user, struct passwd *pw, int kex) |
1344 | { | 1223 | { |
1345 | OM_uint32 lmin; | 1224 | OM_uint32 lmin; |
1346 | 1225 | ||
1347 | @@ -366,9 +444,11 @@ ssh_gssapi_userok(char *user) | 1226 | + (void) kex; /* used in privilege separation */ |
1227 | + | ||
1228 | if (gssapi_client.exportedname.length == 0 || | ||
1229 | gssapi_client.exportedname.value == NULL) { | ||
1230 | debug("No suitable client data"); | ||
1348 | return 0; | 1231 | return 0; |
1349 | } | 1232 | } |
1350 | if (gssapi_client.mech && gssapi_client.mech->userok) | 1233 | if (gssapi_client.mech && gssapi_client.mech->userok) |
@@ -1365,7 +1248,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1365 | -/* Privileged */ | 1248 | -/* Privileged */ |
1366 | -OM_uint32 | 1249 | -OM_uint32 |
1367 | -ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) | 1250 | -ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) |
1368 | +/* These bits are only used for rekeying. The unpriviledged child is running | 1251 | +/* These bits are only used for rekeying. The unpriviledged child is running |
1369 | + * as the user, the monitor is root. | 1252 | + * as the user, the monitor is root. |
1370 | + * | 1253 | + * |
1371 | + * In the child, we want to : | 1254 | + * In the child, we want to : |
@@ -1376,7 +1259,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1376 | +/* Stuff for PAM */ | 1259 | +/* Stuff for PAM */ |
1377 | + | 1260 | + |
1378 | +#ifdef USE_PAM | 1261 | +#ifdef USE_PAM |
1379 | +static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, | 1262 | +static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, |
1380 | + struct pam_response **resp, void *data) | 1263 | + struct pam_response **resp, void *data) |
1381 | { | 1264 | { |
1382 | - ctx->major = gss_verify_mic(&ctx->minor, ctx->context, | 1265 | - ctx->major = gss_verify_mic(&ctx->minor, ctx->context, |
@@ -1389,18 +1272,18 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1389 | +void | 1272 | +void |
1390 | +ssh_gssapi_rekey_creds(void) { | 1273 | +ssh_gssapi_rekey_creds(void) { |
1391 | + int ok; | 1274 | + int ok; |
1392 | + int ret; | ||
1393 | +#ifdef USE_PAM | 1275 | +#ifdef USE_PAM |
1276 | + int ret; | ||
1394 | + pam_handle_t *pamh = NULL; | 1277 | + pam_handle_t *pamh = NULL; |
1395 | + struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; | 1278 | + struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; |
1396 | + char *envstr; | 1279 | + char *envstr; |
1397 | +#endif | 1280 | +#endif |
1398 | + | 1281 | + |
1399 | + if (gssapi_client.store.filename == NULL && | 1282 | + if (gssapi_client.store.filename == NULL && |
1400 | + gssapi_client.store.envval == NULL && | 1283 | + gssapi_client.store.envval == NULL && |
1401 | + gssapi_client.store.envvar == NULL) | 1284 | + gssapi_client.store.envvar == NULL) |
1402 | + return; | 1285 | + return; |
1403 | + | 1286 | + |
1404 | + ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); | 1287 | + ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); |
1405 | + | 1288 | + |
1406 | + if (!ok) | 1289 | + if (!ok) |
@@ -1423,7 +1306,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1423 | + if (ret) | 1306 | + if (ret) |
1424 | + return; | 1307 | + return; |
1425 | + | 1308 | + |
1426 | + xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, | 1309 | + xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, |
1427 | + gssapi_client.store.envval); | 1310 | + gssapi_client.store.envval); |
1428 | + | 1311 | + |
1429 | + ret = pam_putenv(pamh, envstr); | 1312 | + ret = pam_putenv(pamh, envstr); |
@@ -1433,7 +1316,7 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1433 | +#endif | 1316 | +#endif |
1434 | +} | 1317 | +} |
1435 | + | 1318 | + |
1436 | +int | 1319 | +int |
1437 | +ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { | 1320 | +ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { |
1438 | + int ok = 0; | 1321 | + int ok = 0; |
1439 | + | 1322 | + |
@@ -1455,11 +1338,29 @@ index ab3a15f0f..6c087a1b1 100644 | |||
1455 | } | 1338 | } |
1456 | 1339 | ||
1457 | /* Privileged */ | 1340 | /* Privileged */ |
1341 | diff --git a/hmac.c b/hmac.c | ||
1342 | index 1c879640c..a29f32c5c 100644 | ||
1343 | --- a/hmac.c | ||
1344 | +++ b/hmac.c | ||
1345 | @@ -19,6 +19,7 @@ | ||
1346 | |||
1347 | #include <sys/types.h> | ||
1348 | #include <string.h> | ||
1349 | +#include <stdlib.h> | ||
1350 | |||
1351 | #include "sshbuf.h" | ||
1352 | #include "digest.h" | ||
1458 | diff --git a/kex.c b/kex.c | 1353 | diff --git a/kex.c b/kex.c |
1459 | index 25f9f66f6..fb5bfaea5 100644 | 1354 | index 34808b5c3..a2a4794e8 100644 |
1460 | --- a/kex.c | 1355 | --- a/kex.c |
1461 | +++ b/kex.c | 1356 | +++ b/kex.c |
1462 | @@ -54,6 +54,10 @@ | 1357 | @@ -55,11 +55,16 @@ |
1358 | #include "misc.h" | ||
1359 | #include "dispatch.h" | ||
1360 | #include "monitor.h" | ||
1361 | +#include "xmalloc.h" | ||
1362 | |||
1363 | #include "ssherr.h" | ||
1463 | #include "sshbuf.h" | 1364 | #include "sshbuf.h" |
1464 | #include "digest.h" | 1365 | #include "digest.h" |
1465 | 1366 | ||
@@ -1470,57 +1371,129 @@ index 25f9f66f6..fb5bfaea5 100644 | |||
1470 | /* prototype */ | 1371 | /* prototype */ |
1471 | static int kex_choose_conf(struct ssh *); | 1372 | static int kex_choose_conf(struct ssh *); |
1472 | static int kex_input_newkeys(int, u_int32_t, struct ssh *); | 1373 | static int kex_input_newkeys(int, u_int32_t, struct ssh *); |
1473 | @@ -105,6 +109,14 @@ static const struct kexalg kexalgs[] = { | 1374 | @@ -113,15 +118,28 @@ static const struct kexalg kexalgs[] = { |
1474 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ | 1375 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ |
1475 | { NULL, -1, -1, -1}, | 1376 | { NULL, -1, -1, -1}, |
1476 | }; | 1377 | }; |
1477 | +static const struct kexalg kexalg_prefixes[] = { | 1378 | +static const struct kexalg gss_kexalgs[] = { |
1478 | +#ifdef GSSAPI | 1379 | +#ifdef GSSAPI |
1479 | + { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, | 1380 | + { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, |
1480 | + { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, | 1381 | + { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
1481 | + { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, | 1382 | + { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, |
1383 | + { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
1384 | + { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
1385 | + { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, | ||
1386 | + NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, | ||
1387 | + { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
1482 | +#endif | 1388 | +#endif |
1483 | + { NULL, -1, -1, -1 }, | 1389 | + { NULL, -1, -1, -1 }, |
1484 | +}; | 1390 | +}; |
1485 | 1391 | ||
1486 | char * | 1392 | -char * |
1487 | kex_alg_list(char sep) | 1393 | -kex_alg_list(char sep) |
1488 | @@ -137,6 +149,10 @@ kex_alg_by_name(const char *name) | 1394 | +static char * |
1395 | +kex_alg_list_internal(char sep, const struct kexalg *algs) | ||
1396 | { | ||
1397 | char *ret = NULL, *tmp; | ||
1398 | size_t nlen, rlen = 0; | ||
1399 | const struct kexalg *k; | ||
1400 | |||
1401 | - for (k = kexalgs; k->name != NULL; k++) { | ||
1402 | + for (k = algs; k->name != NULL; k++) { | ||
1403 | if (ret != NULL) | ||
1404 | ret[rlen++] = sep; | ||
1405 | nlen = strlen(k->name); | ||
1406 | @@ -136,6 +154,18 @@ kex_alg_list(char sep) | ||
1407 | return ret; | ||
1408 | } | ||
1409 | |||
1410 | +char * | ||
1411 | +kex_alg_list(char sep) | ||
1412 | +{ | ||
1413 | + return kex_alg_list_internal(sep, kexalgs); | ||
1414 | +} | ||
1415 | + | ||
1416 | +char * | ||
1417 | +kex_gss_alg_list(char sep) | ||
1418 | +{ | ||
1419 | + return kex_alg_list_internal(sep, gss_kexalgs); | ||
1420 | +} | ||
1421 | + | ||
1422 | static const struct kexalg * | ||
1423 | kex_alg_by_name(const char *name) | ||
1424 | { | ||
1425 | @@ -145,6 +175,10 @@ kex_alg_by_name(const char *name) | ||
1489 | if (strcmp(k->name, name) == 0) | 1426 | if (strcmp(k->name, name) == 0) |
1490 | return k; | 1427 | return k; |
1491 | } | 1428 | } |
1492 | + for (k = kexalg_prefixes; k->name != NULL; k++) { | 1429 | + for (k = gss_kexalgs; k->name != NULL; k++) { |
1493 | + if (strncmp(k->name, name, strlen(k->name)) == 0) | 1430 | + if (strncmp(k->name, name, strlen(k->name)) == 0) |
1494 | + return k; | 1431 | + return k; |
1495 | + } | 1432 | + } |
1496 | return NULL; | 1433 | return NULL; |
1497 | } | 1434 | } |
1498 | 1435 | ||
1499 | @@ -653,6 +669,9 @@ kex_free(struct kex *kex) | 1436 | @@ -301,6 +335,29 @@ kex_assemble_names(char **listp, const char *def, const char *all) |
1500 | sshbuf_free(kex->peer); | 1437 | return r; |
1501 | sshbuf_free(kex->my); | 1438 | } |
1439 | |||
1440 | +/* Validate GSS KEX method name list */ | ||
1441 | +int | ||
1442 | +kex_gss_names_valid(const char *names) | ||
1443 | +{ | ||
1444 | + char *s, *cp, *p; | ||
1445 | + | ||
1446 | + if (names == NULL || *names == '\0') | ||
1447 | + return 0; | ||
1448 | + s = cp = xstrdup(names); | ||
1449 | + for ((p = strsep(&cp, ",")); p && *p != '\0'; | ||
1450 | + (p = strsep(&cp, ","))) { | ||
1451 | + if (strncmp(p, "gss-", 4) != 0 | ||
1452 | + || kex_alg_by_name(p) == NULL) { | ||
1453 | + error("Unsupported KEX algorithm \"%.100s\"", p); | ||
1454 | + free(s); | ||
1455 | + return 0; | ||
1456 | + } | ||
1457 | + } | ||
1458 | + debug3("gss kex names ok: [%s]", names); | ||
1459 | + free(s); | ||
1460 | + return 1; | ||
1461 | +} | ||
1462 | + | ||
1463 | /* put algorithm proposal into buffer */ | ||
1464 | int | ||
1465 | kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) | ||
1466 | @@ -657,6 +714,9 @@ kex_free(struct kex *kex) | ||
1467 | sshbuf_free(kex->server_version); | ||
1468 | sshbuf_free(kex->client_pub); | ||
1502 | free(kex->session_id); | 1469 | free(kex->session_id); |
1503 | +#ifdef GSSAPI | 1470 | +#ifdef GSSAPI |
1504 | + free(kex->gss_host); | 1471 | + free(kex->gss_host); |
1505 | +#endif /* GSSAPI */ | 1472 | +#endif /* GSSAPI */ |
1506 | free(kex->client_version_string); | ||
1507 | free(kex->server_version_string); | ||
1508 | free(kex->failed_choice); | 1473 | free(kex->failed_choice); |
1474 | free(kex->hostkey_alg); | ||
1475 | free(kex->name); | ||
1509 | diff --git a/kex.h b/kex.h | 1476 | diff --git a/kex.h b/kex.h |
1510 | index 593de1208..4e5ead839 100644 | 1477 | index 6d446d1cc..2d5f1d4ed 100644 |
1511 | --- a/kex.h | 1478 | --- a/kex.h |
1512 | +++ b/kex.h | 1479 | +++ b/kex.h |
1513 | @@ -100,6 +100,9 @@ enum kex_exchange { | 1480 | @@ -103,6 +103,15 @@ enum kex_exchange { |
1514 | KEX_DH_GEX_SHA256, | ||
1515 | KEX_ECDH_SHA2, | 1481 | KEX_ECDH_SHA2, |
1516 | KEX_C25519_SHA256, | 1482 | KEX_C25519_SHA256, |
1483 | KEX_KEM_SNTRUP4591761X25519_SHA512, | ||
1484 | +#ifdef GSSAPI | ||
1517 | + KEX_GSS_GRP1_SHA1, | 1485 | + KEX_GSS_GRP1_SHA1, |
1518 | + KEX_GSS_GRP14_SHA1, | 1486 | + KEX_GSS_GRP14_SHA1, |
1487 | + KEX_GSS_GRP14_SHA256, | ||
1488 | + KEX_GSS_GRP16_SHA512, | ||
1519 | + KEX_GSS_GEX_SHA1, | 1489 | + KEX_GSS_GEX_SHA1, |
1490 | + KEX_GSS_NISTP256_SHA256, | ||
1491 | + KEX_GSS_C25519_SHA256, | ||
1492 | +#endif | ||
1520 | KEX_MAX | 1493 | KEX_MAX |
1521 | }; | 1494 | }; |
1522 | 1495 | ||
1523 | @@ -148,6 +151,12 @@ struct kex { | 1496 | @@ -154,6 +163,12 @@ struct kex { |
1524 | u_int flags; | 1497 | u_int flags; |
1525 | int hash_alg; | 1498 | int hash_alg; |
1526 | int ec_nid; | 1499 | int ec_nid; |
@@ -1530,27 +1503,93 @@ index 593de1208..4e5ead839 100644 | |||
1530 | + char *gss_host; | 1503 | + char *gss_host; |
1531 | + char *gss_client; | 1504 | + char *gss_client; |
1532 | +#endif | 1505 | +#endif |
1533 | char *client_version_string; | ||
1534 | char *server_version_string; | ||
1535 | char *failed_choice; | 1506 | char *failed_choice; |
1536 | @@ -198,6 +207,11 @@ int kexecdh_server(struct ssh *); | 1507 | int (*verify_host_key)(struct sshkey *, struct ssh *); |
1537 | int kexc25519_client(struct ssh *); | 1508 | struct sshkey *(*load_host_public_key)(int, int, struct ssh *); |
1538 | int kexc25519_server(struct ssh *); | 1509 | @@ -175,8 +190,10 @@ struct kex { |
1539 | 1510 | ||
1540 | +#ifdef GSSAPI | 1511 | int kex_names_valid(const char *); |
1512 | char *kex_alg_list(char); | ||
1513 | +char *kex_gss_alg_list(char); | ||
1514 | char *kex_names_cat(const char *, const char *); | ||
1515 | int kex_assemble_names(char **, const char *, const char *); | ||
1516 | +int kex_gss_names_valid(const char *); | ||
1517 | |||
1518 | int kex_exchange_identification(struct ssh *, int, const char *); | ||
1519 | |||
1520 | @@ -203,6 +220,12 @@ int kexgex_client(struct ssh *); | ||
1521 | int kexgex_server(struct ssh *); | ||
1522 | int kex_gen_client(struct ssh *); | ||
1523 | int kex_gen_server(struct ssh *); | ||
1524 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) | ||
1525 | +int kexgssgex_client(struct ssh *); | ||
1526 | +int kexgssgex_server(struct ssh *); | ||
1541 | +int kexgss_client(struct ssh *); | 1527 | +int kexgss_client(struct ssh *); |
1542 | +int kexgss_server(struct ssh *); | 1528 | +int kexgss_server(struct ssh *); |
1543 | +#endif | 1529 | +#endif |
1544 | + | 1530 | |
1545 | int kex_dh_hash(int, const char *, const char *, | 1531 | int kex_dh_keypair(struct kex *); |
1546 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 1532 | int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, |
1547 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 1533 | @@ -235,6 +258,12 @@ int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, |
1534 | const BIGNUM *, const u_char *, size_t, | ||
1535 | u_char *, size_t *); | ||
1536 | |||
1537 | +int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, | ||
1538 | + const struct sshbuf *server_version, const struct sshbuf *client_kexinit, | ||
1539 | + const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, | ||
1540 | + const struct sshbuf *client_pub, const struct sshbuf *server_pub, | ||
1541 | + const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); | ||
1542 | + | ||
1543 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | ||
1544 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | ||
1545 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | ||
1546 | diff --git a/kexdh.c b/kexdh.c | ||
1547 | index 67133e339..edaa46762 100644 | ||
1548 | --- a/kexdh.c | ||
1549 | +++ b/kexdh.c | ||
1550 | @@ -48,13 +48,23 @@ kex_dh_keygen(struct kex *kex) | ||
1551 | { | ||
1552 | switch (kex->kex_type) { | ||
1553 | case KEX_DH_GRP1_SHA1: | ||
1554 | +#ifdef GSSAPI | ||
1555 | + case KEX_GSS_GRP1_SHA1: | ||
1556 | +#endif | ||
1557 | kex->dh = dh_new_group1(); | ||
1558 | break; | ||
1559 | case KEX_DH_GRP14_SHA1: | ||
1560 | case KEX_DH_GRP14_SHA256: | ||
1561 | +#ifdef GSSAPI | ||
1562 | + case KEX_GSS_GRP14_SHA1: | ||
1563 | + case KEX_GSS_GRP14_SHA256: | ||
1564 | +#endif | ||
1565 | kex->dh = dh_new_group14(); | ||
1566 | break; | ||
1567 | case KEX_DH_GRP16_SHA512: | ||
1568 | +#ifdef GSSAPI | ||
1569 | + case KEX_GSS_GRP16_SHA512: | ||
1570 | +#endif | ||
1571 | kex->dh = dh_new_group16(); | ||
1572 | break; | ||
1573 | case KEX_DH_GRP18_SHA512: | ||
1574 | diff --git a/kexgen.c b/kexgen.c | ||
1575 | index 2abbb9ef6..569dc83f3 100644 | ||
1576 | --- a/kexgen.c | ||
1577 | +++ b/kexgen.c | ||
1578 | @@ -43,7 +43,7 @@ | ||
1579 | static int input_kex_gen_init(int, u_int32_t, struct ssh *); | ||
1580 | static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); | ||
1581 | |||
1582 | -static int | ||
1583 | +int | ||
1584 | kex_gen_hash( | ||
1585 | int hash_alg, | ||
1586 | const struct sshbuf *client_version, | ||
1548 | diff --git a/kexgssc.c b/kexgssc.c | 1587 | diff --git a/kexgssc.c b/kexgssc.c |
1549 | new file mode 100644 | 1588 | new file mode 100644 |
1550 | index 000000000..3c8ae08dd | 1589 | index 000000000..f6e1405eb |
1551 | --- /dev/null | 1590 | --- /dev/null |
1552 | +++ b/kexgssc.c | 1591 | +++ b/kexgssc.c |
1553 | @@ -0,0 +1,341 @@ | 1592 | @@ -0,0 +1,606 @@ |
1554 | +/* | 1593 | +/* |
1555 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. | 1594 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. |
1556 | + * | 1595 | + * |
@@ -1577,7 +1616,7 @@ index 000000000..3c8ae08dd | |||
1577 | + | 1616 | + |
1578 | +#include "includes.h" | 1617 | +#include "includes.h" |
1579 | + | 1618 | + |
1580 | +#ifdef GSSAPI | 1619 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
1581 | + | 1620 | + |
1582 | +#include "includes.h" | 1621 | +#include "includes.h" |
1583 | + | 1622 | + |
@@ -1596,113 +1635,88 @@ index 000000000..3c8ae08dd | |||
1596 | +#include "packet.h" | 1635 | +#include "packet.h" |
1597 | +#include "dh.h" | 1636 | +#include "dh.h" |
1598 | +#include "digest.h" | 1637 | +#include "digest.h" |
1638 | +#include "ssherr.h" | ||
1599 | + | 1639 | + |
1600 | +#include "ssh-gss.h" | 1640 | +#include "ssh-gss.h" |
1601 | + | 1641 | + |
1602 | +int | 1642 | +int |
1603 | +kexgss_client(struct ssh *ssh) { | 1643 | +kexgss_client(struct ssh *ssh) |
1604 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | 1644 | +{ |
1605 | + gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr; | 1645 | + struct kex *kex = ssh->kex; |
1646 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, | ||
1647 | + recv_tok = GSS_C_EMPTY_BUFFER, | ||
1648 | + gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; | ||
1606 | + Gssctxt *ctxt; | 1649 | + Gssctxt *ctxt; |
1607 | + OM_uint32 maj_status, min_status, ret_flags; | 1650 | + OM_uint32 maj_status, min_status, ret_flags; |
1608 | + u_int klen, kout, slen = 0, strlen; | 1651 | + struct sshbuf *server_blob = NULL; |
1609 | + DH *dh; | 1652 | + struct sshbuf *shared_secret = NULL; |
1610 | + BIGNUM *dh_server_pub = NULL; | 1653 | + struct sshbuf *server_host_key_blob = NULL; |
1611 | + BIGNUM *shared_secret = NULL; | 1654 | + struct sshbuf *empty = NULL; |
1612 | + const BIGNUM *pub_key, *dh_p, *dh_g; | 1655 | + u_char *msg; |
1613 | + BIGNUM *p = NULL; | ||
1614 | + BIGNUM *g = NULL; | ||
1615 | + u_char *kbuf; | ||
1616 | + u_char *serverhostkey = NULL; | ||
1617 | + u_char *empty = ""; | ||
1618 | + char *msg; | ||
1619 | + int type = 0; | 1656 | + int type = 0; |
1620 | + int first = 1; | 1657 | + int first = 1; |
1621 | + int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; | ||
1622 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; | 1658 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; |
1623 | + size_t hashlen; | 1659 | + size_t hashlen; |
1660 | + u_char c; | ||
1661 | + int r; | ||
1624 | + | 1662 | + |
1625 | + /* Initialise our GSSAPI world */ | 1663 | + /* Initialise our GSSAPI world */ |
1626 | + ssh_gssapi_build_ctx(&ctxt); | 1664 | + ssh_gssapi_build_ctx(&ctxt); |
1627 | + if (ssh_gssapi_id_kex(ctxt, ssh->kex->name, ssh->kex->kex_type) | 1665 | + if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) |
1628 | + == GSS_C_NO_OID) | 1666 | + == GSS_C_NO_OID) |
1629 | + fatal("Couldn't identify host exchange"); | 1667 | + fatal("Couldn't identify host exchange"); |
1630 | + | 1668 | + |
1631 | + if (ssh_gssapi_import_name(ctxt, ssh->kex->gss_host)) | 1669 | + if (ssh_gssapi_import_name(ctxt, kex->gss_host)) |
1632 | + fatal("Couldn't import hostname"); | 1670 | + fatal("Couldn't import hostname"); |
1633 | + | 1671 | + |
1634 | + if (ssh->kex->gss_client && | 1672 | + if (kex->gss_client && |
1635 | + ssh_gssapi_client_identity(ctxt, ssh->kex->gss_client)) | 1673 | + ssh_gssapi_client_identity(ctxt, kex->gss_client)) |
1636 | + fatal("Couldn't acquire client credentials"); | 1674 | + fatal("Couldn't acquire client credentials"); |
1637 | + | 1675 | + |
1638 | + switch (ssh->kex->kex_type) { | 1676 | + /* Step 1 */ |
1677 | + switch (kex->kex_type) { | ||
1639 | + case KEX_GSS_GRP1_SHA1: | 1678 | + case KEX_GSS_GRP1_SHA1: |
1640 | + dh = dh_new_group1(); | ||
1641 | + break; | ||
1642 | + case KEX_GSS_GRP14_SHA1: | 1679 | + case KEX_GSS_GRP14_SHA1: |
1643 | + dh = dh_new_group14(); | 1680 | + case KEX_GSS_GRP14_SHA256: |
1681 | + case KEX_GSS_GRP16_SHA512: | ||
1682 | + r = kex_dh_keypair(kex); | ||
1683 | + break; | ||
1684 | + case KEX_GSS_NISTP256_SHA256: | ||
1685 | + r = kex_ecdh_keypair(kex); | ||
1644 | + break; | 1686 | + break; |
1645 | + case KEX_GSS_GEX_SHA1: | 1687 | + case KEX_GSS_C25519_SHA256: |
1646 | + debug("Doing group exchange\n"); | 1688 | + r = kex_c25519_keypair(kex); |
1647 | + nbits = dh_estimate(ssh->kex->we_need * 8); | ||
1648 | + packet_start(SSH2_MSG_KEXGSS_GROUPREQ); | ||
1649 | + packet_put_int(min); | ||
1650 | + packet_put_int(nbits); | ||
1651 | + packet_put_int(max); | ||
1652 | + | ||
1653 | + packet_send(); | ||
1654 | + | ||
1655 | + packet_read_expect(SSH2_MSG_KEXGSS_GROUP); | ||
1656 | + | ||
1657 | + if ((p = BN_new()) == NULL) | ||
1658 | + fatal("BN_new() failed"); | ||
1659 | + packet_get_bignum2(p); | ||
1660 | + if ((g = BN_new()) == NULL) | ||
1661 | + fatal("BN_new() failed"); | ||
1662 | + packet_get_bignum2(g); | ||
1663 | + packet_check_eom(); | ||
1664 | + | ||
1665 | + if (BN_num_bits(p) < min || BN_num_bits(p) > max) | ||
1666 | + fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", | ||
1667 | + min, BN_num_bits(p), max); | ||
1668 | + | ||
1669 | + dh = dh_new_group(g, p); | ||
1670 | + break; | 1689 | + break; |
1671 | + default: | 1690 | + default: |
1672 | + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 1691 | + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); |
1673 | + } | 1692 | + } |
1674 | + | 1693 | + if (r != 0) |
1675 | + /* Step 1 - e is dh->pub_key */ | 1694 | + return r; |
1676 | + dh_gen_key(dh, ssh->kex->we_need * 8); | ||
1677 | + DH_get0_key(dh, &pub_key, NULL); | ||
1678 | + DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | ||
1679 | + | ||
1680 | + /* This is f, we initialise it now to make life easier */ | ||
1681 | + dh_server_pub = BN_new(); | ||
1682 | + if (dh_server_pub == NULL) | ||
1683 | + fatal("dh_server_pub == NULL"); | ||
1684 | + | 1695 | + |
1685 | + token_ptr = GSS_C_NO_BUFFER; | 1696 | + token_ptr = GSS_C_NO_BUFFER; |
1686 | + | 1697 | + |
1687 | + do { | 1698 | + do { |
1688 | + debug("Calling gss_init_sec_context"); | 1699 | + debug("Calling gss_init_sec_context"); |
1689 | + | 1700 | + |
1690 | + maj_status = ssh_gssapi_init_ctx(ctxt, | 1701 | + maj_status = ssh_gssapi_init_ctx(ctxt, |
1691 | + ssh->kex->gss_deleg_creds, token_ptr, &send_tok, | 1702 | + kex->gss_deleg_creds, token_ptr, &send_tok, |
1692 | + &ret_flags); | 1703 | + &ret_flags); |
1693 | + | 1704 | + |
1694 | + if (GSS_ERROR(maj_status)) { | 1705 | + if (GSS_ERROR(maj_status)) { |
1706 | + /* XXX Useles code: Missing send? */ | ||
1695 | + if (send_tok.length != 0) { | 1707 | + if (send_tok.length != 0) { |
1696 | + packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 1708 | + if ((r = sshpkt_start(ssh, |
1697 | + packet_put_string(send_tok.value, | 1709 | + SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
1698 | + send_tok.length); | 1710 | + (r = sshpkt_put_string(ssh, send_tok.value, |
1711 | + send_tok.length)) != 0) | ||
1712 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
1699 | + } | 1713 | + } |
1700 | + fatal("gss_init_context failed"); | 1714 | + fatal("gss_init_context failed"); |
1701 | + } | 1715 | + } |
1702 | + | 1716 | + |
1703 | + /* If we've got an old receive buffer get rid of it */ | 1717 | + /* If we've got an old receive buffer get rid of it */ |
1704 | + if (token_ptr != GSS_C_NO_BUFFER) | 1718 | + if (token_ptr != GSS_C_NO_BUFFER) |
1705 | + free(recv_tok.value); | 1719 | + gss_release_buffer(&min_status, &recv_tok); |
1706 | + | 1720 | + |
1707 | + if (maj_status == GSS_S_COMPLETE) { | 1721 | + if (maj_status == GSS_S_COMPLETE) { |
1708 | + /* If mutual state flag is not true, kex fails */ | 1722 | + /* If mutual state flag is not true, kex fails */ |
@@ -1714,75 +1728,90 @@ index 000000000..3c8ae08dd | |||
1714 | + fatal("Integrity check failed"); | 1728 | + fatal("Integrity check failed"); |
1715 | + } | 1729 | + } |
1716 | + | 1730 | + |
1717 | + /* | 1731 | + /* |
1718 | + * If we have data to send, then the last message that we | 1732 | + * If we have data to send, then the last message that we |
1719 | + * received cannot have been a 'complete'. | 1733 | + * received cannot have been a 'complete'. |
1720 | + */ | 1734 | + */ |
1721 | + if (send_tok.length != 0) { | 1735 | + if (send_tok.length != 0) { |
1722 | + if (first) { | 1736 | + if (first) { |
1723 | + packet_start(SSH2_MSG_KEXGSS_INIT); | 1737 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || |
1724 | + packet_put_string(send_tok.value, | 1738 | + (r = sshpkt_put_string(ssh, send_tok.value, |
1725 | + send_tok.length); | 1739 | + send_tok.length)) != 0 || |
1726 | + packet_put_bignum2(pub_key); | 1740 | + (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) |
1741 | + fatal("failed to construct packet: %s", ssh_err(r)); | ||
1727 | + first = 0; | 1742 | + first = 0; |
1728 | + } else { | 1743 | + } else { |
1729 | + packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 1744 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
1730 | + packet_put_string(send_tok.value, | 1745 | + (r = sshpkt_put_string(ssh, send_tok.value, |
1731 | + send_tok.length); | 1746 | + send_tok.length)) != 0) |
1747 | + fatal("failed to construct packet: %s", ssh_err(r)); | ||
1732 | + } | 1748 | + } |
1733 | + packet_send(); | 1749 | + if ((r = sshpkt_send(ssh)) != 0) |
1750 | + fatal("failed to send packet: %s", ssh_err(r)); | ||
1734 | + gss_release_buffer(&min_status, &send_tok); | 1751 | + gss_release_buffer(&min_status, &send_tok); |
1735 | + | 1752 | + |
1736 | + /* If we've sent them data, they should reply */ | 1753 | + /* If we've sent them data, they should reply */ |
1737 | + do { | 1754 | + do { |
1738 | + type = packet_read(); | 1755 | + type = ssh_packet_read(ssh); |
1739 | + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { | 1756 | + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { |
1740 | + debug("Received KEXGSS_HOSTKEY"); | 1757 | + debug("Received KEXGSS_HOSTKEY"); |
1741 | + if (serverhostkey) | 1758 | + if (server_host_key_blob) |
1742 | + fatal("Server host key received more than once"); | 1759 | + fatal("Server host key received more than once"); |
1743 | + serverhostkey = | 1760 | + if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) |
1744 | + packet_get_string(&slen); | 1761 | + fatal("Failed to read server host key: %s", ssh_err(r)); |
1745 | + } | 1762 | + } |
1746 | + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); | 1763 | + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); |
1747 | + | 1764 | + |
1748 | + switch (type) { | 1765 | + switch (type) { |
1749 | + case SSH2_MSG_KEXGSS_CONTINUE: | 1766 | + case SSH2_MSG_KEXGSS_CONTINUE: |
1750 | + debug("Received GSSAPI_CONTINUE"); | 1767 | + debug("Received GSSAPI_CONTINUE"); |
1751 | + if (maj_status == GSS_S_COMPLETE) | 1768 | + if (maj_status == GSS_S_COMPLETE) |
1752 | + fatal("GSSAPI Continue received from server when complete"); | 1769 | + fatal("GSSAPI Continue received from server when complete"); |
1753 | + recv_tok.value = packet_get_string(&strlen); | 1770 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
1754 | + recv_tok.length = strlen; | 1771 | + &recv_tok)) != 0 || |
1772 | + (r = sshpkt_get_end(ssh)) != 0) | ||
1773 | + fatal("Failed to read token: %s", ssh_err(r)); | ||
1755 | + break; | 1774 | + break; |
1756 | + case SSH2_MSG_KEXGSS_COMPLETE: | 1775 | + case SSH2_MSG_KEXGSS_COMPLETE: |
1757 | + debug("Received GSSAPI_COMPLETE"); | 1776 | + debug("Received GSSAPI_COMPLETE"); |
1758 | + packet_get_bignum2(dh_server_pub); | 1777 | + if (msg_tok.value != NULL) |
1759 | + msg_tok.value = packet_get_string(&strlen); | 1778 | + fatal("Received GSSAPI_COMPLETE twice?"); |
1760 | + msg_tok.length = strlen; | 1779 | + if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || |
1780 | + (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
1781 | + &msg_tok)) != 0) | ||
1782 | + fatal("Failed to read message: %s", ssh_err(r)); | ||
1761 | + | 1783 | + |
1762 | + /* Is there a token included? */ | 1784 | + /* Is there a token included? */ |
1763 | + if (packet_get_char()) { | 1785 | + if ((r = sshpkt_get_u8(ssh, &c)) != 0) |
1764 | + recv_tok.value= | 1786 | + fatal("sshpkt failed: %s", ssh_err(r)); |
1765 | + packet_get_string(&strlen); | 1787 | + if (c) { |
1766 | + recv_tok.length = strlen; | 1788 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc( |
1789 | + ssh, &recv_tok)) != 0) | ||
1790 | + fatal("Failed to read token: %s", ssh_err(r)); | ||
1767 | + /* If we're already complete - protocol error */ | 1791 | + /* If we're already complete - protocol error */ |
1768 | + if (maj_status == GSS_S_COMPLETE) | 1792 | + if (maj_status == GSS_S_COMPLETE) |
1769 | + packet_disconnect("Protocol error: received token when complete"); | 1793 | + sshpkt_disconnect(ssh, "Protocol error: received token when complete"); |
1770 | + } else { | 1794 | + } else { |
1771 | + /* No token included */ | 1795 | + /* No token included */ |
1772 | + if (maj_status != GSS_S_COMPLETE) | 1796 | + if (maj_status != GSS_S_COMPLETE) |
1773 | + packet_disconnect("Protocol error: did not receive final token"); | 1797 | + sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); |
1798 | + } | ||
1799 | + if ((r = sshpkt_get_end(ssh)) != 0) { | ||
1800 | + fatal("Expecting end of packet."); | ||
1774 | + } | 1801 | + } |
1775 | + break; | 1802 | + break; |
1776 | + case SSH2_MSG_KEXGSS_ERROR: | 1803 | + case SSH2_MSG_KEXGSS_ERROR: |
1777 | + debug("Received Error"); | 1804 | + debug("Received Error"); |
1778 | + maj_status = packet_get_int(); | 1805 | + if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || |
1779 | + min_status = packet_get_int(); | 1806 | + (r = sshpkt_get_u32(ssh, &min_status)) != 0 || |
1780 | + msg = packet_get_string(NULL); | 1807 | + (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || |
1781 | + (void) packet_get_string_ptr(NULL); | 1808 | + (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ |
1782 | + fatal("GSSAPI Error: \n%.400s",msg); | 1809 | + (r = sshpkt_get_end(ssh)) != 0) |
1810 | + fatal("sshpkt_get failed: %s", ssh_err(r)); | ||
1811 | + fatal("GSSAPI Error: \n%.400s", msg); | ||
1783 | + default: | 1812 | + default: |
1784 | + packet_disconnect("Protocol error: didn't expect packet type %d", | 1813 | + sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", |
1785 | + type); | 1814 | + type); |
1786 | + } | 1815 | + } |
1787 | + token_ptr = &recv_tok; | 1816 | + token_ptr = &recv_tok; |
1788 | + } else { | 1817 | + } else { |
@@ -1792,93 +1821,358 @@ index 000000000..3c8ae08dd | |||
1792 | + } | 1821 | + } |
1793 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); | 1822 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); |
1794 | + | 1823 | + |
1795 | + /* | 1824 | + /* |
1796 | + * We _must_ have received a COMPLETE message in reply from the | 1825 | + * We _must_ have received a COMPLETE message in reply from the |
1797 | + * server, which will have set dh_server_pub and msg_tok | 1826 | + * server, which will have set server_blob and msg_tok |
1798 | + */ | 1827 | + */ |
1799 | + | 1828 | + |
1800 | + if (type != SSH2_MSG_KEXGSS_COMPLETE) | 1829 | + if (type != SSH2_MSG_KEXGSS_COMPLETE) |
1801 | + fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); | 1830 | + fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); |
1802 | + | 1831 | + |
1803 | + /* Check f in range [1, p-1] */ | 1832 | + /* compute shared secret */ |
1804 | + if (!dh_pub_is_valid(dh, dh_server_pub)) | 1833 | + switch (kex->kex_type) { |
1805 | + packet_disconnect("bad server public DH value"); | ||
1806 | + | ||
1807 | + /* compute K=f^x mod p */ | ||
1808 | + klen = DH_size(dh); | ||
1809 | + kbuf = xmalloc(klen); | ||
1810 | + kout = DH_compute_key(kbuf, dh_server_pub, dh); | ||
1811 | + if (kout < 0) | ||
1812 | + fatal("DH_compute_key: failed"); | ||
1813 | + | ||
1814 | + shared_secret = BN_new(); | ||
1815 | + if (shared_secret == NULL) | ||
1816 | + fatal("kexgss_client: BN_new failed"); | ||
1817 | + | ||
1818 | + if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) | ||
1819 | + fatal("kexdh_client: BN_bin2bn failed"); | ||
1820 | + | ||
1821 | + memset(kbuf, 0, klen); | ||
1822 | + free(kbuf); | ||
1823 | + | ||
1824 | + hashlen = sizeof(hash); | ||
1825 | + switch (ssh->kex->kex_type) { | ||
1826 | + case KEX_GSS_GRP1_SHA1: | 1834 | + case KEX_GSS_GRP1_SHA1: |
1827 | + case KEX_GSS_GRP14_SHA1: | 1835 | + case KEX_GSS_GRP14_SHA1: |
1828 | + kex_dh_hash( | 1836 | + case KEX_GSS_GRP14_SHA256: |
1829 | + ssh->kex->hash_alg, | 1837 | + case KEX_GSS_GRP16_SHA512: |
1830 | + ssh->kex->client_version_string, | 1838 | + r = kex_dh_dec(kex, server_blob, &shared_secret); |
1831 | + ssh->kex->server_version_string, | 1839 | + break; |
1832 | + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 1840 | + case KEX_GSS_C25519_SHA256: |
1833 | + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 1841 | + if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80) |
1834 | + (serverhostkey ? serverhostkey : empty), slen, | 1842 | + fatal("The received key has MSB of last octet set!"); |
1835 | + pub_key, /* e */ | 1843 | + r = kex_c25519_dec(kex, server_blob, &shared_secret); |
1836 | + dh_server_pub, /* f */ | ||
1837 | + shared_secret, /* K */ | ||
1838 | + hash, &hashlen | ||
1839 | + ); | ||
1840 | + break; | 1844 | + break; |
1841 | + case KEX_GSS_GEX_SHA1: | 1845 | + case KEX_GSS_NISTP256_SHA256: |
1842 | + kexgex_hash( | 1846 | + if (sshbuf_len(server_blob) != 65) |
1843 | + ssh->kex->hash_alg, | 1847 | + fatal("The received NIST-P256 key did not match" |
1844 | + ssh->kex->client_version_string, | 1848 | + "expected length (expected 65, got %zu)", sshbuf_len(server_blob)); |
1845 | + ssh->kex->server_version_string, | 1849 | + |
1846 | + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 1850 | + if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) |
1847 | + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 1851 | + fatal("The received NIST-P256 key does not have first octet 0x04"); |
1848 | + (serverhostkey ? serverhostkey : empty), slen, | 1852 | + |
1849 | + min, nbits, max, | 1853 | + r = kex_ecdh_dec(kex, server_blob, &shared_secret); |
1850 | + dh_p, dh_g, | ||
1851 | + pub_key, | ||
1852 | + dh_server_pub, | ||
1853 | + shared_secret, | ||
1854 | + hash, &hashlen | ||
1855 | + ); | ||
1856 | + break; | 1854 | + break; |
1857 | + default: | 1855 | + default: |
1858 | + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 1856 | + r = SSH_ERR_INVALID_ARGUMENT; |
1857 | + break; | ||
1858 | + } | ||
1859 | + if (r != 0) | ||
1860 | + goto out; | ||
1861 | + | ||
1862 | + if ((empty = sshbuf_new()) == NULL) { | ||
1863 | + r = SSH_ERR_ALLOC_FAIL; | ||
1864 | + goto out; | ||
1859 | + } | 1865 | + } |
1860 | + | 1866 | + |
1867 | + hashlen = sizeof(hash); | ||
1868 | + if ((r = kex_gen_hash( | ||
1869 | + kex->hash_alg, | ||
1870 | + kex->client_version, | ||
1871 | + kex->server_version, | ||
1872 | + kex->my, | ||
1873 | + kex->peer, | ||
1874 | + (server_host_key_blob ? server_host_key_blob : empty), | ||
1875 | + kex->client_pub, | ||
1876 | + server_blob, | ||
1877 | + shared_secret, | ||
1878 | + hash, &hashlen)) != 0) | ||
1879 | + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); | ||
1880 | + | ||
1861 | + gssbuf.value = hash; | 1881 | + gssbuf.value = hash; |
1862 | + gssbuf.length = hashlen; | 1882 | + gssbuf.length = hashlen; |
1863 | + | 1883 | + |
1864 | + /* Verify that the hash matches the MIC we just got. */ | 1884 | + /* Verify that the hash matches the MIC we just got. */ |
1865 | + if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) | 1885 | + if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) |
1866 | + packet_disconnect("Hash's MIC didn't verify"); | 1886 | + sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); |
1867 | + | 1887 | + |
1868 | + free(msg_tok.value); | 1888 | + gss_release_buffer(&min_status, &msg_tok); |
1869 | + | 1889 | + |
1870 | + DH_free(dh); | 1890 | + if (kex->gss_deleg_creds) |
1871 | + free(serverhostkey); | 1891 | + ssh_gssapi_credentials_updated(ctxt); |
1872 | + BN_clear_free(dh_server_pub); | 1892 | + |
1893 | + if (gss_kex_context == NULL) | ||
1894 | + gss_kex_context = ctxt; | ||
1895 | + else | ||
1896 | + ssh_gssapi_delete_ctx(&ctxt); | ||
1897 | + | ||
1898 | + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
1899 | + r = kex_send_newkeys(ssh); | ||
1900 | + | ||
1901 | +out: | ||
1902 | + explicit_bzero(hash, sizeof(hash)); | ||
1903 | + explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); | ||
1904 | + sshbuf_free(empty); | ||
1905 | + sshbuf_free(server_host_key_blob); | ||
1906 | + sshbuf_free(server_blob); | ||
1907 | + sshbuf_free(shared_secret); | ||
1908 | + sshbuf_free(kex->client_pub); | ||
1909 | + kex->client_pub = NULL; | ||
1910 | + return r; | ||
1911 | +} | ||
1912 | + | ||
1913 | +int | ||
1914 | +kexgssgex_client(struct ssh *ssh) | ||
1915 | +{ | ||
1916 | + struct kex *kex = ssh->kex; | ||
1917 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, | ||
1918 | + recv_tok = GSS_C_EMPTY_BUFFER, gssbuf, | ||
1919 | + msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; | ||
1920 | + Gssctxt *ctxt; | ||
1921 | + OM_uint32 maj_status, min_status, ret_flags; | ||
1922 | + struct sshbuf *shared_secret = NULL; | ||
1923 | + BIGNUM *p = NULL; | ||
1924 | + BIGNUM *g = NULL; | ||
1925 | + struct sshbuf *buf = NULL; | ||
1926 | + struct sshbuf *server_host_key_blob = NULL; | ||
1927 | + struct sshbuf *server_blob = NULL; | ||
1928 | + BIGNUM *dh_server_pub = NULL; | ||
1929 | + u_char *msg; | ||
1930 | + int type = 0; | ||
1931 | + int first = 1; | ||
1932 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
1933 | + size_t hashlen; | ||
1934 | + const BIGNUM *pub_key, *dh_p, *dh_g; | ||
1935 | + int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; | ||
1936 | + struct sshbuf *empty = NULL; | ||
1937 | + u_char c; | ||
1938 | + int r; | ||
1939 | + | ||
1940 | + /* Initialise our GSSAPI world */ | ||
1941 | + ssh_gssapi_build_ctx(&ctxt); | ||
1942 | + if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) | ||
1943 | + == GSS_C_NO_OID) | ||
1944 | + fatal("Couldn't identify host exchange"); | ||
1945 | + | ||
1946 | + if (ssh_gssapi_import_name(ctxt, kex->gss_host)) | ||
1947 | + fatal("Couldn't import hostname"); | ||
1948 | + | ||
1949 | + if (kex->gss_client && | ||
1950 | + ssh_gssapi_client_identity(ctxt, kex->gss_client)) | ||
1951 | + fatal("Couldn't acquire client credentials"); | ||
1952 | + | ||
1953 | + debug("Doing group exchange"); | ||
1954 | + nbits = dh_estimate(kex->dh_need * 8); | ||
1955 | + | ||
1956 | + kex->min = DH_GRP_MIN; | ||
1957 | + kex->max = DH_GRP_MAX; | ||
1958 | + kex->nbits = nbits; | ||
1959 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || | ||
1960 | + (r = sshpkt_put_u32(ssh, min)) != 0 || | ||
1961 | + (r = sshpkt_put_u32(ssh, nbits)) != 0 || | ||
1962 | + (r = sshpkt_put_u32(ssh, max)) != 0 || | ||
1963 | + (r = sshpkt_send(ssh)) != 0) | ||
1964 | + fatal("Failed to construct a packet: %s", ssh_err(r)); | ||
1965 | + | ||
1966 | + if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0) | ||
1967 | + fatal("Error: %s", ssh_err(r)); | ||
1968 | + | ||
1969 | + if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || | ||
1970 | + (r = sshpkt_get_bignum2(ssh, &g)) != 0 || | ||
1971 | + (r = sshpkt_get_end(ssh)) != 0) | ||
1972 | + fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); | ||
1973 | + | ||
1974 | + if (BN_num_bits(p) < min || BN_num_bits(p) > max) | ||
1975 | + fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", | ||
1976 | + min, BN_num_bits(p), max); | ||
1977 | + | ||
1978 | + if ((kex->dh = dh_new_group(g, p)) == NULL) | ||
1979 | + fatal("dn_new_group() failed"); | ||
1980 | + p = g = NULL; /* belong to kex->dh now */ | ||
1981 | + | ||
1982 | + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
1983 | + goto out; | ||
1984 | + DH_get0_key(kex->dh, &pub_key, NULL); | ||
1985 | + | ||
1986 | + token_ptr = GSS_C_NO_BUFFER; | ||
1987 | + | ||
1988 | + do { | ||
1989 | + /* Step 2 - call GSS_Init_sec_context() */ | ||
1990 | + debug("Calling gss_init_sec_context"); | ||
1991 | + | ||
1992 | + maj_status = ssh_gssapi_init_ctx(ctxt, | ||
1993 | + kex->gss_deleg_creds, token_ptr, &send_tok, | ||
1994 | + &ret_flags); | ||
1995 | + | ||
1996 | + if (GSS_ERROR(maj_status)) { | ||
1997 | + /* XXX Useles code: Missing send? */ | ||
1998 | + if (send_tok.length != 0) { | ||
1999 | + if ((r = sshpkt_start(ssh, | ||
2000 | + SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
2001 | + (r = sshpkt_put_string(ssh, send_tok.value, | ||
2002 | + send_tok.length)) != 0) | ||
2003 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2004 | + } | ||
2005 | + fatal("gss_init_context failed"); | ||
2006 | + } | ||
2007 | + | ||
2008 | + /* If we've got an old receive buffer get rid of it */ | ||
2009 | + if (token_ptr != GSS_C_NO_BUFFER) | ||
2010 | + gss_release_buffer(&min_status, &recv_tok); | ||
2011 | + | ||
2012 | + if (maj_status == GSS_S_COMPLETE) { | ||
2013 | + /* If mutual state flag is not true, kex fails */ | ||
2014 | + if (!(ret_flags & GSS_C_MUTUAL_FLAG)) | ||
2015 | + fatal("Mutual authentication failed"); | ||
2016 | + | ||
2017 | + /* If integ avail flag is not true kex fails */ | ||
2018 | + if (!(ret_flags & GSS_C_INTEG_FLAG)) | ||
2019 | + fatal("Integrity check failed"); | ||
2020 | + } | ||
2021 | + | ||
2022 | + /* | ||
2023 | + * If we have data to send, then the last message that we | ||
2024 | + * received cannot have been a 'complete'. | ||
2025 | + */ | ||
2026 | + if (send_tok.length != 0) { | ||
2027 | + if (first) { | ||
2028 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || | ||
2029 | + (r = sshpkt_put_string(ssh, send_tok.value, | ||
2030 | + send_tok.length)) != 0 || | ||
2031 | + (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) | ||
2032 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2033 | + first = 0; | ||
2034 | + } else { | ||
2035 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
2036 | + (r = sshpkt_put_string(ssh,send_tok.value, | ||
2037 | + send_tok.length)) != 0) | ||
2038 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2039 | + } | ||
2040 | + if ((r = sshpkt_send(ssh)) != 0) | ||
2041 | + fatal("sshpkt_send failed: %s", ssh_err(r)); | ||
2042 | + gss_release_buffer(&min_status, &send_tok); | ||
2043 | + | ||
2044 | + /* If we've sent them data, they should reply */ | ||
2045 | + do { | ||
2046 | + type = ssh_packet_read(ssh); | ||
2047 | + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { | ||
2048 | + debug("Received KEXGSS_HOSTKEY"); | ||
2049 | + if (server_host_key_blob) | ||
2050 | + fatal("Server host key received more than once"); | ||
2051 | + if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) | ||
2052 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2053 | + } | ||
2054 | + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); | ||
2055 | + | ||
2056 | + switch (type) { | ||
2057 | + case SSH2_MSG_KEXGSS_CONTINUE: | ||
2058 | + debug("Received GSSAPI_CONTINUE"); | ||
2059 | + if (maj_status == GSS_S_COMPLETE) | ||
2060 | + fatal("GSSAPI Continue received from server when complete"); | ||
2061 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
2062 | + &recv_tok)) != 0 || | ||
2063 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2064 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2065 | + break; | ||
2066 | + case SSH2_MSG_KEXGSS_COMPLETE: | ||
2067 | + debug("Received GSSAPI_COMPLETE"); | ||
2068 | + if (msg_tok.value != NULL) | ||
2069 | + fatal("Received GSSAPI_COMPLETE twice?"); | ||
2070 | + if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || | ||
2071 | + (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
2072 | + &msg_tok)) != 0) | ||
2073 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2074 | + | ||
2075 | + /* Is there a token included? */ | ||
2076 | + if ((r = sshpkt_get_u8(ssh, &c)) != 0) | ||
2077 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2078 | + if (c) { | ||
2079 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc( | ||
2080 | + ssh, &recv_tok)) != 0 || | ||
2081 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2082 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2083 | + /* If we're already complete - protocol error */ | ||
2084 | + if (maj_status == GSS_S_COMPLETE) | ||
2085 | + sshpkt_disconnect(ssh, "Protocol error: received token when complete"); | ||
2086 | + } else { | ||
2087 | + /* No token included */ | ||
2088 | + if (maj_status != GSS_S_COMPLETE) | ||
2089 | + sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); | ||
2090 | + } | ||
2091 | + break; | ||
2092 | + case SSH2_MSG_KEXGSS_ERROR: | ||
2093 | + debug("Received Error"); | ||
2094 | + if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || | ||
2095 | + (r = sshpkt_get_u32(ssh, &min_status)) != 0 || | ||
2096 | + (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || | ||
2097 | + (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ | ||
2098 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2099 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2100 | + fatal("GSSAPI Error: \n%.400s", msg); | ||
2101 | + default: | ||
2102 | + sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", | ||
2103 | + type); | ||
2104 | + } | ||
2105 | + token_ptr = &recv_tok; | ||
2106 | + } else { | ||
2107 | + /* No data, and not complete */ | ||
2108 | + if (maj_status != GSS_S_COMPLETE) | ||
2109 | + fatal("Not complete, and no token output"); | ||
2110 | + } | ||
2111 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); | ||
2112 | + | ||
2113 | + /* | ||
2114 | + * We _must_ have received a COMPLETE message in reply from the | ||
2115 | + * server, which will have set dh_server_pub and msg_tok | ||
2116 | + */ | ||
2117 | + | ||
2118 | + if (type != SSH2_MSG_KEXGSS_COMPLETE) | ||
2119 | + fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); | ||
2120 | + | ||
2121 | + /* 7. C verifies that the key Q_S is valid */ | ||
2122 | + /* 8. C computes shared secret */ | ||
2123 | + if ((buf = sshbuf_new()) == NULL || | ||
2124 | + (r = sshbuf_put_stringb(buf, server_blob)) != 0 || | ||
2125 | + (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) | ||
2126 | + goto out; | ||
2127 | + sshbuf_free(buf); | ||
2128 | + buf = NULL; | ||
2129 | + | ||
2130 | + if ((shared_secret = sshbuf_new()) == NULL) { | ||
2131 | + r = SSH_ERR_ALLOC_FAIL; | ||
2132 | + goto out; | ||
2133 | + } | ||
2134 | + | ||
2135 | + if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) | ||
2136 | + goto out; | ||
2137 | + if ((empty = sshbuf_new()) == NULL) { | ||
2138 | + r = SSH_ERR_ALLOC_FAIL; | ||
2139 | + goto out; | ||
2140 | + } | ||
2141 | + | ||
2142 | + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
2143 | + hashlen = sizeof(hash); | ||
2144 | + if ((r = kexgex_hash( | ||
2145 | + kex->hash_alg, | ||
2146 | + kex->client_version, | ||
2147 | + kex->server_version, | ||
2148 | + kex->my, | ||
2149 | + kex->peer, | ||
2150 | + (server_host_key_blob ? server_host_key_blob : empty), | ||
2151 | + kex->min, kex->nbits, kex->max, | ||
2152 | + dh_p, dh_g, | ||
2153 | + pub_key, | ||
2154 | + dh_server_pub, | ||
2155 | + sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
2156 | + hash, &hashlen)) != 0) | ||
2157 | + fatal("Failed to calculate hash: %s", ssh_err(r)); | ||
2158 | + | ||
2159 | + gssbuf.value = hash; | ||
2160 | + gssbuf.length = hashlen; | ||
2161 | + | ||
2162 | + /* Verify that the hash matches the MIC we just got. */ | ||
2163 | + if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) | ||
2164 | + sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); | ||
2165 | + | ||
2166 | + gss_release_buffer(&min_status, &msg_tok); | ||
1873 | + | 2167 | + |
1874 | + /* save session id */ | 2168 | + /* save session id */ |
1875 | + if (ssh->kex->session_id == NULL) { | 2169 | + if (kex->session_id == NULL) { |
1876 | + ssh->kex->session_id_len = hashlen; | 2170 | + kex->session_id_len = hashlen; |
1877 | + ssh->kex->session_id = xmalloc(ssh->kex->session_id_len); | 2171 | + kex->session_id = xmalloc(kex->session_id_len); |
1878 | + memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len); | 2172 | + memcpy(kex->session_id, hash, kex->session_id_len); |
1879 | + } | 2173 | + } |
1880 | + | 2174 | + |
1881 | + if (ssh->kex->gss_deleg_creds) | 2175 | + if (kex->gss_deleg_creds) |
1882 | + ssh_gssapi_credentials_updated(ctxt); | 2176 | + ssh_gssapi_credentials_updated(ctxt); |
1883 | + | 2177 | + |
1884 | + if (gss_kex_context == NULL) | 2178 | + if (gss_kex_context == NULL) |
@@ -1886,18 +2180,28 @@ index 000000000..3c8ae08dd | |||
1886 | + else | 2180 | + else |
1887 | + ssh_gssapi_delete_ctx(&ctxt); | 2181 | + ssh_gssapi_delete_ctx(&ctxt); |
1888 | + | 2182 | + |
1889 | + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); | 2183 | + /* Finally derive the keys and send them */ |
1890 | + BN_clear_free(shared_secret); | 2184 | + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
1891 | + return kex_send_newkeys(ssh); | 2185 | + r = kex_send_newkeys(ssh); |
2186 | +out: | ||
2187 | + sshbuf_free(buf); | ||
2188 | + sshbuf_free(server_blob); | ||
2189 | + sshbuf_free(empty); | ||
2190 | + explicit_bzero(hash, sizeof(hash)); | ||
2191 | + DH_free(kex->dh); | ||
2192 | + kex->dh = NULL; | ||
2193 | + BN_clear_free(dh_server_pub); | ||
2194 | + sshbuf_free(shared_secret); | ||
2195 | + sshbuf_free(server_host_key_blob); | ||
2196 | + return r; | ||
1892 | +} | 2197 | +} |
1893 | + | 2198 | +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ |
1894 | +#endif /* GSSAPI */ | ||
1895 | diff --git a/kexgsss.c b/kexgsss.c | 2199 | diff --git a/kexgsss.c b/kexgsss.c |
1896 | new file mode 100644 | 2200 | new file mode 100644 |
1897 | index 000000000..18070f1d7 | 2201 | index 000000000..60bc02deb |
1898 | --- /dev/null | 2202 | --- /dev/null |
1899 | +++ b/kexgsss.c | 2203 | +++ b/kexgsss.c |
1900 | @@ -0,0 +1,300 @@ | 2204 | @@ -0,0 +1,474 @@ |
1901 | +/* | 2205 | +/* |
1902 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. | 2206 | + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. |
1903 | + * | 2207 | + * |
@@ -1924,7 +2228,7 @@ index 000000000..18070f1d7 | |||
1924 | + | 2228 | + |
1925 | +#include "includes.h" | 2229 | +#include "includes.h" |
1926 | + | 2230 | + |
1927 | +#ifdef GSSAPI | 2231 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
1928 | + | 2232 | + |
1929 | +#include <string.h> | 2233 | +#include <string.h> |
1930 | + | 2234 | + |
@@ -1942,40 +2246,41 @@ index 000000000..18070f1d7 | |||
1942 | +#include "dh.h" | 2246 | +#include "dh.h" |
1943 | +#include "ssh-gss.h" | 2247 | +#include "ssh-gss.h" |
1944 | +#include "monitor_wrap.h" | 2248 | +#include "monitor_wrap.h" |
1945 | +#include "misc.h" | 2249 | +#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ |
1946 | +#include "servconf.h" | 2250 | +#include "servconf.h" |
2251 | +#include "ssh-gss.h" | ||
1947 | +#include "digest.h" | 2252 | +#include "digest.h" |
2253 | +#include "ssherr.h" | ||
1948 | + | 2254 | + |
1949 | +extern ServerOptions options; | 2255 | +extern ServerOptions options; |
1950 | + | 2256 | + |
1951 | +int | 2257 | +int |
1952 | +kexgss_server(struct ssh *ssh) | 2258 | +kexgss_server(struct ssh *ssh) |
1953 | +{ | 2259 | +{ |
2260 | + struct kex *kex = ssh->kex; | ||
1954 | + OM_uint32 maj_status, min_status; | 2261 | + OM_uint32 maj_status, min_status; |
1955 | + | 2262 | + |
1956 | + /* | 2263 | + /* |
1957 | + * Some GSSAPI implementations use the input value of ret_flags (an | 2264 | + * Some GSSAPI implementations use the input value of ret_flags (an |
1958 | + * output variable) as a means of triggering mechanism specific | 2265 | + * output variable) as a means of triggering mechanism specific |
1959 | + * features. Initializing it to zero avoids inadvertently | 2266 | + * features. Initializing it to zero avoids inadvertently |
1960 | + * activating this non-standard behaviour. | 2267 | + * activating this non-standard behaviour. |
1961 | + */ | 2268 | + */ |
1962 | + | 2269 | + |
1963 | + OM_uint32 ret_flags = 0; | 2270 | + OM_uint32 ret_flags = 0; |
1964 | + gss_buffer_desc gssbuf, recv_tok, msg_tok; | 2271 | + gss_buffer_desc gssbuf, recv_tok, msg_tok; |
1965 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | 2272 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; |
1966 | + Gssctxt *ctxt = NULL; | 2273 | + Gssctxt *ctxt = NULL; |
1967 | + u_int slen, klen, kout; | 2274 | + struct sshbuf *shared_secret = NULL; |
1968 | + u_char *kbuf; | 2275 | + struct sshbuf *client_pubkey = NULL; |
1969 | + DH *dh; | 2276 | + struct sshbuf *server_pubkey = NULL; |
1970 | + int min = -1, max = -1, nbits = -1; | 2277 | + struct sshbuf *empty = sshbuf_new(); |
1971 | + const BIGNUM *pub_key, *dh_p, *dh_g; | ||
1972 | + BIGNUM *shared_secret = NULL; | ||
1973 | + BIGNUM *dh_client_pub = NULL; | ||
1974 | + int type = 0; | 2278 | + int type = 0; |
1975 | + gss_OID oid; | 2279 | + gss_OID oid; |
1976 | + char *mechs; | 2280 | + char *mechs; |
1977 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; | 2281 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; |
1978 | + size_t hashlen; | 2282 | + size_t hashlen; |
2283 | + int r; | ||
1979 | + | 2284 | + |
1980 | + /* Initialise GSSAPI */ | 2285 | + /* Initialise GSSAPI */ |
1981 | + | 2286 | + |
@@ -1988,8 +2293,8 @@ index 000000000..18070f1d7 | |||
1988 | + free(mechs); | 2293 | + free(mechs); |
1989 | + } | 2294 | + } |
1990 | + | 2295 | + |
1991 | + debug2("%s: Identifying %s", __func__, ssh->kex->name); | 2296 | + debug2("%s: Identifying %s", __func__, kex->name); |
1992 | + oid = ssh_gssapi_id_kex(NULL, ssh->kex->name, ssh->kex->kex_type); | 2297 | + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); |
1993 | + if (oid == GSS_C_NO_OID) | 2298 | + if (oid == GSS_C_NO_OID) |
1994 | + fatal("Unknown gssapi mechanism"); | 2299 | + fatal("Unknown gssapi mechanism"); |
1995 | + | 2300 | + |
@@ -1998,94 +2303,82 @@ index 000000000..18070f1d7 | |||
1998 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) | 2303 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) |
1999 | + fatal("Unable to acquire credentials for the server"); | 2304 | + fatal("Unable to acquire credentials for the server"); |
2000 | + | 2305 | + |
2001 | + switch (ssh->kex->kex_type) { | ||
2002 | + case KEX_GSS_GRP1_SHA1: | ||
2003 | + dh = dh_new_group1(); | ||
2004 | + break; | ||
2005 | + case KEX_GSS_GRP14_SHA1: | ||
2006 | + dh = dh_new_group14(); | ||
2007 | + break; | ||
2008 | + case KEX_GSS_GEX_SHA1: | ||
2009 | + debug("Doing group exchange"); | ||
2010 | + packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ); | ||
2011 | + min = packet_get_int(); | ||
2012 | + nbits = packet_get_int(); | ||
2013 | + max = packet_get_int(); | ||
2014 | + packet_check_eom(); | ||
2015 | + if (max < min || nbits < min || max < nbits) | ||
2016 | + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", | ||
2017 | + min, nbits, max); | ||
2018 | + dh = PRIVSEP(choose_dh(MAX(DH_GRP_MIN, min), | ||
2019 | + nbits, MIN(DH_GRP_MAX, max))); | ||
2020 | + if (dh == NULL) | ||
2021 | + packet_disconnect("Protocol error: no matching group found"); | ||
2022 | + DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | ||
2023 | + | ||
2024 | + packet_start(SSH2_MSG_KEXGSS_GROUP); | ||
2025 | + packet_put_bignum2(dh_p); | ||
2026 | + packet_put_bignum2(dh_g); | ||
2027 | + packet_send(); | ||
2028 | + | ||
2029 | + packet_write_wait(); | ||
2030 | + break; | ||
2031 | + default: | ||
2032 | + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | ||
2033 | + } | ||
2034 | + | ||
2035 | + dh_gen_key(dh, ssh->kex->we_need * 8); | ||
2036 | + | ||
2037 | + do { | 2306 | + do { |
2038 | + debug("Wait SSH2_MSG_GSSAPI_INIT"); | 2307 | + debug("Wait SSH2_MSG_KEXGSS_INIT"); |
2039 | + type = packet_read(); | 2308 | + type = ssh_packet_read(ssh); |
2040 | + switch(type) { | 2309 | + switch(type) { |
2041 | + case SSH2_MSG_KEXGSS_INIT: | 2310 | + case SSH2_MSG_KEXGSS_INIT: |
2042 | + if (dh_client_pub != NULL) | 2311 | + if (client_pubkey != NULL) |
2043 | + fatal("Received KEXGSS_INIT after initialising"); | 2312 | + fatal("Received KEXGSS_INIT after initialising"); |
2044 | + recv_tok.value = packet_get_string(&slen); | 2313 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
2045 | + recv_tok.length = slen; | 2314 | + &recv_tok)) != 0 || |
2046 | + | 2315 | + (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || |
2047 | + if ((dh_client_pub = BN_new()) == NULL) | 2316 | + (r = sshpkt_get_end(ssh)) != 0) |
2048 | + fatal("dh_client_pub == NULL"); | 2317 | + fatal("sshpkt failed: %s", ssh_err(r)); |
2049 | + | 2318 | + |
2050 | + packet_get_bignum2(dh_client_pub); | 2319 | + switch (kex->kex_type) { |
2320 | + case KEX_GSS_GRP1_SHA1: | ||
2321 | + case KEX_GSS_GRP14_SHA1: | ||
2322 | + case KEX_GSS_GRP14_SHA256: | ||
2323 | + case KEX_GSS_GRP16_SHA512: | ||
2324 | + r = kex_dh_enc(kex, client_pubkey, &server_pubkey, | ||
2325 | + &shared_secret); | ||
2326 | + break; | ||
2327 | + case KEX_GSS_NISTP256_SHA256: | ||
2328 | + r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, | ||
2329 | + &shared_secret); | ||
2330 | + break; | ||
2331 | + case KEX_GSS_C25519_SHA256: | ||
2332 | + r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, | ||
2333 | + &shared_secret); | ||
2334 | + break; | ||
2335 | + default: | ||
2336 | + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); | ||
2337 | + } | ||
2338 | + if (r != 0) | ||
2339 | + goto out; | ||
2051 | + | 2340 | + |
2052 | + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ | 2341 | + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ |
2053 | + break; | 2342 | + break; |
2054 | + case SSH2_MSG_KEXGSS_CONTINUE: | 2343 | + case SSH2_MSG_KEXGSS_CONTINUE: |
2055 | + recv_tok.value = packet_get_string(&slen); | 2344 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
2056 | + recv_tok.length = slen; | 2345 | + &recv_tok)) != 0 || |
2346 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2347 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2057 | + break; | 2348 | + break; |
2058 | + default: | 2349 | + default: |
2059 | + packet_disconnect( | 2350 | + sshpkt_disconnect(ssh, |
2060 | + "Protocol error: didn't expect packet type %d", | 2351 | + "Protocol error: didn't expect packet type %d", |
2061 | + type); | 2352 | + type); |
2062 | + } | 2353 | + } |
2063 | + | 2354 | + |
2064 | + maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, | 2355 | + maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, |
2065 | + &send_tok, &ret_flags)); | 2356 | + &send_tok, &ret_flags)); |
2066 | + | 2357 | + |
2067 | + free(recv_tok.value); | 2358 | + gss_release_buffer(&min_status, &recv_tok); |
2068 | + | 2359 | + |
2069 | + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) | 2360 | + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) |
2070 | + fatal("Zero length token output when incomplete"); | 2361 | + fatal("Zero length token output when incomplete"); |
2071 | + | 2362 | + |
2072 | + if (dh_client_pub == NULL) | 2363 | + if (client_pubkey == NULL) |
2073 | + fatal("No client public key"); | 2364 | + fatal("No client public key"); |
2074 | + | 2365 | + |
2075 | + if (maj_status & GSS_S_CONTINUE_NEEDED) { | 2366 | + if (maj_status & GSS_S_CONTINUE_NEEDED) { |
2076 | + debug("Sending GSSAPI_CONTINUE"); | 2367 | + debug("Sending GSSAPI_CONTINUE"); |
2077 | + packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 2368 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
2078 | + packet_put_string(send_tok.value, send_tok.length); | 2369 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || |
2079 | + packet_send(); | 2370 | + (r = sshpkt_send(ssh)) != 0) |
2371 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2080 | + gss_release_buffer(&min_status, &send_tok); | 2372 | + gss_release_buffer(&min_status, &send_tok); |
2081 | + } | 2373 | + } |
2082 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); | 2374 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); |
2083 | + | 2375 | + |
2084 | + if (GSS_ERROR(maj_status)) { | 2376 | + if (GSS_ERROR(maj_status)) { |
2085 | + if (send_tok.length > 0) { | 2377 | + if (send_tok.length > 0) { |
2086 | + packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 2378 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
2087 | + packet_put_string(send_tok.value, send_tok.length); | 2379 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || |
2088 | + packet_send(); | 2380 | + (r = sshpkt_send(ssh)) != 0) |
2381 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2089 | + } | 2382 | + } |
2090 | + fatal("accept_ctx died"); | 2383 | + fatal("accept_ctx died"); |
2091 | + } | 2384 | + } |
@@ -2095,123 +2388,320 @@ index 000000000..18070f1d7 | |||
2095 | + | 2388 | + |
2096 | + if (!(ret_flags & GSS_C_INTEG_FLAG)) | 2389 | + if (!(ret_flags & GSS_C_INTEG_FLAG)) |
2097 | + fatal("Integrity flag wasn't set"); | 2390 | + fatal("Integrity flag wasn't set"); |
2098 | + | ||
2099 | + if (!dh_pub_is_valid(dh, dh_client_pub)) | ||
2100 | + packet_disconnect("bad client public DH value"); | ||
2101 | + | 2391 | + |
2102 | + klen = DH_size(dh); | 2392 | + hashlen = sizeof(hash); |
2103 | + kbuf = xmalloc(klen); | 2393 | + if ((r = kex_gen_hash( |
2104 | + kout = DH_compute_key(kbuf, dh_client_pub, dh); | 2394 | + kex->hash_alg, |
2105 | + if (kout < 0) | 2395 | + kex->client_version, |
2106 | + fatal("DH_compute_key: failed"); | 2396 | + kex->server_version, |
2397 | + kex->peer, | ||
2398 | + kex->my, | ||
2399 | + empty, | ||
2400 | + client_pubkey, | ||
2401 | + server_pubkey, | ||
2402 | + shared_secret, | ||
2403 | + hash, &hashlen)) != 0) | ||
2404 | + goto out; | ||
2107 | + | 2405 | + |
2108 | + shared_secret = BN_new(); | 2406 | + gssbuf.value = hash; |
2109 | + if (shared_secret == NULL) | 2407 | + gssbuf.length = hashlen; |
2110 | + fatal("kexgss_server: BN_new failed"); | ||
2111 | + | 2408 | + |
2112 | + if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) | 2409 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) |
2113 | + fatal("kexgss_server: BN_bin2bn failed"); | 2410 | + fatal("Couldn't get MIC"); |
2114 | + | 2411 | + |
2115 | + memset(kbuf, 0, klen); | 2412 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || |
2116 | + free(kbuf); | 2413 | + (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || |
2414 | + (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) | ||
2415 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2117 | + | 2416 | + |
2118 | + DH_get0_key(dh, &pub_key, NULL); | 2417 | + if (send_tok.length != 0) { |
2119 | + DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | 2418 | + if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ |
2419 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) | ||
2420 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2421 | + } else { | ||
2422 | + if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ | ||
2423 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2424 | + } | ||
2425 | + if ((r = sshpkt_send(ssh)) != 0) | ||
2426 | + fatal("sshpkt_send failed: %s", ssh_err(r)); | ||
2120 | + | 2427 | + |
2121 | + hashlen = sizeof(hash); | 2428 | + gss_release_buffer(&min_status, &send_tok); |
2122 | + switch (ssh->kex->kex_type) { | 2429 | + gss_release_buffer(&min_status, &msg_tok); |
2123 | + case KEX_GSS_GRP1_SHA1: | 2430 | + |
2124 | + case KEX_GSS_GRP14_SHA1: | 2431 | + if (gss_kex_context == NULL) |
2125 | + kex_dh_hash( | 2432 | + gss_kex_context = ctxt; |
2126 | + ssh->kex->hash_alg, | 2433 | + else |
2127 | + ssh->kex->client_version_string, ssh->kex->server_version_string, | 2434 | + ssh_gssapi_delete_ctx(&ctxt); |
2128 | + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 2435 | + |
2129 | + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 2436 | + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
2130 | + NULL, 0, /* Change this if we start sending host keys */ | 2437 | + r = kex_send_newkeys(ssh); |
2131 | + dh_client_pub, pub_key, shared_secret, | 2438 | + |
2132 | + hash, &hashlen | 2439 | + /* If this was a rekey, then save out any delegated credentials we |
2133 | + ); | 2440 | + * just exchanged. */ |
2134 | + break; | 2441 | + if (options.gss_store_rekey) |
2135 | + case KEX_GSS_GEX_SHA1: | 2442 | + ssh_gssapi_rekey_creds(); |
2136 | + kexgex_hash( | 2443 | +out: |
2137 | + ssh->kex->hash_alg, | 2444 | + sshbuf_free(empty); |
2138 | + ssh->kex->client_version_string, ssh->kex->server_version_string, | 2445 | + explicit_bzero(hash, sizeof(hash)); |
2139 | + sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 2446 | + sshbuf_free(shared_secret); |
2140 | + sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 2447 | + sshbuf_free(client_pubkey); |
2141 | + NULL, 0, | 2448 | + sshbuf_free(server_pubkey); |
2142 | + min, nbits, max, | 2449 | + return r; |
2143 | + dh_p, dh_g, | 2450 | +} |
2144 | + dh_client_pub, | 2451 | + |
2145 | + pub_key, | 2452 | +int |
2146 | + shared_secret, | 2453 | +kexgssgex_server(struct ssh *ssh) |
2147 | + hash, &hashlen | 2454 | +{ |
2148 | + ); | 2455 | + struct kex *kex = ssh->kex; |
2149 | + break; | 2456 | + OM_uint32 maj_status, min_status; |
2150 | + default: | 2457 | + |
2151 | + fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 2458 | + /* |
2459 | + * Some GSSAPI implementations use the input value of ret_flags (an | ||
2460 | + * output variable) as a means of triggering mechanism specific | ||
2461 | + * features. Initializing it to zero avoids inadvertently | ||
2462 | + * activating this non-standard behaviour. | ||
2463 | + */ | ||
2464 | + | ||
2465 | + OM_uint32 ret_flags = 0; | ||
2466 | + gss_buffer_desc gssbuf, recv_tok, msg_tok; | ||
2467 | + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | ||
2468 | + Gssctxt *ctxt = NULL; | ||
2469 | + struct sshbuf *shared_secret = NULL; | ||
2470 | + int type = 0; | ||
2471 | + gss_OID oid; | ||
2472 | + char *mechs; | ||
2473 | + u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
2474 | + size_t hashlen; | ||
2475 | + BIGNUM *dh_client_pub = NULL; | ||
2476 | + const BIGNUM *pub_key, *dh_p, *dh_g; | ||
2477 | + int min = -1, max = -1, nbits = -1; | ||
2478 | + int cmin = -1, cmax = -1; /* client proposal */ | ||
2479 | + struct sshbuf *empty = sshbuf_new(); | ||
2480 | + int r; | ||
2481 | + | ||
2482 | + /* Initialise GSSAPI */ | ||
2483 | + | ||
2484 | + /* If we're rekeying, privsep means that some of the private structures | ||
2485 | + * in the GSSAPI code are no longer available. This kludges them back | ||
2486 | + * into life | ||
2487 | + */ | ||
2488 | + if (!ssh_gssapi_oid_table_ok()) | ||
2489 | + if ((mechs = ssh_gssapi_server_mechanisms())) | ||
2490 | + free(mechs); | ||
2491 | + | ||
2492 | + debug2("%s: Identifying %s", __func__, kex->name); | ||
2493 | + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); | ||
2494 | + if (oid == GSS_C_NO_OID) | ||
2495 | + fatal("Unknown gssapi mechanism"); | ||
2496 | + | ||
2497 | + debug2("%s: Acquiring credentials", __func__); | ||
2498 | + | ||
2499 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) | ||
2500 | + fatal("Unable to acquire credentials for the server"); | ||
2501 | + | ||
2502 | + /* 5. S generates an ephemeral key pair (do the allocations early) */ | ||
2503 | + debug("Doing group exchange"); | ||
2504 | + ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ); | ||
2505 | + /* store client proposal to provide valid signature */ | ||
2506 | + if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || | ||
2507 | + (r = sshpkt_get_u32(ssh, &nbits)) != 0 || | ||
2508 | + (r = sshpkt_get_u32(ssh, &cmax)) != 0 || | ||
2509 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2510 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2511 | + kex->nbits = nbits; | ||
2512 | + kex->min = cmin; | ||
2513 | + kex->max = cmax; | ||
2514 | + min = MAX(DH_GRP_MIN, cmin); | ||
2515 | + max = MIN(DH_GRP_MAX, cmax); | ||
2516 | + nbits = MAXIMUM(DH_GRP_MIN, nbits); | ||
2517 | + nbits = MINIMUM(DH_GRP_MAX, nbits); | ||
2518 | + if (max < min || nbits < min || max < nbits) | ||
2519 | + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", | ||
2520 | + min, nbits, max); | ||
2521 | + kex->dh = PRIVSEP(choose_dh(min, nbits, max)); | ||
2522 | + if (kex->dh == NULL) { | ||
2523 | + sshpkt_disconnect(ssh, "Protocol error: no matching group found"); | ||
2524 | + fatal("Protocol error: no matching group found"); | ||
2152 | + } | 2525 | + } |
2153 | + | 2526 | + |
2154 | + BN_clear_free(dh_client_pub); | 2527 | + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); |
2528 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || | ||
2529 | + (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || | ||
2530 | + (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || | ||
2531 | + (r = sshpkt_send(ssh)) != 0) | ||
2532 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2533 | + | ||
2534 | + if ((r = ssh_packet_write_wait(ssh)) != 0) | ||
2535 | + fatal("ssh_packet_write_wait: %s", ssh_err(r)); | ||
2536 | + | ||
2537 | + /* Compute our exchange value in parallel with the client */ | ||
2538 | + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
2539 | + goto out; | ||
2540 | + | ||
2541 | + do { | ||
2542 | + debug("Wait SSH2_MSG_GSSAPI_INIT"); | ||
2543 | + type = ssh_packet_read(ssh); | ||
2544 | + switch(type) { | ||
2545 | + case SSH2_MSG_KEXGSS_INIT: | ||
2546 | + if (dh_client_pub != NULL) | ||
2547 | + fatal("Received KEXGSS_INIT after initialising"); | ||
2548 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
2549 | + &recv_tok)) != 0 || | ||
2550 | + (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || | ||
2551 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2552 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2553 | + | ||
2554 | + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ | ||
2555 | + break; | ||
2556 | + case SSH2_MSG_KEXGSS_CONTINUE: | ||
2557 | + if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
2558 | + &recv_tok)) != 0 || | ||
2559 | + (r = sshpkt_get_end(ssh)) != 0) | ||
2560 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2561 | + break; | ||
2562 | + default: | ||
2563 | + sshpkt_disconnect(ssh, | ||
2564 | + "Protocol error: didn't expect packet type %d", | ||
2565 | + type); | ||
2566 | + } | ||
2567 | + | ||
2568 | + maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, | ||
2569 | + &send_tok, &ret_flags)); | ||
2570 | + | ||
2571 | + gss_release_buffer(&min_status, &recv_tok); | ||
2572 | + | ||
2573 | + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) | ||
2574 | + fatal("Zero length token output when incomplete"); | ||
2575 | + | ||
2576 | + if (dh_client_pub == NULL) | ||
2577 | + fatal("No client public key"); | ||
2578 | + | ||
2579 | + if (maj_status & GSS_S_CONTINUE_NEEDED) { | ||
2580 | + debug("Sending GSSAPI_CONTINUE"); | ||
2581 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
2582 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || | ||
2583 | + (r = sshpkt_send(ssh)) != 0) | ||
2584 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2585 | + gss_release_buffer(&min_status, &send_tok); | ||
2586 | + } | ||
2587 | + } while (maj_status & GSS_S_CONTINUE_NEEDED); | ||
2588 | + | ||
2589 | + if (GSS_ERROR(maj_status)) { | ||
2590 | + if (send_tok.length > 0) { | ||
2591 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
2592 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || | ||
2593 | + (r = sshpkt_send(ssh)) != 0) | ||
2594 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2595 | + } | ||
2596 | + fatal("accept_ctx died"); | ||
2597 | + } | ||
2155 | + | 2598 | + |
2156 | + if (ssh->kex->session_id == NULL) { | 2599 | + if (!(ret_flags & GSS_C_MUTUAL_FLAG)) |
2157 | + ssh->kex->session_id_len = hashlen; | 2600 | + fatal("Mutual Authentication flag wasn't set"); |
2158 | + ssh->kex->session_id = xmalloc(ssh->kex->session_id_len); | 2601 | + |
2159 | + memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len); | 2602 | + if (!(ret_flags & GSS_C_INTEG_FLAG)) |
2603 | + fatal("Integrity flag wasn't set"); | ||
2604 | + | ||
2605 | + /* calculate shared secret */ | ||
2606 | + if ((shared_secret = sshbuf_new()) == NULL) { | ||
2607 | + r = SSH_ERR_ALLOC_FAIL; | ||
2608 | + goto out; | ||
2160 | + } | 2609 | + } |
2610 | + if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) | ||
2611 | + goto out; | ||
2612 | + | ||
2613 | + DH_get0_key(kex->dh, &pub_key, NULL); | ||
2614 | + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
2615 | + hashlen = sizeof(hash); | ||
2616 | + if ((r = kexgex_hash( | ||
2617 | + kex->hash_alg, | ||
2618 | + kex->client_version, | ||
2619 | + kex->server_version, | ||
2620 | + kex->peer, | ||
2621 | + kex->my, | ||
2622 | + empty, | ||
2623 | + cmin, nbits, cmax, | ||
2624 | + dh_p, dh_g, | ||
2625 | + dh_client_pub, | ||
2626 | + pub_key, | ||
2627 | + sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
2628 | + hash, &hashlen)) != 0) | ||
2629 | + fatal("kexgex_hash failed: %s", ssh_err(r)); | ||
2161 | + | 2630 | + |
2162 | + gssbuf.value = hash; | 2631 | + gssbuf.value = hash; |
2163 | + gssbuf.length = hashlen; | 2632 | + gssbuf.length = hashlen; |
2164 | + | 2633 | + |
2165 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok)))) | 2634 | + if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) |
2166 | + fatal("Couldn't get MIC"); | 2635 | + fatal("Couldn't get MIC"); |
2167 | + | 2636 | + |
2168 | + packet_start(SSH2_MSG_KEXGSS_COMPLETE); | 2637 | + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || |
2169 | + packet_put_bignum2(pub_key); | 2638 | + (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || |
2170 | + packet_put_string(msg_tok.value,msg_tok.length); | 2639 | + (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) |
2640 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2171 | + | 2641 | + |
2172 | + if (send_tok.length != 0) { | 2642 | + if (send_tok.length != 0) { |
2173 | + packet_put_char(1); /* true */ | 2643 | + if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ |
2174 | + packet_put_string(send_tok.value, send_tok.length); | 2644 | + (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) |
2645 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2175 | + } else { | 2646 | + } else { |
2176 | + packet_put_char(0); /* false */ | 2647 | + if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ |
2648 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2177 | + } | 2649 | + } |
2178 | + packet_send(); | 2650 | + if ((r = sshpkt_send(ssh)) != 0) |
2651 | + fatal("sshpkt failed: %s", ssh_err(r)); | ||
2179 | + | 2652 | + |
2180 | + gss_release_buffer(&min_status, &send_tok); | 2653 | + gss_release_buffer(&min_status, &send_tok); |
2181 | + gss_release_buffer(&min_status, &msg_tok); | 2654 | + gss_release_buffer(&min_status, &msg_tok); |
2182 | + | 2655 | + |
2183 | + if (gss_kex_context == NULL) | 2656 | + if (gss_kex_context == NULL) |
2184 | + gss_kex_context = ctxt; | 2657 | + gss_kex_context = ctxt; |
2185 | + else | 2658 | + else |
2186 | + ssh_gssapi_delete_ctx(&ctxt); | 2659 | + ssh_gssapi_delete_ctx(&ctxt); |
2187 | + | 2660 | + |
2188 | + DH_free(dh); | 2661 | + /* Finally derive the keys and send them */ |
2189 | + | 2662 | + if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
2190 | + kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); | 2663 | + r = kex_send_newkeys(ssh); |
2191 | + BN_clear_free(shared_secret); | ||
2192 | + kex_send_newkeys(ssh); | ||
2193 | + | 2664 | + |
2194 | + /* If this was a rekey, then save out any delegated credentials we | 2665 | + /* If this was a rekey, then save out any delegated credentials we |
2195 | + * just exchanged. */ | 2666 | + * just exchanged. */ |
2196 | + if (options.gss_store_rekey) | 2667 | + if (options.gss_store_rekey) |
2197 | + ssh_gssapi_rekey_creds(); | 2668 | + ssh_gssapi_rekey_creds(); |
2198 | + return 0; | 2669 | +out: |
2670 | + sshbuf_free(empty); | ||
2671 | + explicit_bzero(hash, sizeof(hash)); | ||
2672 | + DH_free(kex->dh); | ||
2673 | + kex->dh = NULL; | ||
2674 | + BN_clear_free(dh_client_pub); | ||
2675 | + sshbuf_free(shared_secret); | ||
2676 | + return r; | ||
2199 | +} | 2677 | +} |
2200 | +#endif /* GSSAPI */ | 2678 | +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ |
2679 | diff --git a/mac.c b/mac.c | ||
2680 | index 51dc11d76..3d11eba62 100644 | ||
2681 | --- a/mac.c | ||
2682 | +++ b/mac.c | ||
2683 | @@ -29,6 +29,7 @@ | ||
2684 | |||
2685 | #include <string.h> | ||
2686 | #include <stdio.h> | ||
2687 | +#include <stdlib.h> | ||
2688 | |||
2689 | #include "digest.h" | ||
2690 | #include "hmac.h" | ||
2201 | diff --git a/monitor.c b/monitor.c | 2691 | diff --git a/monitor.c b/monitor.c |
2202 | index 531b2993a..eabc1e89b 100644 | 2692 | index 60e529444..0766d6ef5 100644 |
2203 | --- a/monitor.c | 2693 | --- a/monitor.c |
2204 | +++ b/monitor.c | 2694 | +++ b/monitor.c |
2205 | @@ -145,6 +145,8 @@ int mm_answer_gss_setup_ctx(int, struct sshbuf *); | 2695 | @@ -147,6 +147,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); |
2206 | int mm_answer_gss_accept_ctx(int, struct sshbuf *); | 2696 | int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); |
2207 | int mm_answer_gss_userok(int, struct sshbuf *); | 2697 | int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); |
2208 | int mm_answer_gss_checkmic(int, struct sshbuf *); | 2698 | int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); |
2209 | +int mm_answer_gss_sign(int, struct sshbuf *); | 2699 | +int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); |
2210 | +int mm_answer_gss_updatecreds(int, struct sshbuf *); | 2700 | +int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); |
2211 | #endif | 2701 | #endif |
2212 | 2702 | ||
2213 | #ifdef SSH_AUDIT_EVENTS | 2703 | #ifdef SSH_AUDIT_EVENTS |
2214 | @@ -215,11 +217,18 @@ struct mon_table mon_dispatch_proto20[] = { | 2704 | @@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] = { |
2215 | {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, | 2705 | {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, |
2216 | {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, | 2706 | {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, |
2217 | {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, | 2707 | {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, |
@@ -2230,7 +2720,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2230 | #ifdef WITH_OPENSSL | 2720 | #ifdef WITH_OPENSSL |
2231 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, | 2721 | {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, |
2232 | #endif | 2722 | #endif |
2233 | @@ -289,6 +298,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | 2723 | @@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) |
2234 | /* Permit requests for moduli and signatures */ | 2724 | /* Permit requests for moduli and signatures */ |
2235 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | 2725 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); |
2236 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | 2726 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); |
@@ -2241,32 +2731,36 @@ index 531b2993a..eabc1e89b 100644 | |||
2241 | 2731 | ||
2242 | /* The first few requests do not require asynchronous access */ | 2732 | /* The first few requests do not require asynchronous access */ |
2243 | while (!authenticated) { | 2733 | while (!authenticated) { |
2244 | @@ -401,6 +414,10 @@ monitor_child_postauth(struct monitor *pmonitor) | 2734 | @@ -405,6 +418,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) |
2245 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); | 2735 | monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); |
2246 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); | 2736 | monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); |
2247 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); | 2737 | monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); |
2248 | +#ifdef GSSAPI | 2738 | +#ifdef GSSAPI |
2249 | + /* and for the GSSAPI key exchange */ | 2739 | + /* and for the GSSAPI key exchange */ |
2250 | + monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); | 2740 | + monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); |
2251 | +#endif | 2741 | +#endif |
2252 | 2742 | ||
2253 | if (auth_opts->permit_pty_flag) { | 2743 | if (auth_opts->permit_pty_flag) { |
2254 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); | 2744 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); |
2255 | @@ -1666,6 +1683,13 @@ monitor_apply_keystate(struct monitor *pmonitor) | 2745 | @@ -1687,6 +1704,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) |
2746 | # ifdef OPENSSL_HAS_ECC | ||
2747 | kex->kex[KEX_ECDH_SHA2] = kex_gen_server; | ||
2256 | # endif | 2748 | # endif |
2257 | #endif /* WITH_OPENSSL */ | 2749 | +# ifdef GSSAPI |
2258 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | ||
2259 | +#ifdef GSSAPI | ||
2260 | + if (options.gss_keyex) { | 2750 | + if (options.gss_keyex) { |
2261 | + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 2751 | + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
2262 | + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | 2752 | + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; |
2263 | + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | 2753 | + kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; |
2754 | + kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; | ||
2755 | + kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; | ||
2756 | + kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; | ||
2757 | + kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; | ||
2264 | + } | 2758 | + } |
2265 | +#endif | 2759 | +# endif |
2266 | kex->load_host_public_key=&get_hostkey_public_by_type; | 2760 | #endif /* WITH_OPENSSL */ |
2267 | kex->load_host_private_key=&get_hostkey_private_by_type; | 2761 | kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
2268 | kex->host_key_index=&get_hostkey_index; | 2762 | kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; |
2269 | @@ -1756,8 +1780,8 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) | 2763 | @@ -1780,8 +1808,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
2270 | u_char *p; | 2764 | u_char *p; |
2271 | int r; | 2765 | int r; |
2272 | 2766 | ||
@@ -2277,7 +2771,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2277 | 2771 | ||
2278 | if ((r = sshbuf_get_string(m, &p, &len)) != 0) | 2772 | if ((r = sshbuf_get_string(m, &p, &len)) != 0) |
2279 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2773 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2280 | @@ -1789,8 +1813,8 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | 2774 | @@ -1813,8 +1841,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
2281 | OM_uint32 flags = 0; /* GSI needs this */ | 2775 | OM_uint32 flags = 0; /* GSI needs this */ |
2282 | int r; | 2776 | int r; |
2283 | 2777 | ||
@@ -2288,7 +2782,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2288 | 2782 | ||
2289 | if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) | 2783 | if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) |
2290 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2784 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2291 | @@ -1810,6 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | 2785 | @@ -1834,6 +1862,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
2292 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); | 2786 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); |
2293 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); | 2787 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); |
2294 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); | 2788 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); |
@@ -2296,7 +2790,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2296 | } | 2790 | } |
2297 | return (0); | 2791 | return (0); |
2298 | } | 2792 | } |
2299 | @@ -1821,8 +1846,8 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) | 2793 | @@ -1845,8 +1874,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) |
2300 | OM_uint32 ret; | 2794 | OM_uint32 ret; |
2301 | int r; | 2795 | int r; |
2302 | 2796 | ||
@@ -2307,8 +2801,12 @@ index 531b2993a..eabc1e89b 100644 | |||
2307 | 2801 | ||
2308 | if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || | 2802 | if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || |
2309 | (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) | 2803 | (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) |
2310 | @@ -1851,10 +1876,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m) | 2804 | @@ -1872,13 +1901,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) |
2311 | int r, authenticated; | 2805 | int |
2806 | mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) | ||
2807 | { | ||
2808 | - int r, authenticated; | ||
2809 | + int r, authenticated, kex; | ||
2312 | const char *displayname; | 2810 | const char *displayname; |
2313 | 2811 | ||
2314 | - if (!options.gss_authentication) | 2812 | - if (!options.gss_authentication) |
@@ -2317,24 +2815,40 @@ index 531b2993a..eabc1e89b 100644 | |||
2317 | + fatal("%s: GSSAPI not enabled", __func__); | 2815 | + fatal("%s: GSSAPI not enabled", __func__); |
2318 | 2816 | ||
2319 | - authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); | 2817 | - authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); |
2320 | + authenticated = authctxt->valid && | 2818 | + if ((r = sshbuf_get_u32(m, &kex)) != 0) |
2321 | + ssh_gssapi_userok(authctxt->user, authctxt->pw); | 2819 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2820 | + | ||
2821 | + authenticated = authctxt->valid && | ||
2822 | + ssh_gssapi_userok(authctxt->user, authctxt->pw, kex); | ||
2322 | 2823 | ||
2323 | sshbuf_reset(m); | 2824 | sshbuf_reset(m); |
2324 | if ((r = sshbuf_put_u32(m, authenticated)) != 0) | 2825 | if ((r = sshbuf_put_u32(m, authenticated)) != 0) |
2325 | @@ -1871,5 +1897,83 @@ mm_answer_gss_userok(int sock, struct sshbuf *m) | 2826 | @@ -1887,7 +1920,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) |
2827 | debug3("%s: sending result %d", __func__, authenticated); | ||
2828 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); | ||
2829 | |||
2830 | - auth_method = "gssapi-with-mic"; | ||
2831 | + if (kex) { | ||
2832 | + auth_method = "gssapi-keyex"; | ||
2833 | + } else { | ||
2834 | + auth_method = "gssapi-with-mic"; | ||
2835 | + } | ||
2836 | |||
2837 | if ((displayname = ssh_gssapi_displayname()) != NULL) | ||
2838 | auth2_record_info(authctxt, "%s", displayname); | ||
2839 | @@ -1895,5 +1932,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) | ||
2326 | /* Monitor loop will terminate if authenticated */ | 2840 | /* Monitor loop will terminate if authenticated */ |
2327 | return (authenticated); | 2841 | return (authenticated); |
2328 | } | 2842 | } |
2329 | + | 2843 | + |
2330 | +int | 2844 | +int |
2331 | +mm_answer_gss_sign(int socket, struct sshbuf *m) | 2845 | +mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) |
2332 | +{ | 2846 | +{ |
2333 | + gss_buffer_desc data; | 2847 | + gss_buffer_desc data; |
2334 | + gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; | 2848 | + gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; |
2335 | + OM_uint32 major, minor; | 2849 | + OM_uint32 major, minor; |
2336 | + size_t len; | 2850 | + size_t len; |
2337 | + u_char *p; | 2851 | + u_char *p = NULL; |
2338 | + int r; | 2852 | + int r; |
2339 | + | 2853 | + |
2340 | + if (!options.gss_authentication && !options.gss_keyex) | 2854 | + if (!options.gss_authentication && !options.gss_keyex) |
@@ -2344,8 +2858,9 @@ index 531b2993a..eabc1e89b 100644 | |||
2344 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2858 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2345 | + data.value = p; | 2859 | + data.value = p; |
2346 | + data.length = len; | 2860 | + data.length = len; |
2347 | + if (data.length != 20) | 2861 | + /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */ |
2348 | + fatal("%s: data length incorrect: %d", __func__, | 2862 | + if (data.length != 20 && data.length != 32 && data.length != 64) |
2863 | + fatal("%s: data length incorrect: %d", __func__, | ||
2349 | + (int) data.length); | 2864 | + (int) data.length); |
2350 | + | 2865 | + |
2351 | + /* Save the session ID on the first time around */ | 2866 | + /* Save the session ID on the first time around */ |
@@ -2359,6 +2874,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2359 | + free(data.value); | 2874 | + free(data.value); |
2360 | + | 2875 | + |
2361 | + sshbuf_reset(m); | 2876 | + sshbuf_reset(m); |
2877 | + | ||
2362 | + if ((r = sshbuf_put_u32(m, major)) != 0 || | 2878 | + if ((r = sshbuf_put_u32(m, major)) != 0 || |
2363 | + (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) | 2879 | + (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) |
2364 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2880 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
@@ -2369,7 +2885,7 @@ index 531b2993a..eabc1e89b 100644 | |||
2369 | + | 2885 | + |
2370 | + /* Turn on getpwnam permissions */ | 2886 | + /* Turn on getpwnam permissions */ |
2371 | + monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); | 2887 | + monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); |
2372 | + | 2888 | + |
2373 | + /* And credential updating, for when rekeying */ | 2889 | + /* And credential updating, for when rekeying */ |
2374 | + monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); | 2890 | + monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); |
2375 | + | 2891 | + |
@@ -2377,16 +2893,16 @@ index 531b2993a..eabc1e89b 100644 | |||
2377 | +} | 2893 | +} |
2378 | + | 2894 | + |
2379 | +int | 2895 | +int |
2380 | +mm_answer_gss_updatecreds(int socket, struct sshbuf *m) { | 2896 | +mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) { |
2381 | + ssh_gssapi_ccache store; | 2897 | + ssh_gssapi_ccache store; |
2382 | + int r, ok; | 2898 | + int r, ok; |
2383 | + | 2899 | + |
2384 | + if (!options.gss_authentication && !options.gss_keyex) | 2900 | + if (!options.gss_authentication && !options.gss_keyex) |
2385 | + fatal("%s: GSSAPI not enabled", __func__); | 2901 | + fatal("%s: GSSAPI not enabled", __func__); |
2386 | + | 2902 | + |
2387 | + if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 || | 2903 | + if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 || |
2388 | + (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 || | 2904 | + (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 || |
2389 | + (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0) | 2905 | + (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0) |
2390 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2906 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2391 | + | 2907 | + |
2392 | + ok = ssh_gssapi_update_creds(&store); | 2908 | + ok = ssh_gssapi_update_creds(&store); |
@@ -2407,33 +2923,40 @@ index 531b2993a..eabc1e89b 100644 | |||
2407 | #endif /* GSSAPI */ | 2923 | #endif /* GSSAPI */ |
2408 | 2924 | ||
2409 | diff --git a/monitor.h b/monitor.h | 2925 | diff --git a/monitor.h b/monitor.h |
2410 | index 16047299f..44fbed589 100644 | 2926 | index 683e5e071..2b1a2d590 100644 |
2411 | --- a/monitor.h | 2927 | --- a/monitor.h |
2412 | +++ b/monitor.h | 2928 | +++ b/monitor.h |
2413 | @@ -63,6 +63,9 @@ enum monitor_reqtype { | 2929 | @@ -63,6 +63,8 @@ enum monitor_reqtype { |
2414 | MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, | 2930 | MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, |
2415 | MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, | 2931 | MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, |
2416 | 2932 | ||
2417 | + MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, | 2933 | + MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, |
2418 | + MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, | 2934 | + MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, |
2419 | + | ||
2420 | }; | 2935 | }; |
2421 | 2936 | ||
2422 | struct monitor { | 2937 | struct ssh; |
2423 | diff --git a/monitor_wrap.c b/monitor_wrap.c | 2938 | diff --git a/monitor_wrap.c b/monitor_wrap.c |
2424 | index 732fb3476..1865a122a 100644 | 2939 | index 186e8f022..8e4c1c1f8 100644 |
2425 | --- a/monitor_wrap.c | 2940 | --- a/monitor_wrap.c |
2426 | +++ b/monitor_wrap.c | 2941 | +++ b/monitor_wrap.c |
2427 | @@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) | 2942 | @@ -978,13 +978,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) |
2428 | } | 2943 | } |
2429 | 2944 | ||
2430 | int | 2945 | int |
2431 | -mm_ssh_gssapi_userok(char *user) | 2946 | -mm_ssh_gssapi_userok(char *user) |
2432 | +mm_ssh_gssapi_userok(char *user, struct passwd *pw) | 2947 | +mm_ssh_gssapi_userok(char *user, struct passwd *pw, int kex) |
2433 | { | 2948 | { |
2434 | struct sshbuf *m; | 2949 | struct sshbuf *m; |
2435 | int r, authenticated = 0; | 2950 | int r, authenticated = 0; |
2436 | @@ -1003,4 +1003,55 @@ mm_ssh_gssapi_userok(char *user) | 2951 | |
2952 | if ((m = sshbuf_new()) == NULL) | ||
2953 | fatal("%s: sshbuf_new failed", __func__); | ||
2954 | + if ((r = sshbuf_put_u32(m, kex)) != 0) | ||
2955 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
2956 | |||
2957 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); | ||
2958 | mm_request_receive_expect(pmonitor->m_recvfd, | ||
2959 | @@ -997,4 +999,57 @@ mm_ssh_gssapi_userok(char *user) | ||
2437 | debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); | 2960 | debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); |
2438 | return (authenticated); | 2961 | return (authenticated); |
2439 | } | 2962 | } |
@@ -2459,7 +2982,7 @@ index 732fb3476..1865a122a 100644 | |||
2459 | + | 2982 | + |
2460 | + sshbuf_free(m); | 2983 | + sshbuf_free(m); |
2461 | + | 2984 | + |
2462 | + return(major); | 2985 | + return (major); |
2463 | +} | 2986 | +} |
2464 | + | 2987 | + |
2465 | +int | 2988 | +int |
@@ -2470,6 +2993,7 @@ index 732fb3476..1865a122a 100644 | |||
2470 | + | 2993 | + |
2471 | + if ((m = sshbuf_new()) == NULL) | 2994 | + if ((m = sshbuf_new()) == NULL) |
2472 | + fatal("%s: sshbuf_new failed", __func__); | 2995 | + fatal("%s: sshbuf_new failed", __func__); |
2996 | + | ||
2473 | + if ((r = sshbuf_put_cstring(m, | 2997 | + if ((r = sshbuf_put_cstring(m, |
2474 | + store->filename ? store->filename : "")) != 0 || | 2998 | + store->filename ? store->filename : "")) != 0 || |
2475 | + (r = sshbuf_put_cstring(m, | 2999 | + (r = sshbuf_put_cstring(m, |
@@ -2483,6 +3007,7 @@ index 732fb3476..1865a122a 100644 | |||
2483 | + | 3007 | + |
2484 | + if ((r = sshbuf_get_u32(m, &ok)) != 0) | 3008 | + if ((r = sshbuf_get_u32(m, &ok)) != 0) |
2485 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 3009 | + fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
3010 | + | ||
2486 | + sshbuf_free(m); | 3011 | + sshbuf_free(m); |
2487 | + | 3012 | + |
2488 | + return (ok); | 3013 | + return (ok); |
@@ -2490,61 +3015,43 @@ index 732fb3476..1865a122a 100644 | |||
2490 | + | 3015 | + |
2491 | #endif /* GSSAPI */ | 3016 | #endif /* GSSAPI */ |
2492 | diff --git a/monitor_wrap.h b/monitor_wrap.h | 3017 | diff --git a/monitor_wrap.h b/monitor_wrap.h |
2493 | index 644da081d..7f93144ff 100644 | 3018 | index fdebb3aa4..69164a8c0 100644 |
2494 | --- a/monitor_wrap.h | 3019 | --- a/monitor_wrap.h |
2495 | +++ b/monitor_wrap.h | 3020 | +++ b/monitor_wrap.h |
2496 | @@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, | 3021 | @@ -61,8 +61,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, |
2497 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 3022 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
2498 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, | 3023 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, |
2499 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); | 3024 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); |
2500 | -int mm_ssh_gssapi_userok(char *user); | 3025 | -int mm_ssh_gssapi_userok(char *user); |
2501 | +int mm_ssh_gssapi_userok(char *user, struct passwd *); | 3026 | +int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); |
2502 | OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); | 3027 | OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); |
2503 | +OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); | 3028 | +OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); |
2504 | +int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); | 3029 | +int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); |
2505 | #endif | 3030 | #endif |
2506 | 3031 | ||
2507 | #ifdef USE_PAM | 3032 | #ifdef USE_PAM |
2508 | diff --git a/opacket.c b/opacket.c | ||
2509 | index e637d7a71..7672c0b59 100644 | ||
2510 | --- a/opacket.c | ||
2511 | +++ b/opacket.c | ||
2512 | @@ -80,7 +80,7 @@ ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len) | ||
2513 | |||
2514 | #ifdef WITH_OPENSSL | ||
2515 | void | ||
2516 | -ssh_packet_put_bignum2(struct ssh *ssh, BIGNUM * value) | ||
2517 | +ssh_packet_put_bignum2(struct ssh *ssh, const BIGNUM * value) | ||
2518 | { | ||
2519 | int r; | ||
2520 | |||
2521 | diff --git a/opacket.h b/opacket.h | ||
2522 | index f92fe586e..1cf66a2d3 100644 | ||
2523 | --- a/opacket.h | ||
2524 | +++ b/opacket.h | ||
2525 | @@ -7,7 +7,7 @@ void ssh_packet_start(struct ssh *, u_char); | ||
2526 | void ssh_packet_put_char(struct ssh *, int ch); | ||
2527 | void ssh_packet_put_int(struct ssh *, u_int value); | ||
2528 | void ssh_packet_put_int64(struct ssh *, u_int64_t value); | ||
2529 | -void ssh_packet_put_bignum2(struct ssh *, BIGNUM * value); | ||
2530 | +void ssh_packet_put_bignum2(struct ssh *, const BIGNUM * value); | ||
2531 | void ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *); | ||
2532 | void ssh_packet_put_string(struct ssh *, const void *buf, u_int len); | ||
2533 | void ssh_packet_put_cstring(struct ssh *, const char *str); | ||
2534 | diff --git a/readconf.c b/readconf.c | 3033 | diff --git a/readconf.c b/readconf.c |
2535 | index 433811521..36bc5e59a 100644 | 3034 | index ec497e79f..4d699e5f1 100644 |
2536 | --- a/readconf.c | 3035 | --- a/readconf.c |
2537 | +++ b/readconf.c | 3036 | +++ b/readconf.c |
2538 | @@ -161,6 +161,8 @@ typedef enum { | 3037 | @@ -67,6 +67,7 @@ |
3038 | #include "uidswap.h" | ||
3039 | #include "myproposal.h" | ||
3040 | #include "digest.h" | ||
3041 | +#include "ssh-gss.h" | ||
3042 | |||
3043 | /* Format of the configuration file: | ||
3044 | |||
3045 | @@ -162,6 +163,8 @@ typedef enum { | ||
2539 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, | 3046 | oClearAllForwardings, oNoHostAuthenticationForLocalhost, |
2540 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 3047 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
2541 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 3048 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
2542 | + oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, | 3049 | + oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, |
2543 | + oGssServerIdentity, | 3050 | + oGssServerIdentity, oGssKexAlgorithms, |
2544 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 3051 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
2545 | oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, | 3052 | oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, |
2546 | oHashKnownHosts, | 3053 | oHashKnownHosts, |
2547 | @@ -201,10 +203,20 @@ static struct { | 3054 | @@ -202,10 +205,22 @@ static struct { |
2548 | /* Sometimes-unsupported options */ | 3055 | /* Sometimes-unsupported options */ |
2549 | #if defined(GSSAPI) | 3056 | #if defined(GSSAPI) |
2550 | { "gssapiauthentication", oGssAuthentication }, | 3057 | { "gssapiauthentication", oGssAuthentication }, |
@@ -2554,6 +3061,7 @@ index 433811521..36bc5e59a 100644 | |||
2554 | + { "gssapiclientidentity", oGssClientIdentity }, | 3061 | + { "gssapiclientidentity", oGssClientIdentity }, |
2555 | + { "gssapiserveridentity", oGssServerIdentity }, | 3062 | + { "gssapiserveridentity", oGssServerIdentity }, |
2556 | + { "gssapirenewalforcesrekey", oGssRenewalRekey }, | 3063 | + { "gssapirenewalforcesrekey", oGssRenewalRekey }, |
3064 | + { "gssapikexalgorithms", oGssKexAlgorithms }, | ||
2557 | # else | 3065 | # else |
2558 | { "gssapiauthentication", oUnsupported }, | 3066 | { "gssapiauthentication", oUnsupported }, |
2559 | + { "gssapikeyexchange", oUnsupported }, | 3067 | + { "gssapikeyexchange", oUnsupported }, |
@@ -2562,10 +3070,11 @@ index 433811521..36bc5e59a 100644 | |||
2562 | + { "gssapiclientidentity", oUnsupported }, | 3070 | + { "gssapiclientidentity", oUnsupported }, |
2563 | + { "gssapiserveridentity", oUnsupported }, | 3071 | + { "gssapiserveridentity", oUnsupported }, |
2564 | + { "gssapirenewalforcesrekey", oUnsupported }, | 3072 | + { "gssapirenewalforcesrekey", oUnsupported }, |
3073 | + { "gssapikexalgorithms", oUnsupported }, | ||
2565 | #endif | 3074 | #endif |
2566 | #ifdef ENABLE_PKCS11 | 3075 | #ifdef ENABLE_PKCS11 |
2567 | { "smartcarddevice", oPKCS11Provider }, | 3076 | { "pkcs11provider", oPKCS11Provider }, |
2568 | @@ -974,10 +986,30 @@ parse_time: | 3077 | @@ -983,10 +998,42 @@ parse_time: |
2569 | intptr = &options->gss_authentication; | 3078 | intptr = &options->gss_authentication; |
2570 | goto parse_flag; | 3079 | goto parse_flag; |
2571 | 3080 | ||
@@ -2593,10 +3102,22 @@ index 433811521..36bc5e59a 100644 | |||
2593 | + intptr = &options->gss_renewal_rekey; | 3102 | + intptr = &options->gss_renewal_rekey; |
2594 | + goto parse_flag; | 3103 | + goto parse_flag; |
2595 | + | 3104 | + |
3105 | + case oGssKexAlgorithms: | ||
3106 | + arg = strdelim(&s); | ||
3107 | + if (!arg || *arg == '\0') | ||
3108 | + fatal("%.200s line %d: Missing argument.", | ||
3109 | + filename, linenum); | ||
3110 | + if (!kex_gss_names_valid(arg)) | ||
3111 | + fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", | ||
3112 | + filename, linenum, arg ? arg : "<NONE>"); | ||
3113 | + if (*activep && options->gss_kex_algorithms == NULL) | ||
3114 | + options->gss_kex_algorithms = xstrdup(arg); | ||
3115 | + break; | ||
3116 | + | ||
2596 | case oBatchMode: | 3117 | case oBatchMode: |
2597 | intptr = &options->batch_mode; | 3118 | intptr = &options->batch_mode; |
2598 | goto parse_flag; | 3119 | goto parse_flag; |
2599 | @@ -1842,7 +1874,12 @@ initialize_options(Options * options) | 3120 | @@ -1854,7 +1901,13 @@ initialize_options(Options * options) |
2600 | options->pubkey_authentication = -1; | 3121 | options->pubkey_authentication = -1; |
2601 | options->challenge_response_authentication = -1; | 3122 | options->challenge_response_authentication = -1; |
2602 | options->gss_authentication = -1; | 3123 | options->gss_authentication = -1; |
@@ -2606,10 +3127,11 @@ index 433811521..36bc5e59a 100644 | |||
2606 | + options->gss_renewal_rekey = -1; | 3127 | + options->gss_renewal_rekey = -1; |
2607 | + options->gss_client_identity = NULL; | 3128 | + options->gss_client_identity = NULL; |
2608 | + options->gss_server_identity = NULL; | 3129 | + options->gss_server_identity = NULL; |
3130 | + options->gss_kex_algorithms = NULL; | ||
2609 | options->password_authentication = -1; | 3131 | options->password_authentication = -1; |
2610 | options->kbd_interactive_authentication = -1; | 3132 | options->kbd_interactive_authentication = -1; |
2611 | options->kbd_interactive_devices = NULL; | 3133 | options->kbd_interactive_devices = NULL; |
2612 | @@ -1988,8 +2025,14 @@ fill_default_options(Options * options) | 3134 | @@ -2000,8 +2053,18 @@ fill_default_options(Options * options) |
2613 | options->challenge_response_authentication = 1; | 3135 | options->challenge_response_authentication = 1; |
2614 | if (options->gss_authentication == -1) | 3136 | if (options->gss_authentication == -1) |
2615 | options->gss_authentication = 0; | 3137 | options->gss_authentication = 0; |
@@ -2621,14 +3143,33 @@ index 433811521..36bc5e59a 100644 | |||
2621 | + options->gss_trust_dns = 0; | 3143 | + options->gss_trust_dns = 0; |
2622 | + if (options->gss_renewal_rekey == -1) | 3144 | + if (options->gss_renewal_rekey == -1) |
2623 | + options->gss_renewal_rekey = 0; | 3145 | + options->gss_renewal_rekey = 0; |
3146 | +#ifdef GSSAPI | ||
3147 | + if (options->gss_kex_algorithms == NULL) | ||
3148 | + options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); | ||
3149 | +#endif | ||
2624 | if (options->password_authentication == -1) | 3150 | if (options->password_authentication == -1) |
2625 | options->password_authentication = 1; | 3151 | options->password_authentication = 1; |
2626 | if (options->kbd_interactive_authentication == -1) | 3152 | if (options->kbd_interactive_authentication == -1) |
3153 | @@ -2616,7 +2679,14 @@ dump_client_config(Options *o, const char *host) | ||
3154 | dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); | ||
3155 | #ifdef GSSAPI | ||
3156 | dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); | ||
3157 | + dump_cfg_fmtint(oGssKeyEx, o->gss_keyex); | ||
3158 | dump_cfg_fmtint(oGssDelegateCreds, o->gss_deleg_creds); | ||
3159 | + dump_cfg_fmtint(oGssTrustDns, o->gss_trust_dns); | ||
3160 | + dump_cfg_fmtint(oGssRenewalRekey, o->gss_renewal_rekey); | ||
3161 | + dump_cfg_string(oGssClientIdentity, o->gss_client_identity); | ||
3162 | + dump_cfg_string(oGssServerIdentity, o->gss_server_identity); | ||
3163 | + dump_cfg_string(oGssKexAlgorithms, o->gss_kex_algorithms ? | ||
3164 | + o->gss_kex_algorithms : GSS_KEX_DEFAULT_KEX); | ||
3165 | #endif /* GSSAPI */ | ||
3166 | dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); | ||
3167 | dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); | ||
2627 | diff --git a/readconf.h b/readconf.h | 3168 | diff --git a/readconf.h b/readconf.h |
2628 | index fc7e38251..8e4900d01 100644 | 3169 | index 8e36bf32a..0bff6d80a 100644 |
2629 | --- a/readconf.h | 3170 | --- a/readconf.h |
2630 | +++ b/readconf.h | 3171 | +++ b/readconf.h |
2631 | @@ -40,7 +40,12 @@ typedef struct { | 3172 | @@ -40,7 +40,13 @@ typedef struct { |
2632 | int challenge_response_authentication; | 3173 | int challenge_response_authentication; |
2633 | /* Try S/Key or TIS, authentication. */ | 3174 | /* Try S/Key or TIS, authentication. */ |
2634 | int gss_authentication; /* Try GSS authentication */ | 3175 | int gss_authentication; /* Try GSS authentication */ |
@@ -2638,14 +3179,23 @@ index fc7e38251..8e4900d01 100644 | |||
2638 | + int gss_renewal_rekey; /* Credential renewal forces rekey */ | 3179 | + int gss_renewal_rekey; /* Credential renewal forces rekey */ |
2639 | + char *gss_client_identity; /* Principal to initiate GSSAPI with */ | 3180 | + char *gss_client_identity; /* Principal to initiate GSSAPI with */ |
2640 | + char *gss_server_identity; /* GSSAPI target principal */ | 3181 | + char *gss_server_identity; /* GSSAPI target principal */ |
3182 | + char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ | ||
2641 | int password_authentication; /* Try password | 3183 | int password_authentication; /* Try password |
2642 | * authentication. */ | 3184 | * authentication. */ |
2643 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ | 3185 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ |
2644 | diff --git a/servconf.c b/servconf.c | 3186 | diff --git a/servconf.c b/servconf.c |
2645 | index 932d363bb..4668b8a45 100644 | 3187 | index ffac5d2c7..ffdad31e7 100644 |
2646 | --- a/servconf.c | 3188 | --- a/servconf.c |
2647 | +++ b/servconf.c | 3189 | +++ b/servconf.c |
2648 | @@ -124,8 +124,10 @@ initialize_server_options(ServerOptions *options) | 3190 | @@ -64,6 +64,7 @@ |
3191 | #include "auth.h" | ||
3192 | #include "myproposal.h" | ||
3193 | #include "digest.h" | ||
3194 | +#include "ssh-gss.h" | ||
3195 | |||
3196 | static void add_listen_addr(ServerOptions *, const char *, | ||
3197 | const char *, int); | ||
3198 | @@ -124,8 +125,11 @@ initialize_server_options(ServerOptions *options) | ||
2649 | options->kerberos_ticket_cleanup = -1; | 3199 | options->kerberos_ticket_cleanup = -1; |
2650 | options->kerberos_get_afs_token = -1; | 3200 | options->kerberos_get_afs_token = -1; |
2651 | options->gss_authentication=-1; | 3201 | options->gss_authentication=-1; |
@@ -2653,10 +3203,11 @@ index 932d363bb..4668b8a45 100644 | |||
2653 | options->gss_cleanup_creds = -1; | 3203 | options->gss_cleanup_creds = -1; |
2654 | options->gss_strict_acceptor = -1; | 3204 | options->gss_strict_acceptor = -1; |
2655 | + options->gss_store_rekey = -1; | 3205 | + options->gss_store_rekey = -1; |
3206 | + options->gss_kex_algorithms = NULL; | ||
2656 | options->password_authentication = -1; | 3207 | options->password_authentication = -1; |
2657 | options->kbd_interactive_authentication = -1; | 3208 | options->kbd_interactive_authentication = -1; |
2658 | options->challenge_response_authentication = -1; | 3209 | options->challenge_response_authentication = -1; |
2659 | @@ -337,10 +339,14 @@ fill_default_server_options(ServerOptions *options) | 3210 | @@ -351,10 +355,18 @@ fill_default_server_options(ServerOptions *options) |
2660 | options->kerberos_get_afs_token = 0; | 3211 | options->kerberos_get_afs_token = 0; |
2661 | if (options->gss_authentication == -1) | 3212 | if (options->gss_authentication == -1) |
2662 | options->gss_authentication = 0; | 3213 | options->gss_authentication = 0; |
@@ -2668,18 +3219,22 @@ index 932d363bb..4668b8a45 100644 | |||
2668 | options->gss_strict_acceptor = 1; | 3219 | options->gss_strict_acceptor = 1; |
2669 | + if (options->gss_store_rekey == -1) | 3220 | + if (options->gss_store_rekey == -1) |
2670 | + options->gss_store_rekey = 0; | 3221 | + options->gss_store_rekey = 0; |
3222 | +#ifdef GSSAPI | ||
3223 | + if (options->gss_kex_algorithms == NULL) | ||
3224 | + options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); | ||
3225 | +#endif | ||
2671 | if (options->password_authentication == -1) | 3226 | if (options->password_authentication == -1) |
2672 | options->password_authentication = 1; | 3227 | options->password_authentication = 1; |
2673 | if (options->kbd_interactive_authentication == -1) | 3228 | if (options->kbd_interactive_authentication == -1) |
2674 | @@ -485,6 +491,7 @@ typedef enum { | 3229 | @@ -498,6 +510,7 @@ typedef enum { |
2675 | sHostKeyAlgorithms, | 3230 | sHostKeyAlgorithms, |
2676 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, | 3231 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
2677 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, | 3232 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
2678 | + sGssKeyEx, sGssStoreRekey, | 3233 | + sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, |
2679 | sAcceptEnv, sSetEnv, sPermitTunnel, | 3234 | sAcceptEnv, sSetEnv, sPermitTunnel, |
2680 | sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, | 3235 | sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, |
2681 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 3236 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
2682 | @@ -559,12 +566,20 @@ static struct { | 3237 | @@ -572,12 +585,22 @@ static struct { |
2683 | #ifdef GSSAPI | 3238 | #ifdef GSSAPI |
2684 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, | 3239 | { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, |
2685 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, | 3240 | { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, |
@@ -2687,6 +3242,7 @@ index 932d363bb..4668b8a45 100644 | |||
2687 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, | 3242 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, |
2688 | + { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, | 3243 | + { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, |
2689 | + { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, | 3244 | + { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, |
3245 | + { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, | ||
2690 | #else | 3246 | #else |
2691 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, | 3247 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, |
2692 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, | 3248 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, |
@@ -2694,13 +3250,14 @@ index 932d363bb..4668b8a45 100644 | |||
2694 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, | 3250 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, |
2695 | + { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, | 3251 | + { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, |
2696 | + { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, | 3252 | + { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, |
3253 | + { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, | ||
2697 | #endif | 3254 | #endif |
2698 | + { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, | 3255 | + { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, |
2699 | + { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, | 3256 | + { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, |
2700 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, | 3257 | { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, |
2701 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, | 3258 | { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, |
2702 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, | 3259 | { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, |
2703 | @@ -1468,6 +1483,10 @@ process_server_config_line(ServerOptions *options, char *line, | 3260 | @@ -1485,6 +1508,10 @@ process_server_config_line(ServerOptions *options, char *line, |
2704 | intptr = &options->gss_authentication; | 3261 | intptr = &options->gss_authentication; |
2705 | goto parse_flag; | 3262 | goto parse_flag; |
2706 | 3263 | ||
@@ -2711,7 +3268,7 @@ index 932d363bb..4668b8a45 100644 | |||
2711 | case sGssCleanupCreds: | 3268 | case sGssCleanupCreds: |
2712 | intptr = &options->gss_cleanup_creds; | 3269 | intptr = &options->gss_cleanup_creds; |
2713 | goto parse_flag; | 3270 | goto parse_flag; |
2714 | @@ -1476,6 +1495,10 @@ process_server_config_line(ServerOptions *options, char *line, | 3271 | @@ -1493,6 +1520,22 @@ process_server_config_line(ServerOptions *options, char *line, |
2715 | intptr = &options->gss_strict_acceptor; | 3272 | intptr = &options->gss_strict_acceptor; |
2716 | goto parse_flag; | 3273 | goto parse_flag; |
2717 | 3274 | ||
@@ -2719,25 +3276,37 @@ index 932d363bb..4668b8a45 100644 | |||
2719 | + intptr = &options->gss_store_rekey; | 3276 | + intptr = &options->gss_store_rekey; |
2720 | + goto parse_flag; | 3277 | + goto parse_flag; |
2721 | + | 3278 | + |
3279 | + case sGssKexAlgorithms: | ||
3280 | + arg = strdelim(&cp); | ||
3281 | + if (!arg || *arg == '\0') | ||
3282 | + fatal("%.200s line %d: Missing argument.", | ||
3283 | + filename, linenum); | ||
3284 | + if (!kex_gss_names_valid(arg)) | ||
3285 | + fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", | ||
3286 | + filename, linenum, arg ? arg : "<NONE>"); | ||
3287 | + if (*activep && options->gss_kex_algorithms == NULL) | ||
3288 | + options->gss_kex_algorithms = xstrdup(arg); | ||
3289 | + break; | ||
3290 | + | ||
2722 | case sPasswordAuthentication: | 3291 | case sPasswordAuthentication: |
2723 | intptr = &options->password_authentication; | 3292 | intptr = &options->password_authentication; |
2724 | goto parse_flag; | 3293 | goto parse_flag; |
2725 | @@ -2560,7 +2583,10 @@ dump_config(ServerOptions *o) | 3294 | @@ -2579,6 +2622,10 @@ dump_config(ServerOptions *o) |
2726 | #endif | ||
2727 | #ifdef GSSAPI | 3295 | #ifdef GSSAPI |
2728 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); | 3296 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
2729 | + dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); | ||
2730 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); | 3297 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
3298 | + dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); | ||
2731 | + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); | 3299 | + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); |
2732 | + dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); | 3300 | + dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); |
3301 | + dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); | ||
2733 | #endif | 3302 | #endif |
2734 | dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); | 3303 | dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
2735 | dump_cfg_fmtint(sKbdInteractiveAuthentication, | 3304 | dump_cfg_fmtint(sKbdInteractiveAuthentication, |
2736 | diff --git a/servconf.h b/servconf.h | 3305 | diff --git a/servconf.h b/servconf.h |
2737 | index 0175e00e8..3b76da816 100644 | 3306 | index 54e0a8d8d..a476d5220 100644 |
2738 | --- a/servconf.h | 3307 | --- a/servconf.h |
2739 | +++ b/servconf.h | 3308 | +++ b/servconf.h |
2740 | @@ -125,8 +125,10 @@ typedef struct { | 3309 | @@ -126,8 +126,11 @@ typedef struct { |
2741 | int kerberos_get_afs_token; /* If true, try to get AFS token if | 3310 | int kerberos_get_afs_token; /* If true, try to get AFS token if |
2742 | * authenticated with Kerberos. */ | 3311 | * authenticated with Kerberos. */ |
2743 | int gss_authentication; /* If true, permit GSSAPI authentication */ | 3312 | int gss_authentication; /* If true, permit GSSAPI authentication */ |
@@ -2745,11 +3314,38 @@ index 0175e00e8..3b76da816 100644 | |||
2745 | int gss_cleanup_creds; /* If true, destroy cred cache on logout */ | 3314 | int gss_cleanup_creds; /* If true, destroy cred cache on logout */ |
2746 | int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ | 3315 | int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ |
2747 | + int gss_store_rekey; | 3316 | + int gss_store_rekey; |
3317 | + char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ | ||
2748 | int password_authentication; /* If true, permit password | 3318 | int password_authentication; /* If true, permit password |
2749 | * authentication. */ | 3319 | * authentication. */ |
2750 | int kbd_interactive_authentication; /* If true, permit */ | 3320 | int kbd_interactive_authentication; /* If true, permit */ |
3321 | diff --git a/session.c b/session.c | ||
3322 | index ac06b08e9..ac3d9d19d 100644 | ||
3323 | --- a/session.c | ||
3324 | +++ b/session.c | ||
3325 | @@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) | ||
3326 | |||
3327 | #ifdef KRB5 | ||
3328 | if (options.kerberos_ticket_cleanup && | ||
3329 | - authctxt->krb5_ctx) | ||
3330 | + authctxt->krb5_ctx) { | ||
3331 | + temporarily_use_uid(authctxt->pw); | ||
3332 | krb5_cleanup_proc(authctxt); | ||
3333 | + restore_uid(); | ||
3334 | + } | ||
3335 | #endif | ||
3336 | |||
3337 | #ifdef GSSAPI | ||
3338 | - if (options.gss_cleanup_creds) | ||
3339 | + if (options.gss_cleanup_creds) { | ||
3340 | + temporarily_use_uid(authctxt->pw); | ||
3341 | ssh_gssapi_cleanup_creds(); | ||
3342 | + restore_uid(); | ||
3343 | + } | ||
3344 | #endif | ||
3345 | |||
3346 | /* remove agent socket */ | ||
2751 | diff --git a/ssh-gss.h b/ssh-gss.h | 3347 | diff --git a/ssh-gss.h b/ssh-gss.h |
2752 | index 36180d07a..350ce7882 100644 | 3348 | index 36180d07a..70dd36658 100644 |
2753 | --- a/ssh-gss.h | 3349 | --- a/ssh-gss.h |
2754 | +++ b/ssh-gss.h | 3350 | +++ b/ssh-gss.h |
2755 | @@ -1,6 +1,6 @@ | 3351 | @@ -1,6 +1,6 @@ |
@@ -2760,7 +3356,7 @@ index 36180d07a..350ce7882 100644 | |||
2760 | * | 3356 | * |
2761 | * Redistribution and use in source and binary forms, with or without | 3357 | * Redistribution and use in source and binary forms, with or without |
2762 | * modification, are permitted provided that the following conditions | 3358 | * modification, are permitted provided that the following conditions |
2763 | @@ -61,10 +61,22 @@ | 3359 | @@ -61,10 +61,30 @@ |
2764 | 3360 | ||
2765 | #define SSH_GSS_OIDTYPE 0x06 | 3361 | #define SSH_GSS_OIDTYPE 0x06 |
2766 | 3362 | ||
@@ -2773,7 +3369,15 @@ index 36180d07a..350ce7882 100644 | |||
2773 | +#define SSH2_MSG_KEXGSS_GROUP 41 | 3369 | +#define SSH2_MSG_KEXGSS_GROUP 41 |
2774 | +#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" | 3370 | +#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" |
2775 | +#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" | 3371 | +#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" |
3372 | +#define KEX_GSS_GRP14_SHA256_ID "gss-group14-sha256-" | ||
3373 | +#define KEX_GSS_GRP16_SHA512_ID "gss-group16-sha512-" | ||
2776 | +#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" | 3374 | +#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" |
3375 | +#define KEX_GSS_NISTP256_SHA256_ID "gss-nistp256-sha256-" | ||
3376 | +#define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-" | ||
3377 | + | ||
3378 | +#define GSS_KEX_DEFAULT_KEX \ | ||
3379 | + KEX_GSS_GEX_SHA1_ID "," \ | ||
3380 | + KEX_GSS_GRP14_SHA1_ID | ||
2777 | + | 3381 | + |
2778 | typedef struct { | 3382 | typedef struct { |
2779 | char *filename; | 3383 | char *filename; |
@@ -2783,7 +3387,7 @@ index 36180d07a..350ce7882 100644 | |||
2783 | void *data; | 3387 | void *data; |
2784 | } ssh_gssapi_ccache; | 3388 | } ssh_gssapi_ccache; |
2785 | 3389 | ||
2786 | @@ -72,8 +84,11 @@ typedef struct { | 3390 | @@ -72,8 +92,11 @@ typedef struct { |
2787 | gss_buffer_desc displayname; | 3391 | gss_buffer_desc displayname; |
2788 | gss_buffer_desc exportedname; | 3392 | gss_buffer_desc exportedname; |
2789 | gss_cred_id_t creds; | 3393 | gss_cred_id_t creds; |
@@ -2795,7 +3399,7 @@ index 36180d07a..350ce7882 100644 | |||
2795 | } ssh_gssapi_client; | 3399 | } ssh_gssapi_client; |
2796 | 3400 | ||
2797 | typedef struct ssh_gssapi_mech_struct { | 3401 | typedef struct ssh_gssapi_mech_struct { |
2798 | @@ -84,6 +99,7 @@ typedef struct ssh_gssapi_mech_struct { | 3402 | @@ -84,6 +107,7 @@ typedef struct ssh_gssapi_mech_struct { |
2799 | int (*userok) (ssh_gssapi_client *, char *); | 3403 | int (*userok) (ssh_gssapi_client *, char *); |
2800 | int (*localname) (ssh_gssapi_client *, char **); | 3404 | int (*localname) (ssh_gssapi_client *, char **); |
2801 | void (*storecreds) (ssh_gssapi_client *); | 3405 | void (*storecreds) (ssh_gssapi_client *); |
@@ -2803,7 +3407,7 @@ index 36180d07a..350ce7882 100644 | |||
2803 | } ssh_gssapi_mech; | 3407 | } ssh_gssapi_mech; |
2804 | 3408 | ||
2805 | typedef struct { | 3409 | typedef struct { |
2806 | @@ -94,10 +110,11 @@ typedef struct { | 3410 | @@ -94,10 +118,11 @@ typedef struct { |
2807 | gss_OID oid; /* client */ | 3411 | gss_OID oid; /* client */ |
2808 | gss_cred_id_t creds; /* server */ | 3412 | gss_cred_id_t creds; /* server */ |
2809 | gss_name_t client; /* server */ | 3413 | gss_name_t client; /* server */ |
@@ -2816,7 +3420,15 @@ index 36180d07a..350ce7882 100644 | |||
2816 | 3420 | ||
2817 | int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); | 3421 | int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); |
2818 | void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); | 3422 | void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); |
2819 | @@ -123,17 +140,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); | 3423 | @@ -109,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); |
3424 | |||
3425 | struct sshbuf; | ||
3426 | int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); | ||
3427 | +int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *); | ||
3428 | |||
3429 | OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); | ||
3430 | OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, | ||
3431 | @@ -123,17 +149,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **); | ||
2820 | OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); | 3432 | OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); |
2821 | void ssh_gssapi_buildmic(struct sshbuf *, const char *, | 3433 | void ssh_gssapi_buildmic(struct sshbuf *, const char *, |
2822 | const char *, const char *); | 3434 | const char *, const char *); |
@@ -2826,17 +3438,17 @@ index 36180d07a..350ce7882 100644 | |||
2826 | +int ssh_gssapi_credentials_updated(Gssctxt *); | 3438 | +int ssh_gssapi_credentials_updated(Gssctxt *); |
2827 | 3439 | ||
2828 | /* In the server */ | 3440 | /* In the server */ |
2829 | +typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, | 3441 | +typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, |
2830 | + const char *); | 3442 | + const char *); |
2831 | +char *ssh_gssapi_client_mechanisms(const char *, const char *); | 3443 | +char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); |
2832 | +char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, | 3444 | +char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, |
2833 | + const char *); | 3445 | + const char *, const char *); |
2834 | +gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); | 3446 | +gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); |
2835 | +int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, | 3447 | +int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, |
2836 | + const char *); | 3448 | + const char *); |
2837 | OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 3449 | OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
2838 | -int ssh_gssapi_userok(char *name); | 3450 | -int ssh_gssapi_userok(char *name); |
2839 | +int ssh_gssapi_userok(char *name, struct passwd *); | 3451 | +int ssh_gssapi_userok(char *name, struct passwd *, int kex); |
2840 | OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); | 3452 | OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); |
2841 | void ssh_gssapi_do_child(char ***, u_int *); | 3453 | void ssh_gssapi_do_child(char ***, u_int *); |
2842 | void ssh_gssapi_cleanup_creds(void); | 3454 | void ssh_gssapi_cleanup_creds(void); |
@@ -2852,8 +3464,57 @@ index 36180d07a..350ce7882 100644 | |||
2852 | #endif /* GSSAPI */ | 3464 | #endif /* GSSAPI */ |
2853 | 3465 | ||
2854 | #endif /* _SSH_GSS_H */ | 3466 | #endif /* _SSH_GSS_H */ |
3467 | diff --git a/ssh.1 b/ssh.1 | ||
3468 | index 9480eba8d..a1c7d2305 100644 | ||
3469 | --- a/ssh.1 | ||
3470 | +++ b/ssh.1 | ||
3471 | @@ -497,7 +497,13 @@ For full details of the options listed below, and their possible values, see | ||
3472 | .It GatewayPorts | ||
3473 | .It GlobalKnownHostsFile | ||
3474 | .It GSSAPIAuthentication | ||
3475 | +.It GSSAPIKeyExchange | ||
3476 | +.It GSSAPIClientIdentity | ||
3477 | .It GSSAPIDelegateCredentials | ||
3478 | +.It GSSAPIKexAlgorithms | ||
3479 | +.It GSSAPIRenewalForcesRekey | ||
3480 | +.It GSSAPIServerIdentity | ||
3481 | +.It GSSAPITrustDns | ||
3482 | .It HashKnownHosts | ||
3483 | .It Host | ||
3484 | .It HostbasedAuthentication | ||
3485 | @@ -573,6 +579,8 @@ flag), | ||
3486 | (supported message integrity codes), | ||
3487 | .Ar kex | ||
3488 | (key exchange algorithms), | ||
3489 | +.Ar kex-gss | ||
3490 | +(GSSAPI key exchange algorithms), | ||
3491 | .Ar key | ||
3492 | (key types), | ||
3493 | .Ar key-cert | ||
3494 | diff --git a/ssh.c b/ssh.c | ||
3495 | index 91e7c3511..42be7d88f 100644 | ||
3496 | --- a/ssh.c | ||
3497 | +++ b/ssh.c | ||
3498 | @@ -736,6 +736,8 @@ main(int ac, char **av) | ||
3499 | cp = mac_alg_list('\n'); | ||
3500 | else if (strcmp(optarg, "kex") == 0) | ||
3501 | cp = kex_alg_list('\n'); | ||
3502 | + else if (strcmp(optarg, "kex-gss") == 0) | ||
3503 | + cp = kex_gss_alg_list('\n'); | ||
3504 | else if (strcmp(optarg, "key") == 0) | ||
3505 | cp = sshkey_alg_list(0, 0, 0, '\n'); | ||
3506 | else if (strcmp(optarg, "key-cert") == 0) | ||
3507 | @@ -748,7 +750,7 @@ main(int ac, char **av) | ||
3508 | cp = xstrdup("2"); | ||
3509 | else if (strcmp(optarg, "help") == 0) { | ||
3510 | cp = xstrdup( | ||
3511 | - "cipher\ncipher-auth\nkex\nkey\n" | ||
3512 | + "cipher\ncipher-auth\nkex\nkex-gss\nkey\n" | ||
3513 | "key-cert\nkey-plain\nmac\n" | ||
3514 | "protocol-version\nsig"); | ||
3515 | } | ||
2855 | diff --git a/ssh_config b/ssh_config | 3516 | diff --git a/ssh_config b/ssh_config |
2856 | index c12f5ef52..bcb9f153d 100644 | 3517 | index 5e8ef548b..1ff999b68 100644 |
2857 | --- a/ssh_config | 3518 | --- a/ssh_config |
2858 | +++ b/ssh_config | 3519 | +++ b/ssh_config |
2859 | @@ -24,6 +24,8 @@ | 3520 | @@ -24,6 +24,8 @@ |
@@ -2866,61 +3527,95 @@ index c12f5ef52..bcb9f153d 100644 | |||
2866 | # CheckHostIP yes | 3527 | # CheckHostIP yes |
2867 | # AddressFamily any | 3528 | # AddressFamily any |
2868 | diff --git a/ssh_config.5 b/ssh_config.5 | 3529 | diff --git a/ssh_config.5 b/ssh_config.5 |
2869 | index 4d5b01d3e..16c79368a 100644 | 3530 | index 412629637..c3c8b274a 100644 |
2870 | --- a/ssh_config.5 | 3531 | --- a/ssh_config.5 |
2871 | +++ b/ssh_config.5 | 3532 | +++ b/ssh_config.5 |
2872 | @@ -736,10 +736,42 @@ The default is | 3533 | @@ -754,10 +754,67 @@ The default is |
2873 | Specifies whether user authentication based on GSSAPI is allowed. | 3534 | Specifies whether user authentication based on GSSAPI is allowed. |
2874 | The default is | 3535 | The default is |
2875 | .Cm no . | 3536 | .Cm no . |
2876 | +.It Cm GSSAPIKeyExchange | ||
2877 | +Specifies whether key exchange based on GSSAPI may be used. When using | ||
2878 | +GSSAPI key exchange the server need not have a host key. | ||
2879 | +The default is | ||
2880 | +.Cm no . | ||
2881 | +.It Cm GSSAPIClientIdentity | 3537 | +.It Cm GSSAPIClientIdentity |
2882 | +If set, specifies the GSSAPI client identity that ssh should use when | 3538 | +If set, specifies the GSSAPI client identity that ssh should use when |
2883 | +connecting to the server. The default is unset, which means that the default | 3539 | +connecting to the server. The default is unset, which means that the default |
2884 | +identity will be used. | 3540 | +identity will be used. |
2885 | +.It Cm GSSAPIServerIdentity | ||
2886 | +If set, specifies the GSSAPI server identity that ssh should expect when | ||
2887 | +connecting to the server. The default is unset, which means that the | ||
2888 | +expected GSSAPI server identity will be determined from the target | ||
2889 | +hostname. | ||
2890 | .It Cm GSSAPIDelegateCredentials | 3541 | .It Cm GSSAPIDelegateCredentials |
2891 | Forward (delegate) credentials to the server. | 3542 | Forward (delegate) credentials to the server. |
2892 | The default is | 3543 | The default is |
2893 | .Cm no . | 3544 | .Cm no . |
3545 | +.It Cm GSSAPIKeyExchange | ||
3546 | +Specifies whether key exchange based on GSSAPI may be used. When using | ||
3547 | +GSSAPI key exchange the server need not have a host key. | ||
3548 | +The default is | ||
3549 | +.Dq no . | ||
2894 | +.It Cm GSSAPIRenewalForcesRekey | 3550 | +.It Cm GSSAPIRenewalForcesRekey |
2895 | +If set to | 3551 | +If set to |
2896 | +.Cm yes | 3552 | +.Dq yes |
2897 | +then renewal of the client's GSSAPI credentials will force the rekeying of the | 3553 | +then renewal of the client's GSSAPI credentials will force the rekeying of the |
2898 | +ssh connection. With a compatible server, this can delegate the renewed | 3554 | +ssh connection. With a compatible server, this will delegate the renewed |
2899 | +credentials to a session on the server. | 3555 | +credentials to a session on the server. |
3556 | +.Pp | ||
3557 | +Checks are made to ensure that credentials are only propagated when the new | ||
3558 | +credentials match the old ones on the originating client and where the | ||
3559 | +receiving server still has the old set in its cache. | ||
3560 | +.Pp | ||
2900 | +The default is | 3561 | +The default is |
2901 | +.Cm no . | 3562 | +.Dq no . |
3563 | +.Pp | ||
3564 | +For this to work | ||
3565 | +.Cm GSSAPIKeyExchange | ||
3566 | +needs to be enabled in the server and also used by the client. | ||
3567 | +.It Cm GSSAPIServerIdentity | ||
3568 | +If set, specifies the GSSAPI server identity that ssh should expect when | ||
3569 | +connecting to the server. The default is unset, which means that the | ||
3570 | +expected GSSAPI server identity will be determined from the target | ||
3571 | +hostname. | ||
2902 | +.It Cm GSSAPITrustDns | 3572 | +.It Cm GSSAPITrustDns |
2903 | +Set to | 3573 | +Set to |
2904 | +.Cm yes | 3574 | +.Dq yes |
2905 | +to indicate that the DNS is trusted to securely canonicalize | 3575 | +to indicate that the DNS is trusted to securely canonicalize |
2906 | +the name of the host being connected to. If | 3576 | +the name of the host being connected to. If |
2907 | +.Cm no , | 3577 | +.Dq no , |
2908 | +the hostname entered on the | 3578 | +the hostname entered on the |
2909 | +command line will be passed untouched to the GSSAPI library. | 3579 | +command line will be passed untouched to the GSSAPI library. |
2910 | +The default is | 3580 | +The default is |
2911 | +.Cm no . | 3581 | +.Dq no . |
3582 | +.It Cm GSSAPIKexAlgorithms | ||
3583 | +The list of key exchange algorithms that are offered for GSSAPI | ||
3584 | +key exchange. Possible values are | ||
3585 | +.Bd -literal -offset 3n | ||
3586 | +gss-gex-sha1-, | ||
3587 | +gss-group1-sha1-, | ||
3588 | +gss-group14-sha1-, | ||
3589 | +gss-group14-sha256-, | ||
3590 | +gss-group16-sha512-, | ||
3591 | +gss-nistp256-sha256-, | ||
3592 | +gss-curve25519-sha256- | ||
3593 | +.Ed | ||
3594 | +.Pp | ||
3595 | +The default is | ||
3596 | +.Dq gss-gex-sha1-,gss-group14-sha1- . | ||
3597 | +This option only applies to protocol version 2 connections using GSSAPI. | ||
2912 | .It Cm HashKnownHosts | 3598 | .It Cm HashKnownHosts |
2913 | Indicates that | 3599 | Indicates that |
2914 | .Xr ssh 1 | 3600 | .Xr ssh 1 |
2915 | diff --git a/sshconnect2.c b/sshconnect2.c | 3601 | diff --git a/sshconnect2.c b/sshconnect2.c |
2916 | index 1675f3935..8c872a4fb 100644 | 3602 | index dffee90b1..4020371ae 100644 |
2917 | --- a/sshconnect2.c | 3603 | --- a/sshconnect2.c |
2918 | +++ b/sshconnect2.c | 3604 | +++ b/sshconnect2.c |
2919 | @@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 3605 | @@ -78,8 +78,6 @@ |
2920 | struct kex *kex; | 3606 | #endif |
3607 | |||
3608 | /* import */ | ||
3609 | -extern char *client_version_string; | ||
3610 | -extern char *server_version_string; | ||
3611 | extern Options options; | ||
3612 | |||
3613 | /* | ||
3614 | @@ -161,6 +159,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) | ||
3615 | char *s, *all_key; | ||
2921 | int r; | 3616 | int r; |
2922 | 3617 | ||
2923 | +#ifdef GSSAPI | 3618 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
2924 | + char *orig = NULL, *gss = NULL; | 3619 | + char *orig = NULL, *gss = NULL; |
2925 | + char *gss_host = NULL; | 3620 | + char *gss_host = NULL; |
2926 | +#endif | 3621 | +#endif |
@@ -2928,11 +3623,11 @@ index 1675f3935..8c872a4fb 100644 | |||
2928 | xxx_host = host; | 3623 | xxx_host = host; |
2929 | xxx_hostaddr = hostaddr; | 3624 | xxx_hostaddr = hostaddr; |
2930 | 3625 | ||
2931 | @@ -194,6 +199,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 3626 | @@ -193,6 +196,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) |
2932 | order_hostkeyalgs(host, hostaddr, port)); | 3627 | order_hostkeyalgs(host, hostaddr, port)); |
2933 | } | 3628 | } |
2934 | 3629 | ||
2935 | +#ifdef GSSAPI | 3630 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
2936 | + if (options.gss_keyex) { | 3631 | + if (options.gss_keyex) { |
2937 | + /* Add the GSSAPI mechanisms currently supported on this | 3632 | + /* Add the GSSAPI mechanisms currently supported on this |
2938 | + * client to the key exchange algorithm proposal */ | 3633 | + * client to the key exchange algorithm proposal */ |
@@ -2941,19 +3636,19 @@ index 1675f3935..8c872a4fb 100644 | |||
2941 | + if (options.gss_server_identity) | 3636 | + if (options.gss_server_identity) |
2942 | + gss_host = xstrdup(options.gss_server_identity); | 3637 | + gss_host = xstrdup(options.gss_server_identity); |
2943 | + else if (options.gss_trust_dns) | 3638 | + else if (options.gss_trust_dns) |
2944 | + gss_host = remote_hostname(active_state); | 3639 | + gss_host = remote_hostname(ssh); |
2945 | + else | 3640 | + else |
2946 | + gss_host = xstrdup(host); | 3641 | + gss_host = xstrdup(host); |
2947 | + | 3642 | + |
2948 | + gss = ssh_gssapi_client_mechanisms(gss_host, | 3643 | + gss = ssh_gssapi_client_mechanisms(gss_host, |
2949 | + options.gss_client_identity); | 3644 | + options.gss_client_identity, options.gss_kex_algorithms); |
2950 | + if (gss) { | 3645 | + if (gss) { |
2951 | + debug("Offering GSSAPI proposal: %s", gss); | 3646 | + debug("Offering GSSAPI proposal: %s", gss); |
2952 | + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], | 3647 | + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], |
2953 | + "%s,%s", gss, orig); | 3648 | + "%s,%s", gss, orig); |
2954 | + | 3649 | + |
2955 | + /* If we've got GSSAPI algorithms, then we also | 3650 | + /* If we've got GSSAPI algorithms, then we also support the |
2956 | + * support the 'null' hostkey, as a last resort */ | 3651 | + * 'null' hostkey, as a last resort */ |
2957 | + orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; | 3652 | + orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; |
2958 | + xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], | 3653 | + xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], |
2959 | + "%s,null", orig); | 3654 | + "%s,null", orig); |
@@ -2962,38 +3657,43 @@ index 1675f3935..8c872a4fb 100644 | |||
2962 | +#endif | 3657 | +#endif |
2963 | + | 3658 | + |
2964 | if (options.rekey_limit || options.rekey_interval) | 3659 | if (options.rekey_limit || options.rekey_interval) |
2965 | packet_set_rekey_limits(options.rekey_limit, | 3660 | ssh_packet_set_rekey_limits(ssh, options.rekey_limit, |
2966 | options.rekey_interval); | 3661 | options.rekey_interval); |
2967 | @@ -215,15 +249,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 3662 | @@ -211,16 +243,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) |
3663 | # ifdef OPENSSL_HAS_ECC | ||
3664 | ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; | ||
2968 | # endif | 3665 | # endif |
2969 | #endif | 3666 | +# ifdef GSSAPI |
2970 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; | ||
2971 | +#ifdef GSSAPI | ||
2972 | + if (options.gss_keyex) { | 3667 | + if (options.gss_keyex) { |
2973 | + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; | 3668 | + ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; |
2974 | + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; | 3669 | + ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; |
2975 | + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client; | 3670 | + ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client; |
3671 | + ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client; | ||
3672 | + ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client; | ||
3673 | + ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client; | ||
3674 | + ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client; | ||
2976 | + } | 3675 | + } |
2977 | +#endif | 3676 | +# endif |
2978 | kex->client_version_string=client_version_string; | 3677 | #endif |
2979 | kex->server_version_string=server_version_string; | 3678 | ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; |
2980 | kex->verify_host_key=&verify_host_key_callback; | 3679 | ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client; |
3680 | ssh->kex->verify_host_key=&verify_host_key_callback; | ||
2981 | 3681 | ||
2982 | +#ifdef GSSAPI | 3682 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
2983 | + if (options.gss_keyex) { | 3683 | + if (options.gss_keyex) { |
2984 | + kex->gss_deleg_creds = options.gss_deleg_creds; | 3684 | + ssh->kex->gss_deleg_creds = options.gss_deleg_creds; |
2985 | + kex->gss_trust_dns = options.gss_trust_dns; | 3685 | + ssh->kex->gss_trust_dns = options.gss_trust_dns; |
2986 | + kex->gss_client = options.gss_client_identity; | 3686 | + ssh->kex->gss_client = options.gss_client_identity; |
2987 | + kex->gss_host = gss_host; | 3687 | + ssh->kex->gss_host = gss_host; |
2988 | + } | 3688 | + } |
2989 | +#endif | 3689 | +#endif |
2990 | + | 3690 | + |
2991 | ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done); | 3691 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); |
2992 | 3692 | ||
2993 | /* remove ext-info from the KEX proposals for rekeying */ | 3693 | /* remove ext-info from the KEX proposals for rekeying */ |
2994 | myproposal[PROPOSAL_KEX_ALGS] = | 3694 | myproposal[PROPOSAL_KEX_ALGS] = |
2995 | compat_kex_proposal(options.kex_algorithms); | 3695 | compat_kex_proposal(options.kex_algorithms); |
2996 | +#ifdef GSSAPI | 3696 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
2997 | + /* repair myproposal after it was crumpled by the */ | 3697 | + /* repair myproposal after it was crumpled by the */ |
2998 | + /* ext-info removal above */ | 3698 | + /* ext-info removal above */ |
2999 | + if (gss) { | 3699 | + if (gss) { |
@@ -3003,82 +3703,83 @@ index 1675f3935..8c872a4fb 100644 | |||
3003 | + free(gss); | 3703 | + free(gss); |
3004 | + } | 3704 | + } |
3005 | +#endif | 3705 | +#endif |
3006 | if ((r = kex_prop2buf(kex->my, myproposal)) != 0) | 3706 | if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) |
3007 | fatal("kex_prop2buf: %s", ssh_err(r)); | 3707 | fatal("kex_prop2buf: %s", ssh_err(r)); |
3008 | 3708 | ||
3009 | @@ -314,6 +374,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *); | 3709 | @@ -317,6 +379,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *); |
3010 | int input_gssapi_hash(int type, u_int32_t, struct ssh *); | 3710 | static int input_gssapi_token(int type, u_int32_t, struct ssh *); |
3011 | int input_gssapi_error(int, u_int32_t, struct ssh *); | 3711 | static int input_gssapi_error(int, u_int32_t, struct ssh *); |
3012 | int input_gssapi_errtok(int, u_int32_t, struct ssh *); | 3712 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); |
3013 | +int userauth_gsskeyex(Authctxt *authctxt); | 3713 | +static int userauth_gsskeyex(struct ssh *); |
3014 | #endif | 3714 | #endif |
3015 | 3715 | ||
3016 | void userauth(Authctxt *, char *); | 3716 | void userauth(struct ssh *, char *); |
3017 | @@ -330,6 +391,11 @@ static char *authmethods_get(void); | 3717 | @@ -333,6 +396,11 @@ static char *authmethods_get(void); |
3018 | 3718 | ||
3019 | Authmethod authmethods[] = { | 3719 | Authmethod authmethods[] = { |
3020 | #ifdef GSSAPI | 3720 | #ifdef GSSAPI |
3021 | + {"gssapi-keyex", | 3721 | + {"gssapi-keyex", |
3022 | + userauth_gsskeyex, | 3722 | + userauth_gsskeyex, |
3023 | + NULL, | 3723 | + NULL, |
3024 | + &options.gss_authentication, | 3724 | + &options.gss_keyex, |
3025 | + NULL}, | 3725 | + NULL}, |
3026 | {"gssapi-with-mic", | 3726 | {"gssapi-with-mic", |
3027 | userauth_gssapi, | 3727 | userauth_gssapi, |
3028 | NULL, | 3728 | userauth_gssapi_cleanup, |
3029 | @@ -686,25 +752,40 @@ userauth_gssapi(Authctxt *authctxt) | 3729 | @@ -698,12 +766,25 @@ userauth_gssapi(struct ssh *ssh) |
3030 | static u_int mech = 0; | ||
3031 | OM_uint32 min; | 3730 | OM_uint32 min; |
3032 | int r, ok = 0; | 3731 | int r, ok = 0; |
3732 | gss_OID mech = NULL; | ||
3033 | + char *gss_host; | 3733 | + char *gss_host; |
3034 | + | 3734 | + |
3035 | + if (options.gss_server_identity) | 3735 | + if (options.gss_server_identity) |
3036 | + gss_host = xstrdup(options.gss_server_identity); | 3736 | + gss_host = xstrdup(options.gss_server_identity); |
3037 | + else if (options.gss_trust_dns) | 3737 | + else if (options.gss_trust_dns) |
3038 | + gss_host = remote_hostname(active_state); | 3738 | + gss_host = remote_hostname(ssh); |
3039 | + else | 3739 | + else |
3040 | + gss_host = xstrdup(authctxt->host); | 3740 | + gss_host = xstrdup(authctxt->host); |
3041 | 3741 | ||
3042 | /* Try one GSSAPI method at a time, rather than sending them all at | 3742 | /* Try one GSSAPI method at a time, rather than sending them all at |
3043 | * once. */ | 3743 | * once. */ |
3044 | 3744 | ||
3045 | if (gss_supported == NULL) | 3745 | if (authctxt->gss_supported_mechs == NULL) |
3046 | - gss_indicate_mechs(&min, &gss_supported); | 3746 | - gss_indicate_mechs(&min, &authctxt->gss_supported_mechs); |
3047 | + if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { | 3747 | + if (GSS_ERROR(gss_indicate_mechs(&min, |
3048 | + gss_supported = NULL; | 3748 | + &authctxt->gss_supported_mechs))) { |
3749 | + authctxt->gss_supported_mechs = NULL; | ||
3049 | + free(gss_host); | 3750 | + free(gss_host); |
3050 | + return 0; | 3751 | + return 0; |
3051 | + } | 3752 | + } |
3052 | 3753 | ||
3053 | /* Check to see if the mechanism is usable before we offer it */ | 3754 | /* Check to see whether the mechanism is usable before we offer it */ |
3054 | while (mech < gss_supported->count && !ok) { | 3755 | while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && |
3756 | @@ -712,13 +793,15 @@ userauth_gssapi(struct ssh *ssh) | ||
3757 | elements[authctxt->mech_tried]; | ||
3055 | /* My DER encoding requires length<128 */ | 3758 | /* My DER encoding requires length<128 */ |
3056 | if (gss_supported->elements[mech].length < 128 && | 3759 | if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, |
3057 | ssh_gssapi_check_mechanism(&gssctxt, | 3760 | - mech, authctxt->host)) { |
3058 | - &gss_supported->elements[mech], authctxt->host)) { | 3761 | + mech, gss_host, options.gss_client_identity)) { |
3059 | + &gss_supported->elements[mech], gss_host, | ||
3060 | + options.gss_client_identity)) { | ||
3061 | ok = 1; /* Mechanism works */ | 3762 | ok = 1; /* Mechanism works */ |
3062 | } else { | 3763 | } else { |
3063 | mech++; | 3764 | authctxt->mech_tried++; |
3064 | } | 3765 | } |
3065 | } | 3766 | } |
3066 | 3767 | ||
3067 | + free(gss_host); | 3768 | + free(gss_host); |
3068 | + | 3769 | + |
3069 | if (!ok) | 3770 | if (!ok || mech == NULL) |
3070 | return 0; | 3771 | return 0; |
3071 | 3772 | ||
3072 | @@ -935,6 +1016,54 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) | 3773 | @@ -958,6 +1041,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) |
3073 | free(lang); | 3774 | free(lang); |
3074 | return r; | 3775 | return r; |
3075 | } | 3776 | } |
3076 | + | 3777 | + |
3077 | +int | 3778 | +int |
3078 | +userauth_gsskeyex(Authctxt *authctxt) | 3779 | +userauth_gsskeyex(struct ssh *ssh) |
3079 | +{ | 3780 | +{ |
3080 | + struct ssh *ssh = active_state; /* XXX */ | 3781 | + struct sshbuf *b = NULL; |
3081 | + struct sshbuf *b; | 3782 | + Authctxt *authctxt = ssh->authctxt; |
3082 | + gss_buffer_desc gssbuf; | 3783 | + gss_buffer_desc gssbuf; |
3083 | + gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; | 3784 | + gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; |
3084 | + OM_uint32 ms; | 3785 | + OM_uint32 ms; |
@@ -3089,12 +3790,13 @@ index 1675f3935..8c872a4fb 100644 | |||
3089 | + return (0); | 3790 | + return (0); |
3090 | + | 3791 | + |
3091 | + if (gss_kex_context == NULL) { | 3792 | + if (gss_kex_context == NULL) { |
3092 | + debug("No valid Key exchange context"); | 3793 | + debug("No valid Key exchange context"); |
3093 | + return (0); | 3794 | + return (0); |
3094 | + } | 3795 | + } |
3095 | + | 3796 | + |
3096 | + if ((b = sshbuf_new()) == NULL) | 3797 | + if ((b = sshbuf_new()) == NULL) |
3097 | + fatal("%s: sshbuf_new failed", __func__); | 3798 | + fatal("%s: sshbuf_new failed", __func__); |
3799 | + | ||
3098 | + ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, | 3800 | + ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, |
3099 | + "gssapi-keyex"); | 3801 | + "gssapi-keyex"); |
3100 | + | 3802 | + |
@@ -3123,9 +3825,9 @@ index 1675f3935..8c872a4fb 100644 | |||
3123 | + | 3825 | + |
3124 | #endif /* GSSAPI */ | 3826 | #endif /* GSSAPI */ |
3125 | 3827 | ||
3126 | int | 3828 | static int |
3127 | diff --git a/sshd.c b/sshd.c | 3829 | diff --git a/sshd.c b/sshd.c |
3128 | index ba26287ba..539a000fd 100644 | 3830 | index cbd3bce91..98680721b 100644 |
3129 | --- a/sshd.c | 3831 | --- a/sshd.c |
3130 | +++ b/sshd.c | 3832 | +++ b/sshd.c |
3131 | @@ -123,6 +123,10 @@ | 3833 | @@ -123,6 +123,10 @@ |
@@ -3139,21 +3841,28 @@ index ba26287ba..539a000fd 100644 | |||
3139 | /* Re-exec fds */ | 3841 | /* Re-exec fds */ |
3140 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) | 3842 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) |
3141 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) | 3843 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) |
3142 | @@ -1810,10 +1814,13 @@ main(int ac, char **av) | 3844 | @@ -796,8 +800,8 @@ notify_hostkeys(struct ssh *ssh) |
3845 | } | ||
3846 | debug3("%s: sent %u hostkeys", __func__, nkeys); | ||
3847 | if (nkeys == 0) | ||
3848 | - fatal("%s: no hostkeys", __func__); | ||
3849 | - if ((r = sshpkt_send(ssh)) != 0) | ||
3850 | + debug3("%s: no hostkeys", __func__); | ||
3851 | + else if ((r = sshpkt_send(ssh)) != 0) | ||
3852 | sshpkt_fatal(ssh, r, "%s: send", __func__); | ||
3853 | sshbuf_free(buf); | ||
3854 | } | ||
3855 | @@ -1769,7 +1773,8 @@ main(int ac, char **av) | ||
3143 | free(fp); | 3856 | free(fp); |
3144 | } | 3857 | } |
3145 | accumulate_host_timing_secret(cfg, NULL); | 3858 | accumulate_host_timing_secret(cfg, NULL); |
3146 | +#ifndef GSSAPI | 3859 | - if (!sensitive_data.have_ssh2_key) { |
3147 | + /* The GSSAPI key exchange can run without a host key */ | 3860 | + /* The GSSAPI key exchange can run without a host key */ |
3148 | if (!sensitive_data.have_ssh2_key) { | 3861 | + if (!sensitive_data.have_ssh2_key && !options.gss_keyex) { |
3149 | logit("sshd: no hostkeys available -- exiting."); | 3862 | logit("sshd: no hostkeys available -- exiting."); |
3150 | exit(1); | 3863 | exit(1); |
3151 | } | 3864 | } |
3152 | +#endif | 3865 | @@ -2064,6 +2069,60 @@ main(int ac, char **av) |
3153 | |||
3154 | /* | ||
3155 | * Load certificates. They are stored in an array at identical | ||
3156 | @@ -2104,6 +2111,60 @@ main(int ac, char **av) | ||
3157 | rdomain == NULL ? "" : "\""); | 3866 | rdomain == NULL ? "" : "\""); |
3158 | free(laddr); | 3867 | free(laddr); |
3159 | 3868 | ||
@@ -3214,18 +3923,18 @@ index ba26287ba..539a000fd 100644 | |||
3214 | /* | 3923 | /* |
3215 | * We don't want to listen forever unless the other side | 3924 | * We don't want to listen forever unless the other side |
3216 | * successfully authenticates itself. So we set up an alarm which is | 3925 | * successfully authenticates itself. So we set up an alarm which is |
3217 | @@ -2287,6 +2348,48 @@ do_ssh2_kex(void) | 3926 | @@ -2260,6 +2319,48 @@ do_ssh2_kex(struct ssh *ssh) |
3218 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( | 3927 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |
3219 | list_hostkey_types()); | 3928 | list_hostkey_types()); |
3220 | 3929 | ||
3221 | +#ifdef GSSAPI | 3930 | +#if defined(GSSAPI) && defined(WITH_OPENSSL) |
3222 | + { | 3931 | + { |
3223 | + char *orig; | 3932 | + char *orig; |
3224 | + char *gss = NULL; | 3933 | + char *gss = NULL; |
3225 | + char *newstr = NULL; | 3934 | + char *newstr = NULL; |
3226 | + orig = myproposal[PROPOSAL_KEX_ALGS]; | 3935 | + orig = myproposal[PROPOSAL_KEX_ALGS]; |
3227 | + | 3936 | + |
3228 | + /* | 3937 | + /* |
3229 | + * If we don't have a host key, then there's no point advertising | 3938 | + * If we don't have a host key, then there's no point advertising |
3230 | + * the other key exchange algorithms | 3939 | + * the other key exchange algorithms |
3231 | + */ | 3940 | + */ |
@@ -3245,10 +3954,10 @@ index ba26287ba..539a000fd 100644 | |||
3245 | + else if (orig) | 3954 | + else if (orig) |
3246 | + newstr = orig; | 3955 | + newstr = orig; |
3247 | + | 3956 | + |
3248 | + /* | 3957 | + /* |
3249 | + * If we've got GSSAPI mechanisms, then we've got the 'null' host | 3958 | + * If we've got GSSAPI mechanisms, then we've got the 'null' host |
3250 | + * key alg, but we can't tell people about it unless its the only | 3959 | + * key alg, but we can't tell people about it unless its the only |
3251 | + * host key algorithm we support | 3960 | + * host key algorithm we support |
3252 | + */ | 3961 | + */ |
3253 | + if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | 3962 | + if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) |
3254 | + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | 3963 | + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; |
@@ -3261,22 +3970,28 @@ index ba26287ba..539a000fd 100644 | |||
3261 | +#endif | 3970 | +#endif |
3262 | + | 3971 | + |
3263 | /* start key exchange */ | 3972 | /* start key exchange */ |
3264 | if ((r = kex_setup(active_state, myproposal)) != 0) | 3973 | if ((r = kex_setup(ssh, myproposal)) != 0) |
3265 | fatal("kex_setup: %s", ssh_err(r)); | 3974 | fatal("kex_setup: %s", ssh_err(r)); |
3266 | @@ -2304,6 +2407,13 @@ do_ssh2_kex(void) | 3975 | @@ -2275,7 +2376,18 @@ do_ssh2_kex(struct ssh *ssh) |
3976 | # ifdef OPENSSL_HAS_ECC | ||
3977 | kex->kex[KEX_ECDH_SHA2] = kex_gen_server; | ||
3267 | # endif | 3978 | # endif |
3268 | #endif | 3979 | -#endif |
3269 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 3980 | +# ifdef GSSAPI |
3270 | +#ifdef GSSAPI | ||
3271 | + if (options.gss_keyex) { | 3981 | + if (options.gss_keyex) { |
3272 | + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 3982 | + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
3273 | + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | 3983 | + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; |
3274 | + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | 3984 | + kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; |
3985 | + kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; | ||
3986 | + kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; | ||
3987 | + kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; | ||
3988 | + kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; | ||
3275 | + } | 3989 | + } |
3276 | +#endif | 3990 | +# endif |
3277 | kex->server = 1; | 3991 | +#endif /* WITH_OPENSSL */ |
3278 | kex->client_version_string=client_version_string; | 3992 | kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
3279 | kex->server_version_string=server_version_string; | 3993 | kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; |
3994 | kex->load_host_public_key=&get_hostkey_public_by_type; | ||
3280 | diff --git a/sshd_config b/sshd_config | 3995 | diff --git a/sshd_config b/sshd_config |
3281 | index 19b7c91a1..2c48105f8 100644 | 3996 | index 19b7c91a1..2c48105f8 100644 |
3282 | --- a/sshd_config | 3997 | --- a/sshd_config |
@@ -3291,35 +4006,55 @@ index 19b7c91a1..2c48105f8 100644 | |||
3291 | # Set this to 'yes' to enable PAM authentication, account processing, | 4006 | # Set this to 'yes' to enable PAM authentication, account processing, |
3292 | # and session processing. If this is enabled, PAM authentication will | 4007 | # and session processing. If this is enabled, PAM authentication will |
3293 | diff --git a/sshd_config.5 b/sshd_config.5 | 4008 | diff --git a/sshd_config.5 b/sshd_config.5 |
3294 | index c6484370b..985eef5a2 100644 | 4009 | index b224f2929..2baa6622b 100644 |
3295 | --- a/sshd_config.5 | 4010 | --- a/sshd_config.5 |
3296 | +++ b/sshd_config.5 | 4011 | +++ b/sshd_config.5 |
3297 | @@ -648,6 +648,11 @@ The default is | 4012 | @@ -653,6 +653,11 @@ Specifies whether to automatically destroy the user's credentials cache |
3298 | Specifies whether user authentication based on GSSAPI is allowed. | 4013 | on logout. |
3299 | The default is | 4014 | The default is |
3300 | .Cm no . | 4015 | .Cm yes . |
3301 | +.It Cm GSSAPIKeyExchange | 4016 | +.It Cm GSSAPIKeyExchange |
3302 | +Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange | 4017 | +Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange |
3303 | +doesn't rely on ssh keys to verify host identity. | 4018 | +doesn't rely on ssh keys to verify host identity. |
3304 | +The default is | 4019 | +The default is |
3305 | +.Cm no . | 4020 | +.Cm no . |
3306 | .It Cm GSSAPICleanupCredentials | 4021 | .It Cm GSSAPIStrictAcceptorCheck |
3307 | Specifies whether to automatically destroy the user's credentials cache | 4022 | Determines whether to be strict about the identity of the GSSAPI acceptor |
3308 | on logout. | 4023 | a client authenticates against. |
3309 | @@ -667,6 +672,11 @@ machine's default store. | 4024 | @@ -667,6 +672,31 @@ machine's default store. |
3310 | This facility is provided to assist with operation on multi homed machines. | 4025 | This facility is provided to assist with operation on multi homed machines. |
3311 | The default is | 4026 | The default is |
3312 | .Cm yes . | 4027 | .Cm yes . |
3313 | +.It Cm GSSAPIStoreCredentialsOnRekey | 4028 | +.It Cm GSSAPIStoreCredentialsOnRekey |
3314 | +Controls whether the user's GSSAPI credentials should be updated following a | 4029 | +Controls whether the user's GSSAPI credentials should be updated following a |
3315 | +successful connection rekeying. This option can be used to accepted renewed | 4030 | +successful connection rekeying. This option can be used to accepted renewed |
3316 | +or updated credentials from a compatible client. The default is | 4031 | +or updated credentials from a compatible client. The default is |
3317 | +.Cm no . | 4032 | +.Dq no . |
4033 | +.Pp | ||
4034 | +For this to work | ||
4035 | +.Cm GSSAPIKeyExchange | ||
4036 | +needs to be enabled in the server and also used by the client. | ||
4037 | +.It Cm GSSAPIKexAlgorithms | ||
4038 | +The list of key exchange algorithms that are accepted by GSSAPI | ||
4039 | +key exchange. Possible values are | ||
4040 | +.Bd -literal -offset 3n | ||
4041 | +gss-gex-sha1-, | ||
4042 | +gss-group1-sha1-, | ||
4043 | +gss-group14-sha1-, | ||
4044 | +gss-group14-sha256-, | ||
4045 | +gss-group16-sha512-, | ||
4046 | +gss-nistp256-sha256-, | ||
4047 | +gss-curve25519-sha256- | ||
4048 | +.Ed | ||
4049 | +.Pp | ||
4050 | +The default is | ||
4051 | +.Dq gss-gex-sha1-,gss-group14-sha1- . | ||
4052 | +This option only applies to protocol version 2 connections using GSSAPI. | ||
3318 | .It Cm HostbasedAcceptedKeyTypes | 4053 | .It Cm HostbasedAcceptedKeyTypes |
3319 | Specifies the key types that will be accepted for hostbased authentication | 4054 | Specifies the key types that will be accepted for hostbased authentication |
3320 | as a list of comma-separated patterns. | 4055 | as a list of comma-separated patterns. |
3321 | diff --git a/sshkey.c b/sshkey.c | 4056 | diff --git a/sshkey.c b/sshkey.c |
3322 | index 6555c5ef8..a85c185fc 100644 | 4057 | index ad1957762..789cd61ef 100644 |
3323 | --- a/sshkey.c | 4058 | --- a/sshkey.c |
3324 | +++ b/sshkey.c | 4059 | +++ b/sshkey.c |
3325 | @@ -135,6 +135,7 @@ static const struct keytype keytypes[] = { | 4060 | @@ -135,6 +135,7 @@ static const struct keytype keytypes[] = { |
@@ -3340,10 +4075,10 @@ index 6555c5ef8..a85c185fc 100644 | |||
3340 | if (!include_sigonly && kt->sigonly) | 4075 | if (!include_sigonly && kt->sigonly) |
3341 | continue; | 4076 | continue; |
3342 | diff --git a/sshkey.h b/sshkey.h | 4077 | diff --git a/sshkey.h b/sshkey.h |
3343 | index f6a007fdf..f54deb0c0 100644 | 4078 | index a91e60436..c11106c93 100644 |
3344 | --- a/sshkey.h | 4079 | --- a/sshkey.h |
3345 | +++ b/sshkey.h | 4080 | +++ b/sshkey.h |
3346 | @@ -64,6 +64,7 @@ enum sshkey_types { | 4081 | @@ -65,6 +65,7 @@ enum sshkey_types { |
3347 | KEY_ED25519_CERT, | 4082 | KEY_ED25519_CERT, |
3348 | KEY_XMSS, | 4083 | KEY_XMSS, |
3349 | KEY_XMSS_CERT, | 4084 | KEY_XMSS_CERT, |
diff --git a/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch b/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch deleted file mode 100644 index 767dbf2b5..000000000 --- a/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch +++ /dev/null | |||
@@ -1,120 +0,0 @@ | |||
1 | From 2a8f710447442e9a03e71c022859112ec2d77d17 Mon Sep 17 00:00:00 2001 | ||
2 | From: "dtucker@openbsd.org" <dtucker@openbsd.org> | ||
3 | Date: Thu, 24 Jan 2019 16:52:17 +0000 | ||
4 | Subject: upstream: Have progressmeter force an update at the beginning and | ||
5 | |||
6 | end of each transfer. Fixes the problem recently introduces where very quick | ||
7 | transfers do not display the progressmeter at all. Spotted by naddy@ | ||
8 | |||
9 | OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a | ||
10 | |||
11 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb | ||
12 | Last-Update: 2019-02-08 | ||
13 | |||
14 | Patch-Name: have-progressmeter-force-update-at-beginning-and-end-transfer.patch | ||
15 | --- | ||
16 | progressmeter.c | 13 +++++-------- | ||
17 | progressmeter.h | 4 ++-- | ||
18 | scp.c | 2 +- | ||
19 | sftp-client.c | 2 +- | ||
20 | 4 files changed, 9 insertions(+), 12 deletions(-) | ||
21 | |||
22 | diff --git a/progressmeter.c b/progressmeter.c | ||
23 | index add462dde..e385c1254 100644 | ||
24 | --- a/progressmeter.c | ||
25 | +++ b/progressmeter.c | ||
26 | @@ -1,4 +1,4 @@ | ||
27 | -/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ | ||
28 | +/* $OpenBSD: progressmeter.c,v 1.47 2019/01/24 16:52:17 dtucker Exp $ */ | ||
29 | /* | ||
30 | * Copyright (c) 2003 Nils Nordman. All rights reserved. | ||
31 | * | ||
32 | @@ -59,9 +59,6 @@ static void format_rate(char *, int, off_t); | ||
33 | static void sig_winch(int); | ||
34 | static void setscreensize(void); | ||
35 | |||
36 | -/* updates the progressmeter to reflect the current state of the transfer */ | ||
37 | -void refresh_progress_meter(void); | ||
38 | - | ||
39 | /* signal handler for updating the progress meter */ | ||
40 | static void sig_alarm(int); | ||
41 | |||
42 | @@ -120,7 +117,7 @@ format_size(char *buf, int size, off_t bytes) | ||
43 | } | ||
44 | |||
45 | void | ||
46 | -refresh_progress_meter(void) | ||
47 | +refresh_progress_meter(int force_update) | ||
48 | { | ||
49 | char buf[MAX_WINSIZE + 1]; | ||
50 | off_t transferred; | ||
51 | @@ -131,7 +128,7 @@ refresh_progress_meter(void) | ||
52 | int hours, minutes, seconds; | ||
53 | int file_len; | ||
54 | |||
55 | - if ((!alarm_fired && !win_resized) || !can_output()) | ||
56 | + if ((!force_update && !alarm_fired && !win_resized) || !can_output()) | ||
57 | return; | ||
58 | alarm_fired = 0; | ||
59 | |||
60 | @@ -254,7 +251,7 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) | ||
61 | bytes_per_second = 0; | ||
62 | |||
63 | setscreensize(); | ||
64 | - refresh_progress_meter(); | ||
65 | + refresh_progress_meter(1); | ||
66 | |||
67 | signal(SIGALRM, sig_alarm); | ||
68 | signal(SIGWINCH, sig_winch); | ||
69 | @@ -271,7 +268,7 @@ stop_progress_meter(void) | ||
70 | |||
71 | /* Ensure we complete the progress */ | ||
72 | if (cur_pos != end_pos) | ||
73 | - refresh_progress_meter(); | ||
74 | + refresh_progress_meter(1); | ||
75 | |||
76 | atomicio(vwrite, STDOUT_FILENO, "\n", 1); | ||
77 | } | ||
78 | diff --git a/progressmeter.h b/progressmeter.h | ||
79 | index 8f6678060..1703ea75b 100644 | ||
80 | --- a/progressmeter.h | ||
81 | +++ b/progressmeter.h | ||
82 | @@ -1,4 +1,4 @@ | ||
83 | -/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ | ||
84 | +/* $OpenBSD: progressmeter.h,v 1.5 2019/01/24 16:52:17 dtucker Exp $ */ | ||
85 | /* | ||
86 | * Copyright (c) 2002 Nils Nordman. All rights reserved. | ||
87 | * | ||
88 | @@ -24,5 +24,5 @@ | ||
89 | */ | ||
90 | |||
91 | void start_progress_meter(const char *, off_t, off_t *); | ||
92 | -void refresh_progress_meter(void); | ||
93 | +void refresh_progress_meter(int); | ||
94 | void stop_progress_meter(void); | ||
95 | diff --git a/scp.c b/scp.c | ||
96 | index 80308573c..1971c80cd 100644 | ||
97 | --- a/scp.c | ||
98 | +++ b/scp.c | ||
99 | @@ -593,7 +593,7 @@ scpio(void *_cnt, size_t s) | ||
100 | off_t *cnt = (off_t *)_cnt; | ||
101 | |||
102 | *cnt += s; | ||
103 | - refresh_progress_meter(); | ||
104 | + refresh_progress_meter(0); | ||
105 | if (limit_kbps > 0) | ||
106 | bandwidth_limit(&bwlimit, s); | ||
107 | return 0; | ||
108 | diff --git a/sftp-client.c b/sftp-client.c | ||
109 | index 2bc698f86..cf2887a40 100644 | ||
110 | --- a/sftp-client.c | ||
111 | +++ b/sftp-client.c | ||
112 | @@ -101,7 +101,7 @@ sftpio(void *_bwlimit, size_t amount) | ||
113 | { | ||
114 | struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; | ||
115 | |||
116 | - refresh_progress_meter(); | ||
117 | + refresh_progress_meter(0); | ||
118 | if (bwlimit != NULL) | ||
119 | bandwidth_limit(bwlimit, amount); | ||
120 | return 0; | ||
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch index 4207302c3..fbfe6a1fb 100644 --- a/debian/patches/keepalive-extensions.patch +++ b/debian/patches/keepalive-extensions.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 7ba31c6ff505278fb9f33b695605ca3a093caba2 Mon Sep 17 00:00:00 2001 | 1 | From 4d8dd12bab7bbc954815d7953a0c86ce1687bd34 Mon Sep 17 00:00:00 2001 |
2 | From: Richard Kettlewell <rjk@greenend.org.uk> | 2 | From: Richard Kettlewell <rjk@greenend.org.uk> |
3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:52 +0000 |
4 | Subject: Various keepalive extensions | 4 | Subject: Various keepalive extensions |
@@ -26,10 +26,10 @@ Patch-Name: keepalive-extensions.patch | |||
26 | 3 files changed, 34 insertions(+), 4 deletions(-) | 26 | 3 files changed, 34 insertions(+), 4 deletions(-) |
27 | 27 | ||
28 | diff --git a/readconf.c b/readconf.c | 28 | diff --git a/readconf.c b/readconf.c |
29 | index 5e655e924..052d4b1ac 100644 | 29 | index 29f3bd98d..3d0b6ff90 100644 |
30 | --- a/readconf.c | 30 | --- a/readconf.c |
31 | +++ b/readconf.c | 31 | +++ b/readconf.c |
32 | @@ -175,6 +175,7 @@ typedef enum { | 32 | @@ -177,6 +177,7 @@ typedef enum { |
33 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, | 33 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
34 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, | 34 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
35 | oPubkeyAcceptedKeyTypes, oCASignatureAlgorithms, oProxyJump, | 35 | oPubkeyAcceptedKeyTypes, oCASignatureAlgorithms, oProxyJump, |
@@ -37,7 +37,7 @@ index 5e655e924..052d4b1ac 100644 | |||
37 | oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported | 37 | oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported |
38 | } OpCodes; | 38 | } OpCodes; |
39 | 39 | ||
40 | @@ -322,6 +323,8 @@ static struct { | 40 | @@ -326,6 +327,8 @@ static struct { |
41 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, | 41 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, |
42 | { "ignoreunknown", oIgnoreUnknown }, | 42 | { "ignoreunknown", oIgnoreUnknown }, |
43 | { "proxyjump", oProxyJump }, | 43 | { "proxyjump", oProxyJump }, |
@@ -46,7 +46,7 @@ index 5e655e924..052d4b1ac 100644 | |||
46 | 46 | ||
47 | { NULL, oBadOption } | 47 | { NULL, oBadOption } |
48 | }; | 48 | }; |
49 | @@ -1415,6 +1418,8 @@ parse_keytypes: | 49 | @@ -1440,6 +1443,8 @@ parse_keytypes: |
50 | goto parse_flag; | 50 | goto parse_flag; |
51 | 51 | ||
52 | case oServerAliveInterval: | 52 | case oServerAliveInterval: |
@@ -55,7 +55,7 @@ index 5e655e924..052d4b1ac 100644 | |||
55 | intptr = &options->server_alive_interval; | 55 | intptr = &options->server_alive_interval; |
56 | goto parse_time; | 56 | goto parse_time; |
57 | 57 | ||
58 | @@ -2101,8 +2106,13 @@ fill_default_options(Options * options) | 58 | @@ -2133,8 +2138,13 @@ fill_default_options(Options * options) |
59 | options->rekey_interval = 0; | 59 | options->rekey_interval = 0; |
60 | if (options->verify_host_key_dns == -1) | 60 | if (options->verify_host_key_dns == -1) |
61 | options->verify_host_key_dns = 0; | 61 | options->verify_host_key_dns = 0; |
@@ -72,10 +72,10 @@ index 5e655e924..052d4b1ac 100644 | |||
72 | options->server_alive_count_max = 3; | 72 | options->server_alive_count_max = 3; |
73 | if (options->control_master == -1) | 73 | if (options->control_master == -1) |
74 | diff --git a/ssh_config.5 b/ssh_config.5 | 74 | diff --git a/ssh_config.5 b/ssh_config.5 |
75 | index 16c79368a..54e143c93 100644 | 75 | index c3c8b274a..250c92d04 100644 |
76 | --- a/ssh_config.5 | 76 | --- a/ssh_config.5 |
77 | +++ b/ssh_config.5 | 77 | +++ b/ssh_config.5 |
78 | @@ -247,8 +247,12 @@ Valid arguments are | 78 | @@ -265,8 +265,12 @@ Valid arguments are |
79 | If set to | 79 | If set to |
80 | .Cm yes , | 80 | .Cm yes , |
81 | passphrase/password querying will be disabled. | 81 | passphrase/password querying will be disabled. |
@@ -89,7 +89,7 @@ index 16c79368a..54e143c93 100644 | |||
89 | The argument must be | 89 | The argument must be |
90 | .Cm yes | 90 | .Cm yes |
91 | or | 91 | or |
92 | @@ -1485,7 +1489,14 @@ from the server, | 92 | @@ -1535,7 +1539,14 @@ from the server, |
93 | will send a message through the encrypted | 93 | will send a message through the encrypted |
94 | channel to request a response from the server. | 94 | channel to request a response from the server. |
95 | The default | 95 | The default |
@@ -105,7 +105,7 @@ index 16c79368a..54e143c93 100644 | |||
105 | .It Cm SetEnv | 105 | .It Cm SetEnv |
106 | Directly specify one or more environment variables and their contents to | 106 | Directly specify one or more environment variables and their contents to |
107 | be sent to the server. | 107 | be sent to the server. |
108 | @@ -1565,6 +1576,12 @@ Specifies whether the system should send TCP keepalive messages to the | 108 | @@ -1615,6 +1626,12 @@ Specifies whether the system should send TCP keepalive messages to the |
109 | other side. | 109 | other side. |
110 | If they are sent, death of the connection or crash of one | 110 | If they are sent, death of the connection or crash of one |
111 | of the machines will be properly noticed. | 111 | of the machines will be properly noticed. |
@@ -119,10 +119,10 @@ index 16c79368a..54e143c93 100644 | |||
119 | connections will die if the route is down temporarily, and some people | 119 | connections will die if the route is down temporarily, and some people |
120 | find it annoying. | 120 | find it annoying. |
121 | diff --git a/sshd_config.5 b/sshd_config.5 | 121 | diff --git a/sshd_config.5 b/sshd_config.5 |
122 | index 985eef5a2..e7e55dd71 100644 | 122 | index 2baa6622b..2ef671d1b 100644 |
123 | --- a/sshd_config.5 | 123 | --- a/sshd_config.5 |
124 | +++ b/sshd_config.5 | 124 | +++ b/sshd_config.5 |
125 | @@ -1577,6 +1577,9 @@ This avoids infinitely hanging sessions. | 125 | @@ -1597,6 +1597,9 @@ This avoids infinitely hanging sessions. |
126 | .Pp | 126 | .Pp |
127 | To disable TCP keepalive messages, the value should be set to | 127 | To disable TCP keepalive messages, the value should be set to |
128 | .Cm no . | 128 | .Cm no . |
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch index 75ed46db7..21e8d7947 100644 --- a/debian/patches/mention-ssh-keygen-on-keychange.patch +++ b/debian/patches/mention-ssh-keygen-on-keychange.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From bb8bb2621914ad600202e38d5b9b4f4544b191e5 Mon Sep 17 00:00:00 2001 | 1 | From 15b7cc25dea4efdef7fdd129d0e3d1a091afd67b Mon Sep 17 00:00:00 2001 |
2 | From: Scott Moser <smoser@ubuntu.com> | 2 | From: Scott Moser <smoser@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:03 +0000 |
4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning | 4 | Subject: Mention ssh-keygen in ssh fingerprint changed warning |
@@ -14,10 +14,10 @@ Patch-Name: mention-ssh-keygen-on-keychange.patch | |||
14 | 1 file changed, 8 insertions(+), 1 deletion(-) | 14 | 1 file changed, 8 insertions(+), 1 deletion(-) |
15 | 15 | ||
16 | diff --git a/sshconnect.c b/sshconnect.c | 16 | diff --git a/sshconnect.c b/sshconnect.c |
17 | index 700ea6c3c..158e8146f 100644 | 17 | index 103d84e38..0b6f6af4b 100644 |
18 | --- a/sshconnect.c | 18 | --- a/sshconnect.c |
19 | +++ b/sshconnect.c | 19 | +++ b/sshconnect.c |
20 | @@ -1121,9 +1121,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | 20 | @@ -986,9 +986,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, |
21 | error("%s. This could either mean that", key_msg); | 21 | error("%s. This could either mean that", key_msg); |
22 | error("DNS SPOOFING is happening or the IP address for the host"); | 22 | error("DNS SPOOFING is happening or the IP address for the host"); |
23 | error("and its host key have changed at the same time."); | 23 | error("and its host key have changed at the same time."); |
@@ -32,7 +32,7 @@ index 700ea6c3c..158e8146f 100644 | |||
32 | } | 32 | } |
33 | /* The host key has changed. */ | 33 | /* The host key has changed. */ |
34 | warn_changed_key(host_key); | 34 | warn_changed_key(host_key); |
35 | @@ -1132,6 +1136,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | 35 | @@ -997,6 +1001,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, |
36 | error("Offending %s key in %s:%lu", | 36 | error("Offending %s key in %s:%lu", |
37 | sshkey_type(host_found->key), | 37 | sshkey_type(host_found->key), |
38 | host_found->file, host_found->line); | 38 | host_found->file, host_found->line); |
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch index 3b2e05e58..dcc672726 100644 --- a/debian/patches/no-openssl-version-status.patch +++ b/debian/patches/no-openssl-version-status.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 690051b3aa4ff72af57e4a82d640858357eef820 Mon Sep 17 00:00:00 2001 | 1 | From 1f61e987ccec2a2af15044196c1a6730959ead98 Mon Sep 17 00:00:00 2001 |
2 | From: Kurt Roeckx <kurt@roeckx.be> | 2 | From: Kurt Roeckx <kurt@roeckx.be> |
3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:14 +0000 |
4 | Subject: Don't check the status field of the OpenSSL version | 4 | Subject: Don't check the status field of the OpenSSL version |
@@ -23,7 +23,7 @@ Patch-Name: no-openssl-version-status.patch | |||
23 | 2 files changed, 4 insertions(+), 3 deletions(-) | 23 | 2 files changed, 4 insertions(+), 3 deletions(-) |
24 | 24 | ||
25 | diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c | 25 | diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c |
26 | index 8b4a36274..ea0b0c9fb 100644 | 26 | index a37ca61bf..c1749210d 100644 |
27 | --- a/openbsd-compat/openssl-compat.c | 27 | --- a/openbsd-compat/openssl-compat.c |
28 | +++ b/openbsd-compat/openssl-compat.c | 28 | +++ b/openbsd-compat/openssl-compat.c |
29 | @@ -34,7 +34,7 @@ | 29 | @@ -34,7 +34,7 @@ |
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch index cdb905b2e..e46967c72 100644 --- a/debian/patches/openbsd-docs.patch +++ b/debian/patches/openbsd-docs.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 96c85e746d4f94c7d2748a200e5817ad8a987918 Mon Sep 17 00:00:00 2001 | 1 | From 47beec5c944ea9add7d267110fc9dcf15e7b8932 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:09 +0000 |
4 | Subject: Adjust various OpenBSD-specific references in manual pages | 4 | Subject: Adjust various OpenBSD-specific references in manual pages |
@@ -44,10 +44,10 @@ index ef0de0850..149846c8c 100644 | |||
44 | .Sh SEE ALSO | 44 | .Sh SEE ALSO |
45 | .Xr ssh-keygen 1 , | 45 | .Xr ssh-keygen 1 , |
46 | diff --git a/ssh-keygen.1 b/ssh-keygen.1 | 46 | diff --git a/ssh-keygen.1 b/ssh-keygen.1 |
47 | index bfa2eb5f3..da6b5ed76 100644 | 47 | index 124456577..9b877b860 100644 |
48 | --- a/ssh-keygen.1 | 48 | --- a/ssh-keygen.1 |
49 | +++ b/ssh-keygen.1 | 49 | +++ b/ssh-keygen.1 |
50 | @@ -176,9 +176,7 @@ key in | 50 | @@ -178,9 +178,7 @@ key in |
51 | .Pa ~/.ssh/id_ed25519 | 51 | .Pa ~/.ssh/id_ed25519 |
52 | or | 52 | or |
53 | .Pa ~/.ssh/id_rsa . | 53 | .Pa ~/.ssh/id_rsa . |
@@ -58,7 +58,7 @@ index bfa2eb5f3..da6b5ed76 100644 | |||
58 | .Pp | 58 | .Pp |
59 | Normally this program generates the key and asks for a file in which | 59 | Normally this program generates the key and asks for a file in which |
60 | to store the private key. | 60 | to store the private key. |
61 | @@ -229,9 +227,7 @@ If | 61 | @@ -243,9 +241,7 @@ If |
62 | .Fl f | 62 | .Fl f |
63 | has also been specified, its argument is used as a prefix to the | 63 | has also been specified, its argument is used as a prefix to the |
64 | default path for the resulting host key files. | 64 | default path for the resulting host key files. |
@@ -69,7 +69,7 @@ index bfa2eb5f3..da6b5ed76 100644 | |||
69 | .It Fl a Ar rounds | 69 | .It Fl a Ar rounds |
70 | When saving a private key this option specifies the number of KDF | 70 | When saving a private key this option specifies the number of KDF |
71 | (key derivation function) rounds used. | 71 | (key derivation function) rounds used. |
72 | @@ -677,7 +673,7 @@ option. | 72 | @@ -703,7 +699,7 @@ option. |
73 | Valid generator values are 2, 3, and 5. | 73 | Valid generator values are 2, 3, and 5. |
74 | .Pp | 74 | .Pp |
75 | Screened DH groups may be installed in | 75 | Screened DH groups may be installed in |
@@ -78,7 +78,7 @@ index bfa2eb5f3..da6b5ed76 100644 | |||
78 | It is important that this file contains moduli of a range of bit lengths and | 78 | It is important that this file contains moduli of a range of bit lengths and |
79 | that both ends of a connection share common moduli. | 79 | that both ends of a connection share common moduli. |
80 | .Sh CERTIFICATES | 80 | .Sh CERTIFICATES |
81 | @@ -877,7 +873,7 @@ on all machines | 81 | @@ -903,7 +899,7 @@ on all machines |
82 | where the user wishes to log in using public key authentication. | 82 | where the user wishes to log in using public key authentication. |
83 | There is no need to keep the contents of this file secret. | 83 | There is no need to keep the contents of this file secret. |
84 | .Pp | 84 | .Pp |
@@ -88,10 +88,10 @@ index bfa2eb5f3..da6b5ed76 100644 | |||
88 | The file format is described in | 88 | The file format is described in |
89 | .Xr moduli 5 . | 89 | .Xr moduli 5 . |
90 | diff --git a/ssh.1 b/ssh.1 | 90 | diff --git a/ssh.1 b/ssh.1 |
91 | index 81f29af43..5dfad6daa 100644 | 91 | index 64ead5f57..e4aeae7b4 100644 |
92 | --- a/ssh.1 | 92 | --- a/ssh.1 |
93 | +++ b/ssh.1 | 93 | +++ b/ssh.1 |
94 | @@ -860,6 +860,10 @@ implements public key authentication protocol automatically, | 94 | @@ -873,6 +873,10 @@ implements public key authentication protocol automatically, |
95 | using one of the DSA, ECDSA, Ed25519 or RSA algorithms. | 95 | using one of the DSA, ECDSA, Ed25519 or RSA algorithms. |
96 | The HISTORY section of | 96 | The HISTORY section of |
97 | .Xr ssl 8 | 97 | .Xr ssl 8 |
@@ -133,7 +133,7 @@ index 57a7fd66b..4abc01d66 100644 | |||
133 | .Xr sshd_config 5 , | 133 | .Xr sshd_config 5 , |
134 | .Xr inetd 8 , | 134 | .Xr inetd 8 , |
135 | diff --git a/sshd_config.5 b/sshd_config.5 | 135 | diff --git a/sshd_config.5 b/sshd_config.5 |
136 | index 37e6be38f..23f71fd1d 100644 | 136 | index addea54a0..f995e4ab0 100644 |
137 | --- a/sshd_config.5 | 137 | --- a/sshd_config.5 |
138 | +++ b/sshd_config.5 | 138 | +++ b/sshd_config.5 |
139 | @@ -395,8 +395,7 @@ Certificates signed using other algorithms will not be accepted for | 139 | @@ -395,8 +395,7 @@ Certificates signed using other algorithms will not be accepted for |
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch index 809c78846..0d2be82dc 100644 --- a/debian/patches/package-versioning.patch +++ b/debian/patches/package-versioning.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From b258a00bedcf29200b394c671c6deb1e53157f32 Mon Sep 17 00:00:00 2001 | 1 | From 85e700a732e9a308eeee67f5a284e19fd6befbb8 Mon Sep 17 00:00:00 2001 |
2 | From: Matthew Vernon <matthew@debian.org> | 2 | From: Matthew Vernon <matthew@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:05 +0000 |
4 | Subject: Include the Debian version in our identification | 4 | Subject: Include the Debian version in our identification |
@@ -9,47 +9,33 @@ generally just try attacks rather than bothering to scan for | |||
9 | vulnerable-looking version strings. (However, see debian-banner.patch.) | 9 | vulnerable-looking version strings. (However, see debian-banner.patch.) |
10 | 10 | ||
11 | Forwarded: not-needed | 11 | Forwarded: not-needed |
12 | Last-Update: 2017-10-04 | 12 | Last-Update: 2019-06-05 |
13 | 13 | ||
14 | Patch-Name: package-versioning.patch | 14 | Patch-Name: package-versioning.patch |
15 | --- | 15 | --- |
16 | sshconnect.c | 2 +- | 16 | kex.c | 2 +- |
17 | sshd.c | 2 +- | 17 | version.h | 7 ++++++- |
18 | version.h | 7 ++++++- | 18 | 2 files changed, 7 insertions(+), 2 deletions(-) |
19 | 3 files changed, 8 insertions(+), 3 deletions(-) | ||
20 | 19 | ||
21 | diff --git a/sshconnect.c b/sshconnect.c | 20 | diff --git a/kex.c b/kex.c |
22 | index 158e8146f..b9418e277 100644 | 21 | index a2a4794e8..be354206d 100644 |
23 | --- a/sshconnect.c | 22 | --- a/kex.c |
24 | +++ b/sshconnect.c | 23 | +++ b/kex.c |
25 | @@ -609,7 +609,7 @@ send_client_banner(int connection_out, int minor1) | 24 | @@ -1186,7 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, |
26 | { | 25 | if (version_addendum != NULL && *version_addendum == '\0') |
27 | /* Send our own protocol version identification. */ | 26 | version_addendum = NULL; |
28 | xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", | 27 | if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", |
29 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION); | 28 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, |
30 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE); | 29 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, |
31 | if (atomicio(vwrite, connection_out, client_version_string, | 30 | version_addendum == NULL ? "" : " ", |
32 | strlen(client_version_string)) != strlen(client_version_string)) | 31 | version_addendum == NULL ? "" : version_addendum)) != 0) { |
33 | fatal("write: %.100s", strerror(errno)); | 32 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); |
34 | diff --git a/sshd.c b/sshd.c | ||
35 | index 2bc6679e5..9481272fc 100644 | ||
36 | --- a/sshd.c | ||
37 | +++ b/sshd.c | ||
38 | @@ -384,7 +384,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) | ||
39 | char remote_version[256]; /* Must be at least as big as buf. */ | ||
40 | |||
41 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n", | ||
42 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, | ||
43 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, | ||
44 | *options.version_addendum == '\0' ? "" : " ", | ||
45 | options.version_addendum); | ||
46 | |||
47 | diff --git a/version.h b/version.h | 33 | diff --git a/version.h b/version.h |
48 | index 422dfbc3a..5e1ce0426 100644 | 34 | index 806ead9a6..599c859e6 100644 |
49 | --- a/version.h | 35 | --- a/version.h |
50 | +++ b/version.h | 36 | +++ b/version.h |
51 | @@ -3,4 +3,9 @@ | 37 | @@ -3,4 +3,9 @@ |
52 | #define SSH_VERSION "OpenSSH_7.9" | 38 | #define SSH_VERSION "OpenSSH_8.0" |
53 | 39 | ||
54 | #define SSH_PORTABLE "p1" | 40 | #define SSH_PORTABLE "p1" |
55 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE | 41 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE |
diff --git a/debian/patches/request-rsa-sha2-cert-signatures.patch b/debian/patches/request-rsa-sha2-cert-signatures.patch deleted file mode 100644 index 2c876be31..000000000 --- a/debian/patches/request-rsa-sha2-cert-signatures.patch +++ /dev/null | |||
@@ -1,39 +0,0 @@ | |||
1 | From d94226d4fcefbc398c5583e12b5d07ca33884ba4 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Thu, 27 Dec 2018 23:02:11 +0000 | ||
4 | Subject: upstream: Request RSA-SHA2 signatures for | ||
5 | |||
6 | rsa-sha2-{256|512}-cert-v01@openssh.com cert algorithms; ok markus@ | ||
7 | |||
8 | OpenBSD-Commit-ID: afc6f7ca216ccd821656d1c911d2a3deed685033 | ||
9 | |||
10 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=f429c1b2ef631f2855e51a790cf71761d752bbca | ||
11 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2944 | ||
12 | Bug-Debian: https://bugs.debian.org/923419 | ||
13 | Last-Update: 2019-02-28 | ||
14 | |||
15 | Patch-Name: request-rsa-sha2-cert-signatures.patch | ||
16 | --- | ||
17 | authfd.c | 8 +++++--- | ||
18 | 1 file changed, 5 insertions(+), 3 deletions(-) | ||
19 | |||
20 | diff --git a/authfd.c b/authfd.c | ||
21 | index ecdd869ab..62cbf8c19 100644 | ||
22 | --- a/authfd.c | ||
23 | +++ b/authfd.c | ||
24 | @@ -327,10 +327,12 @@ ssh_free_identitylist(struct ssh_identitylist *idl) | ||
25 | static u_int | ||
26 | agent_encode_alg(const struct sshkey *key, const char *alg) | ||
27 | { | ||
28 | - if (alg != NULL && key->type == KEY_RSA) { | ||
29 | - if (strcmp(alg, "rsa-sha2-256") == 0) | ||
30 | + if (alg != NULL && sshkey_type_plain(key->type) == KEY_RSA) { | ||
31 | + if (strcmp(alg, "rsa-sha2-256") == 0 || | ||
32 | + strcmp(alg, "rsa-sha2-256-cert-v01@openssh.com") == 0) | ||
33 | return SSH_AGENT_RSA_SHA2_256; | ||
34 | - else if (strcmp(alg, "rsa-sha2-512") == 0) | ||
35 | + if (strcmp(alg, "rsa-sha2-512") == 0 || | ||
36 | + strcmp(alg, "rsa-sha2-512-cert-v01@openssh.com") == 0) | ||
37 | return SSH_AGENT_RSA_SHA2_512; | ||
38 | } | ||
39 | return 0; | ||
diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch index fcb1ac7e3..574923e1c 100644 --- a/debian/patches/restore-authorized_keys2.patch +++ b/debian/patches/restore-authorized_keys2.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From cebe4b82b280810172877a7f3d489c506c9a0691 Mon Sep 17 00:00:00 2001 | 1 | From 1af6147744892b18e2239c085abe87f5408cbaae Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 5 Mar 2017 02:02:11 +0000 | 3 | Date: Sun, 5 Mar 2017 02:02:11 +0000 |
4 | Subject: Restore reading authorized_keys2 by default | 4 | Subject: Restore reading authorized_keys2 by default |
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch index fdc6cf18a..0472ea7d0 100644 --- a/debian/patches/restore-tcp-wrappers.patch +++ b/debian/patches/restore-tcp-wrappers.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 389e16d0109d8c49a761cd7c267438b05c9ab984 Mon Sep 17 00:00:00 2001 | 1 | From 0f9f44654708e4fde2f52c52f717d061b5e458fa Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 | 3 | Date: Tue, 7 Oct 2014 13:22:41 +0100 |
4 | Subject: Restore TCP wrappers support | 4 | Subject: Restore TCP wrappers support |
@@ -18,7 +18,7 @@ but it at least probably doesn't involve dropping this feature shortly | |||
18 | before a freeze. | 18 | before a freeze. |
19 | 19 | ||
20 | Forwarded: not-needed | 20 | Forwarded: not-needed |
21 | Last-Update: 2018-08-24 | 21 | Last-Update: 2019-06-05 |
22 | 22 | ||
23 | Patch-Name: restore-tcp-wrappers.patch | 23 | Patch-Name: restore-tcp-wrappers.patch |
24 | --- | 24 | --- |
@@ -28,10 +28,10 @@ Patch-Name: restore-tcp-wrappers.patch | |||
28 | 3 files changed, 89 insertions(+) | 28 | 3 files changed, 89 insertions(+) |
29 | 29 | ||
30 | diff --git a/configure.ac b/configure.ac | 30 | diff --git a/configure.ac b/configure.ac |
31 | index 023e7cc55..917300b43 100644 | 31 | index 2869f7042..ce16e7758 100644 |
32 | --- a/configure.ac | 32 | --- a/configure.ac |
33 | +++ b/configure.ac | 33 | +++ b/configure.ac |
34 | @@ -1517,6 +1517,62 @@ else | 34 | @@ -1518,6 +1518,62 @@ else |
35 | AC_MSG_RESULT([no]) | 35 | AC_MSG_RESULT([no]) |
36 | fi | 36 | fi |
37 | 37 | ||
@@ -94,7 +94,7 @@ index 023e7cc55..917300b43 100644 | |||
94 | # Check whether user wants to use ldns | 94 | # Check whether user wants to use ldns |
95 | LDNS_MSG="no" | 95 | LDNS_MSG="no" |
96 | AC_ARG_WITH(ldns, | 96 | AC_ARG_WITH(ldns, |
97 | @@ -5329,6 +5385,7 @@ echo " PAM support: $PAM_MSG" | 97 | @@ -5269,6 +5325,7 @@ echo " PAM support: $PAM_MSG" |
98 | echo " OSF SIA support: $SIA_MSG" | 98 | echo " OSF SIA support: $SIA_MSG" |
99 | echo " KerberosV support: $KRB5_MSG" | 99 | echo " KerberosV support: $KRB5_MSG" |
100 | echo " SELinux support: $SELINUX_MSG" | 100 | echo " SELinux support: $SELINUX_MSG" |
@@ -128,7 +128,7 @@ index fb133c14b..57a7fd66b 100644 | |||
128 | .Xr moduli 5 , | 128 | .Xr moduli 5 , |
129 | .Xr sshd_config 5 , | 129 | .Xr sshd_config 5 , |
130 | diff --git a/sshd.c b/sshd.c | 130 | diff --git a/sshd.c b/sshd.c |
131 | index 539a000fd..673db87f6 100644 | 131 | index 98680721b..46870d3b5 100644 |
132 | --- a/sshd.c | 132 | --- a/sshd.c |
133 | +++ b/sshd.c | 133 | +++ b/sshd.c |
134 | @@ -127,6 +127,13 @@ | 134 | @@ -127,6 +127,13 @@ |
@@ -145,7 +145,7 @@ index 539a000fd..673db87f6 100644 | |||
145 | /* Re-exec fds */ | 145 | /* Re-exec fds */ |
146 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) | 146 | #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) |
147 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) | 147 | #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) |
148 | @@ -2099,6 +2106,24 @@ main(int ac, char **av) | 148 | @@ -2057,6 +2064,24 @@ main(int ac, char **av) |
149 | #ifdef SSH_AUDIT_EVENTS | 149 | #ifdef SSH_AUDIT_EVENTS |
150 | audit_connection_from(remote_ip, remote_port); | 150 | audit_connection_from(remote_ip, remote_port); |
151 | #endif | 151 | #endif |
@@ -153,7 +153,7 @@ index 539a000fd..673db87f6 100644 | |||
153 | + allow_severity = options.log_facility|LOG_INFO; | 153 | + allow_severity = options.log_facility|LOG_INFO; |
154 | + deny_severity = options.log_facility|LOG_WARNING; | 154 | + deny_severity = options.log_facility|LOG_WARNING; |
155 | + /* Check whether logins are denied from this host. */ | 155 | + /* Check whether logins are denied from this host. */ |
156 | + if (packet_connection_is_on_socket()) { | 156 | + if (ssh_packet_connection_is_on_socket(ssh)) { |
157 | + struct request_info req; | 157 | + struct request_info req; |
158 | + | 158 | + |
159 | + request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | 159 | + request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); |
diff --git a/debian/patches/revert-ipqos-defaults.patch b/debian/patches/revert-ipqos-defaults.patch index a329b9be1..d0b02d792 100644 --- a/debian/patches/revert-ipqos-defaults.patch +++ b/debian/patches/revert-ipqos-defaults.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 6b56cd57db9061296231f14d537f1ebaf25e8877 Mon Sep 17 00:00:00 2001 | 1 | From 7d50f9e5be88179325983a1f58c9d51bb58f025a Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Mon, 8 Apr 2019 10:46:29 +0100 | 3 | Date: Mon, 8 Apr 2019 10:46:29 +0100 |
4 | Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP | 4 | Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP |
@@ -24,10 +24,10 @@ Patch-Name: revert-ipqos-defaults.patch | |||
24 | 4 files changed, 8 insertions(+), 12 deletions(-) | 24 | 4 files changed, 8 insertions(+), 12 deletions(-) |
25 | 25 | ||
26 | diff --git a/readconf.c b/readconf.c | 26 | diff --git a/readconf.c b/readconf.c |
27 | index 661b8bf40..6d046f063 100644 | 27 | index f35bde6e6..2ba312441 100644 |
28 | --- a/readconf.c | 28 | --- a/readconf.c |
29 | +++ b/readconf.c | 29 | +++ b/readconf.c |
30 | @@ -2133,9 +2133,9 @@ fill_default_options(Options * options) | 30 | @@ -2165,9 +2165,9 @@ fill_default_options(Options * options) |
31 | if (options->visual_host_key == -1) | 31 | if (options->visual_host_key == -1) |
32 | options->visual_host_key = 0; | 32 | options->visual_host_key = 0; |
33 | if (options->ip_qos_interactive == -1) | 33 | if (options->ip_qos_interactive == -1) |
@@ -40,10 +40,10 @@ index 661b8bf40..6d046f063 100644 | |||
40 | options->request_tty = REQUEST_TTY_AUTO; | 40 | options->request_tty = REQUEST_TTY_AUTO; |
41 | if (options->proxy_use_fdpass == -1) | 41 | if (options->proxy_use_fdpass == -1) |
42 | diff --git a/servconf.c b/servconf.c | 42 | diff --git a/servconf.c b/servconf.c |
43 | index c5dd617ef..bf2669147 100644 | 43 | index 8d2bced52..365e6ff1e 100644 |
44 | --- a/servconf.c | 44 | --- a/servconf.c |
45 | +++ b/servconf.c | 45 | +++ b/servconf.c |
46 | @@ -403,9 +403,9 @@ fill_default_server_options(ServerOptions *options) | 46 | @@ -423,9 +423,9 @@ fill_default_server_options(ServerOptions *options) |
47 | if (options->permit_tun == -1) | 47 | if (options->permit_tun == -1) |
48 | options->permit_tun = SSH_TUNMODE_NO; | 48 | options->permit_tun = SSH_TUNMODE_NO; |
49 | if (options->ip_qos_interactive == -1) | 49 | if (options->ip_qos_interactive == -1) |
@@ -56,10 +56,10 @@ index c5dd617ef..bf2669147 100644 | |||
56 | options->version_addendum = xstrdup(""); | 56 | options->version_addendum = xstrdup(""); |
57 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | 57 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) |
58 | diff --git a/ssh_config.5 b/ssh_config.5 | 58 | diff --git a/ssh_config.5 b/ssh_config.5 |
59 | index 1a8e24bd1..f6c1b3b33 100644 | 59 | index a27631ae9..a9f6d906f 100644 |
60 | --- a/ssh_config.5 | 60 | --- a/ssh_config.5 |
61 | +++ b/ssh_config.5 | 61 | +++ b/ssh_config.5 |
62 | @@ -1055,11 +1055,9 @@ If one argument is specified, it is used as the packet class unconditionally. | 62 | @@ -1098,11 +1098,9 @@ If one argument is specified, it is used as the packet class unconditionally. |
63 | If two values are specified, the first is automatically selected for | 63 | If two values are specified, the first is automatically selected for |
64 | interactive sessions and the second for non-interactive sessions. | 64 | interactive sessions and the second for non-interactive sessions. |
65 | The default is | 65 | The default is |
@@ -74,10 +74,10 @@ index 1a8e24bd1..f6c1b3b33 100644 | |||
74 | .It Cm KbdInteractiveAuthentication | 74 | .It Cm KbdInteractiveAuthentication |
75 | Specifies whether to use keyboard-interactive authentication. | 75 | Specifies whether to use keyboard-interactive authentication. |
76 | diff --git a/sshd_config.5 b/sshd_config.5 | 76 | diff --git a/sshd_config.5 b/sshd_config.5 |
77 | index ba50a30f1..03f813e72 100644 | 77 | index c0c4ebd66..e5380f5dc 100644 |
78 | --- a/sshd_config.5 | 78 | --- a/sshd_config.5 |
79 | +++ b/sshd_config.5 | 79 | +++ b/sshd_config.5 |
80 | @@ -866,11 +866,9 @@ If one argument is specified, it is used as the packet class unconditionally. | 80 | @@ -886,11 +886,9 @@ If one argument is specified, it is used as the packet class unconditionally. |
81 | If two values are specified, the first is automatically selected for | 81 | If two values are specified, the first is automatically selected for |
82 | interactive sessions and the second for non-interactive sessions. | 82 | interactive sessions and the second for non-interactive sessions. |
83 | The default is | 83 | The default is |
diff --git a/debian/patches/sanitize-scp-filenames-via-snmprintf.patch b/debian/patches/sanitize-scp-filenames-via-snmprintf.patch deleted file mode 100644 index e58b8b1bd..000000000 --- a/debian/patches/sanitize-scp-filenames-via-snmprintf.patch +++ /dev/null | |||
@@ -1,276 +0,0 @@ | |||
1 | From 11b88754cadcad0ba79b4ffcc127223248dccb54 Mon Sep 17 00:00:00 2001 | ||
2 | From: "dtucker@openbsd.org" <dtucker@openbsd.org> | ||
3 | Date: Wed, 23 Jan 2019 08:01:46 +0000 | ||
4 | Subject: upstream: Sanitize scp filenames via snmprintf. To do this we move | ||
5 | |||
6 | the progressmeter formatting outside of signal handler context and have the | ||
7 | atomicio callback called for EINTR too. bz#2434 with contributions from djm | ||
8 | and jjelen at redhat.com, ok djm@ | ||
9 | |||
10 | OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 | ||
11 | |||
12 | CVE-2019-6109 | ||
13 | |||
14 | Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=8976f1c4b2721c26e878151f52bdf346dfe2d54c | ||
15 | Bug-Debian: https://bugs.debian.org/793412 | ||
16 | Last-Update: 2019-02-08 | ||
17 | |||
18 | Patch-Name: sanitize-scp-filenames-via-snmprintf.patch | ||
19 | --- | ||
20 | atomicio.c | 20 ++++++++++++++----- | ||
21 | progressmeter.c | 53 ++++++++++++++++++++++--------------------------- | ||
22 | progressmeter.h | 3 ++- | ||
23 | scp.c | 1 + | ||
24 | sftp-client.c | 16 ++++++++------- | ||
25 | 5 files changed, 51 insertions(+), 42 deletions(-) | ||
26 | |||
27 | diff --git a/atomicio.c b/atomicio.c | ||
28 | index f854a06f5..d91bd7621 100644 | ||
29 | --- a/atomicio.c | ||
30 | +++ b/atomicio.c | ||
31 | @@ -1,4 +1,4 @@ | ||
32 | -/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */ | ||
33 | +/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */ | ||
34 | /* | ||
35 | * Copyright (c) 2006 Damien Miller. All rights reserved. | ||
36 | * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. | ||
37 | @@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, | ||
38 | res = (f) (fd, s + pos, n - pos); | ||
39 | switch (res) { | ||
40 | case -1: | ||
41 | - if (errno == EINTR) | ||
42 | + if (errno == EINTR) { | ||
43 | + /* possible SIGALARM, update callback */ | ||
44 | + if (cb != NULL && cb(cb_arg, 0) == -1) { | ||
45 | + errno = EINTR; | ||
46 | + return pos; | ||
47 | + } | ||
48 | continue; | ||
49 | - if (errno == EAGAIN || errno == EWOULDBLOCK) { | ||
50 | + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { | ||
51 | #ifndef BROKEN_READ_COMPARISON | ||
52 | (void)poll(&pfd, 1, -1); | ||
53 | #endif | ||
54 | @@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, | ||
55 | res = (f) (fd, iov, iovcnt); | ||
56 | switch (res) { | ||
57 | case -1: | ||
58 | - if (errno == EINTR) | ||
59 | + if (errno == EINTR) { | ||
60 | + /* possible SIGALARM, update callback */ | ||
61 | + if (cb != NULL && cb(cb_arg, 0) == -1) { | ||
62 | + errno = EINTR; | ||
63 | + return pos; | ||
64 | + } | ||
65 | continue; | ||
66 | - if (errno == EAGAIN || errno == EWOULDBLOCK) { | ||
67 | + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { | ||
68 | #ifndef BROKEN_READV_COMPARISON | ||
69 | (void)poll(&pfd, 1, -1); | ||
70 | #endif | ||
71 | diff --git a/progressmeter.c b/progressmeter.c | ||
72 | index fe9bf52e4..add462dde 100644 | ||
73 | --- a/progressmeter.c | ||
74 | +++ b/progressmeter.c | ||
75 | @@ -1,4 +1,4 @@ | ||
76 | -/* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */ | ||
77 | +/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ | ||
78 | /* | ||
79 | * Copyright (c) 2003 Nils Nordman. All rights reserved. | ||
80 | * | ||
81 | @@ -31,6 +31,7 @@ | ||
82 | |||
83 | #include <errno.h> | ||
84 | #include <signal.h> | ||
85 | +#include <stdarg.h> | ||
86 | #include <stdio.h> | ||
87 | #include <string.h> | ||
88 | #include <time.h> | ||
89 | @@ -39,6 +40,7 @@ | ||
90 | #include "progressmeter.h" | ||
91 | #include "atomicio.h" | ||
92 | #include "misc.h" | ||
93 | +#include "utf8.h" | ||
94 | |||
95 | #define DEFAULT_WINSIZE 80 | ||
96 | #define MAX_WINSIZE 512 | ||
97 | @@ -61,7 +63,7 @@ static void setscreensize(void); | ||
98 | void refresh_progress_meter(void); | ||
99 | |||
100 | /* signal handler for updating the progress meter */ | ||
101 | -static void update_progress_meter(int); | ||
102 | +static void sig_alarm(int); | ||
103 | |||
104 | static double start; /* start progress */ | ||
105 | static double last_update; /* last progress update */ | ||
106 | @@ -74,6 +76,7 @@ static long stalled; /* how long we have been stalled */ | ||
107 | static int bytes_per_second; /* current speed in bytes per second */ | ||
108 | static int win_size; /* terminal window size */ | ||
109 | static volatile sig_atomic_t win_resized; /* for window resizing */ | ||
110 | +static volatile sig_atomic_t alarm_fired; | ||
111 | |||
112 | /* units for format_size */ | ||
113 | static const char unit[] = " KMGT"; | ||
114 | @@ -126,9 +129,17 @@ refresh_progress_meter(void) | ||
115 | off_t bytes_left; | ||
116 | int cur_speed; | ||
117 | int hours, minutes, seconds; | ||
118 | - int i, len; | ||
119 | int file_len; | ||
120 | |||
121 | + if ((!alarm_fired && !win_resized) || !can_output()) | ||
122 | + return; | ||
123 | + alarm_fired = 0; | ||
124 | + | ||
125 | + if (win_resized) { | ||
126 | + setscreensize(); | ||
127 | + win_resized = 0; | ||
128 | + } | ||
129 | + | ||
130 | transferred = *counter - (cur_pos ? cur_pos : start_pos); | ||
131 | cur_pos = *counter; | ||
132 | now = monotime_double(); | ||
133 | @@ -158,16 +169,11 @@ refresh_progress_meter(void) | ||
134 | |||
135 | /* filename */ | ||
136 | buf[0] = '\0'; | ||
137 | - file_len = win_size - 35; | ||
138 | + file_len = win_size - 36; | ||
139 | if (file_len > 0) { | ||
140 | - len = snprintf(buf, file_len + 1, "\r%s", file); | ||
141 | - if (len < 0) | ||
142 | - len = 0; | ||
143 | - if (len >= file_len + 1) | ||
144 | - len = file_len; | ||
145 | - for (i = len; i < file_len; i++) | ||
146 | - buf[i] = ' '; | ||
147 | - buf[file_len] = '\0'; | ||
148 | + buf[0] = '\r'; | ||
149 | + snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", | ||
150 | + file_len * -1, file); | ||
151 | } | ||
152 | |||
153 | /* percent of transfer done */ | ||
154 | @@ -228,22 +234,11 @@ refresh_progress_meter(void) | ||
155 | |||
156 | /*ARGSUSED*/ | ||
157 | static void | ||
158 | -update_progress_meter(int ignore) | ||
159 | +sig_alarm(int ignore) | ||
160 | { | ||
161 | - int save_errno; | ||
162 | - | ||
163 | - save_errno = errno; | ||
164 | - | ||
165 | - if (win_resized) { | ||
166 | - setscreensize(); | ||
167 | - win_resized = 0; | ||
168 | - } | ||
169 | - if (can_output()) | ||
170 | - refresh_progress_meter(); | ||
171 | - | ||
172 | - signal(SIGALRM, update_progress_meter); | ||
173 | + signal(SIGALRM, sig_alarm); | ||
174 | + alarm_fired = 1; | ||
175 | alarm(UPDATE_INTERVAL); | ||
176 | - errno = save_errno; | ||
177 | } | ||
178 | |||
179 | void | ||
180 | @@ -259,10 +254,9 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) | ||
181 | bytes_per_second = 0; | ||
182 | |||
183 | setscreensize(); | ||
184 | - if (can_output()) | ||
185 | - refresh_progress_meter(); | ||
186 | + refresh_progress_meter(); | ||
187 | |||
188 | - signal(SIGALRM, update_progress_meter); | ||
189 | + signal(SIGALRM, sig_alarm); | ||
190 | signal(SIGWINCH, sig_winch); | ||
191 | alarm(UPDATE_INTERVAL); | ||
192 | } | ||
193 | @@ -286,6 +280,7 @@ stop_progress_meter(void) | ||
194 | static void | ||
195 | sig_winch(int sig) | ||
196 | { | ||
197 | + signal(SIGWINCH, sig_winch); | ||
198 | win_resized = 1; | ||
199 | } | ||
200 | |||
201 | diff --git a/progressmeter.h b/progressmeter.h | ||
202 | index bf179dca6..8f6678060 100644 | ||
203 | --- a/progressmeter.h | ||
204 | +++ b/progressmeter.h | ||
205 | @@ -1,4 +1,4 @@ | ||
206 | -/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */ | ||
207 | +/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ | ||
208 | /* | ||
209 | * Copyright (c) 2002 Nils Nordman. All rights reserved. | ||
210 | * | ||
211 | @@ -24,4 +24,5 @@ | ||
212 | */ | ||
213 | |||
214 | void start_progress_meter(const char *, off_t, off_t *); | ||
215 | +void refresh_progress_meter(void); | ||
216 | void stop_progress_meter(void); | ||
217 | diff --git a/scp.c b/scp.c | ||
218 | index 7163d33dc..80308573c 100644 | ||
219 | --- a/scp.c | ||
220 | +++ b/scp.c | ||
221 | @@ -593,6 +593,7 @@ scpio(void *_cnt, size_t s) | ||
222 | off_t *cnt = (off_t *)_cnt; | ||
223 | |||
224 | *cnt += s; | ||
225 | + refresh_progress_meter(); | ||
226 | if (limit_kbps > 0) | ||
227 | bandwidth_limit(&bwlimit, s); | ||
228 | return 0; | ||
229 | diff --git a/sftp-client.c b/sftp-client.c | ||
230 | index 4986d6d8d..2bc698f86 100644 | ||
231 | --- a/sftp-client.c | ||
232 | +++ b/sftp-client.c | ||
233 | @@ -101,7 +101,9 @@ sftpio(void *_bwlimit, size_t amount) | ||
234 | { | ||
235 | struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; | ||
236 | |||
237 | - bandwidth_limit(bwlimit, amount); | ||
238 | + refresh_progress_meter(); | ||
239 | + if (bwlimit != NULL) | ||
240 | + bandwidth_limit(bwlimit, amount); | ||
241 | return 0; | ||
242 | } | ||
243 | |||
244 | @@ -121,8 +123,8 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) | ||
245 | iov[1].iov_base = (u_char *)sshbuf_ptr(m); | ||
246 | iov[1].iov_len = sshbuf_len(m); | ||
247 | |||
248 | - if (atomiciov6(writev, conn->fd_out, iov, 2, | ||
249 | - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != | ||
250 | + if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, | ||
251 | + conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != | ||
252 | sshbuf_len(m) + sizeof(mlen)) | ||
253 | fatal("Couldn't send packet: %s", strerror(errno)); | ||
254 | |||
255 | @@ -138,8 +140,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) | ||
256 | |||
257 | if ((r = sshbuf_reserve(m, 4, &p)) != 0) | ||
258 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
259 | - if (atomicio6(read, conn->fd_in, p, 4, | ||
260 | - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { | ||
261 | + if (atomicio6(read, conn->fd_in, p, 4, sftpio, | ||
262 | + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { | ||
263 | if (errno == EPIPE || errno == ECONNRESET) | ||
264 | fatal("Connection closed"); | ||
265 | else | ||
266 | @@ -157,8 +159,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) | ||
267 | |||
268 | if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) | ||
269 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
270 | - if (atomicio6(read, conn->fd_in, p, msg_len, | ||
271 | - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) | ||
272 | + if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, | ||
273 | + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) | ||
274 | != msg_len) { | ||
275 | if (errno == EPIPE) | ||
276 | fatal("Connection closed"); | ||
diff --git a/debian/patches/scp-disallow-dot-or-empty-filename.patch b/debian/patches/scp-disallow-dot-or-empty-filename.patch deleted file mode 100644 index 716f2ffa8..000000000 --- a/debian/patches/scp-disallow-dot-or-empty-filename.patch +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | From dee21e97428e69d30e2d15c71f3e7cc08bf8e4f8 Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Fri, 16 Nov 2018 03:03:10 +0000 | ||
4 | Subject: upstream: disallow empty incoming filename or ones that refer to the | ||
5 | |||
6 | current directory; based on report/patch from Harry Sintonen | ||
7 | |||
8 | OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 | ||
9 | |||
10 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=6010c0303a422a9c5fa8860c061bf7105eb7f8b2 | ||
11 | Bug-Debian: https://bugs.debian.org/919101 | ||
12 | Last-Update: 2019-01-12 | ||
13 | |||
14 | Patch-Name: scp-disallow-dot-or-empty-filename.patch | ||
15 | --- | ||
16 | scp.c | 3 ++- | ||
17 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
18 | |||
19 | diff --git a/scp.c b/scp.c | ||
20 | index ed2864250..7163d33dc 100644 | ||
21 | --- a/scp.c | ||
22 | +++ b/scp.c | ||
23 | @@ -1114,7 +1114,8 @@ sink(int argc, char **argv) | ||
24 | SCREWUP("size out of range"); | ||
25 | size = (off_t)ull; | ||
26 | |||
27 | - if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { | ||
28 | + if (*cp == '\0' || strchr(cp, '/') != NULL || | ||
29 | + strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { | ||
30 | run_err("error: unexpected filename: %s", cp); | ||
31 | exit(1); | ||
32 | } | ||
diff --git a/debian/patches/scp-handle-braces.patch b/debian/patches/scp-handle-braces.patch deleted file mode 100644 index 0cbdcfdc0..000000000 --- a/debian/patches/scp-handle-braces.patch +++ /dev/null | |||
@@ -1,353 +0,0 @@ | |||
1 | From 7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab Mon Sep 17 00:00:00 2001 | ||
2 | From: "djm@openbsd.org" <djm@openbsd.org> | ||
3 | Date: Sun, 10 Feb 2019 11:15:52 +0000 | ||
4 | Subject: upstream: when checking that filenames sent by the server side | ||
5 | |||
6 | match what the client requested, be prepared to handle shell-style brace | ||
7 | alternations, e.g. "{foo,bar}". | ||
8 | |||
9 | "looks good to me" millert@ + in snaps for the last week courtesy | ||
10 | deraadt@ | ||
11 | |||
12 | OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e | ||
13 | |||
14 | Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=3d896c157c722bc47adca51a58dca859225b5874 | ||
15 | Bug-Debian: https://bugs.debian.org/923486 | ||
16 | Last-Update: 2019-03-01 | ||
17 | |||
18 | Patch-Name: scp-handle-braces.patch | ||
19 | --- | ||
20 | scp.c | 280 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--- | ||
21 | 1 file changed, 269 insertions(+), 11 deletions(-) | ||
22 | |||
23 | diff --git a/scp.c b/scp.c | ||
24 | index 035037bcc..3888baab0 100644 | ||
25 | --- a/scp.c | ||
26 | +++ b/scp.c | ||
27 | @@ -635,6 +635,253 @@ parse_scp_uri(const char *uri, char **userp, char **hostp, int *portp, | ||
28 | return r; | ||
29 | } | ||
30 | |||
31 | +/* Appends a string to an array; returns 0 on success, -1 on alloc failure */ | ||
32 | +static int | ||
33 | +append(char *cp, char ***ap, size_t *np) | ||
34 | +{ | ||
35 | + char **tmp; | ||
36 | + | ||
37 | + if ((tmp = reallocarray(*ap, *np + 1, sizeof(*tmp))) == NULL) | ||
38 | + return -1; | ||
39 | + tmp[(*np)] = cp; | ||
40 | + (*np)++; | ||
41 | + *ap = tmp; | ||
42 | + return 0; | ||
43 | +} | ||
44 | + | ||
45 | +/* | ||
46 | + * Finds the start and end of the first brace pair in the pattern. | ||
47 | + * returns 0 on success or -1 for invalid patterns. | ||
48 | + */ | ||
49 | +static int | ||
50 | +find_brace(const char *pattern, int *startp, int *endp) | ||
51 | +{ | ||
52 | + int i; | ||
53 | + int in_bracket, brace_level; | ||
54 | + | ||
55 | + *startp = *endp = -1; | ||
56 | + in_bracket = brace_level = 0; | ||
57 | + for (i = 0; i < INT_MAX && *endp < 0 && pattern[i] != '\0'; i++) { | ||
58 | + switch (pattern[i]) { | ||
59 | + case '\\': | ||
60 | + /* skip next character */ | ||
61 | + if (pattern[i + 1] != '\0') | ||
62 | + i++; | ||
63 | + break; | ||
64 | + case '[': | ||
65 | + in_bracket = 1; | ||
66 | + break; | ||
67 | + case ']': | ||
68 | + in_bracket = 0; | ||
69 | + break; | ||
70 | + case '{': | ||
71 | + if (in_bracket) | ||
72 | + break; | ||
73 | + if (pattern[i + 1] == '}') { | ||
74 | + /* Protect a single {}, for find(1), like csh */ | ||
75 | + i++; /* skip */ | ||
76 | + break; | ||
77 | + } | ||
78 | + if (*startp == -1) | ||
79 | + *startp = i; | ||
80 | + brace_level++; | ||
81 | + break; | ||
82 | + case '}': | ||
83 | + if (in_bracket) | ||
84 | + break; | ||
85 | + if (*startp < 0) { | ||
86 | + /* Unbalanced brace */ | ||
87 | + return -1; | ||
88 | + } | ||
89 | + if (--brace_level <= 0) | ||
90 | + *endp = i; | ||
91 | + break; | ||
92 | + } | ||
93 | + } | ||
94 | + /* unbalanced brackets/braces */ | ||
95 | + if (*endp < 0 && (*startp >= 0 || in_bracket)) | ||
96 | + return -1; | ||
97 | + return 0; | ||
98 | +} | ||
99 | + | ||
100 | +/* | ||
101 | + * Assembles and records a successfully-expanded pattern, returns -1 on | ||
102 | + * alloc failure. | ||
103 | + */ | ||
104 | +static int | ||
105 | +emit_expansion(const char *pattern, int brace_start, int brace_end, | ||
106 | + int sel_start, int sel_end, char ***patternsp, size_t *npatternsp) | ||
107 | +{ | ||
108 | + char *cp; | ||
109 | + int o = 0, tail_len = strlen(pattern + brace_end + 1); | ||
110 | + | ||
111 | + if ((cp = malloc(brace_start + (sel_end - sel_start) + | ||
112 | + tail_len + 1)) == NULL) | ||
113 | + return -1; | ||
114 | + | ||
115 | + /* Pattern before initial brace */ | ||
116 | + if (brace_start > 0) { | ||
117 | + memcpy(cp, pattern, brace_start); | ||
118 | + o = brace_start; | ||
119 | + } | ||
120 | + /* Current braced selection */ | ||
121 | + if (sel_end - sel_start > 0) { | ||
122 | + memcpy(cp + o, pattern + sel_start, | ||
123 | + sel_end - sel_start); | ||
124 | + o += sel_end - sel_start; | ||
125 | + } | ||
126 | + /* Remainder of pattern after closing brace */ | ||
127 | + if (tail_len > 0) { | ||
128 | + memcpy(cp + o, pattern + brace_end + 1, tail_len); | ||
129 | + o += tail_len; | ||
130 | + } | ||
131 | + cp[o] = '\0'; | ||
132 | + if (append(cp, patternsp, npatternsp) != 0) { | ||
133 | + free(cp); | ||
134 | + return -1; | ||
135 | + } | ||
136 | + return 0; | ||
137 | +} | ||
138 | + | ||
139 | +/* | ||
140 | + * Expand the first encountered brace in pattern, appending the expanded | ||
141 | + * patterns it yielded to the *patternsp array. | ||
142 | + * | ||
143 | + * Returns 0 on success or -1 on allocation failure. | ||
144 | + * | ||
145 | + * Signals whether expansion was performed via *expanded and whether | ||
146 | + * pattern was invalid via *invalid. | ||
147 | + */ | ||
148 | +static int | ||
149 | +brace_expand_one(const char *pattern, char ***patternsp, size_t *npatternsp, | ||
150 | + int *expanded, int *invalid) | ||
151 | +{ | ||
152 | + int i; | ||
153 | + int in_bracket, brace_start, brace_end, brace_level; | ||
154 | + int sel_start, sel_end; | ||
155 | + | ||
156 | + *invalid = *expanded = 0; | ||
157 | + | ||
158 | + if (find_brace(pattern, &brace_start, &brace_end) != 0) { | ||
159 | + *invalid = 1; | ||
160 | + return 0; | ||
161 | + } else if (brace_start == -1) | ||
162 | + return 0; | ||
163 | + | ||
164 | + in_bracket = brace_level = 0; | ||
165 | + for (i = sel_start = brace_start + 1; i < brace_end; i++) { | ||
166 | + switch (pattern[i]) { | ||
167 | + case '{': | ||
168 | + if (in_bracket) | ||
169 | + break; | ||
170 | + brace_level++; | ||
171 | + break; | ||
172 | + case '}': | ||
173 | + if (in_bracket) | ||
174 | + break; | ||
175 | + brace_level--; | ||
176 | + break; | ||
177 | + case '[': | ||
178 | + in_bracket = 1; | ||
179 | + break; | ||
180 | + case ']': | ||
181 | + in_bracket = 0; | ||
182 | + break; | ||
183 | + case '\\': | ||
184 | + if (i < brace_end - 1) | ||
185 | + i++; /* skip */ | ||
186 | + break; | ||
187 | + } | ||
188 | + if (pattern[i] == ',' || i == brace_end - 1) { | ||
189 | + if (in_bracket || brace_level > 0) | ||
190 | + continue; | ||
191 | + /* End of a selection, emit an expanded pattern */ | ||
192 | + | ||
193 | + /* Adjust end index for last selection */ | ||
194 | + sel_end = (i == brace_end - 1) ? brace_end : i; | ||
195 | + if (emit_expansion(pattern, brace_start, brace_end, | ||
196 | + sel_start, sel_end, patternsp, npatternsp) != 0) | ||
197 | + return -1; | ||
198 | + /* move on to the next selection */ | ||
199 | + sel_start = i + 1; | ||
200 | + continue; | ||
201 | + } | ||
202 | + } | ||
203 | + if (in_bracket || brace_level > 0) { | ||
204 | + *invalid = 1; | ||
205 | + return 0; | ||
206 | + } | ||
207 | + /* success */ | ||
208 | + *expanded = 1; | ||
209 | + return 0; | ||
210 | +} | ||
211 | + | ||
212 | +/* Expand braces from pattern. Returns 0 on success, -1 on failure */ | ||
213 | +static int | ||
214 | +brace_expand(const char *pattern, char ***patternsp, size_t *npatternsp) | ||
215 | +{ | ||
216 | + char *cp, *cp2, **active = NULL, **done = NULL; | ||
217 | + size_t i, nactive = 0, ndone = 0; | ||
218 | + int ret = -1, invalid = 0, expanded = 0; | ||
219 | + | ||
220 | + *patternsp = NULL; | ||
221 | + *npatternsp = 0; | ||
222 | + | ||
223 | + /* Start the worklist with the original pattern */ | ||
224 | + if ((cp = strdup(pattern)) == NULL) | ||
225 | + return -1; | ||
226 | + if (append(cp, &active, &nactive) != 0) { | ||
227 | + free(cp); | ||
228 | + return -1; | ||
229 | + } | ||
230 | + while (nactive > 0) { | ||
231 | + cp = active[nactive - 1]; | ||
232 | + nactive--; | ||
233 | + if (brace_expand_one(cp, &active, &nactive, | ||
234 | + &expanded, &invalid) == -1) { | ||
235 | + free(cp); | ||
236 | + goto fail; | ||
237 | + } | ||
238 | + if (invalid) | ||
239 | + fatal("%s: invalid brace pattern \"%s\"", __func__, cp); | ||
240 | + if (expanded) { | ||
241 | + /* | ||
242 | + * Current entry expanded to new entries on the | ||
243 | + * active list; discard the progenitor pattern. | ||
244 | + */ | ||
245 | + free(cp); | ||
246 | + continue; | ||
247 | + } | ||
248 | + /* | ||
249 | + * Pattern did not expand; append the finename component to | ||
250 | + * the completed list | ||
251 | + */ | ||
252 | + if ((cp2 = strrchr(cp, '/')) != NULL) | ||
253 | + *cp2++ = '\0'; | ||
254 | + else | ||
255 | + cp2 = cp; | ||
256 | + if (append(xstrdup(cp2), &done, &ndone) != 0) { | ||
257 | + free(cp); | ||
258 | + goto fail; | ||
259 | + } | ||
260 | + free(cp); | ||
261 | + } | ||
262 | + /* success */ | ||
263 | + *patternsp = done; | ||
264 | + *npatternsp = ndone; | ||
265 | + done = NULL; | ||
266 | + ndone = 0; | ||
267 | + ret = 0; | ||
268 | + fail: | ||
269 | + for (i = 0; i < nactive; i++) | ||
270 | + free(active[i]); | ||
271 | + free(active); | ||
272 | + for (i = 0; i < ndone; i++) | ||
273 | + free(done[i]); | ||
274 | + free(done); | ||
275 | + return ret; | ||
276 | +} | ||
277 | + | ||
278 | void | ||
279 | toremote(int argc, char **argv) | ||
280 | { | ||
281 | @@ -998,7 +1245,8 @@ sink(int argc, char **argv, const char *src) | ||
282 | unsigned long long ull; | ||
283 | int setimes, targisdir, wrerrno = 0; | ||
284 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; | ||
285 | - char *src_copy = NULL, *restrict_pattern = NULL; | ||
286 | + char **patterns = NULL; | ||
287 | + size_t n, npatterns = 0; | ||
288 | struct timeval tv[2]; | ||
289 | |||
290 | #define atime tv[0] | ||
291 | @@ -1028,16 +1276,13 @@ sink(int argc, char **argv, const char *src) | ||
292 | * Prepare to try to restrict incoming filenames to match | ||
293 | * the requested destination file glob. | ||
294 | */ | ||
295 | - if ((src_copy = strdup(src)) == NULL) | ||
296 | - fatal("strdup failed"); | ||
297 | - if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { | ||
298 | - *restrict_pattern++ = '\0'; | ||
299 | - } | ||
300 | + if (brace_expand(src, &patterns, &npatterns) != 0) | ||
301 | + fatal("%s: could not expand pattern", __func__); | ||
302 | } | ||
303 | for (first = 1;; first = 0) { | ||
304 | cp = buf; | ||
305 | if (atomicio(read, remin, cp, 1) != 1) | ||
306 | - return; | ||
307 | + goto done; | ||
308 | if (*cp++ == '\n') | ||
309 | SCREWUP("unexpected <newline>"); | ||
310 | do { | ||
311 | @@ -1063,7 +1308,7 @@ sink(int argc, char **argv, const char *src) | ||
312 | } | ||
313 | if (buf[0] == 'E') { | ||
314 | (void) atomicio(vwrite, remout, "", 1); | ||
315 | - return; | ||
316 | + goto done; | ||
317 | } | ||
318 | if (ch == '\n') | ||
319 | *--cp = 0; | ||
320 | @@ -1138,9 +1383,14 @@ sink(int argc, char **argv, const char *src) | ||
321 | run_err("error: unexpected filename: %s", cp); | ||
322 | exit(1); | ||
323 | } | ||
324 | - if (restrict_pattern != NULL && | ||
325 | - fnmatch(restrict_pattern, cp, 0) != 0) | ||
326 | - SCREWUP("filename does not match request"); | ||
327 | + if (npatterns > 0) { | ||
328 | + for (n = 0; n < npatterns; n++) { | ||
329 | + if (fnmatch(patterns[n], cp, 0) == 0) | ||
330 | + break; | ||
331 | + } | ||
332 | + if (n >= npatterns) | ||
333 | + SCREWUP("filename does not match request"); | ||
334 | + } | ||
335 | if (targisdir) { | ||
336 | static char *namebuf; | ||
337 | static size_t cursize; | ||
338 | @@ -1299,7 +1549,15 @@ bad: run_err("%s: %s", np, strerror(errno)); | ||
339 | break; | ||
340 | } | ||
341 | } | ||
342 | +done: | ||
343 | + for (n = 0; n < npatterns; n++) | ||
344 | + free(patterns[n]); | ||
345 | + free(patterns); | ||
346 | + return; | ||
347 | screwup: | ||
348 | + for (n = 0; n < npatterns; n++) | ||
349 | + free(patterns[n]); | ||
350 | + free(patterns); | ||
351 | run_err("protocol error: %s", why); | ||
352 | exit(1); | ||
353 | } | ||
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch index d054b2a82..29cf5603f 100644 --- a/debian/patches/scp-quoting.patch +++ b/debian/patches/scp-quoting.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From eefdc7046766b52e39f1b6eafcde22c1e013ce9f Mon Sep 17 00:00:00 2001 | 1 | From 76a51e544a6a6a674ff1dddf4bb6da05d9cce774 Mon Sep 17 00:00:00 2001 |
2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> | 2 | From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:59 +0000 |
4 | Subject: Adjust scp quoting in verbose mode | 4 | Subject: Adjust scp quoting in verbose mode |
@@ -17,10 +17,10 @@ Patch-Name: scp-quoting.patch | |||
17 | 1 file changed, 10 insertions(+), 2 deletions(-) | 17 | 1 file changed, 10 insertions(+), 2 deletions(-) |
18 | 18 | ||
19 | diff --git a/scp.c b/scp.c | 19 | diff --git a/scp.c b/scp.c |
20 | index 60682c687..ed2864250 100644 | 20 | index 80bc0e8b1..a2dc410bd 100644 |
21 | --- a/scp.c | 21 | --- a/scp.c |
22 | +++ b/scp.c | 22 | +++ b/scp.c |
23 | @@ -198,8 +198,16 @@ do_local_cmd(arglist *a) | 23 | @@ -199,8 +199,16 @@ do_local_cmd(arglist *a) |
24 | 24 | ||
25 | if (verbose_mode) { | 25 | if (verbose_mode) { |
26 | fprintf(stderr, "Executing:"); | 26 | fprintf(stderr, "Executing:"); |
diff --git a/debian/patches/seccomp-s390-flock-ipc.patch b/debian/patches/seccomp-s390-flock-ipc.patch index e864427bd..ad00d1220 100644 --- a/debian/patches/seccomp-s390-flock-ipc.patch +++ b/debian/patches/seccomp-s390-flock-ipc.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 690939ba320d93e6f3ab5266bea94d8fb06c8bae Mon Sep 17 00:00:00 2001 | 1 | From 9fa2ceb14b6e7e5e902cff416bc9ad3963be9883 Mon Sep 17 00:00:00 2001 |
2 | From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> | 2 | From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> |
3 | Date: Tue, 9 May 2017 10:53:04 -0300 | 3 | Date: Tue, 9 May 2017 10:53:04 -0300 |
4 | Subject: Allow flock and ipc syscall for s390 architecture | 4 | Subject: Allow flock and ipc syscall for s390 architecture |
diff --git a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch index ecbe1d142..fcd7285bd 100644 --- a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch +++ b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 9ce189b9f22890421b7f8d3f49a39186d3ce3e14 Mon Sep 17 00:00:00 2001 | 1 | From 9d4508c5c1d6466c662befcb26aff09f41966102 Mon Sep 17 00:00:00 2001 |
2 | From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> | 2 | From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> |
3 | Date: Tue, 9 May 2017 13:33:30 -0300 | 3 | Date: Tue, 9 May 2017 13:33:30 -0300 |
4 | Subject: Enable specific ioctl call for EP11 crypto card (s390) | 4 | Subject: Enable specific ioctl call for EP11 crypto card (s390) |
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index 269a87c76..5ab339ac9 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From cf3f6ac19812e4d32874304b3854b055831c2124 Mon Sep 17 00:00:00 2001 | 1 | From 21e3ff3ab4791d3c94bd775da66cde29797fcb36 Mon Sep 17 00:00:00 2001 |
2 | From: Manoj Srivastava <srivasta@debian.org> | 2 | From: Manoj Srivastava <srivasta@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:49 +0000 |
4 | Subject: Handle SELinux authorisation roles | 4 | Subject: Handle SELinux authorisation roles |
@@ -9,7 +9,7 @@ SELinux maintainer, so we'll keep it until we have something better. | |||
9 | 9 | ||
10 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 | 10 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 |
11 | Bug-Debian: http://bugs.debian.org/394795 | 11 | Bug-Debian: http://bugs.debian.org/394795 |
12 | Last-Update: 2018-08-24 | 12 | Last-Update: 2019-06-05 |
13 | 13 | ||
14 | Patch-Name: selinux-role.patch | 14 | Patch-Name: selinux-role.patch |
15 | --- | 15 | --- |
@@ -31,7 +31,7 @@ Patch-Name: selinux-role.patch | |||
31 | 15 files changed, 99 insertions(+), 32 deletions(-) | 31 | 15 files changed, 99 insertions(+), 32 deletions(-) |
32 | 32 | ||
33 | diff --git a/auth.h b/auth.h | 33 | diff --git a/auth.h b/auth.h |
34 | index 977562f0a..90802a5eb 100644 | 34 | index bf393e755..8f13bdf48 100644 |
35 | --- a/auth.h | 35 | --- a/auth.h |
36 | +++ b/auth.h | 36 | +++ b/auth.h |
37 | @@ -65,6 +65,7 @@ struct Authctxt { | 37 | @@ -65,6 +65,7 @@ struct Authctxt { |
@@ -43,19 +43,19 @@ index 977562f0a..90802a5eb 100644 | |||
43 | /* Method lists for multiple authentication */ | 43 | /* Method lists for multiple authentication */ |
44 | char **auth_methods; /* modified from server config */ | 44 | char **auth_methods; /* modified from server config */ |
45 | diff --git a/auth2.c b/auth2.c | 45 | diff --git a/auth2.c b/auth2.c |
46 | index a77742819..3035926ba 100644 | 46 | index 7417eafa4..d60e7f1f2 100644 |
47 | --- a/auth2.c | 47 | --- a/auth2.c |
48 | +++ b/auth2.c | 48 | +++ b/auth2.c |
49 | @@ -257,7 +257,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | 49 | @@ -267,7 +267,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) |
50 | { | 50 | { |
51 | Authctxt *authctxt = ssh->authctxt; | 51 | Authctxt *authctxt = ssh->authctxt; |
52 | Authmethod *m = NULL; | 52 | Authmethod *m = NULL; |
53 | - char *user, *service, *method, *style = NULL; | 53 | - char *user = NULL, *service = NULL, *method = NULL, *style = NULL; |
54 | + char *user, *service, *method, *style = NULL, *role = NULL; | 54 | + char *user = NULL, *service = NULL, *method = NULL, *style = NULL, *role = NULL; |
55 | int authenticated = 0; | 55 | int r, authenticated = 0; |
56 | double tstart = monotime_double(); | 56 | double tstart = monotime_double(); |
57 | 57 | ||
58 | @@ -270,8 +270,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | 58 | @@ -281,8 +281,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) |
59 | debug("userauth-request for user %s service %s method %s", user, service, method); | 59 | debug("userauth-request for user %s service %s method %s", user, service, method); |
60 | debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); | 60 | debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); |
61 | 61 | ||
@@ -69,7 +69,7 @@ index a77742819..3035926ba 100644 | |||
69 | 69 | ||
70 | if (authctxt->attempt++ == 0) { | 70 | if (authctxt->attempt++ == 0) { |
71 | /* setup auth context */ | 71 | /* setup auth context */ |
72 | @@ -298,8 +303,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) | 72 | @@ -309,8 +314,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) |
73 | use_privsep ? " [net]" : ""); | 73 | use_privsep ? " [net]" : ""); |
74 | authctxt->service = xstrdup(service); | 74 | authctxt->service = xstrdup(service); |
75 | authctxt->style = style ? xstrdup(style) : NULL; | 75 | authctxt->style = style ? xstrdup(style) : NULL; |
@@ -77,22 +77,22 @@ index a77742819..3035926ba 100644 | |||
77 | if (use_privsep) | 77 | if (use_privsep) |
78 | - mm_inform_authserv(service, style); | 78 | - mm_inform_authserv(service, style); |
79 | + mm_inform_authserv(service, style, role); | 79 | + mm_inform_authserv(service, style, role); |
80 | userauth_banner(); | 80 | userauth_banner(ssh); |
81 | if (auth2_setup_methods_lists(authctxt) != 0) | 81 | if (auth2_setup_methods_lists(authctxt) != 0) |
82 | packet_disconnect("no authentication methods enabled"); | 82 | ssh_packet_disconnect(ssh, |
83 | diff --git a/monitor.c b/monitor.c | 83 | diff --git a/monitor.c b/monitor.c |
84 | index eabc1e89b..08fddabd7 100644 | 84 | index 0766d6ef5..5f84e880d 100644 |
85 | --- a/monitor.c | 85 | --- a/monitor.c |
86 | +++ b/monitor.c | 86 | +++ b/monitor.c |
87 | @@ -117,6 +117,7 @@ int mm_answer_sign(int, struct sshbuf *); | 87 | @@ -117,6 +117,7 @@ int mm_answer_sign(struct ssh *, int, struct sshbuf *); |
88 | int mm_answer_pwnamallow(int, struct sshbuf *); | 88 | int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *); |
89 | int mm_answer_auth2_read_banner(int, struct sshbuf *); | 89 | int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *); |
90 | int mm_answer_authserv(int, struct sshbuf *); | 90 | int mm_answer_authserv(struct ssh *, int, struct sshbuf *); |
91 | +int mm_answer_authrole(int, struct sshbuf *); | 91 | +int mm_answer_authrole(struct ssh *, int, struct sshbuf *); |
92 | int mm_answer_authpassword(int, struct sshbuf *); | 92 | int mm_answer_authpassword(struct ssh *, int, struct sshbuf *); |
93 | int mm_answer_bsdauthquery(int, struct sshbuf *); | 93 | int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *); |
94 | int mm_answer_bsdauthrespond(int, struct sshbuf *); | 94 | int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *); |
95 | @@ -193,6 +194,7 @@ struct mon_table mon_dispatch_proto20[] = { | 95 | @@ -197,6 +198,7 @@ struct mon_table mon_dispatch_proto20[] = { |
96 | {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, | 96 | {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, |
97 | {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, | 97 | {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, |
98 | {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, | 98 | {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, |
@@ -100,7 +100,7 @@ index eabc1e89b..08fddabd7 100644 | |||
100 | {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, | 100 | {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, |
101 | {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, | 101 | {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, |
102 | #ifdef USE_PAM | 102 | #ifdef USE_PAM |
103 | @@ -817,6 +819,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m) | 103 | @@ -819,6 +821,7 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) |
104 | 104 | ||
105 | /* Allow service/style information on the auth context */ | 105 | /* Allow service/style information on the auth context */ |
106 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); | 106 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); |
@@ -108,7 +108,7 @@ index eabc1e89b..08fddabd7 100644 | |||
108 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); | 108 | monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); |
109 | 109 | ||
110 | #ifdef USE_PAM | 110 | #ifdef USE_PAM |
111 | @@ -850,16 +853,42 @@ mm_answer_authserv(int sock, struct sshbuf *m) | 111 | @@ -852,16 +855,42 @@ mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m) |
112 | monitor_permit_authentications(1); | 112 | monitor_permit_authentications(1); |
113 | 113 | ||
114 | if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 || | 114 | if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 || |
@@ -135,7 +135,7 @@ index eabc1e89b..08fddabd7 100644 | |||
135 | +} | 135 | +} |
136 | + | 136 | + |
137 | +int | 137 | +int |
138 | +mm_answer_authrole(int sock, struct sshbuf *m) | 138 | +mm_answer_authrole(struct ssh *ssh, int sock, struct sshbuf *m) |
139 | +{ | 139 | +{ |
140 | + int r; | 140 | + int r; |
141 | + | 141 | + |
@@ -154,7 +154,7 @@ index eabc1e89b..08fddabd7 100644 | |||
154 | return (0); | 154 | return (0); |
155 | } | 155 | } |
156 | 156 | ||
157 | @@ -1501,7 +1530,7 @@ mm_answer_pty(int sock, struct sshbuf *m) | 157 | @@ -1528,7 +1557,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) |
158 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); | 158 | res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); |
159 | if (res == 0) | 159 | if (res == 0) |
160 | goto error; | 160 | goto error; |
@@ -164,23 +164,23 @@ index eabc1e89b..08fddabd7 100644 | |||
164 | if ((r = sshbuf_put_u32(m, 1)) != 0 || | 164 | if ((r = sshbuf_put_u32(m, 1)) != 0 || |
165 | (r = sshbuf_put_cstring(m, s->tty)) != 0) | 165 | (r = sshbuf_put_cstring(m, s->tty)) != 0) |
166 | diff --git a/monitor.h b/monitor.h | 166 | diff --git a/monitor.h b/monitor.h |
167 | index 44fbed589..8f65e684d 100644 | 167 | index 2b1a2d590..4d87284aa 100644 |
168 | --- a/monitor.h | 168 | --- a/monitor.h |
169 | +++ b/monitor.h | 169 | +++ b/monitor.h |
170 | @@ -66,6 +66,8 @@ enum monitor_reqtype { | 170 | @@ -65,6 +65,8 @@ enum monitor_reqtype { |
171 | |||
171 | MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, | 172 | MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, |
172 | MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, | 173 | MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, |
173 | |||
174 | + MONITOR_REQ_AUTHROLE = 154, | ||
175 | + | 174 | + |
175 | + MONITOR_REQ_AUTHROLE = 154, | ||
176 | }; | 176 | }; |
177 | 177 | ||
178 | struct monitor { | 178 | struct ssh; |
179 | diff --git a/monitor_wrap.c b/monitor_wrap.c | 179 | diff --git a/monitor_wrap.c b/monitor_wrap.c |
180 | index 1865a122a..fd4d7eb3b 100644 | 180 | index 8e4c1c1f8..6b3a6251c 100644 |
181 | --- a/monitor_wrap.c | 181 | --- a/monitor_wrap.c |
182 | +++ b/monitor_wrap.c | 182 | +++ b/monitor_wrap.c |
183 | @@ -369,10 +369,10 @@ mm_auth2_read_banner(void) | 183 | @@ -364,10 +364,10 @@ mm_auth2_read_banner(void) |
184 | return (banner); | 184 | return (banner); |
185 | } | 185 | } |
186 | 186 | ||
@@ -193,7 +193,7 @@ index 1865a122a..fd4d7eb3b 100644 | |||
193 | { | 193 | { |
194 | struct sshbuf *m; | 194 | struct sshbuf *m; |
195 | int r; | 195 | int r; |
196 | @@ -382,7 +382,8 @@ mm_inform_authserv(char *service, char *style) | 196 | @@ -377,7 +377,8 @@ mm_inform_authserv(char *service, char *style) |
197 | if ((m = sshbuf_new()) == NULL) | 197 | if ((m = sshbuf_new()) == NULL) |
198 | fatal("%s: sshbuf_new failed", __func__); | 198 | fatal("%s: sshbuf_new failed", __func__); |
199 | if ((r = sshbuf_put_cstring(m, service)) != 0 || | 199 | if ((r = sshbuf_put_cstring(m, service)) != 0 || |
@@ -203,7 +203,7 @@ index 1865a122a..fd4d7eb3b 100644 | |||
203 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 203 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
204 | 204 | ||
205 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m); | 205 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m); |
206 | @@ -390,6 +391,26 @@ mm_inform_authserv(char *service, char *style) | 206 | @@ -385,6 +386,26 @@ mm_inform_authserv(char *service, char *style) |
207 | sshbuf_free(m); | 207 | sshbuf_free(m); |
208 | } | 208 | } |
209 | 209 | ||
@@ -231,17 +231,17 @@ index 1865a122a..fd4d7eb3b 100644 | |||
231 | int | 231 | int |
232 | mm_auth_password(struct ssh *ssh, char *password) | 232 | mm_auth_password(struct ssh *ssh, char *password) |
233 | diff --git a/monitor_wrap.h b/monitor_wrap.h | 233 | diff --git a/monitor_wrap.h b/monitor_wrap.h |
234 | index 7f93144ff..79e78cc90 100644 | 234 | index 69164a8c0..3d0e32d48 100644 |
235 | --- a/monitor_wrap.h | 235 | --- a/monitor_wrap.h |
236 | +++ b/monitor_wrap.h | 236 | +++ b/monitor_wrap.h |
237 | @@ -43,7 +43,8 @@ int mm_is_monitor(void); | 237 | @@ -44,7 +44,8 @@ int mm_is_monitor(void); |
238 | DH *mm_choose_dh(int, int, int); | 238 | DH *mm_choose_dh(int, int, int); |
239 | int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, | 239 | int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, |
240 | const char *, u_int compat); | 240 | const u_char *, size_t, const char *, u_int compat); |
241 | -void mm_inform_authserv(char *, char *); | 241 | -void mm_inform_authserv(char *, char *); |
242 | +void mm_inform_authserv(char *, char *, char *); | 242 | +void mm_inform_authserv(char *, char *, char *); |
243 | +void mm_inform_authrole(char *); | 243 | +void mm_inform_authrole(char *); |
244 | struct passwd *mm_getpwnamallow(const char *); | 244 | struct passwd *mm_getpwnamallow(struct ssh *, const char *); |
245 | char *mm_auth2_read_banner(void); | 245 | char *mm_auth2_read_banner(void); |
246 | int mm_auth_password(struct ssh *, char *); | 246 | int mm_auth_password(struct ssh *, char *); |
247 | diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c | 247 | diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c |
@@ -363,10 +363,10 @@ index ea4f9c584..60d72ffe7 100644 | |||
363 | char *platform_krb5_get_principal_name(const char *); | 363 | char *platform_krb5_get_principal_name(const char *); |
364 | int platform_sys_dir_uid(uid_t); | 364 | int platform_sys_dir_uid(uid_t); |
365 | diff --git a/session.c b/session.c | 365 | diff --git a/session.c b/session.c |
366 | index 2d0958d11..19f38637e 100644 | 366 | index ac3d9d19d..d87ea4d44 100644 |
367 | --- a/session.c | 367 | --- a/session.c |
368 | +++ b/session.c | 368 | +++ b/session.c |
369 | @@ -1380,7 +1380,7 @@ safely_chroot(const char *path, uid_t uid) | 369 | @@ -1356,7 +1356,7 @@ safely_chroot(const char *path, uid_t uid) |
370 | 370 | ||
371 | /* Set login name, uid, gid, and groups. */ | 371 | /* Set login name, uid, gid, and groups. */ |
372 | void | 372 | void |
@@ -375,7 +375,7 @@ index 2d0958d11..19f38637e 100644 | |||
375 | { | 375 | { |
376 | char uidstr[32], *chroot_path, *tmp; | 376 | char uidstr[32], *chroot_path, *tmp; |
377 | 377 | ||
378 | @@ -1408,7 +1408,7 @@ do_setusercontext(struct passwd *pw) | 378 | @@ -1384,7 +1384,7 @@ do_setusercontext(struct passwd *pw) |
379 | endgrent(); | 379 | endgrent(); |
380 | #endif | 380 | #endif |
381 | 381 | ||
@@ -384,7 +384,7 @@ index 2d0958d11..19f38637e 100644 | |||
384 | 384 | ||
385 | if (!in_chroot && options.chroot_directory != NULL && | 385 | if (!in_chroot && options.chroot_directory != NULL && |
386 | strcasecmp(options.chroot_directory, "none") != 0) { | 386 | strcasecmp(options.chroot_directory, "none") != 0) { |
387 | @@ -1547,7 +1547,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | 387 | @@ -1525,7 +1525,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) |
388 | 388 | ||
389 | /* Force a password change */ | 389 | /* Force a password change */ |
390 | if (s->authctxt->force_pwchange) { | 390 | if (s->authctxt->force_pwchange) { |
@@ -393,7 +393,7 @@ index 2d0958d11..19f38637e 100644 | |||
393 | child_close_fds(ssh); | 393 | child_close_fds(ssh); |
394 | do_pwchange(s); | 394 | do_pwchange(s); |
395 | exit(1); | 395 | exit(1); |
396 | @@ -1565,7 +1565,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | 396 | @@ -1543,7 +1543,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) |
397 | /* When PAM is enabled we rely on it to do the nologin check */ | 397 | /* When PAM is enabled we rely on it to do the nologin check */ |
398 | if (!options.use_pam) | 398 | if (!options.use_pam) |
399 | do_nologin(pw); | 399 | do_nologin(pw); |
@@ -402,8 +402,8 @@ index 2d0958d11..19f38637e 100644 | |||
402 | /* | 402 | /* |
403 | * PAM session modules in do_setusercontext may have | 403 | * PAM session modules in do_setusercontext may have |
404 | * generated messages, so if this in an interactive | 404 | * generated messages, so if this in an interactive |
405 | @@ -1955,7 +1955,7 @@ session_pty_req(struct ssh *ssh, Session *s) | 405 | @@ -1942,7 +1942,7 @@ session_pty_req(struct ssh *ssh, Session *s) |
406 | ssh_tty_parse_modes(ssh, s->ttyfd); | 406 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); |
407 | 407 | ||
408 | if (!use_privsep) | 408 | if (!use_privsep) |
409 | - pty_setowner(s->pw, s->tty); | 409 | - pty_setowner(s->pw, s->tty); |
@@ -425,10 +425,10 @@ index ce59dabd9..675c91146 100644 | |||
425 | const char *session_get_remote_name_or_ip(struct ssh *, u_int, int); | 425 | const char *session_get_remote_name_or_ip(struct ssh *, u_int, int); |
426 | 426 | ||
427 | diff --git a/sshd.c b/sshd.c | 427 | diff --git a/sshd.c b/sshd.c |
428 | index 673db87f6..2bc6679e5 100644 | 428 | index 46870d3b5..e3e96426e 100644 |
429 | --- a/sshd.c | 429 | --- a/sshd.c |
430 | +++ b/sshd.c | 430 | +++ b/sshd.c |
431 | @@ -683,7 +683,7 @@ privsep_postauth(Authctxt *authctxt) | 431 | @@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) |
432 | reseed_prngs(); | 432 | reseed_prngs(); |
433 | 433 | ||
434 | /* Drop privileges */ | 434 | /* Drop privileges */ |
diff --git a/debian/patches/series b/debian/patches/series index b0da97283..6304f537a 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -24,11 +24,4 @@ restore-authorized_keys2.patch | |||
24 | seccomp-s390-flock-ipc.patch | 24 | seccomp-s390-flock-ipc.patch |
25 | seccomp-s390-ioctl-ep11-crypto.patch | 25 | seccomp-s390-ioctl-ep11-crypto.patch |
26 | conch-old-privkey-format.patch | 26 | conch-old-privkey-format.patch |
27 | scp-disallow-dot-or-empty-filename.patch | ||
28 | sanitize-scp-filenames-via-snmprintf.patch | ||
29 | have-progressmeter-force-update-at-beginning-and-end-transfer.patch | ||
30 | check-filenames-in-scp-client.patch | ||
31 | fix-key-type-check.patch | ||
32 | request-rsa-sha2-cert-signatures.patch | ||
33 | scp-handle-braces.patch | ||
34 | revert-ipqos-defaults.patch | 27 | revert-ipqos-defaults.patch |
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch index ad574e829..2224eeead 100644 --- a/debian/patches/shell-path.patch +++ b/debian/patches/shell-path.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From cabad6b7182cd6eaa8b760718200a316e7f578ed Mon Sep 17 00:00:00 2001 | 1 | From b019e32a0ee7a79c0a08cb1199229d03b16934a7 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:00 +0000 |
4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand | 4 | Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand |
@@ -16,10 +16,10 @@ Patch-Name: shell-path.patch | |||
16 | 1 file changed, 2 insertions(+), 2 deletions(-) | 16 | 1 file changed, 2 insertions(+), 2 deletions(-) |
17 | 17 | ||
18 | diff --git a/sshconnect.c b/sshconnect.c | 18 | diff --git a/sshconnect.c b/sshconnect.c |
19 | index 6d819279e..700ea6c3c 100644 | 19 | index fdcdcd855..103d84e38 100644 |
20 | --- a/sshconnect.c | 20 | --- a/sshconnect.c |
21 | +++ b/sshconnect.c | 21 | +++ b/sshconnect.c |
22 | @@ -229,7 +229,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, | 22 | @@ -257,7 +257,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, |
23 | /* Execute the proxy command. Note that we gave up any | 23 | /* Execute the proxy command. Note that we gave up any |
24 | extra privileges above. */ | 24 | extra privileges above. */ |
25 | signal(SIGPIPE, SIG_DFL); | 25 | signal(SIGPIPE, SIG_DFL); |
@@ -28,7 +28,7 @@ index 6d819279e..700ea6c3c 100644 | |||
28 | perror(argv[0]); | 28 | perror(argv[0]); |
29 | exit(1); | 29 | exit(1); |
30 | } | 30 | } |
31 | @@ -1534,7 +1534,7 @@ ssh_local_cmd(const char *args) | 31 | @@ -1382,7 +1382,7 @@ ssh_local_cmd(const char *args) |
32 | if (pid == 0) { | 32 | if (pid == 0) { |
33 | signal(SIGPIPE, SIG_DFL); | 33 | signal(SIGPIPE, SIG_DFL); |
34 | debug3("Executing %s -c \"%s\"", shell, args); | 34 | debug3("Executing %s -c \"%s\"", shell, args); |
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch index ed6ef3d46..e94e48a03 100644 --- a/debian/patches/ssh-agent-setgid.patch +++ b/debian/patches/ssh-agent-setgid.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 6d4521d39a852dc5627187c045c933f4e1cb4601 Mon Sep 17 00:00:00 2001 | 1 | From 9e040aefaefa40bcbe5dcdc0f9f03555cf8fe2d0 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:13 +0000 |
4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) | 4 | Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) |
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch index bb1e10973..a5aa9259a 100644 --- a/debian/patches/ssh-argv0.patch +++ b/debian/patches/ssh-argv0.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From d1064c2689df8d0894a68ac9671d14ab125bc91b Mon Sep 17 00:00:00 2001 | 1 | From 23b4cc85184891ad61bb98045629400e48d946dd Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:10 +0000 |
4 | Subject: ssh(1): Refer to ssh-argv0(1) | 4 | Subject: ssh(1): Refer to ssh-argv0(1) |
@@ -18,10 +18,10 @@ Patch-Name: ssh-argv0.patch | |||
18 | 1 file changed, 1 insertion(+) | 18 | 1 file changed, 1 insertion(+) |
19 | 19 | ||
20 | diff --git a/ssh.1 b/ssh.1 | 20 | diff --git a/ssh.1 b/ssh.1 |
21 | index 5dfad6daa..ad1ed0f86 100644 | 21 | index e4aeae7b4..8d2b08a29 100644 |
22 | --- a/ssh.1 | 22 | --- a/ssh.1 |
23 | +++ b/ssh.1 | 23 | +++ b/ssh.1 |
24 | @@ -1585,6 +1585,7 @@ if an error occurred. | 24 | @@ -1584,6 +1584,7 @@ if an error occurred. |
25 | .Xr sftp 1 , | 25 | .Xr sftp 1 , |
26 | .Xr ssh-add 1 , | 26 | .Xr ssh-add 1 , |
27 | .Xr ssh-agent 1 , | 27 | .Xr ssh-agent 1 , |
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch index ca3e090bd..8adc301fc 100644 --- a/debian/patches/ssh-vulnkey-compat.patch +++ b/debian/patches/ssh-vulnkey-compat.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From eccbd3637a2b8544fdcfdd5d1a00a9dfdac62aeb Mon Sep 17 00:00:00 2001 | 1 | From 0138f331a73d692f4543477ce7f64f9ede7d6b08 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@ubuntu.com> | 2 | From: Colin Watson <cjwatson@ubuntu.com> |
3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:50 +0000 |
4 | Subject: Accept obsolete ssh-vulnkey configuration options | 4 | Subject: Accept obsolete ssh-vulnkey configuration options |
@@ -17,10 +17,10 @@ Patch-Name: ssh-vulnkey-compat.patch | |||
17 | 2 files changed, 2 insertions(+) | 17 | 2 files changed, 2 insertions(+) |
18 | 18 | ||
19 | diff --git a/readconf.c b/readconf.c | 19 | diff --git a/readconf.c b/readconf.c |
20 | index 36bc5e59a..5e655e924 100644 | 20 | index 4d699e5f1..29f3bd98d 100644 |
21 | --- a/readconf.c | 21 | --- a/readconf.c |
22 | +++ b/readconf.c | 22 | +++ b/readconf.c |
23 | @@ -190,6 +190,7 @@ static struct { | 23 | @@ -192,6 +192,7 @@ static struct { |
24 | { "fallbacktorsh", oDeprecated }, | 24 | { "fallbacktorsh", oDeprecated }, |
25 | { "globalknownhostsfile2", oDeprecated }, | 25 | { "globalknownhostsfile2", oDeprecated }, |
26 | { "rhostsauthentication", oDeprecated }, | 26 | { "rhostsauthentication", oDeprecated }, |
@@ -29,10 +29,10 @@ index 36bc5e59a..5e655e924 100644 | |||
29 | { "useroaming", oDeprecated }, | 29 | { "useroaming", oDeprecated }, |
30 | { "usersh", oDeprecated }, | 30 | { "usersh", oDeprecated }, |
31 | diff --git a/servconf.c b/servconf.c | 31 | diff --git a/servconf.c b/servconf.c |
32 | index 4668b8a45..6caf1db38 100644 | 32 | index ffdad31e7..c01e0690e 100644 |
33 | --- a/servconf.c | 33 | --- a/servconf.c |
34 | +++ b/servconf.c | 34 | +++ b/servconf.c |
35 | @@ -600,6 +600,7 @@ static struct { | 35 | @@ -621,6 +621,7 @@ static struct { |
36 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, | 36 | { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, |
37 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, | 37 | { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, |
38 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, | 38 | { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, |
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 3093a41fb..aa7968090 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From e755ec70d62bfb9b02159123f4e870b00010be77 Mon Sep 17 00:00:00 2001 | 1 | From 0646a0cd5ea893cf822113d4f10c501540c18e40 Mon Sep 17 00:00:00 2001 |
2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> | 2 | From: Jonathan David Amery <jdamery@ysolde.ucam.org> |
3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:54 +0000 |
4 | Subject: "LogLevel SILENT" compatibility | 4 | Subject: "LogLevel SILENT" compatibility |
@@ -33,10 +33,10 @@ index d9c2d136c..1749af6d1 100644 | |||
33 | { "FATAL", SYSLOG_LEVEL_FATAL }, | 33 | { "FATAL", SYSLOG_LEVEL_FATAL }, |
34 | { "ERROR", SYSLOG_LEVEL_ERROR }, | 34 | { "ERROR", SYSLOG_LEVEL_ERROR }, |
35 | diff --git a/ssh.c b/ssh.c | 35 | diff --git a/ssh.c b/ssh.c |
36 | index 0777c31e4..3140fed4c 100644 | 36 | index 42be7d88f..86f143341 100644 |
37 | --- a/ssh.c | 37 | --- a/ssh.c |
38 | +++ b/ssh.c | 38 | +++ b/ssh.c |
39 | @@ -1258,7 +1258,7 @@ main(int ac, char **av) | 39 | @@ -1265,7 +1265,7 @@ main(int ac, char **av) |
40 | /* Do not allocate a tty if stdin is not a tty. */ | 40 | /* Do not allocate a tty if stdin is not a tty. */ |
41 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && | 41 | if ((!isatty(fileno(stdin)) || stdin_null_flag) && |
42 | options.request_tty != REQUEST_TTY_FORCE) { | 42 | options.request_tty != REQUEST_TTY_FORCE) { |
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch index c5dee41ad..51c7e32de 100644 --- a/debian/patches/systemd-readiness.patch +++ b/debian/patches/systemd-readiness.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From da34947128351bee9d2530574432190548f5be58 Mon Sep 17 00:00:00 2001 | 1 | From a88f67584ef5889d95c04b0294e92c11ed4904cd Mon Sep 17 00:00:00 2001 |
2 | From: Michael Biebl <biebl@debian.org> | 2 | From: Michael Biebl <biebl@debian.org> |
3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 | 3 | Date: Mon, 21 Dec 2015 16:08:47 +0000 |
4 | Subject: Add systemd readiness notification support | 4 | Subject: Add systemd readiness notification support |
@@ -14,10 +14,10 @@ Patch-Name: systemd-readiness.patch | |||
14 | 2 files changed, 33 insertions(+) | 14 | 2 files changed, 33 insertions(+) |
15 | 15 | ||
16 | diff --git a/configure.ac b/configure.ac | 16 | diff --git a/configure.ac b/configure.ac |
17 | index 917300b43..8a5db4cb5 100644 | 17 | index ce16e7758..de140f578 100644 |
18 | --- a/configure.ac | 18 | --- a/configure.ac |
19 | +++ b/configure.ac | 19 | +++ b/configure.ac |
20 | @@ -4586,6 +4586,29 @@ AC_ARG_WITH([kerberos5], | 20 | @@ -4526,6 +4526,29 @@ AC_ARG_WITH([kerberos5], |
21 | AC_SUBST([GSSLIBS]) | 21 | AC_SUBST([GSSLIBS]) |
22 | AC_SUBST([K5LIBS]) | 22 | AC_SUBST([K5LIBS]) |
23 | 23 | ||
@@ -47,7 +47,7 @@ index 917300b43..8a5db4cb5 100644 | |||
47 | # Looking for programs, paths and files | 47 | # Looking for programs, paths and files |
48 | 48 | ||
49 | PRIVSEP_PATH=/var/empty | 49 | PRIVSEP_PATH=/var/empty |
50 | @@ -5392,6 +5415,7 @@ echo " libldns support: $LDNS_MSG" | 50 | @@ -5332,6 +5355,7 @@ echo " libldns support: $LDNS_MSG" |
51 | echo " Solaris process contract support: $SPC_MSG" | 51 | echo " Solaris process contract support: $SPC_MSG" |
52 | echo " Solaris project support: $SP_MSG" | 52 | echo " Solaris project support: $SP_MSG" |
53 | echo " Solaris privilege support: $SPP_MSG" | 53 | echo " Solaris privilege support: $SPP_MSG" |
@@ -56,7 +56,7 @@ index 917300b43..8a5db4cb5 100644 | |||
56 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" | 56 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" |
57 | echo " BSD Auth support: $BSD_AUTH_MSG" | 57 | echo " BSD Auth support: $BSD_AUTH_MSG" |
58 | diff --git a/sshd.c b/sshd.c | 58 | diff --git a/sshd.c b/sshd.c |
59 | index d7e77d343..a1c3970b3 100644 | 59 | index 1e7ece588..48162b629 100644 |
60 | --- a/sshd.c | 60 | --- a/sshd.c |
61 | +++ b/sshd.c | 61 | +++ b/sshd.c |
62 | @@ -85,6 +85,10 @@ | 62 | @@ -85,6 +85,10 @@ |
@@ -70,7 +70,7 @@ index d7e77d343..a1c3970b3 100644 | |||
70 | #include "xmalloc.h" | 70 | #include "xmalloc.h" |
71 | #include "ssh.h" | 71 | #include "ssh.h" |
72 | #include "ssh2.h" | 72 | #include "ssh2.h" |
73 | @@ -1990,6 +1994,11 @@ main(int ac, char **av) | 73 | @@ -1946,6 +1950,11 @@ main(int ac, char **av) |
74 | } | 74 | } |
75 | } | 75 | } |
76 | 76 | ||
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index bc2390e06..899c60123 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 7b931d36ad36a93d2b1811858ca29408ec44ecae Mon Sep 17 00:00:00 2001 | 1 | From e04a43bd5798ba43d910493d179438845e96f631 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 | 3 | Date: Sun, 9 Feb 2014 16:09:58 +0000 |
4 | Subject: Allow harmless group-writability | 4 | Subject: Allow harmless group-writability |
@@ -13,7 +13,7 @@ default. | |||
13 | 13 | ||
14 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 | 14 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 |
15 | Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 | 15 | Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 |
16 | Last-Update: 2017-10-04 | 16 | Last-Update: 2019-06-05 |
17 | 17 | ||
18 | Patch-Name: user-group-modes.patch | 18 | Patch-Name: user-group-modes.patch |
19 | --- | 19 | --- |
@@ -51,7 +51,7 @@ index 57296e1f6..546aa0495 100644 | |||
51 | pw->pw_name, buf); | 51 | pw->pw_name, buf); |
52 | auth_debug_add("Bad file modes for %.200s", buf); | 52 | auth_debug_add("Bad file modes for %.200s", buf); |
53 | diff --git a/auth.c b/auth.c | 53 | diff --git a/auth.c b/auth.c |
54 | index d8e6b4a3d..9d1d453f1 100644 | 54 | index f7a23afba..8ffd77662 100644 |
55 | --- a/auth.c | 55 | --- a/auth.c |
56 | +++ b/auth.c | 56 | +++ b/auth.c |
57 | @@ -473,8 +473,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, | 57 | @@ -473,8 +473,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, |
@@ -65,10 +65,10 @@ index d8e6b4a3d..9d1d453f1 100644 | |||
65 | "bad owner or modes for %.200s", | 65 | "bad owner or modes for %.200s", |
66 | pw->pw_name, user_hostfile); | 66 | pw->pw_name, user_hostfile); |
67 | diff --git a/misc.c b/misc.c | 67 | diff --git a/misc.c b/misc.c |
68 | index bdc06fdb3..5159e6692 100644 | 68 | index 009e02bc5..634b5060a 100644 |
69 | --- a/misc.c | 69 | --- a/misc.c |
70 | +++ b/misc.c | 70 | +++ b/misc.c |
71 | @@ -58,8 +58,9 @@ | 71 | @@ -59,8 +59,9 @@ |
72 | #include <netdb.h> | 72 | #include <netdb.h> |
73 | #ifdef HAVE_PATHS_H | 73 | #ifdef HAVE_PATHS_H |
74 | # include <paths.h> | 74 | # include <paths.h> |
@@ -79,7 +79,7 @@ index bdc06fdb3..5159e6692 100644 | |||
79 | #ifdef SSH_TUN_OPENBSD | 79 | #ifdef SSH_TUN_OPENBSD |
80 | #include <net/if.h> | 80 | #include <net/if.h> |
81 | #endif | 81 | #endif |
82 | @@ -1028,6 +1029,55 @@ percent_expand(const char *string, ...) | 82 | @@ -1103,6 +1104,55 @@ percent_expand(const char *string, ...) |
83 | #undef EXPAND_MAX_KEYS | 83 | #undef EXPAND_MAX_KEYS |
84 | } | 84 | } |
85 | 85 | ||
@@ -135,7 +135,7 @@ index bdc06fdb3..5159e6692 100644 | |||
135 | int | 135 | int |
136 | tun_open(int tun, int mode, char **ifname) | 136 | tun_open(int tun, int mode, char **ifname) |
137 | { | 137 | { |
138 | @@ -1786,8 +1836,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, | 138 | @@ -1860,8 +1910,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, |
139 | snprintf(err, errlen, "%s is not a regular file", buf); | 139 | snprintf(err, errlen, "%s is not a regular file", buf); |
140 | return -1; | 140 | return -1; |
141 | } | 141 | } |
@@ -145,7 +145,7 @@ index bdc06fdb3..5159e6692 100644 | |||
145 | snprintf(err, errlen, "bad ownership or modes for file %s", | 145 | snprintf(err, errlen, "bad ownership or modes for file %s", |
146 | buf); | 146 | buf); |
147 | return -1; | 147 | return -1; |
148 | @@ -1802,8 +1851,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, | 148 | @@ -1876,8 +1925,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, |
149 | strlcpy(buf, cp, sizeof(buf)); | 149 | strlcpy(buf, cp, sizeof(buf)); |
150 | 150 | ||
151 | if (stat(buf, &st) < 0 || | 151 | if (stat(buf, &st) < 0 || |
@@ -156,10 +156,10 @@ index bdc06fdb3..5159e6692 100644 | |||
156 | "bad ownership or modes for directory %s", buf); | 156 | "bad ownership or modes for directory %s", buf); |
157 | return -1; | 157 | return -1; |
158 | diff --git a/misc.h b/misc.h | 158 | diff --git a/misc.h b/misc.h |
159 | index 31b207a8d..aaf966e65 100644 | 159 | index 5b4325aba..a4bdee187 100644 |
160 | --- a/misc.h | 160 | --- a/misc.h |
161 | +++ b/misc.h | 161 | +++ b/misc.h |
162 | @@ -168,6 +168,8 @@ int safe_path_fd(int, const char *, struct passwd *, | 162 | @@ -175,6 +175,8 @@ int safe_path_fd(int, const char *, struct passwd *, |
163 | char *read_passphrase(const char *, int); | 163 | char *read_passphrase(const char *, int); |
164 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); | 164 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); |
165 | 165 | ||
@@ -169,10 +169,10 @@ index 31b207a8d..aaf966e65 100644 | |||
169 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) | 169 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) |
170 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) | 170 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) |
171 | diff --git a/readconf.c b/readconf.c | 171 | diff --git a/readconf.c b/readconf.c |
172 | index 052d4b1ac..6b01f20d2 100644 | 172 | index 3d0b6ff90..cd60007f8 100644 |
173 | --- a/readconf.c | 173 | --- a/readconf.c |
174 | +++ b/readconf.c | 174 | +++ b/readconf.c |
175 | @@ -1820,8 +1820,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, | 175 | @@ -1846,8 +1846,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, |
176 | 176 | ||
177 | if (fstat(fileno(f), &sb) == -1) | 177 | if (fstat(fileno(f), &sb) == -1) |
178 | fatal("fstat %s: %s", filename, strerror(errno)); | 178 | fatal("fstat %s: %s", filename, strerror(errno)); |
@@ -183,10 +183,10 @@ index 052d4b1ac..6b01f20d2 100644 | |||
183 | } | 183 | } |
184 | 184 | ||
185 | diff --git a/ssh.1 b/ssh.1 | 185 | diff --git a/ssh.1 b/ssh.1 |
186 | index 7760c3075..81f29af43 100644 | 186 | index a1c7d2305..64ead5f57 100644 |
187 | --- a/ssh.1 | 187 | --- a/ssh.1 |
188 | +++ b/ssh.1 | 188 | +++ b/ssh.1 |
189 | @@ -1485,6 +1485,8 @@ The file format and configuration options are described in | 189 | @@ -1484,6 +1484,8 @@ The file format and configuration options are described in |
190 | .Xr ssh_config 5 . | 190 | .Xr ssh_config 5 . |
191 | Because of the potential for abuse, this file must have strict permissions: | 191 | Because of the potential for abuse, this file must have strict permissions: |
192 | read/write for the user, and not writable by others. | 192 | read/write for the user, and not writable by others. |
@@ -196,13 +196,13 @@ index 7760c3075..81f29af43 100644 | |||
196 | .It Pa ~/.ssh/environment | 196 | .It Pa ~/.ssh/environment |
197 | Contains additional definitions for environment variables; see | 197 | Contains additional definitions for environment variables; see |
198 | diff --git a/ssh_config.5 b/ssh_config.5 | 198 | diff --git a/ssh_config.5 b/ssh_config.5 |
199 | index 54e143c93..7d55fa820 100644 | 199 | index 250c92d04..bd1e9311d 100644 |
200 | --- a/ssh_config.5 | 200 | --- a/ssh_config.5 |
201 | +++ b/ssh_config.5 | 201 | +++ b/ssh_config.5 |
202 | @@ -1835,6 +1835,8 @@ The format of this file is described above. | 202 | @@ -1885,6 +1885,8 @@ The format of this file is described above. |
203 | This file is used by the SSH client. | 203 | This file is used by the SSH client. |
204 | Because of the potential for abuse, this file must have strict permissions: | 204 | Because of the potential for abuse, this file must have strict permissions: |
205 | read/write for the user, and not accessible by others. | 205 | read/write for the user, and not writable by others. |
206 | +It may be group-writable provided that the group in question contains only | 206 | +It may be group-writable provided that the group in question contains only |
207 | +the user. | 207 | +the user. |
208 | .It Pa /etc/ssh/ssh_config | 208 | .It Pa /etc/ssh/ssh_config |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.c,v 1.68 2018/09/17 15:40:14 millert Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.69 2018/11/09 02:56:22 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * | 4 | * |
@@ -406,7 +406,7 @@ dh_new_group16(void) | |||
406 | DH * | 406 | DH * |
407 | dh_new_group18(void) | 407 | dh_new_group18(void) |
408 | { | 408 | { |
409 | static char *gen = "2", *group16 = | 409 | static char *gen = "2", *group18 = |
410 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" | 410 | "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" |
411 | "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" | 411 | "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" |
412 | "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" | 412 | "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" |
@@ -451,7 +451,7 @@ dh_new_group18(void) | |||
451 | "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71" | 451 | "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71" |
452 | "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF"; | 452 | "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF"; |
453 | 453 | ||
454 | return (dh_new_group_asc(gen, group16)); | 454 | return (dh_new_group_asc(gen, group18)); |
455 | } | 455 | } |
456 | 456 | ||
457 | /* Select fallback group used by DH-GEX if moduli file cannot be read. */ | 457 | /* Select fallback group used by DH-GEX if moduli file cannot be read. */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.h,v 1.15 2016/05/02 10:26:04 djm Exp $ */ | 1 | /* $OpenBSD: dh.h,v 1.17 2019/01/20 01:12:40 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 4 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
@@ -48,7 +48,7 @@ u_int dh_estimate(int); | |||
48 | 48 | ||
49 | /* | 49 | /* |
50 | * Max value from RFC4419. | 50 | * Max value from RFC4419. |
51 | * Miniumum increased in light of DH precomputation attacks. | 51 | * Min value from RFC8270. |
52 | */ | 52 | */ |
53 | #define DH_GRP_MIN 2048 | 53 | #define DH_GRP_MIN 2048 |
54 | #define DH_GRP_MAX 8192 | 54 | #define DH_GRP_MAX 8192 |
diff --git a/dispatch.c b/dispatch.c index 0b3ea614e..6e4c501e0 100644 --- a/dispatch.c +++ b/dispatch.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dispatch.c,v 1.31 2017/05/31 07:00:13 markus Exp $ */ | 1 | /* $OpenBSD: dispatch.c,v 1.32 2019/01/19 21:33:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -47,7 +47,7 @@ dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh) | |||
47 | (r = sshpkt_put_u32(ssh, seq)) != 0 || | 47 | (r = sshpkt_put_u32(ssh, seq)) != 0 || |
48 | (r = sshpkt_send(ssh)) != 0 || | 48 | (r = sshpkt_send(ssh)) != 0 || |
49 | (r = ssh_packet_write_wait(ssh)) != 0) | 49 | (r = ssh_packet_write_wait(ssh)) != 0) |
50 | sshpkt_fatal(ssh, __func__, r); | 50 | sshpkt_fatal(ssh, r, "%s", __func__); |
51 | return 0; | 51 | return 0; |
52 | } | 52 | } |
53 | 53 | ||
@@ -131,5 +131,5 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done) | |||
131 | int r; | 131 | int r; |
132 | 132 | ||
133 | if ((r = ssh_dispatch_run(ssh, mode, done)) != 0) | 133 | if ((r = ssh_dispatch_run(ssh, mode, done)) != 0) |
134 | sshpkt_fatal(ssh, __func__, r); | 134 | sshpkt_fatal(ssh, r, "%s", __func__); |
135 | } | 135 | } |
diff --git a/dispatch.h b/dispatch.h index 17a6f3db6..a22d7749f 100644 --- a/dispatch.h +++ b/dispatch.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dispatch.h,v 1.14 2017/05/31 07:00:13 markus Exp $ */ | 1 | /* $OpenBSD: dispatch.h,v 1.15 2019/01/19 21:45:31 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -46,11 +46,4 @@ void ssh_dispatch_range(struct ssh *, u_int, u_int, dispatch_fn *); | |||
46 | int ssh_dispatch_run(struct ssh *, int, volatile sig_atomic_t *); | 46 | int ssh_dispatch_run(struct ssh *, int, volatile sig_atomic_t *); |
47 | void ssh_dispatch_run_fatal(struct ssh *, int, volatile sig_atomic_t *); | 47 | void ssh_dispatch_run_fatal(struct ssh *, int, volatile sig_atomic_t *); |
48 | 48 | ||
49 | #define dispatch_init(dflt) \ | ||
50 | ssh_dispatch_init(active_state, (dflt)) | ||
51 | #define dispatch_range(from, to, fn) \ | ||
52 | ssh_dispatch_range(active_state, (from), (to), (fn)) | ||
53 | #define dispatch_set(type, fn) \ | ||
54 | ssh_dispatch_set(active_state, (type), (fn)) | ||
55 | |||
56 | #endif | 49 | #endif |
@@ -24,6 +24,8 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | 26 | ||
27 | #define RANDOM_SEED_SIZE 48 | ||
28 | |||
27 | #ifdef WITH_OPENSSL | 29 | #ifdef WITH_OPENSSL |
28 | 30 | ||
29 | #include <sys/types.h> | 31 | #include <sys/types.h> |
@@ -64,8 +66,6 @@ | |||
64 | */ | 66 | */ |
65 | #ifndef OPENSSL_PRNG_ONLY | 67 | #ifndef OPENSSL_PRNG_ONLY |
66 | 68 | ||
67 | #define RANDOM_SEED_SIZE 48 | ||
68 | |||
69 | /* | 69 | /* |
70 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon | 70 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon |
71 | * listening either on 'tcp_port', or via Unix domain socket at * | 71 | * listening either on 'tcp_port', or via Unix domain socket at * |
@@ -216,35 +216,46 @@ rexec_recv_rng_seed(struct sshbuf *m) | |||
216 | void | 216 | void |
217 | seed_rng(void) | 217 | seed_rng(void) |
218 | { | 218 | { |
219 | #ifndef OPENSSL_PRNG_ONLY | ||
220 | unsigned char buf[RANDOM_SEED_SIZE]; | 219 | unsigned char buf[RANDOM_SEED_SIZE]; |
221 | #endif | 220 | |
222 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay())) | 221 | /* Initialise libcrypto */ |
222 | ssh_libcrypto_init(); | ||
223 | |||
224 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, | ||
225 | OpenSSL_version_num())) | ||
223 | fatal("OpenSSL version mismatch. Built against %lx, you " | 226 | fatal("OpenSSL version mismatch. Built against %lx, you " |
224 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); | 227 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, |
228 | OpenSSL_version_num()); | ||
225 | 229 | ||
226 | #ifndef OPENSSL_PRNG_ONLY | 230 | #ifndef OPENSSL_PRNG_ONLY |
227 | if (RAND_status() == 1) { | 231 | if (RAND_status() == 1) |
228 | debug3("RNG is ready, skipping seeding"); | 232 | debug3("RNG is ready, skipping seeding"); |
229 | return; | 233 | else { |
234 | if (seed_from_prngd(buf, sizeof(buf)) == -1) | ||
235 | fatal("Could not obtain seed from PRNGd"); | ||
236 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
230 | } | 237 | } |
231 | |||
232 | if (seed_from_prngd(buf, sizeof(buf)) == -1) | ||
233 | fatal("Could not obtain seed from PRNGd"); | ||
234 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
235 | memset(buf, '\0', sizeof(buf)); | ||
236 | |||
237 | #endif /* OPENSSL_PRNG_ONLY */ | 238 | #endif /* OPENSSL_PRNG_ONLY */ |
239 | |||
238 | if (RAND_status() != 1) | 240 | if (RAND_status() != 1) |
239 | fatal("PRNG is not seeded"); | 241 | fatal("PRNG is not seeded"); |
242 | |||
243 | /* Ensure arc4random() is primed */ | ||
244 | arc4random_buf(buf, sizeof(buf)); | ||
245 | explicit_bzero(buf, sizeof(buf)); | ||
240 | } | 246 | } |
241 | 247 | ||
242 | #else /* WITH_OPENSSL */ | 248 | #else /* WITH_OPENSSL */ |
243 | 249 | ||
244 | /* Handled in arc4random() */ | 250 | /* Acutal initialisation is handled in arc4random() */ |
245 | void | 251 | void |
246 | seed_rng(void) | 252 | seed_rng(void) |
247 | { | 253 | { |
254 | unsigned char buf[RANDOM_SEED_SIZE]; | ||
255 | |||
256 | /* Ensure arc4random() is primed */ | ||
257 | arc4random_buf(buf, sizeof(buf)); | ||
258 | explicit_bzero(buf, sizeof(buf)); | ||
248 | } | 259 | } |
249 | 260 | ||
250 | #endif /* WITH_OPENSSL */ | 261 | #endif /* WITH_OPENSSL */ |
diff --git a/groupaccess.c b/groupaccess.c index 9e4d25521..80d301915 100644 --- a/groupaccess.c +++ b/groupaccess.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: groupaccess.c,v 1.16 2015/05/04 06:10:48 djm Exp $ */ | 1 | /* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Kevin Steves. All rights reserved. | 3 | * Copyright (c) 2001 Kevin Steves. All rights reserved. |
4 | * | 4 | * |
@@ -103,7 +103,8 @@ ga_match_pattern_list(const char *group_pattern) | |||
103 | int i, found = 0; | 103 | int i, found = 0; |
104 | 104 | ||
105 | for (i = 0; i < ngroups; i++) { | 105 | for (i = 0; i < ngroups; i++) { |
106 | switch (match_pattern_list(groups_byname[i], group_pattern, 0)) { | 106 | switch (match_usergroup_pattern_list(groups_byname[i], |
107 | group_pattern)) { | ||
107 | case -1: | 108 | case -1: |
108 | return 0; /* Negated match wins */ | 109 | return 0; /* Negated match wins */ |
109 | case 0: | 110 | case 0: |
diff --git a/gss-genr.c b/gss-genr.c index 491e62cee..763a63ffa 100644 --- a/gss-genr.c +++ b/gss-genr.c | |||
@@ -39,12 +39,13 @@ | |||
39 | #include "xmalloc.h" | 39 | #include "xmalloc.h" |
40 | #include "ssherr.h" | 40 | #include "ssherr.h" |
41 | #include "sshbuf.h" | 41 | #include "sshbuf.h" |
42 | #include "sshkey.h" | ||
43 | #include "log.h" | 42 | #include "log.h" |
44 | #include "ssh2.h" | 43 | #include "ssh2.h" |
45 | #include "cipher.h" | 44 | #include "cipher.h" |
45 | #include "sshkey.h" | ||
46 | #include "kex.h" | 46 | #include "kex.h" |
47 | #include "digest.h" | 47 | #include "digest.h" |
48 | #include "packet.h" | ||
48 | 49 | ||
49 | #include "ssh-gss.h" | 50 | #include "ssh-gss.h" |
50 | 51 | ||
@@ -65,7 +66,7 @@ Gssctxt *gss_kex_context = NULL; | |||
65 | 66 | ||
66 | static ssh_gss_kex_mapping *gss_enc2oid = NULL; | 67 | static ssh_gss_kex_mapping *gss_enc2oid = NULL; |
67 | 68 | ||
68 | int | 69 | int |
69 | ssh_gssapi_oid_table_ok(void) { | 70 | ssh_gssapi_oid_table_ok(void) { |
70 | return (gss_enc2oid != NULL); | 71 | return (gss_enc2oid != NULL); |
71 | } | 72 | } |
@@ -85,6 +86,21 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) | |||
85 | return 0; | 86 | return 0; |
86 | } | 87 | } |
87 | 88 | ||
89 | /* sshpkt_get of gss_buffer_desc */ | ||
90 | int | ||
91 | ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *ssh, gss_buffer_desc *g) | ||
92 | { | ||
93 | int r; | ||
94 | u_char *p; | ||
95 | size_t len; | ||
96 | |||
97 | if ((r = sshpkt_get_string(ssh, &p, &len)) != 0) | ||
98 | return r; | ||
99 | g->value = p; | ||
100 | g->length = len; | ||
101 | return 0; | ||
102 | } | ||
103 | |||
88 | /* | 104 | /* |
89 | * Return a list of the gss-group1-sha1 mechanisms supported by this program | 105 | * Return a list of the gss-group1-sha1 mechanisms supported by this program |
90 | * | 106 | * |
@@ -93,27 +109,30 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g) | |||
93 | */ | 109 | */ |
94 | 110 | ||
95 | char * | 111 | char * |
96 | ssh_gssapi_client_mechanisms(const char *host, const char *client) { | 112 | ssh_gssapi_client_mechanisms(const char *host, const char *client, |
97 | gss_OID_set gss_supported; | 113 | const char *kex) { |
114 | gss_OID_set gss_supported = NULL; | ||
98 | OM_uint32 min_status; | 115 | OM_uint32 min_status; |
99 | 116 | ||
100 | if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) | 117 | if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) |
101 | return NULL; | 118 | return NULL; |
102 | 119 | ||
103 | return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, | 120 | return ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, |
104 | host, client)); | 121 | host, client, kex); |
105 | } | 122 | } |
106 | 123 | ||
107 | char * | 124 | char * |
108 | ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | 125 | ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, |
109 | const char *host, const char *client) { | 126 | const char *host, const char *client, const char *kex) { |
110 | struct sshbuf *buf; | 127 | struct sshbuf *buf = NULL; |
111 | size_t i; | 128 | size_t i; |
112 | int r, oidpos, enclen; | 129 | int r = SSH_ERR_ALLOC_FAIL; |
130 | int oidpos, enclen; | ||
113 | char *mechs, *encoded; | 131 | char *mechs, *encoded; |
114 | u_char digest[SSH_DIGEST_MAX_LENGTH]; | 132 | u_char digest[SSH_DIGEST_MAX_LENGTH]; |
115 | char deroid[2]; | 133 | char deroid[2]; |
116 | struct ssh_digest_ctx *md; | 134 | struct ssh_digest_ctx *md = NULL; |
135 | char *s, *cp, *p; | ||
117 | 136 | ||
118 | if (gss_enc2oid != NULL) { | 137 | if (gss_enc2oid != NULL) { |
119 | for (i = 0; gss_enc2oid[i].encoded != NULL; i++) | 138 | for (i = 0; gss_enc2oid[i].encoded != NULL; i++) |
@@ -128,6 +147,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | |||
128 | fatal("%s: sshbuf_new failed", __func__); | 147 | fatal("%s: sshbuf_new failed", __func__); |
129 | 148 | ||
130 | oidpos = 0; | 149 | oidpos = 0; |
150 | s = cp = xstrdup(kex); | ||
131 | for (i = 0; i < gss_supported->count; i++) { | 151 | for (i = 0; i < gss_supported->count; i++) { |
132 | if (gss_supported->elements[i].length < 128 && | 152 | if (gss_supported->elements[i].length < 128 && |
133 | (*check)(NULL, &(gss_supported->elements[i]), host, client)) { | 153 | (*check)(NULL, &(gss_supported->elements[i]), host, client)) { |
@@ -136,12 +156,15 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | |||
136 | deroid[1] = gss_supported->elements[i].length; | 156 | deroid[1] = gss_supported->elements[i].length; |
137 | 157 | ||
138 | if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || | 158 | if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || |
139 | ssh_digest_update(md, deroid, 2) != 0 || | 159 | (r = ssh_digest_update(md, deroid, 2)) != 0 || |
140 | ssh_digest_update(md, | 160 | (r = ssh_digest_update(md, |
141 | gss_supported->elements[i].elements, | 161 | gss_supported->elements[i].elements, |
142 | gss_supported->elements[i].length) != 0 || | 162 | gss_supported->elements[i].length)) != 0 || |
143 | ssh_digest_final(md, digest, sizeof(digest)) != 0) | 163 | (r = ssh_digest_final(md, digest, sizeof(digest))) != 0) |
144 | fatal("%s: digest failed", __func__); | 164 | fatal("%s: digest failed: %s", __func__, |
165 | ssh_err(r)); | ||
166 | ssh_digest_free(md); | ||
167 | md = NULL; | ||
145 | 168 | ||
146 | encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5) | 169 | encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5) |
147 | * 2); | 170 | * 2); |
@@ -149,69 +172,66 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, | |||
149 | ssh_digest_bytes(SSH_DIGEST_MD5), encoded, | 172 | ssh_digest_bytes(SSH_DIGEST_MD5), encoded, |
150 | ssh_digest_bytes(SSH_DIGEST_MD5) * 2); | 173 | ssh_digest_bytes(SSH_DIGEST_MD5) * 2); |
151 | 174 | ||
152 | if (oidpos != 0) { | 175 | cp = strncpy(s, kex, strlen(kex)); |
153 | if ((r = sshbuf_put_u8(buf, ',')) != 0) | 176 | for ((p = strsep(&cp, ",")); p && *p != '\0'; |
154 | fatal("%s: buffer error: %s", | 177 | (p = strsep(&cp, ","))) { |
178 | if (sshbuf_len(buf) != 0 && | ||
179 | (r = sshbuf_put_u8(buf, ',')) != 0) | ||
180 | fatal("%s: sshbuf_put_u8 error: %s", | ||
181 | __func__, ssh_err(r)); | ||
182 | if ((r = sshbuf_put(buf, p, strlen(p))) != 0 || | ||
183 | (r = sshbuf_put(buf, encoded, enclen)) != 0) | ||
184 | fatal("%s: sshbuf_put error: %s", | ||
155 | __func__, ssh_err(r)); | 185 | __func__, ssh_err(r)); |
156 | } | 186 | } |
157 | 187 | ||
158 | if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID, | ||
159 | sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 || | ||
160 | (r = sshbuf_put(buf, encoded, enclen)) != 0 || | ||
161 | (r = sshbuf_put_u8(buf, ',')) != 0 || | ||
162 | (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID, | ||
163 | sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 || | ||
164 | (r = sshbuf_put(buf, encoded, enclen)) != 0 || | ||
165 | (r = sshbuf_put_u8(buf, ',')) != 0 || | ||
166 | (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID, | ||
167 | sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 || | ||
168 | (r = sshbuf_put(buf, encoded, enclen)) != 0) | ||
169 | fatal("%s: buffer error: %s", | ||
170 | __func__, ssh_err(r)); | ||
171 | |||
172 | gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); | 188 | gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); |
173 | gss_enc2oid[oidpos].encoded = encoded; | 189 | gss_enc2oid[oidpos].encoded = encoded; |
174 | oidpos++; | 190 | oidpos++; |
175 | } | 191 | } |
176 | } | 192 | } |
193 | free(s); | ||
177 | gss_enc2oid[oidpos].oid = NULL; | 194 | gss_enc2oid[oidpos].oid = NULL; |
178 | gss_enc2oid[oidpos].encoded = NULL; | 195 | gss_enc2oid[oidpos].encoded = NULL; |
179 | 196 | ||
180 | if ((mechs = sshbuf_dup_string(buf)) == NULL) | 197 | if ((mechs = sshbuf_dup_string(buf)) == NULL) |
181 | fatal("%s: sshbuf_dup_string failed", __func__); | 198 | fatal("%s: sshbuf_dup_string failed", __func__); |
182 | 199 | ||
200 | sshbuf_free(buf); | ||
201 | |||
183 | if (strlen(mechs) == 0) { | 202 | if (strlen(mechs) == 0) { |
184 | free(mechs); | 203 | free(mechs); |
185 | mechs = NULL; | 204 | mechs = NULL; |
186 | } | 205 | } |
187 | 206 | ||
188 | return (mechs); | 207 | return (mechs); |
189 | } | 208 | } |
190 | 209 | ||
191 | gss_OID | 210 | gss_OID |
192 | ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { | 211 | ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { |
193 | int i = 0; | 212 | int i = 0; |
194 | 213 | ||
195 | switch (kex_type) { | 214 | #define SKIP_KEX_NAME(type) \ |
196 | case KEX_GSS_GRP1_SHA1: | 215 | case type: \ |
197 | if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID)) | 216 | if (strlen(name) < sizeof(type##_ID)) \ |
198 | return GSS_C_NO_OID; | 217 | return GSS_C_NO_OID; \ |
199 | name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1; | 218 | name += sizeof(type##_ID) - 1; \ |
200 | break; | ||
201 | case KEX_GSS_GRP14_SHA1: | ||
202 | if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID)) | ||
203 | return GSS_C_NO_OID; | ||
204 | name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1; | ||
205 | break; | ||
206 | case KEX_GSS_GEX_SHA1: | ||
207 | if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID)) | ||
208 | return GSS_C_NO_OID; | ||
209 | name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1; | ||
210 | break; | 219 | break; |
220 | |||
221 | switch (kex_type) { | ||
222 | SKIP_KEX_NAME(KEX_GSS_GRP1_SHA1) | ||
223 | SKIP_KEX_NAME(KEX_GSS_GRP14_SHA1) | ||
224 | SKIP_KEX_NAME(KEX_GSS_GRP14_SHA256) | ||
225 | SKIP_KEX_NAME(KEX_GSS_GRP16_SHA512) | ||
226 | SKIP_KEX_NAME(KEX_GSS_GEX_SHA1) | ||
227 | SKIP_KEX_NAME(KEX_GSS_NISTP256_SHA256) | ||
228 | SKIP_KEX_NAME(KEX_GSS_C25519_SHA256) | ||
211 | default: | 229 | default: |
212 | return GSS_C_NO_OID; | 230 | return GSS_C_NO_OID; |
213 | } | 231 | } |
214 | 232 | ||
233 | #undef SKIP_KEX_NAME | ||
234 | |||
215 | while (gss_enc2oid[i].encoded != NULL && | 235 | while (gss_enc2oid[i].encoded != NULL && |
216 | strcmp(name, gss_enc2oid[i].encoded) != 0) | 236 | strcmp(name, gss_enc2oid[i].encoded) != 0) |
217 | i++; | 237 | i++; |
@@ -425,8 +445,8 @@ ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) | |||
425 | GSS_C_NT_USER_NAME, &gssname); | 445 | GSS_C_NT_USER_NAME, &gssname); |
426 | 446 | ||
427 | if (!ctx->major) | 447 | if (!ctx->major) |
428 | ctx->major = gss_acquire_cred(&ctx->minor, | 448 | ctx->major = gss_acquire_cred(&ctx->minor, |
429 | gssname, 0, oidset, GSS_C_INITIATE, | 449 | gssname, 0, oidset, GSS_C_INITIATE, |
430 | &ctx->client_creds, NULL, NULL); | 450 | &ctx->client_creds, NULL, NULL); |
431 | 451 | ||
432 | gss_release_name(&status, &gssname); | 452 | gss_release_name(&status, &gssname); |
@@ -441,7 +461,7 @@ ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) | |||
441 | OM_uint32 | 461 | OM_uint32 |
442 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) | 462 | ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) |
443 | { | 463 | { |
444 | if (ctx == NULL) | 464 | if (ctx == NULL) |
445 | return -1; | 465 | return -1; |
446 | 466 | ||
447 | if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, | 467 | if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, |
@@ -480,7 +500,7 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service, | |||
480 | } | 500 | } |
481 | 501 | ||
482 | int | 502 | int |
483 | ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, | 503 | ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, |
484 | const char *client) | 504 | const char *client) |
485 | { | 505 | { |
486 | gss_buffer_desc token = GSS_C_EMPTY_BUFFER; | 506 | gss_buffer_desc token = GSS_C_EMPTY_BUFFER; |
@@ -512,7 +532,7 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, | |||
512 | GSS_C_NO_BUFFER); | 532 | GSS_C_NO_BUFFER); |
513 | } | 533 | } |
514 | 534 | ||
515 | if (GSS_ERROR(major) || intctx != NULL) | 535 | if (GSS_ERROR(major) || intctx != NULL) |
516 | ssh_gssapi_delete_ctx(ctx); | 536 | ssh_gssapi_delete_ctx(ctx); |
517 | 537 | ||
518 | return (!GSS_ERROR(major)); | 538 | return (!GSS_ERROR(major)); |
@@ -527,7 +547,7 @@ ssh_gssapi_credentials_updated(Gssctxt *ctxt) { | |||
527 | static OM_uint32 last_call = 0; | 547 | static OM_uint32 last_call = 0; |
528 | OM_uint32 lifetime, now, major, minor; | 548 | OM_uint32 lifetime, now, major, minor; |
529 | int equal; | 549 | int equal; |
530 | 550 | ||
531 | now = time(NULL); | 551 | now = time(NULL); |
532 | 552 | ||
533 | if (ctxt) { | 553 | if (ctxt) { |
@@ -555,8 +575,8 @@ ssh_gssapi_credentials_updated(Gssctxt *ctxt) { | |||
555 | 575 | ||
556 | if (saved_mech == GSS_C_NO_OID) | 576 | if (saved_mech == GSS_C_NO_OID) |
557 | return 0; | 577 | return 0; |
558 | 578 | ||
559 | major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, | 579 | major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, |
560 | &name, &lifetime, NULL, NULL); | 580 | &name, &lifetime, NULL, NULL); |
561 | if (major == GSS_S_CREDENTIALS_EXPIRED) | 581 | if (major == GSS_S_CREDENTIALS_EXPIRED) |
562 | return 0; | 582 | return 0; |
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 90f8692f5..ef9beb67c 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c | |||
@@ -202,7 +202,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) | |||
202 | } | 202 | } |
203 | 203 | ||
204 | int | 204 | int |
205 | ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, | 205 | ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, |
206 | ssh_gssapi_client *client) | 206 | ssh_gssapi_client *client) |
207 | { | 207 | { |
208 | krb5_ccache ccache = NULL; | 208 | krb5_ccache ccache = NULL; |
@@ -211,14 +211,14 @@ ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, | |||
211 | krb5_error_code problem; | 211 | krb5_error_code problem; |
212 | OM_uint32 maj_status, min_status; | 212 | OM_uint32 maj_status, min_status; |
213 | 213 | ||
214 | if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { | 214 | if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { |
215 | logit("krb5_cc_resolve(): %.100s", | 215 | logit("krb5_cc_resolve(): %.100s", |
216 | krb5_get_err_text(krb_context, problem)); | 216 | krb5_get_err_text(krb_context, problem)); |
217 | return 0; | 217 | return 0; |
218 | } | 218 | } |
219 | 219 | ||
220 | /* Find out who the principal in this cache is */ | 220 | /* Find out who the principal in this cache is */ |
221 | if ((problem = krb5_cc_get_principal(krb_context, ccache, | 221 | if ((problem = krb5_cc_get_principal(krb_context, ccache, |
222 | &principal))) { | 222 | &principal))) { |
223 | logit("krb5_cc_get_principal(): %.100s", | 223 | logit("krb5_cc_get_principal(): %.100s", |
224 | krb5_get_err_text(krb_context, problem)); | 224 | krb5_get_err_text(krb_context, problem)); |
diff --git a/gss-serv.c b/gss-serv.c index 6c087a1b1..1d47870e7 100644 --- a/gss-serv.c +++ b/gss-serv.c | |||
@@ -51,12 +51,9 @@ | |||
51 | 51 | ||
52 | extern ServerOptions options; | 52 | extern ServerOptions options; |
53 | 53 | ||
54 | extern ServerOptions options; | ||
55 | |||
56 | static ssh_gssapi_client gssapi_client = | 54 | static ssh_gssapi_client gssapi_client = |
57 | { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, | 55 | { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL, |
58 | GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, NULL, | 56 | GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0}; |
59 | {NULL, NULL, NULL, NULL, NULL}, 0, 0}; | ||
60 | 57 | ||
61 | ssh_gssapi_mech gssapi_null_mech = | 58 | ssh_gssapi_mech gssapi_null_mech = |
62 | { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; | 59 | { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; |
@@ -151,7 +148,8 @@ ssh_gssapi_server_mechanisms(void) { | |||
151 | if (supported_oids == NULL) | 148 | if (supported_oids == NULL) |
152 | ssh_gssapi_prepare_supported_oids(); | 149 | ssh_gssapi_prepare_supported_oids(); |
153 | return (ssh_gssapi_kex_mechs(supported_oids, | 150 | return (ssh_gssapi_kex_mechs(supported_oids, |
154 | &ssh_gssapi_server_check_mech, NULL, NULL)); | 151 | &ssh_gssapi_server_check_mech, NULL, NULL, |
152 | options.gss_kex_algorithms)); | ||
155 | } | 153 | } |
156 | 154 | ||
157 | /* Unprivileged */ | 155 | /* Unprivileged */ |
@@ -160,7 +158,7 @@ ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data, | |||
160 | const char *dummy) { | 158 | const char *dummy) { |
161 | Gssctxt *ctx = NULL; | 159 | Gssctxt *ctx = NULL; |
162 | int res; | 160 | int res; |
163 | 161 | ||
164 | res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); | 162 | res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); |
165 | ssh_gssapi_delete_ctx(&ctx); | 163 | ssh_gssapi_delete_ctx(&ctx); |
166 | 164 | ||
@@ -317,21 +315,21 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) | |||
317 | return GSS_S_COMPLETE; | 315 | return GSS_S_COMPLETE; |
318 | } | 316 | } |
319 | 317 | ||
320 | if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, | 318 | if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, |
321 | ctx->client_creds, ctx->oid, &new_name, | 319 | ctx->client_creds, ctx->oid, &new_name, |
322 | NULL, NULL, NULL))) { | 320 | NULL, NULL, NULL))) { |
323 | ssh_gssapi_error(ctx); | 321 | ssh_gssapi_error(ctx); |
324 | return (ctx->major); | 322 | return (ctx->major); |
325 | } | 323 | } |
326 | 324 | ||
327 | ctx->major = gss_compare_name(&ctx->minor, client->name, | 325 | ctx->major = gss_compare_name(&ctx->minor, client->name, |
328 | new_name, &equal); | 326 | new_name, &equal); |
329 | 327 | ||
330 | if (GSS_ERROR(ctx->major)) { | 328 | if (GSS_ERROR(ctx->major)) { |
331 | ssh_gssapi_error(ctx); | 329 | ssh_gssapi_error(ctx); |
332 | return (ctx->major); | 330 | return (ctx->major); |
333 | } | 331 | } |
334 | 332 | ||
335 | if (!equal) { | 333 | if (!equal) { |
336 | debug("Rekeyed credentials have different name"); | 334 | debug("Rekeyed credentials have different name"); |
337 | return GSS_S_COMPLETE; | 335 | return GSS_S_COMPLETE; |
@@ -343,7 +341,7 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) | |||
343 | gss_release_cred(&ctx->minor, &client->creds); | 341 | gss_release_cred(&ctx->minor, &client->creds); |
344 | client->name = new_name; | 342 | client->name = new_name; |
345 | client->creds = ctx->client_creds; | 343 | client->creds = ctx->client_creds; |
346 | ctx->client_creds = GSS_C_NO_CREDENTIAL; | 344 | ctx->client_creds = GSS_C_NO_CREDENTIAL; |
347 | client->updated = 1; | 345 | client->updated = 1; |
348 | return GSS_S_COMPLETE; | 346 | return GSS_S_COMPLETE; |
349 | } | 347 | } |
@@ -434,10 +432,12 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) | |||
434 | 432 | ||
435 | /* Privileged */ | 433 | /* Privileged */ |
436 | int | 434 | int |
437 | ssh_gssapi_userok(char *user, struct passwd *pw) | 435 | ssh_gssapi_userok(char *user, struct passwd *pw, int kex) |
438 | { | 436 | { |
439 | OM_uint32 lmin; | 437 | OM_uint32 lmin; |
440 | 438 | ||
439 | (void) kex; /* used in privilege separation */ | ||
440 | |||
441 | if (gssapi_client.exportedname.length == 0 || | 441 | if (gssapi_client.exportedname.length == 0 || |
442 | gssapi_client.exportedname.value == NULL) { | 442 | gssapi_client.exportedname.value == NULL) { |
443 | debug("No suitable client data"); | 443 | debug("No suitable client data"); |
@@ -462,7 +462,7 @@ ssh_gssapi_userok(char *user, struct passwd *pw) | |||
462 | return (0); | 462 | return (0); |
463 | } | 463 | } |
464 | 464 | ||
465 | /* These bits are only used for rekeying. The unpriviledged child is running | 465 | /* These bits are only used for rekeying. The unpriviledged child is running |
466 | * as the user, the monitor is root. | 466 | * as the user, the monitor is root. |
467 | * | 467 | * |
468 | * In the child, we want to : | 468 | * In the child, we want to : |
@@ -473,7 +473,7 @@ ssh_gssapi_userok(char *user, struct passwd *pw) | |||
473 | /* Stuff for PAM */ | 473 | /* Stuff for PAM */ |
474 | 474 | ||
475 | #ifdef USE_PAM | 475 | #ifdef USE_PAM |
476 | static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, | 476 | static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, |
477 | struct pam_response **resp, void *data) | 477 | struct pam_response **resp, void *data) |
478 | { | 478 | { |
479 | return (PAM_CONV_ERR); | 479 | return (PAM_CONV_ERR); |
@@ -483,18 +483,18 @@ static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, | |||
483 | void | 483 | void |
484 | ssh_gssapi_rekey_creds(void) { | 484 | ssh_gssapi_rekey_creds(void) { |
485 | int ok; | 485 | int ok; |
486 | int ret; | ||
487 | #ifdef USE_PAM | 486 | #ifdef USE_PAM |
487 | int ret; | ||
488 | pam_handle_t *pamh = NULL; | 488 | pam_handle_t *pamh = NULL; |
489 | struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; | 489 | struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; |
490 | char *envstr; | 490 | char *envstr; |
491 | #endif | 491 | #endif |
492 | 492 | ||
493 | if (gssapi_client.store.filename == NULL && | 493 | if (gssapi_client.store.filename == NULL && |
494 | gssapi_client.store.envval == NULL && | 494 | gssapi_client.store.envval == NULL && |
495 | gssapi_client.store.envvar == NULL) | 495 | gssapi_client.store.envvar == NULL) |
496 | return; | 496 | return; |
497 | 497 | ||
498 | ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); | 498 | ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); |
499 | 499 | ||
500 | if (!ok) | 500 | if (!ok) |
@@ -517,7 +517,7 @@ ssh_gssapi_rekey_creds(void) { | |||
517 | if (ret) | 517 | if (ret) |
518 | return; | 518 | return; |
519 | 519 | ||
520 | xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, | 520 | xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, |
521 | gssapi_client.store.envval); | 521 | gssapi_client.store.envval); |
522 | 522 | ||
523 | ret = pam_putenv(pamh, envstr); | 523 | ret = pam_putenv(pamh, envstr); |
@@ -527,7 +527,7 @@ ssh_gssapi_rekey_creds(void) { | |||
527 | #endif | 527 | #endif |
528 | } | 528 | } |
529 | 529 | ||
530 | int | 530 | int |
531 | ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { | 531 | ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { |
532 | int ok = 0; | 532 | int ok = 0; |
533 | 533 | ||
@@ -19,6 +19,7 @@ | |||
19 | 19 | ||
20 | #include <sys/types.h> | 20 | #include <sys/types.h> |
21 | #include <string.h> | 21 | #include <string.h> |
22 | #include <stdlib.h> | ||
22 | 23 | ||
23 | #include "sshbuf.h" | 24 | #include "sshbuf.h" |
24 | #include "digest.h" | 25 | #include "digest.h" |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.150 2019/01/21 12:08:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -25,19 +25,25 @@ | |||
25 | 25 | ||
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | 27 | ||
28 | 28 | #include <sys/types.h> | |
29 | #include <errno.h> | ||
29 | #include <signal.h> | 30 | #include <signal.h> |
30 | #include <stdarg.h> | 31 | #include <stdarg.h> |
31 | #include <stdio.h> | 32 | #include <stdio.h> |
32 | #include <stdlib.h> | 33 | #include <stdlib.h> |
33 | #include <string.h> | 34 | #include <string.h> |
35 | #include <unistd.h> | ||
36 | #include <poll.h> | ||
34 | 37 | ||
35 | #ifdef WITH_OPENSSL | 38 | #ifdef WITH_OPENSSL |
36 | #include <openssl/crypto.h> | 39 | #include <openssl/crypto.h> |
37 | #include <openssl/dh.h> | 40 | #include <openssl/dh.h> |
38 | #endif | 41 | #endif |
39 | 42 | ||
43 | #include "ssh.h" | ||
40 | #include "ssh2.h" | 44 | #include "ssh2.h" |
45 | #include "atomicio.h" | ||
46 | #include "version.h" | ||
41 | #include "packet.h" | 47 | #include "packet.h" |
42 | #include "compat.h" | 48 | #include "compat.h" |
43 | #include "cipher.h" | 49 | #include "cipher.h" |
@@ -49,6 +55,7 @@ | |||
49 | #include "misc.h" | 55 | #include "misc.h" |
50 | #include "dispatch.h" | 56 | #include "dispatch.h" |
51 | #include "monitor.h" | 57 | #include "monitor.h" |
58 | #include "xmalloc.h" | ||
52 | 59 | ||
53 | #include "ssherr.h" | 60 | #include "ssherr.h" |
54 | #include "sshbuf.h" | 61 | #include "sshbuf.h" |
@@ -106,26 +113,33 @@ static const struct kexalg kexalgs[] = { | |||
106 | #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) | 113 | #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL) |
107 | { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, | 114 | { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, |
108 | { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, | 115 | { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, |
116 | { KEX_SNTRUP4591761X25519_SHA512, KEX_KEM_SNTRUP4591761X25519_SHA512, 0, | ||
117 | SSH_DIGEST_SHA512 }, | ||
109 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ | 118 | #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ |
110 | { NULL, -1, -1, -1}, | 119 | { NULL, -1, -1, -1}, |
111 | }; | 120 | }; |
112 | static const struct kexalg kexalg_prefixes[] = { | 121 | static const struct kexalg gss_kexalgs[] = { |
113 | #ifdef GSSAPI | 122 | #ifdef GSSAPI |
114 | { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, | 123 | { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, |
115 | { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, | 124 | { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, |
116 | { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, | 125 | { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, |
126 | { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
127 | { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, | ||
128 | { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, | ||
129 | NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, | ||
130 | { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, | ||
117 | #endif | 131 | #endif |
118 | { NULL, -1, -1, -1 }, | 132 | { NULL, -1, -1, -1 }, |
119 | }; | 133 | }; |
120 | 134 | ||
121 | char * | 135 | static char * |
122 | kex_alg_list(char sep) | 136 | kex_alg_list_internal(char sep, const struct kexalg *algs) |
123 | { | 137 | { |
124 | char *ret = NULL, *tmp; | 138 | char *ret = NULL, *tmp; |
125 | size_t nlen, rlen = 0; | 139 | size_t nlen, rlen = 0; |
126 | const struct kexalg *k; | 140 | const struct kexalg *k; |
127 | 141 | ||
128 | for (k = kexalgs; k->name != NULL; k++) { | 142 | for (k = algs; k->name != NULL; k++) { |
129 | if (ret != NULL) | 143 | if (ret != NULL) |
130 | ret[rlen++] = sep; | 144 | ret[rlen++] = sep; |
131 | nlen = strlen(k->name); | 145 | nlen = strlen(k->name); |
@@ -140,6 +154,18 @@ kex_alg_list(char sep) | |||
140 | return ret; | 154 | return ret; |
141 | } | 155 | } |
142 | 156 | ||
157 | char * | ||
158 | kex_alg_list(char sep) | ||
159 | { | ||
160 | return kex_alg_list_internal(sep, kexalgs); | ||
161 | } | ||
162 | |||
163 | char * | ||
164 | kex_gss_alg_list(char sep) | ||
165 | { | ||
166 | return kex_alg_list_internal(sep, gss_kexalgs); | ||
167 | } | ||
168 | |||
143 | static const struct kexalg * | 169 | static const struct kexalg * |
144 | kex_alg_by_name(const char *name) | 170 | kex_alg_by_name(const char *name) |
145 | { | 171 | { |
@@ -149,7 +175,7 @@ kex_alg_by_name(const char *name) | |||
149 | if (strcmp(k->name, name) == 0) | 175 | if (strcmp(k->name, name) == 0) |
150 | return k; | 176 | return k; |
151 | } | 177 | } |
152 | for (k = kexalg_prefixes; k->name != NULL; k++) { | 178 | for (k = gss_kexalgs; k->name != NULL; k++) { |
153 | if (strncmp(k->name, name, strlen(k->name)) == 0) | 179 | if (strncmp(k->name, name, strlen(k->name)) == 0) |
154 | return k; | 180 | return k; |
155 | } | 181 | } |
@@ -309,6 +335,29 @@ kex_assemble_names(char **listp, const char *def, const char *all) | |||
309 | return r; | 335 | return r; |
310 | } | 336 | } |
311 | 337 | ||
338 | /* Validate GSS KEX method name list */ | ||
339 | int | ||
340 | kex_gss_names_valid(const char *names) | ||
341 | { | ||
342 | char *s, *cp, *p; | ||
343 | |||
344 | if (names == NULL || *names == '\0') | ||
345 | return 0; | ||
346 | s = cp = xstrdup(names); | ||
347 | for ((p = strsep(&cp, ",")); p && *p != '\0'; | ||
348 | (p = strsep(&cp, ","))) { | ||
349 | if (strncmp(p, "gss-", 4) != 0 | ||
350 | || kex_alg_by_name(p) == NULL) { | ||
351 | error("Unsupported KEX algorithm \"%.100s\"", p); | ||
352 | free(s); | ||
353 | return 0; | ||
354 | } | ||
355 | } | ||
356 | debug3("gss kex names ok: [%s]", names); | ||
357 | free(s); | ||
358 | return 1; | ||
359 | } | ||
360 | |||
312 | /* put algorithm proposal into buffer */ | 361 | /* put algorithm proposal into buffer */ |
313 | int | 362 | int |
314 | kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) | 363 | kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX]) |
@@ -503,6 +552,7 @@ kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) | |||
503 | if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) | 552 | if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) |
504 | return r; | 553 | return r; |
505 | kex->done = 1; | 554 | kex->done = 1; |
555 | kex->flags &= ~KEX_INITIAL; | ||
506 | sshbuf_reset(kex->peer); | 556 | sshbuf_reset(kex->peer); |
507 | /* sshbuf_reset(kex->my); */ | 557 | /* sshbuf_reset(kex->my); */ |
508 | kex->flags &= ~KEX_INIT_SENT; | 558 | kex->flags &= ~KEX_INIT_SENT; |
@@ -593,31 +643,20 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) | |||
593 | return SSH_ERR_INTERNAL_ERROR; | 643 | return SSH_ERR_INTERNAL_ERROR; |
594 | } | 644 | } |
595 | 645 | ||
596 | int | 646 | struct kex * |
597 | kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp) | 647 | kex_new(void) |
598 | { | 648 | { |
599 | struct kex *kex; | 649 | struct kex *kex; |
600 | int r; | ||
601 | 650 | ||
602 | *kexp = NULL; | 651 | if ((kex = calloc(1, sizeof(*kex))) == NULL || |
603 | if ((kex = calloc(1, sizeof(*kex))) == NULL) | 652 | (kex->peer = sshbuf_new()) == NULL || |
604 | return SSH_ERR_ALLOC_FAIL; | 653 | (kex->my = sshbuf_new()) == NULL || |
605 | if ((kex->peer = sshbuf_new()) == NULL || | 654 | (kex->client_version = sshbuf_new()) == NULL || |
606 | (kex->my = sshbuf_new()) == NULL) { | 655 | (kex->server_version = sshbuf_new()) == NULL) { |
607 | r = SSH_ERR_ALLOC_FAIL; | ||
608 | goto out; | ||
609 | } | ||
610 | if ((r = kex_prop2buf(kex->my, proposal)) != 0) | ||
611 | goto out; | ||
612 | kex->done = 0; | ||
613 | kex_reset_dispatch(ssh); | ||
614 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); | ||
615 | r = 0; | ||
616 | *kexp = kex; | ||
617 | out: | ||
618 | if (r != 0) | ||
619 | kex_free(kex); | 656 | kex_free(kex); |
620 | return r; | 657 | return NULL; |
658 | } | ||
659 | return kex; | ||
621 | } | 660 | } |
622 | 661 | ||
623 | void | 662 | void |
@@ -656,6 +695,9 @@ kex_free(struct kex *kex) | |||
656 | { | 695 | { |
657 | u_int mode; | 696 | u_int mode; |
658 | 697 | ||
698 | if (kex == NULL) | ||
699 | return; | ||
700 | |||
659 | #ifdef WITH_OPENSSL | 701 | #ifdef WITH_OPENSSL |
660 | DH_free(kex->dh); | 702 | DH_free(kex->dh); |
661 | #ifdef OPENSSL_HAS_ECC | 703 | #ifdef OPENSSL_HAS_ECC |
@@ -668,12 +710,13 @@ kex_free(struct kex *kex) | |||
668 | } | 710 | } |
669 | sshbuf_free(kex->peer); | 711 | sshbuf_free(kex->peer); |
670 | sshbuf_free(kex->my); | 712 | sshbuf_free(kex->my); |
713 | sshbuf_free(kex->client_version); | ||
714 | sshbuf_free(kex->server_version); | ||
715 | sshbuf_free(kex->client_pub); | ||
671 | free(kex->session_id); | 716 | free(kex->session_id); |
672 | #ifdef GSSAPI | 717 | #ifdef GSSAPI |
673 | free(kex->gss_host); | 718 | free(kex->gss_host); |
674 | #endif /* GSSAPI */ | 719 | #endif /* GSSAPI */ |
675 | free(kex->client_version_string); | ||
676 | free(kex->server_version_string); | ||
677 | free(kex->failed_choice); | 720 | free(kex->failed_choice); |
678 | free(kex->hostkey_alg); | 721 | free(kex->hostkey_alg); |
679 | free(kex->name); | 722 | free(kex->name); |
@@ -681,11 +724,24 @@ kex_free(struct kex *kex) | |||
681 | } | 724 | } |
682 | 725 | ||
683 | int | 726 | int |
727 | kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) | ||
728 | { | ||
729 | int r; | ||
730 | |||
731 | if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0) | ||
732 | return r; | ||
733 | ssh->kex->flags = KEX_INITIAL; | ||
734 | kex_reset_dispatch(ssh); | ||
735 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); | ||
736 | return 0; | ||
737 | } | ||
738 | |||
739 | int | ||
684 | kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) | 740 | kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) |
685 | { | 741 | { |
686 | int r; | 742 | int r; |
687 | 743 | ||
688 | if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0) | 744 | if ((r = kex_ready(ssh, proposal)) != 0) |
689 | return r; | 745 | return r; |
690 | if ((r = kex_send_kexinit(ssh)) != 0) { /* we start */ | 746 | if ((r = kex_send_kexinit(ssh)) != 0) { /* we start */ |
691 | kex_free(ssh->kex); | 747 | kex_free(ssh->kex); |
@@ -858,7 +914,7 @@ kex_choose_conf(struct ssh *ssh) | |||
858 | } | 914 | } |
859 | 915 | ||
860 | /* Check whether client supports ext_info_c */ | 916 | /* Check whether client supports ext_info_c */ |
861 | if (kex->server) { | 917 | if (kex->server && (kex->flags & KEX_INITIAL)) { |
862 | char *ext; | 918 | char *ext; |
863 | 919 | ||
864 | ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL); | 920 | ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL); |
@@ -1016,6 +1072,14 @@ kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen, | |||
1016 | u_int i, j, mode, ctos; | 1072 | u_int i, j, mode, ctos; |
1017 | int r; | 1073 | int r; |
1018 | 1074 | ||
1075 | /* save initial hash as session id */ | ||
1076 | if (kex->session_id == NULL) { | ||
1077 | kex->session_id_len = hashlen; | ||
1078 | kex->session_id = malloc(kex->session_id_len); | ||
1079 | if (kex->session_id == NULL) | ||
1080 | return SSH_ERR_ALLOC_FAIL; | ||
1081 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
1082 | } | ||
1019 | for (i = 0; i < NKEYS; i++) { | 1083 | for (i = 0; i < NKEYS; i++) { |
1020 | if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen, | 1084 | if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen, |
1021 | shared_secret, &keys[i])) != 0) { | 1085 | shared_secret, &keys[i])) != 0) { |
@@ -1034,29 +1098,277 @@ kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen, | |||
1034 | return 0; | 1098 | return 0; |
1035 | } | 1099 | } |
1036 | 1100 | ||
1037 | #ifdef WITH_OPENSSL | ||
1038 | int | 1101 | int |
1039 | kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen, | 1102 | kex_load_hostkey(struct ssh *ssh, struct sshkey **prvp, struct sshkey **pubp) |
1040 | const BIGNUM *secret) | ||
1041 | { | 1103 | { |
1042 | struct sshbuf *shared_secret; | 1104 | struct kex *kex = ssh->kex; |
1043 | int r; | ||
1044 | 1105 | ||
1045 | if ((shared_secret = sshbuf_new()) == NULL) | 1106 | *pubp = NULL; |
1046 | return SSH_ERR_ALLOC_FAIL; | 1107 | *prvp = NULL; |
1047 | if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0) | 1108 | if (kex->load_host_public_key == NULL || |
1048 | r = kex_derive_keys(ssh, hash, hashlen, shared_secret); | 1109 | kex->load_host_private_key == NULL) |
1049 | sshbuf_free(shared_secret); | 1110 | return SSH_ERR_INVALID_ARGUMENT; |
1050 | return r; | 1111 | *pubp = kex->load_host_public_key(kex->hostkey_type, |
1112 | kex->hostkey_nid, ssh); | ||
1113 | *prvp = kex->load_host_private_key(kex->hostkey_type, | ||
1114 | kex->hostkey_nid, ssh); | ||
1115 | if (*pubp == NULL) | ||
1116 | return SSH_ERR_NO_HOSTKEY_LOADED; | ||
1117 | return 0; | ||
1051 | } | 1118 | } |
1052 | #endif | ||
1053 | 1119 | ||
1120 | int | ||
1121 | kex_verify_host_key(struct ssh *ssh, struct sshkey *server_host_key) | ||
1122 | { | ||
1123 | struct kex *kex = ssh->kex; | ||
1124 | |||
1125 | if (kex->verify_host_key == NULL) | ||
1126 | return SSH_ERR_INVALID_ARGUMENT; | ||
1127 | if (server_host_key->type != kex->hostkey_type || | ||
1128 | (kex->hostkey_type == KEY_ECDSA && | ||
1129 | server_host_key->ecdsa_nid != kex->hostkey_nid)) | ||
1130 | return SSH_ERR_KEY_TYPE_MISMATCH; | ||
1131 | if (kex->verify_host_key(server_host_key, ssh) == -1) | ||
1132 | return SSH_ERR_SIGNATURE_INVALID; | ||
1133 | return 0; | ||
1134 | } | ||
1054 | 1135 | ||
1055 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) | 1136 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
1056 | void | 1137 | void |
1057 | dump_digest(char *msg, u_char *digest, int len) | 1138 | dump_digest(const char *msg, const u_char *digest, int len) |
1058 | { | 1139 | { |
1059 | fprintf(stderr, "%s\n", msg); | 1140 | fprintf(stderr, "%s\n", msg); |
1060 | sshbuf_dump_data(digest, len, stderr); | 1141 | sshbuf_dump_data(digest, len, stderr); |
1061 | } | 1142 | } |
1062 | #endif | 1143 | #endif |
1144 | |||
1145 | /* | ||
1146 | * Send a plaintext error message to the peer, suffixed by \r\n. | ||
1147 | * Only used during banner exchange, and there only for the server. | ||
1148 | */ | ||
1149 | static void | ||
1150 | send_error(struct ssh *ssh, char *msg) | ||
1151 | { | ||
1152 | char *crnl = "\r\n"; | ||
1153 | |||
1154 | if (!ssh->kex->server) | ||
1155 | return; | ||
1156 | |||
1157 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), | ||
1158 | msg, strlen(msg)) != strlen(msg) || | ||
1159 | atomicio(vwrite, ssh_packet_get_connection_out(ssh), | ||
1160 | crnl, strlen(crnl)) != strlen(crnl)) | ||
1161 | error("%s: write: %.100s", __func__, strerror(errno)); | ||
1162 | } | ||
1163 | |||
1164 | /* | ||
1165 | * Sends our identification string and waits for the peer's. Will block for | ||
1166 | * up to timeout_ms (or indefinitely if timeout_ms <= 0). | ||
1167 | * Returns on 0 success or a ssherr.h code on failure. | ||
1168 | */ | ||
1169 | int | ||
1170 | kex_exchange_identification(struct ssh *ssh, int timeout_ms, | ||
1171 | int debian_banner, const char *version_addendum) | ||
1172 | { | ||
1173 | int remote_major, remote_minor, mismatch; | ||
1174 | size_t len, i, n; | ||
1175 | int r, expect_nl; | ||
1176 | u_char c; | ||
1177 | struct sshbuf *our_version = ssh->kex->server ? | ||
1178 | ssh->kex->server_version : ssh->kex->client_version; | ||
1179 | struct sshbuf *peer_version = ssh->kex->server ? | ||
1180 | ssh->kex->client_version : ssh->kex->server_version; | ||
1181 | char *our_version_string = NULL, *peer_version_string = NULL; | ||
1182 | char *cp, *remote_version = NULL; | ||
1183 | |||
1184 | /* Prepare and send our banner */ | ||
1185 | sshbuf_reset(our_version); | ||
1186 | if (version_addendum != NULL && *version_addendum == '\0') | ||
1187 | version_addendum = NULL; | ||
1188 | if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", | ||
1189 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, | ||
1190 | debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, | ||
1191 | version_addendum == NULL ? "" : " ", | ||
1192 | version_addendum == NULL ? "" : version_addendum)) != 0) { | ||
1193 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | ||
1194 | goto out; | ||
1195 | } | ||
1196 | |||
1197 | if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), | ||
1198 | sshbuf_mutable_ptr(our_version), | ||
1199 | sshbuf_len(our_version)) != sshbuf_len(our_version)) { | ||
1200 | error("%s: write: %.100s", __func__, strerror(errno)); | ||
1201 | r = SSH_ERR_SYSTEM_ERROR; | ||
1202 | goto out; | ||
1203 | } | ||
1204 | if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ | ||
1205 | error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); | ||
1206 | goto out; | ||
1207 | } | ||
1208 | our_version_string = sshbuf_dup_string(our_version); | ||
1209 | if (our_version_string == NULL) { | ||
1210 | error("%s: sshbuf_dup_string failed", __func__); | ||
1211 | r = SSH_ERR_ALLOC_FAIL; | ||
1212 | goto out; | ||
1213 | } | ||
1214 | debug("Local version string %.100s", our_version_string); | ||
1215 | |||
1216 | /* Read other side's version identification. */ | ||
1217 | for (n = 0; ; n++) { | ||
1218 | if (n >= SSH_MAX_PRE_BANNER_LINES) { | ||
1219 | send_error(ssh, "No SSH identification string " | ||
1220 | "received."); | ||
1221 | error("%s: No SSH version received in first %u lines " | ||
1222 | "from server", __func__, SSH_MAX_PRE_BANNER_LINES); | ||
1223 | r = SSH_ERR_INVALID_FORMAT; | ||
1224 | goto out; | ||
1225 | } | ||
1226 | sshbuf_reset(peer_version); | ||
1227 | expect_nl = 0; | ||
1228 | for (i = 0; ; i++) { | ||
1229 | if (timeout_ms > 0) { | ||
1230 | r = waitrfd(ssh_packet_get_connection_in(ssh), | ||
1231 | &timeout_ms); | ||
1232 | if (r == -1 && errno == ETIMEDOUT) { | ||
1233 | send_error(ssh, "Timed out waiting " | ||
1234 | "for SSH identification string."); | ||
1235 | error("Connection timed out during " | ||
1236 | "banner exchange"); | ||
1237 | r = SSH_ERR_CONN_TIMEOUT; | ||
1238 | goto out; | ||
1239 | } else if (r == -1) { | ||
1240 | error("%s: %s", | ||
1241 | __func__, strerror(errno)); | ||
1242 | r = SSH_ERR_SYSTEM_ERROR; | ||
1243 | goto out; | ||
1244 | } | ||
1245 | } | ||
1246 | |||
1247 | len = atomicio(read, ssh_packet_get_connection_in(ssh), | ||
1248 | &c, 1); | ||
1249 | if (len != 1 && errno == EPIPE) { | ||
1250 | error("%s: Connection closed by remote host", | ||
1251 | __func__); | ||
1252 | r = SSH_ERR_CONN_CLOSED; | ||
1253 | goto out; | ||
1254 | } else if (len != 1) { | ||
1255 | error("%s: read: %.100s", | ||
1256 | __func__, strerror(errno)); | ||
1257 | r = SSH_ERR_SYSTEM_ERROR; | ||
1258 | goto out; | ||
1259 | } | ||
1260 | if (c == '\r') { | ||
1261 | expect_nl = 1; | ||
1262 | continue; | ||
1263 | } | ||
1264 | if (c == '\n') | ||
1265 | break; | ||
1266 | if (c == '\0' || expect_nl) { | ||
1267 | error("%s: banner line contains invalid " | ||
1268 | "characters", __func__); | ||
1269 | goto invalid; | ||
1270 | } | ||
1271 | if ((r = sshbuf_put_u8(peer_version, c)) != 0) { | ||
1272 | error("%s: sshbuf_put: %s", | ||
1273 | __func__, ssh_err(r)); | ||
1274 | goto out; | ||
1275 | } | ||
1276 | if (sshbuf_len(peer_version) > SSH_MAX_BANNER_LEN) { | ||
1277 | error("%s: banner line too long", __func__); | ||
1278 | goto invalid; | ||
1279 | } | ||
1280 | } | ||
1281 | /* Is this an actual protocol banner? */ | ||
1282 | if (sshbuf_len(peer_version) > 4 && | ||
1283 | memcmp(sshbuf_ptr(peer_version), "SSH-", 4) == 0) | ||
1284 | break; | ||
1285 | /* If not, then just log the line and continue */ | ||
1286 | if ((cp = sshbuf_dup_string(peer_version)) == NULL) { | ||
1287 | error("%s: sshbuf_dup_string failed", __func__); | ||
1288 | r = SSH_ERR_ALLOC_FAIL; | ||
1289 | goto out; | ||
1290 | } | ||
1291 | /* Do not accept lines before the SSH ident from a client */ | ||
1292 | if (ssh->kex->server) { | ||
1293 | error("%s: client sent invalid protocol identifier " | ||
1294 | "\"%.256s\"", __func__, cp); | ||
1295 | free(cp); | ||
1296 | goto invalid; | ||
1297 | } | ||
1298 | debug("%s: banner line %zu: %s", __func__, n, cp); | ||
1299 | free(cp); | ||
1300 | } | ||
1301 | peer_version_string = sshbuf_dup_string(peer_version); | ||
1302 | if (peer_version_string == NULL) | ||
1303 | error("%s: sshbuf_dup_string failed", __func__); | ||
1304 | /* XXX must be same size for sscanf */ | ||
1305 | if ((remote_version = calloc(1, sshbuf_len(peer_version))) == NULL) { | ||
1306 | error("%s: calloc failed", __func__); | ||
1307 | r = SSH_ERR_ALLOC_FAIL; | ||
1308 | goto out; | ||
1309 | } | ||
1310 | |||
1311 | /* | ||
1312 | * Check that the versions match. In future this might accept | ||
1313 | * several versions and set appropriate flags to handle them. | ||
1314 | */ | ||
1315 | if (sscanf(peer_version_string, "SSH-%d.%d-%[^\n]\n", | ||
1316 | &remote_major, &remote_minor, remote_version) != 3) { | ||
1317 | error("Bad remote protocol version identification: '%.100s'", | ||
1318 | peer_version_string); | ||
1319 | invalid: | ||
1320 | send_error(ssh, "Invalid SSH identification string."); | ||
1321 | r = SSH_ERR_INVALID_FORMAT; | ||
1322 | goto out; | ||
1323 | } | ||
1324 | debug("Remote protocol version %d.%d, remote software version %.100s", | ||
1325 | remote_major, remote_minor, remote_version); | ||
1326 | ssh->compat = compat_datafellows(remote_version); | ||
1327 | |||
1328 | mismatch = 0; | ||
1329 | switch (remote_major) { | ||
1330 | case 2: | ||
1331 | break; | ||
1332 | case 1: | ||
1333 | if (remote_minor != 99) | ||
1334 | mismatch = 1; | ||
1335 | break; | ||
1336 | default: | ||
1337 | mismatch = 1; | ||
1338 | break; | ||
1339 | } | ||
1340 | if (mismatch) { | ||
1341 | error("Protocol major versions differ: %d vs. %d", | ||
1342 | PROTOCOL_MAJOR_2, remote_major); | ||
1343 | send_error(ssh, "Protocol major versions differ."); | ||
1344 | r = SSH_ERR_NO_PROTOCOL_VERSION; | ||
1345 | goto out; | ||
1346 | } | ||
1347 | |||
1348 | if (ssh->kex->server && (ssh->compat & SSH_BUG_PROBE) != 0) { | ||
1349 | logit("probed from %s port %d with %s. Don't panic.", | ||
1350 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
1351 | peer_version_string); | ||
1352 | r = SSH_ERR_CONN_CLOSED; /* XXX */ | ||
1353 | goto out; | ||
1354 | } | ||
1355 | if (ssh->kex->server && (ssh->compat & SSH_BUG_SCANNER) != 0) { | ||
1356 | logit("scanned from %s port %d with %s. Don't panic.", | ||
1357 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
1358 | peer_version_string); | ||
1359 | r = SSH_ERR_CONN_CLOSED; /* XXX */ | ||
1360 | goto out; | ||
1361 | } | ||
1362 | if ((ssh->compat & SSH_BUG_RSASIGMD5) != 0) { | ||
1363 | logit("Remote version \"%.100s\" uses unsafe RSA signature " | ||
1364 | "scheme; disabling use of RSA keys", remote_version); | ||
1365 | } | ||
1366 | /* success */ | ||
1367 | r = 0; | ||
1368 | out: | ||
1369 | free(our_version_string); | ||
1370 | free(peer_version_string); | ||
1371 | free(remote_version); | ||
1372 | return r; | ||
1373 | } | ||
1374 | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.91 2018/07/11 18:53:29 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.107 2019/01/23 00:30:41 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -27,6 +27,7 @@ | |||
27 | #define KEX_H | 27 | #define KEX_H |
28 | 28 | ||
29 | #include "mac.h" | 29 | #include "mac.h" |
30 | #include "crypto_api.h" | ||
30 | 31 | ||
31 | #ifdef WITH_LEAKMALLOC | 32 | #ifdef WITH_LEAKMALLOC |
32 | #include "leakmalloc.h" | 33 | #include "leakmalloc.h" |
@@ -62,6 +63,7 @@ | |||
62 | #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" | 63 | #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" |
63 | #define KEX_CURVE25519_SHA256 "curve25519-sha256" | 64 | #define KEX_CURVE25519_SHA256 "curve25519-sha256" |
64 | #define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org" | 65 | #define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org" |
66 | #define KEX_SNTRUP4591761X25519_SHA512 "sntrup4591761x25519-sha512@tinyssh.org" | ||
65 | 67 | ||
66 | #define COMP_NONE 0 | 68 | #define COMP_NONE 0 |
67 | /* pre-auth compression (COMP_ZLIB) is only supported in the client */ | 69 | /* pre-auth compression (COMP_ZLIB) is only supported in the client */ |
@@ -100,13 +102,21 @@ enum kex_exchange { | |||
100 | KEX_DH_GEX_SHA256, | 102 | KEX_DH_GEX_SHA256, |
101 | KEX_ECDH_SHA2, | 103 | KEX_ECDH_SHA2, |
102 | KEX_C25519_SHA256, | 104 | KEX_C25519_SHA256, |
105 | KEX_KEM_SNTRUP4591761X25519_SHA512, | ||
106 | #ifdef GSSAPI | ||
103 | KEX_GSS_GRP1_SHA1, | 107 | KEX_GSS_GRP1_SHA1, |
104 | KEX_GSS_GRP14_SHA1, | 108 | KEX_GSS_GRP14_SHA1, |
109 | KEX_GSS_GRP14_SHA256, | ||
110 | KEX_GSS_GRP16_SHA512, | ||
105 | KEX_GSS_GEX_SHA1, | 111 | KEX_GSS_GEX_SHA1, |
112 | KEX_GSS_NISTP256_SHA256, | ||
113 | KEX_GSS_C25519_SHA256, | ||
114 | #endif | ||
106 | KEX_MAX | 115 | KEX_MAX |
107 | }; | 116 | }; |
108 | 117 | ||
109 | #define KEX_INIT_SENT 0x0001 | 118 | #define KEX_INIT_SENT 0x0001 |
119 | #define KEX_INITIAL 0x0002 | ||
110 | 120 | ||
111 | struct sshenc { | 121 | struct sshenc { |
112 | char *name; | 122 | char *name; |
@@ -147,6 +157,8 @@ struct kex { | |||
147 | int ext_info_c; | 157 | int ext_info_c; |
148 | struct sshbuf *my; | 158 | struct sshbuf *my; |
149 | struct sshbuf *peer; | 159 | struct sshbuf *peer; |
160 | struct sshbuf *client_version; | ||
161 | struct sshbuf *server_version; | ||
150 | sig_atomic_t done; | 162 | sig_atomic_t done; |
151 | u_int flags; | 163 | u_int flags; |
152 | int hash_alg; | 164 | int hash_alg; |
@@ -157,31 +169,36 @@ struct kex { | |||
157 | char *gss_host; | 169 | char *gss_host; |
158 | char *gss_client; | 170 | char *gss_client; |
159 | #endif | 171 | #endif |
160 | char *client_version_string; | ||
161 | char *server_version_string; | ||
162 | char *failed_choice; | 172 | char *failed_choice; |
163 | int (*verify_host_key)(struct sshkey *, struct ssh *); | 173 | int (*verify_host_key)(struct sshkey *, struct ssh *); |
164 | struct sshkey *(*load_host_public_key)(int, int, struct ssh *); | 174 | struct sshkey *(*load_host_public_key)(int, int, struct ssh *); |
165 | struct sshkey *(*load_host_private_key)(int, int, struct ssh *); | 175 | struct sshkey *(*load_host_private_key)(int, int, struct ssh *); |
166 | int (*host_key_index)(struct sshkey *, int, struct ssh *); | 176 | int (*host_key_index)(struct sshkey *, int, struct ssh *); |
167 | int (*sign)(struct sshkey *, struct sshkey *, u_char **, size_t *, | 177 | int (*sign)(struct ssh *, struct sshkey *, struct sshkey *, |
168 | const u_char *, size_t, const char *, u_int); | 178 | u_char **, size_t *, const u_char *, size_t, const char *); |
169 | int (*kex[KEX_MAX])(struct ssh *); | 179 | int (*kex[KEX_MAX])(struct ssh *); |
170 | /* kex specific state */ | 180 | /* kex specific state */ |
171 | DH *dh; /* DH */ | 181 | DH *dh; /* DH */ |
172 | u_int min, max, nbits; /* GEX */ | 182 | u_int min, max, nbits; /* GEX */ |
173 | EC_KEY *ec_client_key; /* ECDH */ | 183 | EC_KEY *ec_client_key; /* ECDH */ |
174 | const EC_GROUP *ec_group; /* ECDH */ | 184 | const EC_GROUP *ec_group; /* ECDH */ |
175 | u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */ | 185 | u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 + KEM */ |
176 | u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */ | 186 | u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */ |
187 | u_char sntrup4591761_client_key[crypto_kem_sntrup4591761_SECRETKEYBYTES]; /* KEM */ | ||
188 | struct sshbuf *client_pub; | ||
177 | }; | 189 | }; |
178 | 190 | ||
179 | int kex_names_valid(const char *); | 191 | int kex_names_valid(const char *); |
180 | char *kex_alg_list(char); | 192 | char *kex_alg_list(char); |
193 | char *kex_gss_alg_list(char); | ||
181 | char *kex_names_cat(const char *, const char *); | 194 | char *kex_names_cat(const char *, const char *); |
182 | int kex_assemble_names(char **, const char *, const char *); | 195 | int kex_assemble_names(char **, const char *, const char *); |
196 | int kex_gss_names_valid(const char *); | ||
197 | |||
198 | int kex_exchange_identification(struct ssh *, int, int, const char *); | ||
183 | 199 | ||
184 | int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); | 200 | struct kex *kex_new(void); |
201 | int kex_ready(struct ssh *, char *[PROPOSAL_MAX]); | ||
185 | int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); | 202 | int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); |
186 | void kex_free_newkeys(struct newkeys *); | 203 | void kex_free_newkeys(struct newkeys *); |
187 | void kex_free(struct kex *); | 204 | void kex_free(struct kex *); |
@@ -189,48 +206,63 @@ void kex_free(struct kex *); | |||
189 | int kex_buf2prop(struct sshbuf *, int *, char ***); | 206 | int kex_buf2prop(struct sshbuf *, int *, char ***); |
190 | int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]); | 207 | int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]); |
191 | void kex_prop_free(char **); | 208 | void kex_prop_free(char **); |
209 | int kex_load_hostkey(struct ssh *, struct sshkey **, struct sshkey **); | ||
210 | int kex_verify_host_key(struct ssh *, struct sshkey *); | ||
192 | 211 | ||
193 | int kex_send_kexinit(struct ssh *); | 212 | int kex_send_kexinit(struct ssh *); |
194 | int kex_input_kexinit(int, u_int32_t, struct ssh *); | 213 | int kex_input_kexinit(int, u_int32_t, struct ssh *); |
195 | int kex_input_ext_info(int, u_int32_t, struct ssh *); | 214 | int kex_input_ext_info(int, u_int32_t, struct ssh *); |
196 | int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); | 215 | int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); |
197 | int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *); | ||
198 | int kex_send_newkeys(struct ssh *); | 216 | int kex_send_newkeys(struct ssh *); |
199 | int kex_start_rekex(struct ssh *); | 217 | int kex_start_rekex(struct ssh *); |
200 | 218 | ||
201 | int kexdh_client(struct ssh *); | ||
202 | int kexdh_server(struct ssh *); | ||
203 | int kexgex_client(struct ssh *); | 219 | int kexgex_client(struct ssh *); |
204 | int kexgex_server(struct ssh *); | 220 | int kexgex_server(struct ssh *); |
205 | int kexecdh_client(struct ssh *); | 221 | int kex_gen_client(struct ssh *); |
206 | int kexecdh_server(struct ssh *); | 222 | int kex_gen_server(struct ssh *); |
207 | int kexc25519_client(struct ssh *); | 223 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
208 | int kexc25519_server(struct ssh *); | 224 | int kexgssgex_client(struct ssh *); |
209 | 225 | int kexgssgex_server(struct ssh *); | |
210 | #ifdef GSSAPI | ||
211 | int kexgss_client(struct ssh *); | 226 | int kexgss_client(struct ssh *); |
212 | int kexgss_server(struct ssh *); | 227 | int kexgss_server(struct ssh *); |
213 | #endif | 228 | #endif |
214 | 229 | ||
215 | int kex_dh_hash(int, const char *, const char *, | 230 | int kex_dh_keypair(struct kex *); |
216 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 231 | int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, |
217 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 232 | struct sshbuf **); |
233 | int kex_dh_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
234 | |||
235 | int kex_ecdh_keypair(struct kex *); | ||
236 | int kex_ecdh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, | ||
237 | struct sshbuf **); | ||
238 | int kex_ecdh_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
218 | 239 | ||
219 | int kexgex_hash(int, const char *, const char *, | 240 | int kex_c25519_keypair(struct kex *); |
220 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 241 | int kex_c25519_enc(struct kex *, const struct sshbuf *, struct sshbuf **, |
242 | struct sshbuf **); | ||
243 | int kex_c25519_dec(struct kex *, const struct sshbuf *, struct sshbuf **); | ||
244 | |||
245 | int kex_kem_sntrup4591761x25519_keypair(struct kex *); | ||
246 | int kex_kem_sntrup4591761x25519_enc(struct kex *, const struct sshbuf *, | ||
247 | struct sshbuf **, struct sshbuf **); | ||
248 | int kex_kem_sntrup4591761x25519_dec(struct kex *, const struct sshbuf *, | ||
249 | struct sshbuf **); | ||
250 | |||
251 | int kex_dh_keygen(struct kex *); | ||
252 | int kex_dh_compute_key(struct kex *, BIGNUM *, struct sshbuf *); | ||
253 | |||
254 | int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, | ||
255 | const struct sshbuf *, const struct sshbuf *, const struct sshbuf *, | ||
221 | int, int, int, | 256 | int, int, int, |
222 | const BIGNUM *, const BIGNUM *, const BIGNUM *, | 257 | const BIGNUM *, const BIGNUM *, const BIGNUM *, |
223 | const BIGNUM *, const BIGNUM *, | 258 | const BIGNUM *, const u_char *, size_t, |
224 | u_char *, size_t *); | 259 | u_char *, size_t *); |
225 | 260 | ||
226 | int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *, | 261 | int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, |
227 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 262 | const struct sshbuf *server_version, const struct sshbuf *client_kexinit, |
228 | const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); | 263 | const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, |
229 | 264 | const struct sshbuf *client_pub, const struct sshbuf *server_pub, | |
230 | int kex_c25519_hash(int, const char *, const char *, | 265 | const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); |
231 | const u_char *, size_t, const u_char *, size_t, | ||
232 | const u_char *, size_t, const u_char *, const u_char *, | ||
233 | const u_char *, size_t, u_char *, size_t *); | ||
234 | 266 | ||
235 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | 267 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
236 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 268 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
@@ -239,9 +271,13 @@ int kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | |||
239 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out) | 271 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out) |
240 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 272 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
241 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | 273 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
274 | int kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], | ||
275 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int) | ||
276 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | ||
277 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | ||
242 | 278 | ||
243 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) | 279 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
244 | void dump_digest(char *, u_char *, int); | 280 | void dump_digest(const char *, const u_char *, int); |
245 | #endif | 281 | #endif |
246 | 282 | ||
247 | #if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC) | 283 | #if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC) |
diff --git a/kexc25519.c b/kexc25519.c index 0897b8c51..f13d766d7 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.17 2019/01/21 10:40:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
5 | * Copyright (c) 2013 Aris Adamantiadis. All rights reserved. | 5 | * Copyright (c) 2013 Aris Adamantiadis. All rights reserved. |
6 | * | 6 | * |
@@ -29,20 +29,16 @@ | |||
29 | 29 | ||
30 | #include <sys/types.h> | 30 | #include <sys/types.h> |
31 | 31 | ||
32 | #include <signal.h> | 32 | #include <stdio.h> |
33 | #include <string.h> | 33 | #include <string.h> |
34 | #include <signal.h> | ||
34 | 35 | ||
35 | #include <openssl/bn.h> | ||
36 | #include <openssl/evp.h> | ||
37 | |||
38 | #include "sshbuf.h" | ||
39 | #include "ssh2.h" | ||
40 | #include "sshkey.h" | 36 | #include "sshkey.h" |
41 | #include "cipher.h" | ||
42 | #include "kex.h" | 37 | #include "kex.h" |
43 | #include "log.h" | 38 | #include "sshbuf.h" |
44 | #include "digest.h" | 39 | #include "digest.h" |
45 | #include "ssherr.h" | 40 | #include "ssherr.h" |
41 | #include "ssh2.h" | ||
46 | 42 | ||
47 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], | 43 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], |
48 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) | 44 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) |
@@ -60,74 +56,144 @@ kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | |||
60 | } | 56 | } |
61 | 57 | ||
62 | int | 58 | int |
63 | kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | 59 | kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE], |
64 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out) | 60 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int raw) |
65 | { | 61 | { |
66 | u_char shared_key[CURVE25519_SIZE]; | 62 | u_char shared_key[CURVE25519_SIZE]; |
63 | u_char zero[CURVE25519_SIZE]; | ||
67 | int r; | 64 | int r; |
68 | 65 | ||
69 | /* Check for all-zero public key */ | 66 | crypto_scalarmult_curve25519(shared_key, key, pub); |
70 | explicit_bzero(shared_key, CURVE25519_SIZE); | 67 | |
71 | if (timingsafe_bcmp(pub, shared_key, CURVE25519_SIZE) == 0) | 68 | /* Check for all-zero shared secret */ |
69 | explicit_bzero(zero, CURVE25519_SIZE); | ||
70 | if (timingsafe_bcmp(zero, shared_key, CURVE25519_SIZE) == 0) | ||
72 | return SSH_ERR_KEY_INVALID_EC_VALUE; | 71 | return SSH_ERR_KEY_INVALID_EC_VALUE; |
73 | 72 | ||
74 | crypto_scalarmult_curve25519(shared_key, key, pub); | ||
75 | #ifdef DEBUG_KEXECDH | 73 | #ifdef DEBUG_KEXECDH |
76 | dump_digest("shared secret", shared_key, CURVE25519_SIZE); | 74 | dump_digest("shared secret", shared_key, CURVE25519_SIZE); |
77 | #endif | 75 | #endif |
78 | sshbuf_reset(out); | 76 | if (raw) |
79 | r = sshbuf_put_bignum2_bytes(out, shared_key, CURVE25519_SIZE); | 77 | r = sshbuf_put(out, shared_key, CURVE25519_SIZE); |
78 | else | ||
79 | r = sshbuf_put_bignum2_bytes(out, shared_key, CURVE25519_SIZE); | ||
80 | explicit_bzero(shared_key, CURVE25519_SIZE); | 80 | explicit_bzero(shared_key, CURVE25519_SIZE); |
81 | return r; | 81 | return r; |
82 | } | 82 | } |
83 | 83 | ||
84 | int | 84 | int |
85 | kex_c25519_hash( | 85 | kexc25519_shared_key(const u_char key[CURVE25519_SIZE], |
86 | int hash_alg, | 86 | const u_char pub[CURVE25519_SIZE], struct sshbuf *out) |
87 | const char *client_version_string, | 87 | { |
88 | const char *server_version_string, | 88 | return kexc25519_shared_key_ext(key, pub, out, 0); |
89 | const u_char *ckexinit, size_t ckexinitlen, | 89 | } |
90 | const u_char *skexinit, size_t skexinitlen, | 90 | |
91 | const u_char *serverhostkeyblob, size_t sbloblen, | 91 | int |
92 | const u_char client_dh_pub[CURVE25519_SIZE], | 92 | kex_c25519_keypair(struct kex *kex) |
93 | const u_char server_dh_pub[CURVE25519_SIZE], | ||
94 | const u_char *shared_secret, size_t secretlen, | ||
95 | u_char *hash, size_t *hashlen) | ||
96 | { | 93 | { |
97 | struct sshbuf *b; | 94 | struct sshbuf *buf = NULL; |
95 | u_char *cp = NULL; | ||
98 | int r; | 96 | int r; |
99 | 97 | ||
100 | if (*hashlen < ssh_digest_bytes(hash_alg)) | 98 | if ((buf = sshbuf_new()) == NULL) |
101 | return SSH_ERR_INVALID_ARGUMENT; | ||
102 | if ((b = sshbuf_new()) == NULL) | ||
103 | return SSH_ERR_ALLOC_FAIL; | 99 | return SSH_ERR_ALLOC_FAIL; |
104 | if ((r = sshbuf_put_cstring(b, client_version_string)) < 0 || | 100 | if ((r = sshbuf_reserve(buf, CURVE25519_SIZE, &cp)) != 0) |
105 | (r = sshbuf_put_cstring(b, server_version_string)) < 0 || | 101 | goto out; |
106 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | 102 | kexc25519_keygen(kex->c25519_client_key, cp); |
107 | (r = sshbuf_put_u32(b, ckexinitlen+1)) < 0 || | 103 | #ifdef DEBUG_KEXECDH |
108 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 || | 104 | dump_digest("client public key c25519:", cp, CURVE25519_SIZE); |
109 | (r = sshbuf_put(b, ckexinit, ckexinitlen)) < 0 || | 105 | #endif |
110 | (r = sshbuf_put_u32(b, skexinitlen+1)) < 0 || | 106 | kex->client_pub = buf; |
111 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 || | 107 | buf = NULL; |
112 | (r = sshbuf_put(b, skexinit, skexinitlen)) < 0 || | 108 | out: |
113 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) < 0 || | 109 | sshbuf_free(buf); |
114 | (r = sshbuf_put_string(b, client_dh_pub, CURVE25519_SIZE)) < 0 || | 110 | return r; |
115 | (r = sshbuf_put_string(b, server_dh_pub, CURVE25519_SIZE)) < 0 || | 111 | } |
116 | (r = sshbuf_put(b, shared_secret, secretlen)) < 0) { | 112 | |
117 | sshbuf_free(b); | 113 | int |
118 | return r; | 114 | kex_c25519_enc(struct kex *kex, const struct sshbuf *client_blob, |
115 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | ||
116 | { | ||
117 | struct sshbuf *server_blob = NULL; | ||
118 | struct sshbuf *buf = NULL; | ||
119 | const u_char *client_pub; | ||
120 | u_char *server_pub; | ||
121 | u_char server_key[CURVE25519_SIZE]; | ||
122 | int r; | ||
123 | |||
124 | *server_blobp = NULL; | ||
125 | *shared_secretp = NULL; | ||
126 | |||
127 | if (sshbuf_len(client_blob) != CURVE25519_SIZE) { | ||
128 | r = SSH_ERR_SIGNATURE_INVALID; | ||
129 | goto out; | ||
119 | } | 130 | } |
120 | #ifdef DEBUG_KEX | 131 | client_pub = sshbuf_ptr(client_blob); |
121 | sshbuf_dump(b, stderr); | 132 | #ifdef DEBUG_KEXECDH |
133 | dump_digest("client public key 25519:", client_pub, CURVE25519_SIZE); | ||
122 | #endif | 134 | #endif |
123 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { | 135 | /* allocate space for encrypted KEM key and ECDH pub key */ |
124 | sshbuf_free(b); | 136 | if ((server_blob = sshbuf_new()) == NULL) { |
125 | return SSH_ERR_LIBCRYPTO_ERROR; | 137 | r = SSH_ERR_ALLOC_FAIL; |
138 | goto out; | ||
126 | } | 139 | } |
127 | sshbuf_free(b); | 140 | if ((r = sshbuf_reserve(server_blob, CURVE25519_SIZE, &server_pub)) != 0) |
128 | *hashlen = ssh_digest_bytes(hash_alg); | 141 | goto out; |
129 | #ifdef DEBUG_KEX | 142 | kexc25519_keygen(server_key, server_pub); |
130 | dump_digest("hash", hash, *hashlen); | 143 | /* allocate shared secret */ |
144 | if ((buf = sshbuf_new()) == NULL) { | ||
145 | r = SSH_ERR_ALLOC_FAIL; | ||
146 | goto out; | ||
147 | } | ||
148 | if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 0)) < 0) | ||
149 | goto out; | ||
150 | #ifdef DEBUG_KEXECDH | ||
151 | dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE); | ||
152 | dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); | ||
131 | #endif | 153 | #endif |
132 | return 0; | 154 | *server_blobp = server_blob; |
155 | *shared_secretp = buf; | ||
156 | server_blob = NULL; | ||
157 | buf = NULL; | ||
158 | out: | ||
159 | explicit_bzero(server_key, sizeof(server_key)); | ||
160 | sshbuf_free(server_blob); | ||
161 | sshbuf_free(buf); | ||
162 | return r; | ||
163 | } | ||
164 | |||
165 | int | ||
166 | kex_c25519_dec(struct kex *kex, const struct sshbuf *server_blob, | ||
167 | struct sshbuf **shared_secretp) | ||
168 | { | ||
169 | struct sshbuf *buf = NULL; | ||
170 | const u_char *server_pub; | ||
171 | int r; | ||
172 | |||
173 | *shared_secretp = NULL; | ||
174 | |||
175 | if (sshbuf_len(server_blob) != CURVE25519_SIZE) { | ||
176 | r = SSH_ERR_SIGNATURE_INVALID; | ||
177 | goto out; | ||
178 | } | ||
179 | server_pub = sshbuf_ptr(server_blob); | ||
180 | #ifdef DEBUG_KEXECDH | ||
181 | dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE); | ||
182 | #endif | ||
183 | /* shared secret */ | ||
184 | if ((buf = sshbuf_new()) == NULL) { | ||
185 | r = SSH_ERR_ALLOC_FAIL; | ||
186 | goto out; | ||
187 | } | ||
188 | if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, | ||
189 | buf, 0)) < 0) | ||
190 | goto out; | ||
191 | #ifdef DEBUG_KEXECDH | ||
192 | dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); | ||
193 | #endif | ||
194 | *shared_secretp = buf; | ||
195 | buf = NULL; | ||
196 | out: | ||
197 | sshbuf_free(buf); | ||
198 | return r; | ||
133 | } | 199 | } |
diff --git a/kexc25519c.c b/kexc25519c.c deleted file mode 100644 index a8d92149c..000000000 --- a/kexc25519c.c +++ /dev/null | |||
@@ -1,169 +0,0 @@ | |||
1 | /* $OpenBSD: kexc25519c.c,v 1.9 2017/12/18 02:25:15 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | ||
5 | * Copyright (c) 2013 Aris Adamantiadis. All rights reserved. | ||
6 | * | ||
7 | * Redistribution and use in source and binary forms, with or without | ||
8 | * modification, are permitted provided that the following conditions | ||
9 | * are met: | ||
10 | * 1. Redistributions of source code must retain the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer. | ||
12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer in the | ||
14 | * documentation and/or other materials provided with the distribution. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | #include "includes.h" | ||
29 | |||
30 | #include <sys/types.h> | ||
31 | |||
32 | #include <stdio.h> | ||
33 | #include <string.h> | ||
34 | #include <signal.h> | ||
35 | |||
36 | #include "sshkey.h" | ||
37 | #include "cipher.h" | ||
38 | #include "kex.h" | ||
39 | #include "log.h" | ||
40 | #include "packet.h" | ||
41 | #include "ssh2.h" | ||
42 | #include "sshbuf.h" | ||
43 | #include "digest.h" | ||
44 | #include "ssherr.h" | ||
45 | |||
46 | static int | ||
47 | input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh); | ||
48 | |||
49 | int | ||
50 | kexc25519_client(struct ssh *ssh) | ||
51 | { | ||
52 | struct kex *kex = ssh->kex; | ||
53 | int r; | ||
54 | |||
55 | kexc25519_keygen(kex->c25519_client_key, kex->c25519_client_pubkey); | ||
56 | #ifdef DEBUG_KEXECDH | ||
57 | dump_digest("client private key:", kex->c25519_client_key, | ||
58 | sizeof(kex->c25519_client_key)); | ||
59 | #endif | ||
60 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 || | ||
61 | (r = sshpkt_put_string(ssh, kex->c25519_client_pubkey, | ||
62 | sizeof(kex->c25519_client_pubkey))) != 0 || | ||
63 | (r = sshpkt_send(ssh)) != 0) | ||
64 | return r; | ||
65 | |||
66 | debug("expecting SSH2_MSG_KEX_ECDH_REPLY"); | ||
67 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_c25519_reply); | ||
68 | return 0; | ||
69 | } | ||
70 | |||
71 | static int | ||
72 | input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh) | ||
73 | { | ||
74 | struct kex *kex = ssh->kex; | ||
75 | struct sshkey *server_host_key = NULL; | ||
76 | struct sshbuf *shared_secret = NULL; | ||
77 | u_char *server_pubkey = NULL; | ||
78 | u_char *server_host_key_blob = NULL, *signature = NULL; | ||
79 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
80 | size_t slen, pklen, sbloblen, hashlen; | ||
81 | int r; | ||
82 | |||
83 | if (kex->verify_host_key == NULL) { | ||
84 | r = SSH_ERR_INVALID_ARGUMENT; | ||
85 | goto out; | ||
86 | } | ||
87 | |||
88 | /* hostkey */ | ||
89 | if ((r = sshpkt_get_string(ssh, &server_host_key_blob, | ||
90 | &sbloblen)) != 0 || | ||
91 | (r = sshkey_from_blob(server_host_key_blob, sbloblen, | ||
92 | &server_host_key)) != 0) | ||
93 | goto out; | ||
94 | if (server_host_key->type != kex->hostkey_type || | ||
95 | (kex->hostkey_type == KEY_ECDSA && | ||
96 | server_host_key->ecdsa_nid != kex->hostkey_nid)) { | ||
97 | r = SSH_ERR_KEY_TYPE_MISMATCH; | ||
98 | goto out; | ||
99 | } | ||
100 | if (kex->verify_host_key(server_host_key, ssh) == -1) { | ||
101 | r = SSH_ERR_SIGNATURE_INVALID; | ||
102 | goto out; | ||
103 | } | ||
104 | |||
105 | /* Q_S, server public key */ | ||
106 | /* signed H */ | ||
107 | if ((r = sshpkt_get_string(ssh, &server_pubkey, &pklen)) != 0 || | ||
108 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || | ||
109 | (r = sshpkt_get_end(ssh)) != 0) | ||
110 | goto out; | ||
111 | if (pklen != CURVE25519_SIZE) { | ||
112 | r = SSH_ERR_SIGNATURE_INVALID; | ||
113 | goto out; | ||
114 | } | ||
115 | |||
116 | #ifdef DEBUG_KEXECDH | ||
117 | dump_digest("server public key:", server_pubkey, CURVE25519_SIZE); | ||
118 | #endif | ||
119 | |||
120 | if ((shared_secret = sshbuf_new()) == NULL) { | ||
121 | r = SSH_ERR_ALLOC_FAIL; | ||
122 | goto out; | ||
123 | } | ||
124 | if ((r = kexc25519_shared_key(kex->c25519_client_key, server_pubkey, | ||
125 | shared_secret)) < 0) | ||
126 | goto out; | ||
127 | |||
128 | /* calc and verify H */ | ||
129 | hashlen = sizeof(hash); | ||
130 | if ((r = kex_c25519_hash( | ||
131 | kex->hash_alg, | ||
132 | kex->client_version_string, | ||
133 | kex->server_version_string, | ||
134 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
135 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
136 | server_host_key_blob, sbloblen, | ||
137 | kex->c25519_client_pubkey, | ||
138 | server_pubkey, | ||
139 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
140 | hash, &hashlen)) < 0) | ||
141 | goto out; | ||
142 | |||
143 | if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, | ||
144 | kex->hostkey_alg, ssh->compat)) != 0) | ||
145 | goto out; | ||
146 | |||
147 | /* save session id */ | ||
148 | if (kex->session_id == NULL) { | ||
149 | kex->session_id_len = hashlen; | ||
150 | kex->session_id = malloc(kex->session_id_len); | ||
151 | if (kex->session_id == NULL) { | ||
152 | r = SSH_ERR_ALLOC_FAIL; | ||
153 | goto out; | ||
154 | } | ||
155 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
156 | } | ||
157 | |||
158 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
159 | r = kex_send_newkeys(ssh); | ||
160 | out: | ||
161 | explicit_bzero(hash, sizeof(hash)); | ||
162 | explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); | ||
163 | free(server_host_key_blob); | ||
164 | free(server_pubkey); | ||
165 | free(signature); | ||
166 | sshkey_free(server_host_key); | ||
167 | sshbuf_free(shared_secret); | ||
168 | return r; | ||
169 | } | ||
diff --git a/kexc25519s.c b/kexc25519s.c deleted file mode 100644 index 0800a7a4b..000000000 --- a/kexc25519s.c +++ /dev/null | |||
@@ -1,158 +0,0 @@ | |||
1 | /* $OpenBSD: kexc25519s.c,v 1.11 2017/05/31 04:19:28 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | ||
5 | * Copyright (c) 2013 Aris Adamantiadis. All rights reserved. | ||
6 | * | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "includes.h" | ||
28 | |||
29 | #include <sys/types.h> | ||
30 | #include <stdio.h> | ||
31 | #include <string.h> | ||
32 | #include <signal.h> | ||
33 | |||
34 | #include "sshkey.h" | ||
35 | #include "cipher.h" | ||
36 | #include "digest.h" | ||
37 | #include "kex.h" | ||
38 | #include "log.h" | ||
39 | #include "packet.h" | ||
40 | #include "ssh2.h" | ||
41 | #include "sshbuf.h" | ||
42 | #include "ssherr.h" | ||
43 | |||
44 | static int input_kex_c25519_init(int, u_int32_t, struct ssh *); | ||
45 | |||
46 | int | ||
47 | kexc25519_server(struct ssh *ssh) | ||
48 | { | ||
49 | debug("expecting SSH2_MSG_KEX_ECDH_INIT"); | ||
50 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_c25519_init); | ||
51 | return 0; | ||
52 | } | ||
53 | |||
54 | static int | ||
55 | input_kex_c25519_init(int type, u_int32_t seq, struct ssh *ssh) | ||
56 | { | ||
57 | struct kex *kex = ssh->kex; | ||
58 | struct sshkey *server_host_private, *server_host_public; | ||
59 | struct sshbuf *shared_secret = NULL; | ||
60 | u_char *server_host_key_blob = NULL, *signature = NULL; | ||
61 | u_char server_key[CURVE25519_SIZE]; | ||
62 | u_char *client_pubkey = NULL; | ||
63 | u_char server_pubkey[CURVE25519_SIZE]; | ||
64 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
65 | size_t slen, pklen, sbloblen, hashlen; | ||
66 | int r; | ||
67 | |||
68 | /* generate private key */ | ||
69 | kexc25519_keygen(server_key, server_pubkey); | ||
70 | #ifdef DEBUG_KEXECDH | ||
71 | dump_digest("server private key:", server_key, sizeof(server_key)); | ||
72 | #endif | ||
73 | if (kex->load_host_public_key == NULL || | ||
74 | kex->load_host_private_key == NULL) { | ||
75 | r = SSH_ERR_INVALID_ARGUMENT; | ||
76 | goto out; | ||
77 | } | ||
78 | server_host_public = kex->load_host_public_key(kex->hostkey_type, | ||
79 | kex->hostkey_nid, ssh); | ||
80 | server_host_private = kex->load_host_private_key(kex->hostkey_type, | ||
81 | kex->hostkey_nid, ssh); | ||
82 | if (server_host_public == NULL) { | ||
83 | r = SSH_ERR_NO_HOSTKEY_LOADED; | ||
84 | goto out; | ||
85 | } | ||
86 | |||
87 | if ((r = sshpkt_get_string(ssh, &client_pubkey, &pklen)) != 0 || | ||
88 | (r = sshpkt_get_end(ssh)) != 0) | ||
89 | goto out; | ||
90 | if (pklen != CURVE25519_SIZE) { | ||
91 | r = SSH_ERR_SIGNATURE_INVALID; | ||
92 | goto out; | ||
93 | } | ||
94 | #ifdef DEBUG_KEXECDH | ||
95 | dump_digest("client public key:", client_pubkey, CURVE25519_SIZE); | ||
96 | #endif | ||
97 | |||
98 | if ((shared_secret = sshbuf_new()) == NULL) { | ||
99 | r = SSH_ERR_ALLOC_FAIL; | ||
100 | goto out; | ||
101 | } | ||
102 | if ((r = kexc25519_shared_key(server_key, client_pubkey, | ||
103 | shared_secret)) < 0) | ||
104 | goto out; | ||
105 | |||
106 | /* calc H */ | ||
107 | if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob, | ||
108 | &sbloblen)) != 0) | ||
109 | goto out; | ||
110 | hashlen = sizeof(hash); | ||
111 | if ((r = kex_c25519_hash( | ||
112 | kex->hash_alg, | ||
113 | kex->client_version_string, | ||
114 | kex->server_version_string, | ||
115 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
116 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
117 | server_host_key_blob, sbloblen, | ||
118 | client_pubkey, | ||
119 | server_pubkey, | ||
120 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
121 | hash, &hashlen)) < 0) | ||
122 | goto out; | ||
123 | |||
124 | /* save session id := H */ | ||
125 | if (kex->session_id == NULL) { | ||
126 | kex->session_id_len = hashlen; | ||
127 | kex->session_id = malloc(kex->session_id_len); | ||
128 | if (kex->session_id == NULL) { | ||
129 | r = SSH_ERR_ALLOC_FAIL; | ||
130 | goto out; | ||
131 | } | ||
132 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
133 | } | ||
134 | |||
135 | /* sign H */ | ||
136 | if ((r = kex->sign(server_host_private, server_host_public, &signature, | ||
137 | &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0) | ||
138 | goto out; | ||
139 | |||
140 | /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ | ||
141 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 || | ||
142 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | ||
143 | (r = sshpkt_put_string(ssh, server_pubkey, sizeof(server_pubkey))) != 0 || | ||
144 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | ||
145 | (r = sshpkt_send(ssh)) != 0) | ||
146 | goto out; | ||
147 | |||
148 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
149 | r = kex_send_newkeys(ssh); | ||
150 | out: | ||
151 | explicit_bzero(hash, sizeof(hash)); | ||
152 | explicit_bzero(server_key, sizeof(server_key)); | ||
153 | free(server_host_key_blob); | ||
154 | free(signature); | ||
155 | free(client_pubkey); | ||
156 | sshbuf_free(shared_secret); | ||
157 | return r; | ||
158 | } | ||
@@ -1,6 +1,6 @@ | |||
1 | /* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */ | 1 | /* $OpenBSD: kexdh.c,v 1.32 2019/01/21 10:40:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
@@ -30,67 +30,182 @@ | |||
30 | #include <sys/types.h> | 30 | #include <sys/types.h> |
31 | 31 | ||
32 | #include <signal.h> | 32 | #include <signal.h> |
33 | 33 | #include <stdio.h> | |
34 | #include <openssl/evp.h> | 34 | #include <string.h> |
35 | 35 | ||
36 | #include "openbsd-compat/openssl-compat.h" | 36 | #include "openbsd-compat/openssl-compat.h" |
37 | #include <openssl/dh.h> | ||
37 | 38 | ||
38 | #include "ssh2.h" | ||
39 | #include "sshkey.h" | 39 | #include "sshkey.h" |
40 | #include "cipher.h" | ||
41 | #include "kex.h" | 40 | #include "kex.h" |
42 | #include "ssherr.h" | ||
43 | #include "sshbuf.h" | 41 | #include "sshbuf.h" |
44 | #include "digest.h" | 42 | #include "digest.h" |
43 | #include "ssherr.h" | ||
44 | #include "dh.h" | ||
45 | 45 | ||
46 | int | 46 | int |
47 | kex_dh_hash( | 47 | kex_dh_keygen(struct kex *kex) |
48 | int hash_alg, | ||
49 | const char *client_version_string, | ||
50 | const char *server_version_string, | ||
51 | const u_char *ckexinit, size_t ckexinitlen, | ||
52 | const u_char *skexinit, size_t skexinitlen, | ||
53 | const u_char *serverhostkeyblob, size_t sbloblen, | ||
54 | const BIGNUM *client_dh_pub, | ||
55 | const BIGNUM *server_dh_pub, | ||
56 | const BIGNUM *shared_secret, | ||
57 | u_char *hash, size_t *hashlen) | ||
58 | { | 48 | { |
59 | struct sshbuf *b; | 49 | switch (kex->kex_type) { |
60 | int r; | 50 | case KEX_DH_GRP1_SHA1: |
61 | 51 | #ifdef GSSAPI | |
62 | if (*hashlen < ssh_digest_bytes(hash_alg)) | 52 | case KEX_GSS_GRP1_SHA1: |
53 | #endif | ||
54 | kex->dh = dh_new_group1(); | ||
55 | break; | ||
56 | case KEX_DH_GRP14_SHA1: | ||
57 | case KEX_DH_GRP14_SHA256: | ||
58 | #ifdef GSSAPI | ||
59 | case KEX_GSS_GRP14_SHA1: | ||
60 | case KEX_GSS_GRP14_SHA256: | ||
61 | #endif | ||
62 | kex->dh = dh_new_group14(); | ||
63 | break; | ||
64 | case KEX_DH_GRP16_SHA512: | ||
65 | #ifdef GSSAPI | ||
66 | case KEX_GSS_GRP16_SHA512: | ||
67 | #endif | ||
68 | kex->dh = dh_new_group16(); | ||
69 | break; | ||
70 | case KEX_DH_GRP18_SHA512: | ||
71 | kex->dh = dh_new_group18(); | ||
72 | break; | ||
73 | default: | ||
63 | return SSH_ERR_INVALID_ARGUMENT; | 74 | return SSH_ERR_INVALID_ARGUMENT; |
64 | if ((b = sshbuf_new()) == NULL) | ||
65 | return SSH_ERR_ALLOC_FAIL; | ||
66 | if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || | ||
67 | (r = sshbuf_put_cstring(b, server_version_string)) != 0 || | ||
68 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | ||
69 | (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || | ||
70 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | ||
71 | (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 || | ||
72 | (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 || | ||
73 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | ||
74 | (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || | ||
75 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || | ||
76 | (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 || | ||
77 | (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 || | ||
78 | (r = sshbuf_put_bignum2(b, shared_secret)) != 0) { | ||
79 | sshbuf_free(b); | ||
80 | return r; | ||
81 | } | 75 | } |
82 | #ifdef DEBUG_KEX | 76 | if (kex->dh == NULL) |
83 | sshbuf_dump(b, stderr); | 77 | return SSH_ERR_ALLOC_FAIL; |
78 | return (dh_gen_key(kex->dh, kex->we_need * 8)); | ||
79 | } | ||
80 | |||
81 | int | ||
82 | kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) | ||
83 | { | ||
84 | BIGNUM *shared_secret = NULL; | ||
85 | u_char *kbuf = NULL; | ||
86 | size_t klen = 0; | ||
87 | int kout, r; | ||
88 | |||
89 | #ifdef DEBUG_KEXDH | ||
90 | fprintf(stderr, "dh_pub= "); | ||
91 | BN_print_fp(stderr, dh_pub); | ||
92 | fprintf(stderr, "\n"); | ||
93 | debug("bits %d", BN_num_bits(dh_pub)); | ||
94 | DHparams_print_fp(stderr, kex->dh); | ||
95 | fprintf(stderr, "\n"); | ||
84 | #endif | 96 | #endif |
85 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { | 97 | |
86 | sshbuf_free(b); | 98 | if (!dh_pub_is_valid(kex->dh, dh_pub)) { |
87 | return SSH_ERR_LIBCRYPTO_ERROR; | 99 | r = SSH_ERR_MESSAGE_INCOMPLETE; |
100 | goto out; | ||
88 | } | 101 | } |
89 | sshbuf_free(b); | 102 | klen = DH_size(kex->dh); |
90 | *hashlen = ssh_digest_bytes(hash_alg); | 103 | if ((kbuf = malloc(klen)) == NULL || |
91 | #ifdef DEBUG_KEX | 104 | (shared_secret = BN_new()) == NULL) { |
92 | dump_digest("hash", hash, *hashlen); | 105 | r = SSH_ERR_ALLOC_FAIL; |
106 | goto out; | ||
107 | } | ||
108 | if ((kout = DH_compute_key(kbuf, dh_pub, kex->dh)) < 0 || | ||
109 | BN_bin2bn(kbuf, kout, shared_secret) == NULL) { | ||
110 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
111 | goto out; | ||
112 | } | ||
113 | #ifdef DEBUG_KEXDH | ||
114 | dump_digest("shared secret", kbuf, kout); | ||
115 | #endif | ||
116 | r = sshbuf_put_bignum2(out, shared_secret); | ||
117 | out: | ||
118 | freezero(kbuf, klen); | ||
119 | BN_clear_free(shared_secret); | ||
120 | return r; | ||
121 | } | ||
122 | |||
123 | int | ||
124 | kex_dh_keypair(struct kex *kex) | ||
125 | { | ||
126 | const BIGNUM *pub_key; | ||
127 | struct sshbuf *buf = NULL; | ||
128 | int r; | ||
129 | |||
130 | if ((r = kex_dh_keygen(kex)) != 0) | ||
131 | return r; | ||
132 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
133 | if ((buf = sshbuf_new()) == NULL) | ||
134 | return SSH_ERR_ALLOC_FAIL; | ||
135 | if ((r = sshbuf_put_bignum2(buf, pub_key)) != 0 || | ||
136 | (r = sshbuf_get_u32(buf, NULL)) != 0) | ||
137 | goto out; | ||
138 | #ifdef DEBUG_KEXDH | ||
139 | DHparams_print_fp(stderr, kex->dh); | ||
140 | fprintf(stderr, "pub= "); | ||
141 | BN_print_fp(stderr, pub_key); | ||
142 | fprintf(stderr, "\n"); | ||
93 | #endif | 143 | #endif |
94 | return 0; | 144 | kex->client_pub = buf; |
145 | buf = NULL; | ||
146 | out: | ||
147 | sshbuf_free(buf); | ||
148 | return r; | ||
149 | } | ||
150 | |||
151 | int | ||
152 | kex_dh_enc(struct kex *kex, const struct sshbuf *client_blob, | ||
153 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | ||
154 | { | ||
155 | const BIGNUM *pub_key; | ||
156 | struct sshbuf *server_blob = NULL; | ||
157 | int r; | ||
158 | |||
159 | *server_blobp = NULL; | ||
160 | *shared_secretp = NULL; | ||
161 | |||
162 | if ((r = kex_dh_keygen(kex)) != 0) | ||
163 | goto out; | ||
164 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
165 | if ((server_blob = sshbuf_new()) == NULL) { | ||
166 | r = SSH_ERR_ALLOC_FAIL; | ||
167 | goto out; | ||
168 | } | ||
169 | if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 || | ||
170 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) | ||
171 | goto out; | ||
172 | if ((r = kex_dh_dec(kex, client_blob, shared_secretp)) != 0) | ||
173 | goto out; | ||
174 | *server_blobp = server_blob; | ||
175 | server_blob = NULL; | ||
176 | out: | ||
177 | DH_free(kex->dh); | ||
178 | kex->dh = NULL; | ||
179 | sshbuf_free(server_blob); | ||
180 | return r; | ||
181 | } | ||
182 | |||
183 | int | ||
184 | kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob, | ||
185 | struct sshbuf **shared_secretp) | ||
186 | { | ||
187 | struct sshbuf *buf = NULL; | ||
188 | BIGNUM *dh_pub = NULL; | ||
189 | int r; | ||
190 | |||
191 | *shared_secretp = NULL; | ||
192 | |||
193 | if ((buf = sshbuf_new()) == NULL) { | ||
194 | r = SSH_ERR_ALLOC_FAIL; | ||
195 | goto out; | ||
196 | } | ||
197 | if ((r = sshbuf_put_stringb(buf, dh_blob)) != 0 || | ||
198 | (r = sshbuf_get_bignum2(buf, &dh_pub)) != 0) | ||
199 | goto out; | ||
200 | sshbuf_reset(buf); | ||
201 | if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0) | ||
202 | goto out; | ||
203 | *shared_secretp = buf; | ||
204 | buf = NULL; | ||
205 | out: | ||
206 | DH_free(kex->dh); | ||
207 | kex->dh = NULL; | ||
208 | sshbuf_free(buf); | ||
209 | return r; | ||
95 | } | 210 | } |
96 | #endif /* WITH_OPENSSL */ | 211 | #endif /* WITH_OPENSSL */ |
diff --git a/kexdhc.c b/kexdhc.c deleted file mode 100644 index 8b56377ad..000000000 --- a/kexdhc.c +++ /dev/null | |||
@@ -1,224 +0,0 @@ | |||
1 | /* $OpenBSD: kexdhc.c,v 1.22 2018/02/07 02:06:51 jsing Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #ifdef WITH_OPENSSL | ||
29 | |||
30 | #include <sys/types.h> | ||
31 | |||
32 | #include <openssl/dh.h> | ||
33 | |||
34 | #include <stdarg.h> | ||
35 | #include <stdio.h> | ||
36 | #include <string.h> | ||
37 | #include <signal.h> | ||
38 | |||
39 | #include "openbsd-compat/openssl-compat.h" | ||
40 | |||
41 | #include "sshkey.h" | ||
42 | #include "cipher.h" | ||
43 | #include "digest.h" | ||
44 | #include "kex.h" | ||
45 | #include "log.h" | ||
46 | #include "packet.h" | ||
47 | #include "dh.h" | ||
48 | #include "ssh2.h" | ||
49 | #include "dispatch.h" | ||
50 | #include "compat.h" | ||
51 | #include "ssherr.h" | ||
52 | #include "sshbuf.h" | ||
53 | |||
54 | static int input_kex_dh(int, u_int32_t, struct ssh *); | ||
55 | |||
56 | int | ||
57 | kexdh_client(struct ssh *ssh) | ||
58 | { | ||
59 | struct kex *kex = ssh->kex; | ||
60 | int r; | ||
61 | const BIGNUM *pub_key; | ||
62 | |||
63 | /* generate and send 'e', client DH public key */ | ||
64 | switch (kex->kex_type) { | ||
65 | case KEX_DH_GRP1_SHA1: | ||
66 | kex->dh = dh_new_group1(); | ||
67 | break; | ||
68 | case KEX_DH_GRP14_SHA1: | ||
69 | case KEX_DH_GRP14_SHA256: | ||
70 | kex->dh = dh_new_group14(); | ||
71 | break; | ||
72 | case KEX_DH_GRP16_SHA512: | ||
73 | kex->dh = dh_new_group16(); | ||
74 | break; | ||
75 | case KEX_DH_GRP18_SHA512: | ||
76 | kex->dh = dh_new_group18(); | ||
77 | break; | ||
78 | default: | ||
79 | r = SSH_ERR_INVALID_ARGUMENT; | ||
80 | goto out; | ||
81 | } | ||
82 | if (kex->dh == NULL) { | ||
83 | r = SSH_ERR_ALLOC_FAIL; | ||
84 | goto out; | ||
85 | } | ||
86 | debug("sending SSH2_MSG_KEXDH_INIT"); | ||
87 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
88 | goto out; | ||
89 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
90 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 || | ||
91 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || | ||
92 | (r = sshpkt_send(ssh)) != 0) | ||
93 | goto out; | ||
94 | #ifdef DEBUG_KEXDH | ||
95 | DHparams_print_fp(stderr, kex->dh); | ||
96 | fprintf(stderr, "pub= "); | ||
97 | BN_print_fp(stderr, pub_key); | ||
98 | fprintf(stderr, "\n"); | ||
99 | #endif | ||
100 | debug("expecting SSH2_MSG_KEXDH_REPLY"); | ||
101 | ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_REPLY, &input_kex_dh); | ||
102 | r = 0; | ||
103 | out: | ||
104 | return r; | ||
105 | } | ||
106 | |||
107 | static int | ||
108 | input_kex_dh(int type, u_int32_t seq, struct ssh *ssh) | ||
109 | { | ||
110 | struct kex *kex = ssh->kex; | ||
111 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; | ||
112 | const BIGNUM *pub_key; | ||
113 | struct sshkey *server_host_key = NULL; | ||
114 | u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL; | ||
115 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
116 | size_t klen = 0, slen, sbloblen, hashlen; | ||
117 | int kout, r; | ||
118 | |||
119 | if (kex->verify_host_key == NULL) { | ||
120 | r = SSH_ERR_INVALID_ARGUMENT; | ||
121 | goto out; | ||
122 | } | ||
123 | /* key, cert */ | ||
124 | if ((r = sshpkt_get_string(ssh, &server_host_key_blob, | ||
125 | &sbloblen)) != 0 || | ||
126 | (r = sshkey_from_blob(server_host_key_blob, sbloblen, | ||
127 | &server_host_key)) != 0) | ||
128 | goto out; | ||
129 | if (server_host_key->type != kex->hostkey_type || | ||
130 | (kex->hostkey_type == KEY_ECDSA && | ||
131 | server_host_key->ecdsa_nid != kex->hostkey_nid)) { | ||
132 | r = SSH_ERR_KEY_TYPE_MISMATCH; | ||
133 | goto out; | ||
134 | } | ||
135 | if (kex->verify_host_key(server_host_key, ssh) == -1) { | ||
136 | r = SSH_ERR_SIGNATURE_INVALID; | ||
137 | goto out; | ||
138 | } | ||
139 | /* DH parameter f, server public DH key */ | ||
140 | if ((dh_server_pub = BN_new()) == NULL) { | ||
141 | r = SSH_ERR_ALLOC_FAIL; | ||
142 | goto out; | ||
143 | } | ||
144 | /* signed H */ | ||
145 | if ((r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0 || | ||
146 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || | ||
147 | (r = sshpkt_get_end(ssh)) != 0) | ||
148 | goto out; | ||
149 | #ifdef DEBUG_KEXDH | ||
150 | fprintf(stderr, "dh_server_pub= "); | ||
151 | BN_print_fp(stderr, dh_server_pub); | ||
152 | fprintf(stderr, "\n"); | ||
153 | debug("bits %d", BN_num_bits(dh_server_pub)); | ||
154 | #endif | ||
155 | if (!dh_pub_is_valid(kex->dh, dh_server_pub)) { | ||
156 | sshpkt_disconnect(ssh, "bad server public DH value"); | ||
157 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
158 | goto out; | ||
159 | } | ||
160 | |||
161 | klen = DH_size(kex->dh); | ||
162 | if ((kbuf = malloc(klen)) == NULL || | ||
163 | (shared_secret = BN_new()) == NULL) { | ||
164 | r = SSH_ERR_ALLOC_FAIL; | ||
165 | goto out; | ||
166 | } | ||
167 | if ((kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0 || | ||
168 | BN_bin2bn(kbuf, kout, shared_secret) == NULL) { | ||
169 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
170 | goto out; | ||
171 | } | ||
172 | #ifdef DEBUG_KEXDH | ||
173 | dump_digest("shared secret", kbuf, kout); | ||
174 | #endif | ||
175 | |||
176 | /* calc and verify H */ | ||
177 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
178 | hashlen = sizeof(hash); | ||
179 | if ((r = kex_dh_hash( | ||
180 | kex->hash_alg, | ||
181 | kex->client_version_string, | ||
182 | kex->server_version_string, | ||
183 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
184 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
185 | server_host_key_blob, sbloblen, | ||
186 | pub_key, | ||
187 | dh_server_pub, | ||
188 | shared_secret, | ||
189 | hash, &hashlen)) != 0) | ||
190 | goto out; | ||
191 | |||
192 | if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, | ||
193 | kex->hostkey_alg, ssh->compat)) != 0) | ||
194 | goto out; | ||
195 | |||
196 | /* save session id */ | ||
197 | if (kex->session_id == NULL) { | ||
198 | kex->session_id_len = hashlen; | ||
199 | kex->session_id = malloc(kex->session_id_len); | ||
200 | if (kex->session_id == NULL) { | ||
201 | r = SSH_ERR_ALLOC_FAIL; | ||
202 | goto out; | ||
203 | } | ||
204 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
205 | } | ||
206 | |||
207 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | ||
208 | r = kex_send_newkeys(ssh); | ||
209 | out: | ||
210 | explicit_bzero(hash, sizeof(hash)); | ||
211 | DH_free(kex->dh); | ||
212 | kex->dh = NULL; | ||
213 | BN_clear_free(dh_server_pub); | ||
214 | if (kbuf) { | ||
215 | explicit_bzero(kbuf, klen); | ||
216 | free(kbuf); | ||
217 | } | ||
218 | BN_clear_free(shared_secret); | ||
219 | sshkey_free(server_host_key); | ||
220 | free(server_host_key_blob); | ||
221 | free(signature); | ||
222 | return r; | ||
223 | } | ||
224 | #endif /* WITH_OPENSSL */ | ||
diff --git a/kexdhs.c b/kexdhs.c deleted file mode 100644 index 337aab5be..000000000 --- a/kexdhs.c +++ /dev/null | |||
@@ -1,222 +0,0 @@ | |||
1 | /* $OpenBSD: kexdhs.c,v 1.27 2018/04/10 00:10:49 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #ifdef WITH_OPENSSL | ||
29 | |||
30 | #include <sys/types.h> | ||
31 | |||
32 | #include <stdarg.h> | ||
33 | #include <string.h> | ||
34 | #include <signal.h> | ||
35 | |||
36 | #include <openssl/dh.h> | ||
37 | |||
38 | #include "openbsd-compat/openssl-compat.h" | ||
39 | |||
40 | #include "sshkey.h" | ||
41 | #include "cipher.h" | ||
42 | #include "digest.h" | ||
43 | #include "kex.h" | ||
44 | #include "log.h" | ||
45 | #include "packet.h" | ||
46 | #include "dh.h" | ||
47 | #include "ssh2.h" | ||
48 | |||
49 | #include "dispatch.h" | ||
50 | #include "compat.h" | ||
51 | #include "ssherr.h" | ||
52 | #include "sshbuf.h" | ||
53 | |||
54 | static int input_kex_dh_init(int, u_int32_t, struct ssh *); | ||
55 | |||
56 | int | ||
57 | kexdh_server(struct ssh *ssh) | ||
58 | { | ||
59 | struct kex *kex = ssh->kex; | ||
60 | int r; | ||
61 | |||
62 | /* generate server DH public key */ | ||
63 | switch (kex->kex_type) { | ||
64 | case KEX_DH_GRP1_SHA1: | ||
65 | kex->dh = dh_new_group1(); | ||
66 | break; | ||
67 | case KEX_DH_GRP14_SHA1: | ||
68 | case KEX_DH_GRP14_SHA256: | ||
69 | kex->dh = dh_new_group14(); | ||
70 | break; | ||
71 | case KEX_DH_GRP16_SHA512: | ||
72 | kex->dh = dh_new_group16(); | ||
73 | break; | ||
74 | case KEX_DH_GRP18_SHA512: | ||
75 | kex->dh = dh_new_group18(); | ||
76 | break; | ||
77 | default: | ||
78 | r = SSH_ERR_INVALID_ARGUMENT; | ||
79 | goto out; | ||
80 | } | ||
81 | if (kex->dh == NULL) { | ||
82 | r = SSH_ERR_ALLOC_FAIL; | ||
83 | goto out; | ||
84 | } | ||
85 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
86 | goto out; | ||
87 | |||
88 | debug("expecting SSH2_MSG_KEXDH_INIT"); | ||
89 | ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_INIT, &input_kex_dh_init); | ||
90 | r = 0; | ||
91 | out: | ||
92 | return r; | ||
93 | } | ||
94 | |||
95 | int | ||
96 | input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | ||
97 | { | ||
98 | struct kex *kex = ssh->kex; | ||
99 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; | ||
100 | const BIGNUM *pub_key; | ||
101 | struct sshkey *server_host_public, *server_host_private; | ||
102 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | ||
103 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
104 | size_t sbloblen, slen; | ||
105 | size_t klen = 0, hashlen; | ||
106 | int kout, r; | ||
107 | |||
108 | if (kex->load_host_public_key == NULL || | ||
109 | kex->load_host_private_key == NULL) { | ||
110 | r = SSH_ERR_INVALID_ARGUMENT; | ||
111 | goto out; | ||
112 | } | ||
113 | server_host_public = kex->load_host_public_key(kex->hostkey_type, | ||
114 | kex->hostkey_nid, ssh); | ||
115 | server_host_private = kex->load_host_private_key(kex->hostkey_type, | ||
116 | kex->hostkey_nid, ssh); | ||
117 | if (server_host_public == NULL) { | ||
118 | r = SSH_ERR_NO_HOSTKEY_LOADED; | ||
119 | goto out; | ||
120 | } | ||
121 | |||
122 | /* key, cert */ | ||
123 | if ((dh_client_pub = BN_new()) == NULL) { | ||
124 | r = SSH_ERR_ALLOC_FAIL; | ||
125 | goto out; | ||
126 | } | ||
127 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
128 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || | ||
129 | (r = sshpkt_get_end(ssh)) != 0) | ||
130 | goto out; | ||
131 | |||
132 | #ifdef DEBUG_KEXDH | ||
133 | fprintf(stderr, "dh_client_pub= "); | ||
134 | BN_print_fp(stderr, dh_client_pub); | ||
135 | fprintf(stderr, "\n"); | ||
136 | debug("bits %d", BN_num_bits(dh_client_pub)); | ||
137 | DHparams_print_fp(stderr, kex->dh); | ||
138 | fprintf(stderr, "pub= "); | ||
139 | BN_print_fp(stderr, pub_key); | ||
140 | fprintf(stderr, "\n"); | ||
141 | #endif | ||
142 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { | ||
143 | sshpkt_disconnect(ssh, "bad client public DH value"); | ||
144 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
145 | goto out; | ||
146 | } | ||
147 | |||
148 | klen = DH_size(kex->dh); | ||
149 | if ((kbuf = malloc(klen)) == NULL || | ||
150 | (shared_secret = BN_new()) == NULL) { | ||
151 | r = SSH_ERR_ALLOC_FAIL; | ||
152 | goto out; | ||
153 | } | ||
154 | if ((kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0 || | ||
155 | BN_bin2bn(kbuf, kout, shared_secret) == NULL) { | ||
156 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
157 | goto out; | ||
158 | } | ||
159 | #ifdef DEBUG_KEXDH | ||
160 | dump_digest("shared secret", kbuf, kout); | ||
161 | #endif | ||
162 | if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob, | ||
163 | &sbloblen)) != 0) | ||
164 | goto out; | ||
165 | /* calc H */ | ||
166 | hashlen = sizeof(hash); | ||
167 | if ((r = kex_dh_hash( | ||
168 | kex->hash_alg, | ||
169 | kex->client_version_string, | ||
170 | kex->server_version_string, | ||
171 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
172 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
173 | server_host_key_blob, sbloblen, | ||
174 | dh_client_pub, | ||
175 | pub_key, | ||
176 | shared_secret, | ||
177 | hash, &hashlen)) != 0) | ||
178 | goto out; | ||
179 | |||
180 | /* save session id := H */ | ||
181 | if (kex->session_id == NULL) { | ||
182 | kex->session_id_len = hashlen; | ||
183 | kex->session_id = malloc(kex->session_id_len); | ||
184 | if (kex->session_id == NULL) { | ||
185 | r = SSH_ERR_ALLOC_FAIL; | ||
186 | goto out; | ||
187 | } | ||
188 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
189 | } | ||
190 | |||
191 | /* sign H */ | ||
192 | if ((r = kex->sign(server_host_private, server_host_public, &signature, | ||
193 | &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0) | ||
194 | goto out; | ||
195 | |||
196 | /* destroy_sensitive_data(); */ | ||
197 | |||
198 | /* send server hostkey, DH pubkey 'f' and signed H */ | ||
199 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || | ||
200 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | ||
201 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ | ||
202 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | ||
203 | (r = sshpkt_send(ssh)) != 0) | ||
204 | goto out; | ||
205 | |||
206 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | ||
207 | r = kex_send_newkeys(ssh); | ||
208 | out: | ||
209 | explicit_bzero(hash, sizeof(hash)); | ||
210 | DH_free(kex->dh); | ||
211 | kex->dh = NULL; | ||
212 | BN_clear_free(dh_client_pub); | ||
213 | if (kbuf) { | ||
214 | explicit_bzero(kbuf, klen); | ||
215 | free(kbuf); | ||
216 | } | ||
217 | BN_clear_free(shared_secret); | ||
218 | free(server_host_key_blob); | ||
219 | free(signature); | ||
220 | return r; | ||
221 | } | ||
222 | #endif /* WITH_OPENSSL */ | ||
@@ -1,7 +1,7 @@ | |||
1 | /* $OpenBSD: kexecdh.c,v 1.6 2015/01/19 20:16:15 markus Exp $ */ | 1 | /* $OpenBSD: kexecdh.c,v 1.10 2019/01/21 10:40:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 3 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
4 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | ||
5 | * | 5 | * |
6 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without |
7 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions |
@@ -30,71 +30,182 @@ | |||
30 | 30 | ||
31 | #include <sys/types.h> | 31 | #include <sys/types.h> |
32 | 32 | ||
33 | #include <signal.h> | 33 | #include <stdio.h> |
34 | #include <string.h> | 34 | #include <string.h> |
35 | #include <signal.h> | ||
35 | 36 | ||
36 | #include <openssl/bn.h> | ||
37 | #include <openssl/evp.h> | ||
38 | #include <openssl/ec.h> | ||
39 | #include <openssl/ecdh.h> | 37 | #include <openssl/ecdh.h> |
40 | 38 | ||
41 | #include "ssh2.h" | ||
42 | #include "sshkey.h" | 39 | #include "sshkey.h" |
43 | #include "cipher.h" | ||
44 | #include "kex.h" | 40 | #include "kex.h" |
45 | #include "sshbuf.h" | 41 | #include "sshbuf.h" |
46 | #include "digest.h" | 42 | #include "digest.h" |
47 | #include "ssherr.h" | 43 | #include "ssherr.h" |
48 | 44 | ||
45 | static int | ||
46 | kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key, | ||
47 | const EC_GROUP *, struct sshbuf **); | ||
48 | |||
49 | int | 49 | int |
50 | kex_ecdh_hash( | 50 | kex_ecdh_keypair(struct kex *kex) |
51 | int hash_alg, | ||
52 | const EC_GROUP *ec_group, | ||
53 | const char *client_version_string, | ||
54 | const char *server_version_string, | ||
55 | const u_char *ckexinit, size_t ckexinitlen, | ||
56 | const u_char *skexinit, size_t skexinitlen, | ||
57 | const u_char *serverhostkeyblob, size_t sbloblen, | ||
58 | const EC_POINT *client_dh_pub, | ||
59 | const EC_POINT *server_dh_pub, | ||
60 | const BIGNUM *shared_secret, | ||
61 | u_char *hash, size_t *hashlen) | ||
62 | { | 51 | { |
63 | struct sshbuf *b; | 52 | EC_KEY *client_key = NULL; |
53 | const EC_GROUP *group; | ||
54 | const EC_POINT *public_key; | ||
55 | struct sshbuf *buf = NULL; | ||
64 | int r; | 56 | int r; |
65 | 57 | ||
66 | if (*hashlen < ssh_digest_bytes(hash_alg)) | 58 | if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { |
67 | return SSH_ERR_INVALID_ARGUMENT; | 59 | r = SSH_ERR_ALLOC_FAIL; |
68 | if ((b = sshbuf_new()) == NULL) | 60 | goto out; |
69 | return SSH_ERR_ALLOC_FAIL; | 61 | } |
70 | if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || | 62 | if (EC_KEY_generate_key(client_key) != 1) { |
71 | (r = sshbuf_put_cstring(b, server_version_string)) != 0 || | 63 | r = SSH_ERR_LIBCRYPTO_ERROR; |
72 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | 64 | goto out; |
73 | (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || | 65 | } |
74 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 66 | group = EC_KEY_get0_group(client_key); |
75 | (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 || | 67 | public_key = EC_KEY_get0_public_key(client_key); |
76 | (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 || | 68 | |
77 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 69 | if ((buf = sshbuf_new()) == NULL) { |
78 | (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || | 70 | r = SSH_ERR_ALLOC_FAIL; |
79 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || | 71 | goto out; |
80 | (r = sshbuf_put_ec(b, client_dh_pub, ec_group)) != 0 || | ||
81 | (r = sshbuf_put_ec(b, server_dh_pub, ec_group)) != 0 || | ||
82 | (r = sshbuf_put_bignum2(b, shared_secret)) != 0) { | ||
83 | sshbuf_free(b); | ||
84 | return r; | ||
85 | } | 72 | } |
86 | #ifdef DEBUG_KEX | 73 | if ((r = sshbuf_put_ec(buf, public_key, group)) != 0 || |
87 | sshbuf_dump(b, stderr); | 74 | (r = sshbuf_get_u32(buf, NULL)) != 0) |
75 | goto out; | ||
76 | #ifdef DEBUG_KEXECDH | ||
77 | fputs("client private key:\n", stderr); | ||
78 | sshkey_dump_ec_key(client_key); | ||
88 | #endif | 79 | #endif |
89 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { | 80 | kex->ec_client_key = client_key; |
90 | sshbuf_free(b); | 81 | kex->ec_group = group; |
91 | return SSH_ERR_LIBCRYPTO_ERROR; | 82 | client_key = NULL; /* owned by the kex */ |
83 | kex->client_pub = buf; | ||
84 | buf = NULL; | ||
85 | out: | ||
86 | EC_KEY_free(client_key); | ||
87 | sshbuf_free(buf); | ||
88 | return r; | ||
89 | } | ||
90 | |||
91 | int | ||
92 | kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob, | ||
93 | struct sshbuf **server_blobp, struct sshbuf **shared_secretp) | ||
94 | { | ||
95 | const EC_GROUP *group; | ||
96 | const EC_POINT *pub_key; | ||
97 | EC_KEY *server_key = NULL; | ||
98 | struct sshbuf *server_blob = NULL; | ||
99 | int r; | ||
100 | |||
101 | *server_blobp = NULL; | ||
102 | *shared_secretp = NULL; | ||
103 | |||
104 | if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { | ||
105 | r = SSH_ERR_ALLOC_FAIL; | ||
106 | goto out; | ||
92 | } | 107 | } |
93 | sshbuf_free(b); | 108 | if (EC_KEY_generate_key(server_key) != 1) { |
94 | *hashlen = ssh_digest_bytes(hash_alg); | 109 | r = SSH_ERR_LIBCRYPTO_ERROR; |
95 | #ifdef DEBUG_KEX | 110 | goto out; |
96 | dump_digest("hash", hash, *hashlen); | 111 | } |
112 | group = EC_KEY_get0_group(server_key); | ||
113 | |||
114 | #ifdef DEBUG_KEXECDH | ||
115 | fputs("server private key:\n", stderr); | ||
116 | sshkey_dump_ec_key(server_key); | ||
97 | #endif | 117 | #endif |
98 | return 0; | 118 | pub_key = EC_KEY_get0_public_key(server_key); |
119 | if ((server_blob = sshbuf_new()) == NULL) { | ||
120 | r = SSH_ERR_ALLOC_FAIL; | ||
121 | goto out; | ||
122 | } | ||
123 | if ((r = sshbuf_put_ec(server_blob, pub_key, group)) != 0 || | ||
124 | (r = sshbuf_get_u32(server_blob, NULL)) != 0) | ||
125 | goto out; | ||
126 | if ((r = kex_ecdh_dec_key_group(kex, client_blob, server_key, group, | ||
127 | shared_secretp)) != 0) | ||
128 | goto out; | ||
129 | *server_blobp = server_blob; | ||
130 | server_blob = NULL; | ||
131 | out: | ||
132 | EC_KEY_free(server_key); | ||
133 | sshbuf_free(server_blob); | ||
134 | return r; | ||
135 | } | ||
136 | |||
137 | static int | ||
138 | kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob, | ||
139 | EC_KEY *key, const EC_GROUP *group, struct sshbuf **shared_secretp) | ||
140 | { | ||
141 | struct sshbuf *buf = NULL; | ||
142 | BIGNUM *shared_secret = NULL; | ||
143 | EC_POINT *dh_pub = NULL; | ||
144 | u_char *kbuf = NULL; | ||
145 | size_t klen = 0; | ||
146 | int r; | ||
147 | |||
148 | *shared_secretp = NULL; | ||
149 | |||
150 | if ((buf = sshbuf_new()) == NULL) { | ||
151 | r = SSH_ERR_ALLOC_FAIL; | ||
152 | goto out; | ||
153 | } | ||
154 | if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0) | ||
155 | goto out; | ||
156 | if ((dh_pub = EC_POINT_new(group)) == NULL) { | ||
157 | r = SSH_ERR_ALLOC_FAIL; | ||
158 | goto out; | ||
159 | } | ||
160 | if ((r = sshbuf_get_ec(buf, dh_pub, group)) != 0) { | ||
161 | goto out; | ||
162 | } | ||
163 | sshbuf_reset(buf); | ||
164 | |||
165 | #ifdef DEBUG_KEXECDH | ||
166 | fputs("public key:\n", stderr); | ||
167 | sshkey_dump_ec_point(group, dh_pub); | ||
168 | #endif | ||
169 | if (sshkey_ec_validate_public(group, dh_pub) != 0) { | ||
170 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
171 | goto out; | ||
172 | } | ||
173 | klen = (EC_GROUP_get_degree(group) + 7) / 8; | ||
174 | if ((kbuf = malloc(klen)) == NULL || | ||
175 | (shared_secret = BN_new()) == NULL) { | ||
176 | r = SSH_ERR_ALLOC_FAIL; | ||
177 | goto out; | ||
178 | } | ||
179 | if (ECDH_compute_key(kbuf, klen, dh_pub, key, NULL) != (int)klen || | ||
180 | BN_bin2bn(kbuf, klen, shared_secret) == NULL) { | ||
181 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
182 | goto out; | ||
183 | } | ||
184 | #ifdef DEBUG_KEXECDH | ||
185 | dump_digest("shared secret", kbuf, klen); | ||
186 | #endif | ||
187 | if ((r = sshbuf_put_bignum2(buf, shared_secret)) != 0) | ||
188 | goto out; | ||
189 | *shared_secretp = buf; | ||
190 | buf = NULL; | ||
191 | out: | ||
192 | EC_POINT_clear_free(dh_pub); | ||
193 | BN_clear_free(shared_secret); | ||
194 | freezero(kbuf, klen); | ||
195 | sshbuf_free(buf); | ||
196 | return r; | ||
197 | } | ||
198 | |||
199 | int | ||
200 | kex_ecdh_dec(struct kex *kex, const struct sshbuf *server_blob, | ||
201 | struct sshbuf **shared_secretp) | ||
202 | { | ||
203 | int r; | ||
204 | |||
205 | r = kex_ecdh_dec_key_group(kex, server_blob, kex->ec_client_key, | ||
206 | kex->ec_group, shared_secretp); | ||
207 | EC_KEY_free(kex->ec_client_key); | ||
208 | kex->ec_client_key = NULL; | ||
209 | return r; | ||
99 | } | 210 | } |
100 | #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ | 211 | #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ |
diff --git a/kexecdhc.c b/kexecdhc.c deleted file mode 100644 index ac146a362..000000000 --- a/kexecdhc.c +++ /dev/null | |||
@@ -1,222 +0,0 @@ | |||
1 | /* $OpenBSD: kexecdhc.c,v 1.13 2018/02/07 02:06:51 jsing Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | ||
5 | * | ||
6 | * Redistribution and use in source and binary forms, with or without | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "includes.h" | ||
28 | |||
29 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
30 | |||
31 | #include <sys/types.h> | ||
32 | |||
33 | #include <stdio.h> | ||
34 | #include <string.h> | ||
35 | #include <signal.h> | ||
36 | |||
37 | #include <openssl/ecdh.h> | ||
38 | |||
39 | #include "sshkey.h" | ||
40 | #include "cipher.h" | ||
41 | #include "digest.h" | ||
42 | #include "kex.h" | ||
43 | #include "log.h" | ||
44 | #include "packet.h" | ||
45 | #include "dh.h" | ||
46 | #include "ssh2.h" | ||
47 | #include "dispatch.h" | ||
48 | #include "compat.h" | ||
49 | #include "ssherr.h" | ||
50 | #include "sshbuf.h" | ||
51 | |||
52 | static int input_kex_ecdh_reply(int, u_int32_t, struct ssh *); | ||
53 | |||
54 | int | ||
55 | kexecdh_client(struct ssh *ssh) | ||
56 | { | ||
57 | struct kex *kex = ssh->kex; | ||
58 | EC_KEY *client_key = NULL; | ||
59 | const EC_GROUP *group; | ||
60 | const EC_POINT *public_key; | ||
61 | int r; | ||
62 | |||
63 | if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { | ||
64 | r = SSH_ERR_ALLOC_FAIL; | ||
65 | goto out; | ||
66 | } | ||
67 | if (EC_KEY_generate_key(client_key) != 1) { | ||
68 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
69 | goto out; | ||
70 | } | ||
71 | group = EC_KEY_get0_group(client_key); | ||
72 | public_key = EC_KEY_get0_public_key(client_key); | ||
73 | |||
74 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 || | ||
75 | (r = sshpkt_put_ec(ssh, public_key, group)) != 0 || | ||
76 | (r = sshpkt_send(ssh)) != 0) | ||
77 | goto out; | ||
78 | debug("sending SSH2_MSG_KEX_ECDH_INIT"); | ||
79 | |||
80 | #ifdef DEBUG_KEXECDH | ||
81 | fputs("client private key:\n", stderr); | ||
82 | sshkey_dump_ec_key(client_key); | ||
83 | #endif | ||
84 | kex->ec_client_key = client_key; | ||
85 | kex->ec_group = group; | ||
86 | client_key = NULL; /* owned by the kex */ | ||
87 | |||
88 | debug("expecting SSH2_MSG_KEX_ECDH_REPLY"); | ||
89 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_ecdh_reply); | ||
90 | r = 0; | ||
91 | out: | ||
92 | EC_KEY_free(client_key); | ||
93 | return r; | ||
94 | } | ||
95 | |||
96 | static int | ||
97 | input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh) | ||
98 | { | ||
99 | struct kex *kex = ssh->kex; | ||
100 | const EC_GROUP *group; | ||
101 | EC_POINT *server_public = NULL; | ||
102 | EC_KEY *client_key; | ||
103 | BIGNUM *shared_secret = NULL; | ||
104 | struct sshkey *server_host_key = NULL; | ||
105 | u_char *server_host_key_blob = NULL, *signature = NULL; | ||
106 | u_char *kbuf = NULL; | ||
107 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
108 | size_t slen, sbloblen; | ||
109 | size_t klen = 0, hashlen; | ||
110 | int r; | ||
111 | |||
112 | if (kex->verify_host_key == NULL) { | ||
113 | r = SSH_ERR_INVALID_ARGUMENT; | ||
114 | goto out; | ||
115 | } | ||
116 | group = kex->ec_group; | ||
117 | client_key = kex->ec_client_key; | ||
118 | |||
119 | /* hostkey */ | ||
120 | if ((r = sshpkt_get_string(ssh, &server_host_key_blob, | ||
121 | &sbloblen)) != 0 || | ||
122 | (r = sshkey_from_blob(server_host_key_blob, sbloblen, | ||
123 | &server_host_key)) != 0) | ||
124 | goto out; | ||
125 | if (server_host_key->type != kex->hostkey_type || | ||
126 | (kex->hostkey_type == KEY_ECDSA && | ||
127 | server_host_key->ecdsa_nid != kex->hostkey_nid)) { | ||
128 | r = SSH_ERR_KEY_TYPE_MISMATCH; | ||
129 | goto out; | ||
130 | } | ||
131 | if (kex->verify_host_key(server_host_key, ssh) == -1) { | ||
132 | r = SSH_ERR_SIGNATURE_INVALID; | ||
133 | goto out; | ||
134 | } | ||
135 | |||
136 | /* Q_S, server public key */ | ||
137 | /* signed H */ | ||
138 | if ((server_public = EC_POINT_new(group)) == NULL) { | ||
139 | r = SSH_ERR_ALLOC_FAIL; | ||
140 | goto out; | ||
141 | } | ||
142 | if ((r = sshpkt_get_ec(ssh, server_public, group)) != 0 || | ||
143 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || | ||
144 | (r = sshpkt_get_end(ssh)) != 0) | ||
145 | goto out; | ||
146 | |||
147 | #ifdef DEBUG_KEXECDH | ||
148 | fputs("server public key:\n", stderr); | ||
149 | sshkey_dump_ec_point(group, server_public); | ||
150 | #endif | ||
151 | if (sshkey_ec_validate_public(group, server_public) != 0) { | ||
152 | sshpkt_disconnect(ssh, "invalid server public key"); | ||
153 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
154 | goto out; | ||
155 | } | ||
156 | |||
157 | klen = (EC_GROUP_get_degree(group) + 7) / 8; | ||
158 | if ((kbuf = malloc(klen)) == NULL || | ||
159 | (shared_secret = BN_new()) == NULL) { | ||
160 | r = SSH_ERR_ALLOC_FAIL; | ||
161 | goto out; | ||
162 | } | ||
163 | if (ECDH_compute_key(kbuf, klen, server_public, | ||
164 | client_key, NULL) != (int)klen || | ||
165 | BN_bin2bn(kbuf, klen, shared_secret) == NULL) { | ||
166 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
167 | goto out; | ||
168 | } | ||
169 | |||
170 | #ifdef DEBUG_KEXECDH | ||
171 | dump_digest("shared secret", kbuf, klen); | ||
172 | #endif | ||
173 | /* calc and verify H */ | ||
174 | hashlen = sizeof(hash); | ||
175 | if ((r = kex_ecdh_hash( | ||
176 | kex->hash_alg, | ||
177 | group, | ||
178 | kex->client_version_string, | ||
179 | kex->server_version_string, | ||
180 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
181 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
182 | server_host_key_blob, sbloblen, | ||
183 | EC_KEY_get0_public_key(client_key), | ||
184 | server_public, | ||
185 | shared_secret, | ||
186 | hash, &hashlen)) != 0) | ||
187 | goto out; | ||
188 | |||
189 | if ((r = sshkey_verify(server_host_key, signature, slen, hash, | ||
190 | hashlen, kex->hostkey_alg, ssh->compat)) != 0) | ||
191 | goto out; | ||
192 | |||
193 | /* save session id */ | ||
194 | if (kex->session_id == NULL) { | ||
195 | kex->session_id_len = hashlen; | ||
196 | kex->session_id = malloc(kex->session_id_len); | ||
197 | if (kex->session_id == NULL) { | ||
198 | r = SSH_ERR_ALLOC_FAIL; | ||
199 | goto out; | ||
200 | } | ||
201 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
202 | } | ||
203 | |||
204 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | ||
205 | r = kex_send_newkeys(ssh); | ||
206 | out: | ||
207 | explicit_bzero(hash, sizeof(hash)); | ||
208 | EC_KEY_free(kex->ec_client_key); | ||
209 | kex->ec_client_key = NULL; | ||
210 | EC_POINT_clear_free(server_public); | ||
211 | if (kbuf) { | ||
212 | explicit_bzero(kbuf, klen); | ||
213 | free(kbuf); | ||
214 | } | ||
215 | BN_clear_free(shared_secret); | ||
216 | sshkey_free(server_host_key); | ||
217 | free(server_host_key_blob); | ||
218 | free(signature); | ||
219 | return r; | ||
220 | } | ||
221 | #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ | ||
222 | |||
diff --git a/kexecdhs.c b/kexecdhs.c deleted file mode 100644 index af4f30309..000000000 --- a/kexecdhs.c +++ /dev/null | |||
@@ -1,203 +0,0 @@ | |||
1 | /* $OpenBSD: kexecdhs.c,v 1.17 2018/02/07 02:06:51 jsing Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | ||
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | ||
5 | * | ||
6 | * Redistribution and use in source and binary forms, with or without | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "includes.h" | ||
28 | |||
29 | #if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) | ||
30 | |||
31 | #include <sys/types.h> | ||
32 | #include <string.h> | ||
33 | #include <signal.h> | ||
34 | |||
35 | #include <openssl/ecdh.h> | ||
36 | |||
37 | #include "sshkey.h" | ||
38 | #include "cipher.h" | ||
39 | #include "digest.h" | ||
40 | #include "kex.h" | ||
41 | #include "log.h" | ||
42 | #include "packet.h" | ||
43 | #include "ssh2.h" | ||
44 | |||
45 | #include "dispatch.h" | ||
46 | #include "compat.h" | ||
47 | #include "ssherr.h" | ||
48 | #include "sshbuf.h" | ||
49 | |||
50 | static int input_kex_ecdh_init(int, u_int32_t, struct ssh *); | ||
51 | |||
52 | int | ||
53 | kexecdh_server(struct ssh *ssh) | ||
54 | { | ||
55 | debug("expecting SSH2_MSG_KEX_ECDH_INIT"); | ||
56 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_ecdh_init); | ||
57 | return 0; | ||
58 | } | ||
59 | |||
60 | static int | ||
61 | input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh) | ||
62 | { | ||
63 | struct kex *kex = ssh->kex; | ||
64 | EC_POINT *client_public; | ||
65 | EC_KEY *server_key = NULL; | ||
66 | const EC_GROUP *group; | ||
67 | const EC_POINT *public_key; | ||
68 | BIGNUM *shared_secret = NULL; | ||
69 | struct sshkey *server_host_private, *server_host_public; | ||
70 | u_char *server_host_key_blob = NULL, *signature = NULL; | ||
71 | u_char *kbuf = NULL; | ||
72 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
73 | size_t slen, sbloblen; | ||
74 | size_t klen = 0, hashlen; | ||
75 | int r; | ||
76 | |||
77 | if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { | ||
78 | r = SSH_ERR_ALLOC_FAIL; | ||
79 | goto out; | ||
80 | } | ||
81 | if (EC_KEY_generate_key(server_key) != 1) { | ||
82 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
83 | goto out; | ||
84 | } | ||
85 | group = EC_KEY_get0_group(server_key); | ||
86 | |||
87 | #ifdef DEBUG_KEXECDH | ||
88 | fputs("server private key:\n", stderr); | ||
89 | sshkey_dump_ec_key(server_key); | ||
90 | #endif | ||
91 | |||
92 | if (kex->load_host_public_key == NULL || | ||
93 | kex->load_host_private_key == NULL) { | ||
94 | r = SSH_ERR_INVALID_ARGUMENT; | ||
95 | goto out; | ||
96 | } | ||
97 | server_host_public = kex->load_host_public_key(kex->hostkey_type, | ||
98 | kex->hostkey_nid, ssh); | ||
99 | server_host_private = kex->load_host_private_key(kex->hostkey_type, | ||
100 | kex->hostkey_nid, ssh); | ||
101 | if (server_host_public == NULL) { | ||
102 | r = SSH_ERR_NO_HOSTKEY_LOADED; | ||
103 | goto out; | ||
104 | } | ||
105 | if ((client_public = EC_POINT_new(group)) == NULL) { | ||
106 | r = SSH_ERR_ALLOC_FAIL; | ||
107 | goto out; | ||
108 | } | ||
109 | if ((r = sshpkt_get_ec(ssh, client_public, group)) != 0 || | ||
110 | (r = sshpkt_get_end(ssh)) != 0) | ||
111 | goto out; | ||
112 | |||
113 | #ifdef DEBUG_KEXECDH | ||
114 | fputs("client public key:\n", stderr); | ||
115 | sshkey_dump_ec_point(group, client_public); | ||
116 | #endif | ||
117 | if (sshkey_ec_validate_public(group, client_public) != 0) { | ||
118 | sshpkt_disconnect(ssh, "invalid client public key"); | ||
119 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
120 | goto out; | ||
121 | } | ||
122 | |||
123 | /* Calculate shared_secret */ | ||
124 | klen = (EC_GROUP_get_degree(group) + 7) / 8; | ||
125 | if ((kbuf = malloc(klen)) == NULL || | ||
126 | (shared_secret = BN_new()) == NULL) { | ||
127 | r = SSH_ERR_ALLOC_FAIL; | ||
128 | goto out; | ||
129 | } | ||
130 | if (ECDH_compute_key(kbuf, klen, client_public, | ||
131 | server_key, NULL) != (int)klen || | ||
132 | BN_bin2bn(kbuf, klen, shared_secret) == NULL) { | ||
133 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
134 | goto out; | ||
135 | } | ||
136 | |||
137 | #ifdef DEBUG_KEXECDH | ||
138 | dump_digest("shared secret", kbuf, klen); | ||
139 | #endif | ||
140 | /* calc H */ | ||
141 | if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob, | ||
142 | &sbloblen)) != 0) | ||
143 | goto out; | ||
144 | hashlen = sizeof(hash); | ||
145 | if ((r = kex_ecdh_hash( | ||
146 | kex->hash_alg, | ||
147 | group, | ||
148 | kex->client_version_string, | ||
149 | kex->server_version_string, | ||
150 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | ||
151 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | ||
152 | server_host_key_blob, sbloblen, | ||
153 | client_public, | ||
154 | EC_KEY_get0_public_key(server_key), | ||
155 | shared_secret, | ||
156 | hash, &hashlen)) != 0) | ||
157 | goto out; | ||
158 | |||
159 | /* save session id := H */ | ||
160 | if (kex->session_id == NULL) { | ||
161 | kex->session_id_len = hashlen; | ||
162 | kex->session_id = malloc(kex->session_id_len); | ||
163 | if (kex->session_id == NULL) { | ||
164 | r = SSH_ERR_ALLOC_FAIL; | ||
165 | goto out; | ||
166 | } | ||
167 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
168 | } | ||
169 | |||
170 | /* sign H */ | ||
171 | if ((r = kex->sign(server_host_private, server_host_public, &signature, | ||
172 | &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0) | ||
173 | goto out; | ||
174 | |||
175 | /* destroy_sensitive_data(); */ | ||
176 | |||
177 | public_key = EC_KEY_get0_public_key(server_key); | ||
178 | /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ | ||
179 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 || | ||
180 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | ||
181 | (r = sshpkt_put_ec(ssh, public_key, group)) != 0 || | ||
182 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | ||
183 | (r = sshpkt_send(ssh)) != 0) | ||
184 | goto out; | ||
185 | |||
186 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | ||
187 | r = kex_send_newkeys(ssh); | ||
188 | out: | ||
189 | explicit_bzero(hash, sizeof(hash)); | ||
190 | EC_KEY_free(kex->ec_client_key); | ||
191 | kex->ec_client_key = NULL; | ||
192 | EC_KEY_free(server_key); | ||
193 | if (kbuf) { | ||
194 | explicit_bzero(kbuf, klen); | ||
195 | free(kbuf); | ||
196 | } | ||
197 | BN_clear_free(shared_secret); | ||
198 | free(server_host_key_blob); | ||
199 | free(signature); | ||
200 | return r; | ||
201 | } | ||
202 | #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ | ||
203 | |||
diff --git a/kexgen.c b/kexgen.c new file mode 100644 index 000000000..569dc83f3 --- /dev/null +++ b/kexgen.c | |||
@@ -0,0 +1,339 @@ | |||
1 | /* $OpenBSD: kexgen.c,v 1.2 2019/01/23 00:30:41 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #include <sys/types.h> | ||
29 | |||
30 | #include <stdio.h> | ||
31 | #include <string.h> | ||
32 | #include <signal.h> | ||
33 | |||
34 | #include "sshkey.h" | ||
35 | #include "kex.h" | ||
36 | #include "log.h" | ||
37 | #include "packet.h" | ||
38 | #include "ssh2.h" | ||
39 | #include "sshbuf.h" | ||
40 | #include "digest.h" | ||
41 | #include "ssherr.h" | ||
42 | |||
43 | static int input_kex_gen_init(int, u_int32_t, struct ssh *); | ||
44 | static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); | ||
45 | |||
46 | int | ||
47 | kex_gen_hash( | ||
48 | int hash_alg, | ||
49 | const struct sshbuf *client_version, | ||
50 | const struct sshbuf *server_version, | ||
51 | const struct sshbuf *client_kexinit, | ||
52 | const struct sshbuf *server_kexinit, | ||
53 | const struct sshbuf *server_host_key_blob, | ||
54 | const struct sshbuf *client_pub, | ||
55 | const struct sshbuf *server_pub, | ||
56 | const struct sshbuf *shared_secret, | ||
57 | u_char *hash, size_t *hashlen) | ||
58 | { | ||
59 | struct sshbuf *b; | ||
60 | int r; | ||
61 | |||
62 | if (*hashlen < ssh_digest_bytes(hash_alg)) | ||
63 | return SSH_ERR_INVALID_ARGUMENT; | ||
64 | if ((b = sshbuf_new()) == NULL) | ||
65 | return SSH_ERR_ALLOC_FAIL; | ||
66 | if ((r = sshbuf_put_stringb(b, client_version)) != 0 || | ||
67 | (r = sshbuf_put_stringb(b, server_version)) != 0 || | ||
68 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | ||
69 | (r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 || | ||
70 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | ||
71 | (r = sshbuf_putb(b, client_kexinit)) != 0 || | ||
72 | (r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 || | ||
73 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | ||
74 | (r = sshbuf_putb(b, server_kexinit)) != 0 || | ||
75 | (r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 || | ||
76 | (r = sshbuf_put_stringb(b, client_pub)) != 0 || | ||
77 | (r = sshbuf_put_stringb(b, server_pub)) != 0 || | ||
78 | (r = sshbuf_putb(b, shared_secret)) != 0) { | ||
79 | sshbuf_free(b); | ||
80 | return r; | ||
81 | } | ||
82 | #ifdef DEBUG_KEX | ||
83 | sshbuf_dump(b, stderr); | ||
84 | #endif | ||
85 | if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) { | ||
86 | sshbuf_free(b); | ||
87 | return SSH_ERR_LIBCRYPTO_ERROR; | ||
88 | } | ||
89 | sshbuf_free(b); | ||
90 | *hashlen = ssh_digest_bytes(hash_alg); | ||
91 | #ifdef DEBUG_KEX | ||
92 | dump_digest("hash", hash, *hashlen); | ||
93 | #endif | ||
94 | return 0; | ||
95 | } | ||
96 | |||
97 | int | ||
98 | kex_gen_client(struct ssh *ssh) | ||
99 | { | ||
100 | struct kex *kex = ssh->kex; | ||
101 | int r; | ||
102 | |||
103 | switch (kex->kex_type) { | ||
104 | #ifdef WITH_OPENSSL | ||
105 | case KEX_DH_GRP1_SHA1: | ||
106 | case KEX_DH_GRP14_SHA1: | ||
107 | case KEX_DH_GRP14_SHA256: | ||
108 | case KEX_DH_GRP16_SHA512: | ||
109 | case KEX_DH_GRP18_SHA512: | ||
110 | r = kex_dh_keypair(kex); | ||
111 | break; | ||
112 | case KEX_ECDH_SHA2: | ||
113 | r = kex_ecdh_keypair(kex); | ||
114 | break; | ||
115 | #endif | ||
116 | case KEX_C25519_SHA256: | ||
117 | r = kex_c25519_keypair(kex); | ||
118 | break; | ||
119 | case KEX_KEM_SNTRUP4591761X25519_SHA512: | ||
120 | r = kex_kem_sntrup4591761x25519_keypair(kex); | ||
121 | break; | ||
122 | default: | ||
123 | r = SSH_ERR_INVALID_ARGUMENT; | ||
124 | break; | ||
125 | } | ||
126 | if (r != 0) | ||
127 | return r; | ||
128 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 || | ||
129 | (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0 || | ||
130 | (r = sshpkt_send(ssh)) != 0) | ||
131 | return r; | ||
132 | debug("expecting SSH2_MSG_KEX_ECDH_REPLY"); | ||
133 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_gen_reply); | ||
134 | return 0; | ||
135 | } | ||
136 | |||
137 | static int | ||
138 | input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh) | ||
139 | { | ||
140 | struct kex *kex = ssh->kex; | ||
141 | struct sshkey *server_host_key = NULL; | ||
142 | struct sshbuf *shared_secret = NULL; | ||
143 | struct sshbuf *server_blob = NULL; | ||
144 | struct sshbuf *tmp = NULL, *server_host_key_blob = NULL; | ||
145 | u_char *signature = NULL; | ||
146 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
147 | size_t slen, hashlen; | ||
148 | int r; | ||
149 | |||
150 | /* hostkey */ | ||
151 | if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) | ||
152 | goto out; | ||
153 | /* sshkey_fromb() consumes its buffer, so make a copy */ | ||
154 | if ((tmp = sshbuf_fromb(server_host_key_blob)) == NULL) { | ||
155 | r = SSH_ERR_ALLOC_FAIL; | ||
156 | goto out; | ||
157 | } | ||
158 | if ((r = sshkey_fromb(tmp, &server_host_key)) != 0) | ||
159 | goto out; | ||
160 | if ((r = kex_verify_host_key(ssh, server_host_key)) != 0) | ||
161 | goto out; | ||
162 | |||
163 | /* Q_S, server public key */ | ||
164 | /* signed H */ | ||
165 | if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || | ||
166 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || | ||
167 | (r = sshpkt_get_end(ssh)) != 0) | ||
168 | goto out; | ||
169 | |||
170 | /* compute shared secret */ | ||
171 | switch (kex->kex_type) { | ||
172 | #ifdef WITH_OPENSSL | ||
173 | case KEX_DH_GRP1_SHA1: | ||
174 | case KEX_DH_GRP14_SHA1: | ||
175 | case KEX_DH_GRP14_SHA256: | ||
176 | case KEX_DH_GRP16_SHA512: | ||
177 | case KEX_DH_GRP18_SHA512: | ||
178 | r = kex_dh_dec(kex, server_blob, &shared_secret); | ||
179 | break; | ||
180 | case KEX_ECDH_SHA2: | ||
181 | r = kex_ecdh_dec(kex, server_blob, &shared_secret); | ||
182 | break; | ||
183 | #endif | ||
184 | case KEX_C25519_SHA256: | ||
185 | r = kex_c25519_dec(kex, server_blob, &shared_secret); | ||
186 | break; | ||
187 | case KEX_KEM_SNTRUP4591761X25519_SHA512: | ||
188 | r = kex_kem_sntrup4591761x25519_dec(kex, server_blob, | ||
189 | &shared_secret); | ||
190 | break; | ||
191 | default: | ||
192 | r = SSH_ERR_INVALID_ARGUMENT; | ||
193 | break; | ||
194 | } | ||
195 | if (r !=0 ) | ||
196 | goto out; | ||
197 | |||
198 | /* calc and verify H */ | ||
199 | hashlen = sizeof(hash); | ||
200 | if ((r = kex_gen_hash( | ||
201 | kex->hash_alg, | ||
202 | kex->client_version, | ||
203 | kex->server_version, | ||
204 | kex->my, | ||
205 | kex->peer, | ||
206 | server_host_key_blob, | ||
207 | kex->client_pub, | ||
208 | server_blob, | ||
209 | shared_secret, | ||
210 | hash, &hashlen)) != 0) | ||
211 | goto out; | ||
212 | |||
213 | if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen, | ||
214 | kex->hostkey_alg, ssh->compat)) != 0) | ||
215 | goto out; | ||
216 | |||
217 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
218 | r = kex_send_newkeys(ssh); | ||
219 | out: | ||
220 | explicit_bzero(hash, sizeof(hash)); | ||
221 | explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); | ||
222 | explicit_bzero(kex->sntrup4591761_client_key, | ||
223 | sizeof(kex->sntrup4591761_client_key)); | ||
224 | sshbuf_free(server_host_key_blob); | ||
225 | free(signature); | ||
226 | sshbuf_free(tmp); | ||
227 | sshkey_free(server_host_key); | ||
228 | sshbuf_free(server_blob); | ||
229 | sshbuf_free(shared_secret); | ||
230 | sshbuf_free(kex->client_pub); | ||
231 | kex->client_pub = NULL; | ||
232 | return r; | ||
233 | } | ||
234 | |||
235 | int | ||
236 | kex_gen_server(struct ssh *ssh) | ||
237 | { | ||
238 | debug("expecting SSH2_MSG_KEX_ECDH_INIT"); | ||
239 | ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_gen_init); | ||
240 | return 0; | ||
241 | } | ||
242 | |||
243 | static int | ||
244 | input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh) | ||
245 | { | ||
246 | struct kex *kex = ssh->kex; | ||
247 | struct sshkey *server_host_private, *server_host_public; | ||
248 | struct sshbuf *shared_secret = NULL; | ||
249 | struct sshbuf *server_pubkey = NULL; | ||
250 | struct sshbuf *client_pubkey = NULL; | ||
251 | struct sshbuf *server_host_key_blob = NULL; | ||
252 | u_char *signature = NULL, hash[SSH_DIGEST_MAX_LENGTH]; | ||
253 | size_t slen, hashlen; | ||
254 | int r; | ||
255 | |||
256 | if ((r = kex_load_hostkey(ssh, &server_host_private, | ||
257 | &server_host_public)) != 0) | ||
258 | goto out; | ||
259 | |||
260 | if ((r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || | ||
261 | (r = sshpkt_get_end(ssh)) != 0) | ||
262 | goto out; | ||
263 | |||
264 | /* compute shared secret */ | ||
265 | switch (kex->kex_type) { | ||
266 | #ifdef WITH_OPENSSL | ||
267 | case KEX_DH_GRP1_SHA1: | ||
268 | case KEX_DH_GRP14_SHA1: | ||
269 | case KEX_DH_GRP14_SHA256: | ||
270 | case KEX_DH_GRP16_SHA512: | ||
271 | case KEX_DH_GRP18_SHA512: | ||
272 | r = kex_dh_enc(kex, client_pubkey, &server_pubkey, | ||
273 | &shared_secret); | ||
274 | break; | ||
275 | case KEX_ECDH_SHA2: | ||
276 | r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, | ||
277 | &shared_secret); | ||
278 | break; | ||
279 | #endif | ||
280 | case KEX_C25519_SHA256: | ||
281 | r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, | ||
282 | &shared_secret); | ||
283 | break; | ||
284 | case KEX_KEM_SNTRUP4591761X25519_SHA512: | ||
285 | r = kex_kem_sntrup4591761x25519_enc(kex, client_pubkey, | ||
286 | &server_pubkey, &shared_secret); | ||
287 | break; | ||
288 | default: | ||
289 | r = SSH_ERR_INVALID_ARGUMENT; | ||
290 | break; | ||
291 | } | ||
292 | if (r !=0 ) | ||
293 | goto out; | ||
294 | |||
295 | /* calc H */ | ||
296 | if ((server_host_key_blob = sshbuf_new()) == NULL) { | ||
297 | r = SSH_ERR_ALLOC_FAIL; | ||
298 | goto out; | ||
299 | } | ||
300 | if ((r = sshkey_putb(server_host_public, server_host_key_blob)) != 0) | ||
301 | goto out; | ||
302 | hashlen = sizeof(hash); | ||
303 | if ((r = kex_gen_hash( | ||
304 | kex->hash_alg, | ||
305 | kex->client_version, | ||
306 | kex->server_version, | ||
307 | kex->peer, | ||
308 | kex->my, | ||
309 | server_host_key_blob, | ||
310 | client_pubkey, | ||
311 | server_pubkey, | ||
312 | shared_secret, | ||
313 | hash, &hashlen)) != 0) | ||
314 | goto out; | ||
315 | |||
316 | /* sign H */ | ||
317 | if ((r = kex->sign(ssh, server_host_private, server_host_public, | ||
318 | &signature, &slen, hash, hashlen, kex->hostkey_alg)) != 0) | ||
319 | goto out; | ||
320 | |||
321 | /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ | ||
322 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 || | ||
323 | (r = sshpkt_put_stringb(ssh, server_host_key_blob)) != 0 || | ||
324 | (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || | ||
325 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | ||
326 | (r = sshpkt_send(ssh)) != 0) | ||
327 | goto out; | ||
328 | |||
329 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
330 | r = kex_send_newkeys(ssh); | ||
331 | out: | ||
332 | explicit_bzero(hash, sizeof(hash)); | ||
333 | sshbuf_free(server_host_key_blob); | ||
334 | free(signature); | ||
335 | sshbuf_free(shared_secret); | ||
336 | sshbuf_free(client_pubkey); | ||
337 | sshbuf_free(server_pubkey); | ||
338 | return r; | ||
339 | } | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexgex.c,v 1.29 2015/01/19 20:16:15 markus Exp $ */ | 1 | /* $OpenBSD: kexgex.c,v 1.32 2019/01/23 00:30:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
@@ -46,17 +46,17 @@ | |||
46 | int | 46 | int |
47 | kexgex_hash( | 47 | kexgex_hash( |
48 | int hash_alg, | 48 | int hash_alg, |
49 | const char *client_version_string, | 49 | const struct sshbuf *client_version, |
50 | const char *server_version_string, | 50 | const struct sshbuf *server_version, |
51 | const u_char *ckexinit, size_t ckexinitlen, | 51 | const struct sshbuf *client_kexinit, |
52 | const u_char *skexinit, size_t skexinitlen, | 52 | const struct sshbuf *server_kexinit, |
53 | const u_char *serverhostkeyblob, size_t sbloblen, | 53 | const struct sshbuf *server_host_key_blob, |
54 | int min, int wantbits, int max, | 54 | int min, int wantbits, int max, |
55 | const BIGNUM *prime, | 55 | const BIGNUM *prime, |
56 | const BIGNUM *gen, | 56 | const BIGNUM *gen, |
57 | const BIGNUM *client_dh_pub, | 57 | const BIGNUM *client_dh_pub, |
58 | const BIGNUM *server_dh_pub, | 58 | const BIGNUM *server_dh_pub, |
59 | const BIGNUM *shared_secret, | 59 | const u_char *shared_secret, size_t secretlen, |
60 | u_char *hash, size_t *hashlen) | 60 | u_char *hash, size_t *hashlen) |
61 | { | 61 | { |
62 | struct sshbuf *b; | 62 | struct sshbuf *b; |
@@ -66,16 +66,16 @@ kexgex_hash( | |||
66 | return SSH_ERR_INVALID_ARGUMENT; | 66 | return SSH_ERR_INVALID_ARGUMENT; |
67 | if ((b = sshbuf_new()) == NULL) | 67 | if ((b = sshbuf_new()) == NULL) |
68 | return SSH_ERR_ALLOC_FAIL; | 68 | return SSH_ERR_ALLOC_FAIL; |
69 | if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || | 69 | if ((r = sshbuf_put_stringb(b, client_version)) < 0 || |
70 | (r = sshbuf_put_cstring(b, server_version_string)) != 0 || | 70 | (r = sshbuf_put_stringb(b, server_version)) < 0 || |
71 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | 71 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ |
72 | (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || | 72 | (r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 || |
73 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 73 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |
74 | (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 || | 74 | (r = sshbuf_putb(b, client_kexinit)) != 0 || |
75 | (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 || | 75 | (r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 || |
76 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || | 76 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || |
77 | (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 || | 77 | (r = sshbuf_putb(b, server_kexinit)) != 0 || |
78 | (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 || | 78 | (r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 || |
79 | (min != -1 && (r = sshbuf_put_u32(b, min)) != 0) || | 79 | (min != -1 && (r = sshbuf_put_u32(b, min)) != 0) || |
80 | (r = sshbuf_put_u32(b, wantbits)) != 0 || | 80 | (r = sshbuf_put_u32(b, wantbits)) != 0 || |
81 | (max != -1 && (r = sshbuf_put_u32(b, max)) != 0) || | 81 | (max != -1 && (r = sshbuf_put_u32(b, max)) != 0) || |
@@ -83,7 +83,7 @@ kexgex_hash( | |||
83 | (r = sshbuf_put_bignum2(b, gen)) != 0 || | 83 | (r = sshbuf_put_bignum2(b, gen)) != 0 || |
84 | (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 || | 84 | (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 || |
85 | (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 || | 85 | (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 || |
86 | (r = sshbuf_put_bignum2(b, shared_secret)) != 0) { | 86 | (r = sshbuf_put(b, shared_secret, secretlen)) != 0) { |
87 | sshbuf_free(b); | 87 | sshbuf_free(b); |
88 | return r; | 88 | return r; |
89 | } | 89 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexgexc.c,v 1.27 2018/02/07 02:06:51 jsing Exp $ */ | 1 | /* $OpenBSD: kexgexc.c,v 1.34 2019/01/23 00:30:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
@@ -100,13 +100,8 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh) | |||
100 | 100 | ||
101 | debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); | 101 | debug("got SSH2_MSG_KEX_DH_GEX_GROUP"); |
102 | 102 | ||
103 | if ((p = BN_new()) == NULL || | 103 | if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || |
104 | (g = BN_new()) == NULL) { | 104 | (r = sshpkt_get_bignum2(ssh, &g)) != 0 || |
105 | r = SSH_ERR_ALLOC_FAIL; | ||
106 | goto out; | ||
107 | } | ||
108 | if ((r = sshpkt_get_bignum2(ssh, p)) != 0 || | ||
109 | (r = sshpkt_get_bignum2(ssh, g)) != 0 || | ||
110 | (r = sshpkt_get_end(ssh)) != 0) | 105 | (r = sshpkt_get_end(ssh)) != 0) |
111 | goto out; | 106 | goto out; |
112 | if ((bits = BN_num_bits(p)) < 0 || | 107 | if ((bits = BN_num_bits(p)) < 0 || |
@@ -148,71 +143,39 @@ static int | |||
148 | input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | 143 | input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) |
149 | { | 144 | { |
150 | struct kex *kex = ssh->kex; | 145 | struct kex *kex = ssh->kex; |
151 | BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; | 146 | BIGNUM *dh_server_pub = NULL; |
152 | const BIGNUM *pub_key, *dh_p, *dh_g; | 147 | const BIGNUM *pub_key, *dh_p, *dh_g; |
148 | struct sshbuf *shared_secret = NULL; | ||
149 | struct sshbuf *tmp = NULL, *server_host_key_blob = NULL; | ||
153 | struct sshkey *server_host_key = NULL; | 150 | struct sshkey *server_host_key = NULL; |
154 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | 151 | u_char *signature = NULL; |
155 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 152 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
156 | size_t klen = 0, slen, sbloblen, hashlen; | 153 | size_t slen, hashlen; |
157 | int kout, r; | 154 | int r; |
158 | 155 | ||
159 | debug("got SSH2_MSG_KEX_DH_GEX_REPLY"); | 156 | debug("got SSH2_MSG_KEX_DH_GEX_REPLY"); |
160 | if (kex->verify_host_key == NULL) { | ||
161 | r = SSH_ERR_INVALID_ARGUMENT; | ||
162 | goto out; | ||
163 | } | ||
164 | /* key, cert */ | 157 | /* key, cert */ |
165 | if ((r = sshpkt_get_string(ssh, &server_host_key_blob, | 158 | if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) |
166 | &sbloblen)) != 0 || | ||
167 | (r = sshkey_from_blob(server_host_key_blob, sbloblen, | ||
168 | &server_host_key)) != 0) | ||
169 | goto out; | 159 | goto out; |
170 | if (server_host_key->type != kex->hostkey_type || | 160 | /* sshkey_fromb() consumes its buffer, so make a copy */ |
171 | (kex->hostkey_type == KEY_ECDSA && | 161 | if ((tmp = sshbuf_fromb(server_host_key_blob)) == NULL) { |
172 | server_host_key->ecdsa_nid != kex->hostkey_nid)) { | ||
173 | r = SSH_ERR_KEY_TYPE_MISMATCH; | ||
174 | goto out; | ||
175 | } | ||
176 | if (kex->verify_host_key(server_host_key, ssh) == -1) { | ||
177 | r = SSH_ERR_SIGNATURE_INVALID; | ||
178 | goto out; | ||
179 | } | ||
180 | /* DH parameter f, server public DH key */ | ||
181 | if ((dh_server_pub = BN_new()) == NULL) { | ||
182 | r = SSH_ERR_ALLOC_FAIL; | 162 | r = SSH_ERR_ALLOC_FAIL; |
183 | goto out; | 163 | goto out; |
184 | } | 164 | } |
185 | /* signed H */ | 165 | if ((r = sshkey_fromb(tmp, &server_host_key)) != 0 || |
186 | if ((r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0 || | 166 | (r = kex_verify_host_key(ssh, server_host_key)) != 0) |
167 | goto out; | ||
168 | /* DH parameter f, server public DH key, signed H */ | ||
169 | if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 || | ||
187 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || | 170 | (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 || |
188 | (r = sshpkt_get_end(ssh)) != 0) | 171 | (r = sshpkt_get_end(ssh)) != 0) |
189 | goto out; | 172 | goto out; |
190 | #ifdef DEBUG_KEXDH | 173 | if ((shared_secret = sshbuf_new()) == NULL) { |
191 | fprintf(stderr, "dh_server_pub= "); | ||
192 | BN_print_fp(stderr, dh_server_pub); | ||
193 | fprintf(stderr, "\n"); | ||
194 | debug("bits %d", BN_num_bits(dh_server_pub)); | ||
195 | #endif | ||
196 | if (!dh_pub_is_valid(kex->dh, dh_server_pub)) { | ||
197 | sshpkt_disconnect(ssh, "bad server public DH value"); | ||
198 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
199 | goto out; | ||
200 | } | ||
201 | |||
202 | klen = DH_size(kex->dh); | ||
203 | if ((kbuf = malloc(klen)) == NULL || | ||
204 | (shared_secret = BN_new()) == NULL) { | ||
205 | r = SSH_ERR_ALLOC_FAIL; | 174 | r = SSH_ERR_ALLOC_FAIL; |
206 | goto out; | 175 | goto out; |
207 | } | 176 | } |
208 | if ((kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0 || | 177 | if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) |
209 | BN_bin2bn(kbuf, kout, shared_secret) == NULL) { | ||
210 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
211 | goto out; | 178 | goto out; |
212 | } | ||
213 | #ifdef DEBUG_KEXDH | ||
214 | dump_digest("shared secret", kbuf, kout); | ||
215 | #endif | ||
216 | if (ssh->compat & SSH_OLD_DHGEX) | 179 | if (ssh->compat & SSH_OLD_DHGEX) |
217 | kex->min = kex->max = -1; | 180 | kex->min = kex->max = -1; |
218 | 181 | ||
@@ -222,16 +185,16 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
222 | hashlen = sizeof(hash); | 185 | hashlen = sizeof(hash); |
223 | if ((r = kexgex_hash( | 186 | if ((r = kexgex_hash( |
224 | kex->hash_alg, | 187 | kex->hash_alg, |
225 | kex->client_version_string, | 188 | kex->client_version, |
226 | kex->server_version_string, | 189 | kex->server_version, |
227 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 190 | kex->my, |
228 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 191 | kex->peer, |
229 | server_host_key_blob, sbloblen, | 192 | server_host_key_blob, |
230 | kex->min, kex->nbits, kex->max, | 193 | kex->min, kex->nbits, kex->max, |
231 | dh_p, dh_g, | 194 | dh_p, dh_g, |
232 | pub_key, | 195 | pub_key, |
233 | dh_server_pub, | 196 | dh_server_pub, |
234 | shared_secret, | 197 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), |
235 | hash, &hashlen)) != 0) | 198 | hash, &hashlen)) != 0) |
236 | goto out; | 199 | goto out; |
237 | 200 | ||
@@ -239,31 +202,17 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh) | |||
239 | hashlen, kex->hostkey_alg, ssh->compat)) != 0) | 202 | hashlen, kex->hostkey_alg, ssh->compat)) != 0) |
240 | goto out; | 203 | goto out; |
241 | 204 | ||
242 | /* save session id */ | 205 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
243 | if (kex->session_id == NULL) { | ||
244 | kex->session_id_len = hashlen; | ||
245 | kex->session_id = malloc(kex->session_id_len); | ||
246 | if (kex->session_id == NULL) { | ||
247 | r = SSH_ERR_ALLOC_FAIL; | ||
248 | goto out; | ||
249 | } | ||
250 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
251 | } | ||
252 | |||
253 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | ||
254 | r = kex_send_newkeys(ssh); | 206 | r = kex_send_newkeys(ssh); |
255 | out: | 207 | out: |
256 | explicit_bzero(hash, sizeof(hash)); | 208 | explicit_bzero(hash, sizeof(hash)); |
257 | DH_free(kex->dh); | 209 | DH_free(kex->dh); |
258 | kex->dh = NULL; | 210 | kex->dh = NULL; |
259 | BN_clear_free(dh_server_pub); | 211 | BN_clear_free(dh_server_pub); |
260 | if (kbuf) { | 212 | sshbuf_free(shared_secret); |
261 | explicit_bzero(kbuf, klen); | ||
262 | free(kbuf); | ||
263 | } | ||
264 | BN_clear_free(shared_secret); | ||
265 | sshkey_free(server_host_key); | 213 | sshkey_free(server_host_key); |
266 | free(server_host_key_blob); | 214 | sshbuf_free(tmp); |
215 | sshbuf_free(server_host_key_blob); | ||
267 | free(signature); | 216 | free(signature); |
268 | return r; | 217 | return r; |
269 | } | 218 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexgexs.c,v 1.35 2018/10/04 00:04:41 djm Exp $ */ | 1 | /* $OpenBSD: kexgexs.c,v 1.42 2019/01/23 00:30:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
@@ -126,130 +126,78 @@ static int | |||
126 | input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) | 126 | input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) |
127 | { | 127 | { |
128 | struct kex *kex = ssh->kex; | 128 | struct kex *kex = ssh->kex; |
129 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; | 129 | BIGNUM *dh_client_pub = NULL; |
130 | const BIGNUM *pub_key, *dh_p, *dh_g; | 130 | const BIGNUM *pub_key, *dh_p, *dh_g; |
131 | struct sshbuf *shared_secret = NULL; | ||
132 | struct sshbuf *server_host_key_blob = NULL; | ||
131 | struct sshkey *server_host_public, *server_host_private; | 133 | struct sshkey *server_host_public, *server_host_private; |
132 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | 134 | u_char *signature = NULL; |
133 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 135 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
134 | size_t sbloblen, slen; | 136 | size_t slen, hashlen; |
135 | size_t klen = 0, hashlen; | 137 | int r; |
136 | int kout, r; | ||
137 | 138 | ||
138 | if (kex->load_host_public_key == NULL || | 139 | if ((r = kex_load_hostkey(ssh, &server_host_private, |
139 | kex->load_host_private_key == NULL) { | 140 | &server_host_public)) != 0) |
140 | r = SSH_ERR_INVALID_ARGUMENT; | ||
141 | goto out; | ||
142 | } | ||
143 | server_host_public = kex->load_host_public_key(kex->hostkey_type, | ||
144 | kex->hostkey_nid, ssh); | ||
145 | server_host_private = kex->load_host_private_key(kex->hostkey_type, | ||
146 | kex->hostkey_nid, ssh); | ||
147 | if (server_host_public == NULL) { | ||
148 | r = SSH_ERR_NO_HOSTKEY_LOADED; | ||
149 | goto out; | 141 | goto out; |
150 | } | ||
151 | 142 | ||
152 | /* key, cert */ | 143 | /* key, cert */ |
153 | if ((dh_client_pub = BN_new()) == NULL) { | 144 | if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || |
154 | r = SSH_ERR_ALLOC_FAIL; | ||
155 | goto out; | ||
156 | } | ||
157 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || | ||
158 | (r = sshpkt_get_end(ssh)) != 0) | 145 | (r = sshpkt_get_end(ssh)) != 0) |
159 | goto out; | 146 | goto out; |
160 | 147 | if ((shared_secret = sshbuf_new()) == NULL) { | |
161 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
162 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
163 | |||
164 | #ifdef DEBUG_KEXDH | ||
165 | fprintf(stderr, "dh_client_pub= "); | ||
166 | BN_print_fp(stderr, dh_client_pub); | ||
167 | fprintf(stderr, "\n"); | ||
168 | debug("bits %d", BN_num_bits(dh_client_pub)); | ||
169 | DHparams_print_fp(stderr, kex->dh); | ||
170 | fprintf(stderr, "pub= "); | ||
171 | BN_print_fp(stderr, pub_key); | ||
172 | fprintf(stderr, "\n"); | ||
173 | #endif | ||
174 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { | ||
175 | sshpkt_disconnect(ssh, "bad client public DH value"); | ||
176 | r = SSH_ERR_MESSAGE_INCOMPLETE; | ||
177 | goto out; | ||
178 | } | ||
179 | |||
180 | klen = DH_size(kex->dh); | ||
181 | if ((kbuf = malloc(klen)) == NULL || | ||
182 | (shared_secret = BN_new()) == NULL) { | ||
183 | r = SSH_ERR_ALLOC_FAIL; | 148 | r = SSH_ERR_ALLOC_FAIL; |
184 | goto out; | 149 | goto out; |
185 | } | 150 | } |
186 | if ((kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0 || | 151 | if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) |
187 | BN_bin2bn(kbuf, kout, shared_secret) == NULL) { | 152 | goto out; |
188 | r = SSH_ERR_LIBCRYPTO_ERROR; | 153 | if ((server_host_key_blob = sshbuf_new()) == NULL) { |
154 | r = SSH_ERR_ALLOC_FAIL; | ||
189 | goto out; | 155 | goto out; |
190 | } | 156 | } |
191 | #ifdef DEBUG_KEXDH | 157 | if ((r = sshkey_putb(server_host_public, server_host_key_blob)) != 0) |
192 | dump_digest("shared secret", kbuf, kout); | ||
193 | #endif | ||
194 | if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob, | ||
195 | &sbloblen)) != 0) | ||
196 | goto out; | 158 | goto out; |
159 | |||
197 | /* calc H */ | 160 | /* calc H */ |
161 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
162 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
198 | hashlen = sizeof(hash); | 163 | hashlen = sizeof(hash); |
199 | if ((r = kexgex_hash( | 164 | if ((r = kexgex_hash( |
200 | kex->hash_alg, | 165 | kex->hash_alg, |
201 | kex->client_version_string, | 166 | kex->client_version, |
202 | kex->server_version_string, | 167 | kex->server_version, |
203 | sshbuf_ptr(kex->peer), sshbuf_len(kex->peer), | 168 | kex->peer, |
204 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 169 | kex->my, |
205 | server_host_key_blob, sbloblen, | 170 | server_host_key_blob, |
206 | kex->min, kex->nbits, kex->max, | 171 | kex->min, kex->nbits, kex->max, |
207 | dh_p, dh_g, | 172 | dh_p, dh_g, |
208 | dh_client_pub, | 173 | dh_client_pub, |
209 | pub_key, | 174 | pub_key, |
210 | shared_secret, | 175 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), |
211 | hash, &hashlen)) != 0) | 176 | hash, &hashlen)) != 0) |
212 | goto out; | 177 | goto out; |
213 | 178 | ||
214 | /* save session id := H */ | ||
215 | if (kex->session_id == NULL) { | ||
216 | kex->session_id_len = hashlen; | ||
217 | kex->session_id = malloc(kex->session_id_len); | ||
218 | if (kex->session_id == NULL) { | ||
219 | r = SSH_ERR_ALLOC_FAIL; | ||
220 | goto out; | ||
221 | } | ||
222 | memcpy(kex->session_id, hash, kex->session_id_len); | ||
223 | } | ||
224 | |||
225 | /* sign H */ | 179 | /* sign H */ |
226 | if ((r = kex->sign(server_host_private, server_host_public, &signature, | 180 | if ((r = kex->sign(ssh, server_host_private, server_host_public, |
227 | &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0) | 181 | &signature, &slen, hash, hashlen, kex->hostkey_alg)) < 0) |
228 | goto out; | 182 | goto out; |
229 | 183 | ||
230 | /* destroy_sensitive_data(); */ | ||
231 | |||
232 | /* send server hostkey, DH pubkey 'f' and signed H */ | 184 | /* send server hostkey, DH pubkey 'f' and signed H */ |
233 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || | 185 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || |
234 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | 186 | (r = sshpkt_put_stringb(ssh, server_host_key_blob)) != 0 || |
235 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ | 187 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ |
236 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | 188 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || |
237 | (r = sshpkt_send(ssh)) != 0) | 189 | (r = sshpkt_send(ssh)) != 0) |
238 | goto out; | 190 | goto out; |
239 | 191 | ||
240 | if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0) | 192 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
241 | r = kex_send_newkeys(ssh); | 193 | r = kex_send_newkeys(ssh); |
242 | out: | 194 | out: |
243 | explicit_bzero(hash, sizeof(hash)); | 195 | explicit_bzero(hash, sizeof(hash)); |
244 | DH_free(kex->dh); | 196 | DH_free(kex->dh); |
245 | kex->dh = NULL; | 197 | kex->dh = NULL; |
246 | BN_clear_free(dh_client_pub); | 198 | BN_clear_free(dh_client_pub); |
247 | if (kbuf) { | 199 | sshbuf_free(shared_secret); |
248 | explicit_bzero(kbuf, klen); | 200 | sshbuf_free(server_host_key_blob); |
249 | free(kbuf); | ||
250 | } | ||
251 | BN_clear_free(shared_secret); | ||
252 | free(server_host_key_blob); | ||
253 | free(signature); | 201 | free(signature); |
254 | return r; | 202 | return r; |
255 | } | 203 | } |
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | 26 | ||
27 | #ifdef GSSAPI | 27 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
28 | 28 | ||
29 | #include "includes.h" | 29 | #include "includes.h" |
30 | 30 | ||
@@ -43,113 +43,88 @@ | |||
43 | #include "packet.h" | 43 | #include "packet.h" |
44 | #include "dh.h" | 44 | #include "dh.h" |
45 | #include "digest.h" | 45 | #include "digest.h" |
46 | #include "ssherr.h" | ||
46 | 47 | ||
47 | #include "ssh-gss.h" | 48 | #include "ssh-gss.h" |
48 | 49 | ||
49 | int | 50 | int |
50 | kexgss_client(struct ssh *ssh) { | 51 | kexgss_client(struct ssh *ssh) |
51 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | 52 | { |
52 | gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr; | 53 | struct kex *kex = ssh->kex; |
54 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, | ||
55 | recv_tok = GSS_C_EMPTY_BUFFER, | ||
56 | gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; | ||
53 | Gssctxt *ctxt; | 57 | Gssctxt *ctxt; |
54 | OM_uint32 maj_status, min_status, ret_flags; | 58 | OM_uint32 maj_status, min_status, ret_flags; |
55 | u_int klen, kout, slen = 0, strlen; | 59 | struct sshbuf *server_blob = NULL; |
56 | DH *dh; | 60 | struct sshbuf *shared_secret = NULL; |
57 | BIGNUM *dh_server_pub = NULL; | 61 | struct sshbuf *server_host_key_blob = NULL; |
58 | BIGNUM *shared_secret = NULL; | 62 | struct sshbuf *empty = NULL; |
59 | const BIGNUM *pub_key, *dh_p, *dh_g; | 63 | u_char *msg; |
60 | BIGNUM *p = NULL; | ||
61 | BIGNUM *g = NULL; | ||
62 | u_char *kbuf; | ||
63 | u_char *serverhostkey = NULL; | ||
64 | u_char *empty = ""; | ||
65 | char *msg; | ||
66 | int type = 0; | 64 | int type = 0; |
67 | int first = 1; | 65 | int first = 1; |
68 | int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; | ||
69 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 66 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
70 | size_t hashlen; | 67 | size_t hashlen; |
68 | u_char c; | ||
69 | int r; | ||
71 | 70 | ||
72 | /* Initialise our GSSAPI world */ | 71 | /* Initialise our GSSAPI world */ |
73 | ssh_gssapi_build_ctx(&ctxt); | 72 | ssh_gssapi_build_ctx(&ctxt); |
74 | if (ssh_gssapi_id_kex(ctxt, ssh->kex->name, ssh->kex->kex_type) | 73 | if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) |
75 | == GSS_C_NO_OID) | 74 | == GSS_C_NO_OID) |
76 | fatal("Couldn't identify host exchange"); | 75 | fatal("Couldn't identify host exchange"); |
77 | 76 | ||
78 | if (ssh_gssapi_import_name(ctxt, ssh->kex->gss_host)) | 77 | if (ssh_gssapi_import_name(ctxt, kex->gss_host)) |
79 | fatal("Couldn't import hostname"); | 78 | fatal("Couldn't import hostname"); |
80 | 79 | ||
81 | if (ssh->kex->gss_client && | 80 | if (kex->gss_client && |
82 | ssh_gssapi_client_identity(ctxt, ssh->kex->gss_client)) | 81 | ssh_gssapi_client_identity(ctxt, kex->gss_client)) |
83 | fatal("Couldn't acquire client credentials"); | 82 | fatal("Couldn't acquire client credentials"); |
84 | 83 | ||
85 | switch (ssh->kex->kex_type) { | 84 | /* Step 1 */ |
85 | switch (kex->kex_type) { | ||
86 | case KEX_GSS_GRP1_SHA1: | 86 | case KEX_GSS_GRP1_SHA1: |
87 | dh = dh_new_group1(); | ||
88 | break; | ||
89 | case KEX_GSS_GRP14_SHA1: | 87 | case KEX_GSS_GRP14_SHA1: |
90 | dh = dh_new_group14(); | 88 | case KEX_GSS_GRP14_SHA256: |
89 | case KEX_GSS_GRP16_SHA512: | ||
90 | r = kex_dh_keypair(kex); | ||
91 | break; | 91 | break; |
92 | case KEX_GSS_GEX_SHA1: | 92 | case KEX_GSS_NISTP256_SHA256: |
93 | debug("Doing group exchange\n"); | 93 | r = kex_ecdh_keypair(kex); |
94 | nbits = dh_estimate(ssh->kex->we_need * 8); | 94 | break; |
95 | packet_start(SSH2_MSG_KEXGSS_GROUPREQ); | 95 | case KEX_GSS_C25519_SHA256: |
96 | packet_put_int(min); | 96 | r = kex_c25519_keypair(kex); |
97 | packet_put_int(nbits); | ||
98 | packet_put_int(max); | ||
99 | |||
100 | packet_send(); | ||
101 | |||
102 | packet_read_expect(SSH2_MSG_KEXGSS_GROUP); | ||
103 | |||
104 | if ((p = BN_new()) == NULL) | ||
105 | fatal("BN_new() failed"); | ||
106 | packet_get_bignum2(p); | ||
107 | if ((g = BN_new()) == NULL) | ||
108 | fatal("BN_new() failed"); | ||
109 | packet_get_bignum2(g); | ||
110 | packet_check_eom(); | ||
111 | |||
112 | if (BN_num_bits(p) < min || BN_num_bits(p) > max) | ||
113 | fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", | ||
114 | min, BN_num_bits(p), max); | ||
115 | |||
116 | dh = dh_new_group(g, p); | ||
117 | break; | 97 | break; |
118 | default: | 98 | default: |
119 | fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 99 | fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); |
120 | } | 100 | } |
121 | 101 | if (r != 0) | |
122 | /* Step 1 - e is dh->pub_key */ | 102 | return r; |
123 | dh_gen_key(dh, ssh->kex->we_need * 8); | ||
124 | DH_get0_key(dh, &pub_key, NULL); | ||
125 | DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | ||
126 | |||
127 | /* This is f, we initialise it now to make life easier */ | ||
128 | dh_server_pub = BN_new(); | ||
129 | if (dh_server_pub == NULL) | ||
130 | fatal("dh_server_pub == NULL"); | ||
131 | 103 | ||
132 | token_ptr = GSS_C_NO_BUFFER; | 104 | token_ptr = GSS_C_NO_BUFFER; |
133 | 105 | ||
134 | do { | 106 | do { |
135 | debug("Calling gss_init_sec_context"); | 107 | debug("Calling gss_init_sec_context"); |
136 | 108 | ||
137 | maj_status = ssh_gssapi_init_ctx(ctxt, | 109 | maj_status = ssh_gssapi_init_ctx(ctxt, |
138 | ssh->kex->gss_deleg_creds, token_ptr, &send_tok, | 110 | kex->gss_deleg_creds, token_ptr, &send_tok, |
139 | &ret_flags); | 111 | &ret_flags); |
140 | 112 | ||
141 | if (GSS_ERROR(maj_status)) { | 113 | if (GSS_ERROR(maj_status)) { |
114 | /* XXX Useles code: Missing send? */ | ||
142 | if (send_tok.length != 0) { | 115 | if (send_tok.length != 0) { |
143 | packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 116 | if ((r = sshpkt_start(ssh, |
144 | packet_put_string(send_tok.value, | 117 | SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
145 | send_tok.length); | 118 | (r = sshpkt_put_string(ssh, send_tok.value, |
119 | send_tok.length)) != 0) | ||
120 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
146 | } | 121 | } |
147 | fatal("gss_init_context failed"); | 122 | fatal("gss_init_context failed"); |
148 | } | 123 | } |
149 | 124 | ||
150 | /* If we've got an old receive buffer get rid of it */ | 125 | /* If we've got an old receive buffer get rid of it */ |
151 | if (token_ptr != GSS_C_NO_BUFFER) | 126 | if (token_ptr != GSS_C_NO_BUFFER) |
152 | free(recv_tok.value); | 127 | gss_release_buffer(&min_status, &recv_tok); |
153 | 128 | ||
154 | if (maj_status == GSS_S_COMPLETE) { | 129 | if (maj_status == GSS_S_COMPLETE) { |
155 | /* If mutual state flag is not true, kex fails */ | 130 | /* If mutual state flag is not true, kex fails */ |
@@ -161,75 +136,90 @@ kexgss_client(struct ssh *ssh) { | |||
161 | fatal("Integrity check failed"); | 136 | fatal("Integrity check failed"); |
162 | } | 137 | } |
163 | 138 | ||
164 | /* | 139 | /* |
165 | * If we have data to send, then the last message that we | 140 | * If we have data to send, then the last message that we |
166 | * received cannot have been a 'complete'. | 141 | * received cannot have been a 'complete'. |
167 | */ | 142 | */ |
168 | if (send_tok.length != 0) { | 143 | if (send_tok.length != 0) { |
169 | if (first) { | 144 | if (first) { |
170 | packet_start(SSH2_MSG_KEXGSS_INIT); | 145 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || |
171 | packet_put_string(send_tok.value, | 146 | (r = sshpkt_put_string(ssh, send_tok.value, |
172 | send_tok.length); | 147 | send_tok.length)) != 0 || |
173 | packet_put_bignum2(pub_key); | 148 | (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0) |
149 | fatal("failed to construct packet: %s", ssh_err(r)); | ||
174 | first = 0; | 150 | first = 0; |
175 | } else { | 151 | } else { |
176 | packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 152 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
177 | packet_put_string(send_tok.value, | 153 | (r = sshpkt_put_string(ssh, send_tok.value, |
178 | send_tok.length); | 154 | send_tok.length)) != 0) |
155 | fatal("failed to construct packet: %s", ssh_err(r)); | ||
179 | } | 156 | } |
180 | packet_send(); | 157 | if ((r = sshpkt_send(ssh)) != 0) |
158 | fatal("failed to send packet: %s", ssh_err(r)); | ||
181 | gss_release_buffer(&min_status, &send_tok); | 159 | gss_release_buffer(&min_status, &send_tok); |
182 | 160 | ||
183 | /* If we've sent them data, they should reply */ | 161 | /* If we've sent them data, they should reply */ |
184 | do { | 162 | do { |
185 | type = packet_read(); | 163 | type = ssh_packet_read(ssh); |
186 | if (type == SSH2_MSG_KEXGSS_HOSTKEY) { | 164 | if (type == SSH2_MSG_KEXGSS_HOSTKEY) { |
187 | debug("Received KEXGSS_HOSTKEY"); | 165 | debug("Received KEXGSS_HOSTKEY"); |
188 | if (serverhostkey) | 166 | if (server_host_key_blob) |
189 | fatal("Server host key received more than once"); | 167 | fatal("Server host key received more than once"); |
190 | serverhostkey = | 168 | if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) |
191 | packet_get_string(&slen); | 169 | fatal("Failed to read server host key: %s", ssh_err(r)); |
192 | } | 170 | } |
193 | } while (type == SSH2_MSG_KEXGSS_HOSTKEY); | 171 | } while (type == SSH2_MSG_KEXGSS_HOSTKEY); |
194 | 172 | ||
195 | switch (type) { | 173 | switch (type) { |
196 | case SSH2_MSG_KEXGSS_CONTINUE: | 174 | case SSH2_MSG_KEXGSS_CONTINUE: |
197 | debug("Received GSSAPI_CONTINUE"); | 175 | debug("Received GSSAPI_CONTINUE"); |
198 | if (maj_status == GSS_S_COMPLETE) | 176 | if (maj_status == GSS_S_COMPLETE) |
199 | fatal("GSSAPI Continue received from server when complete"); | 177 | fatal("GSSAPI Continue received from server when complete"); |
200 | recv_tok.value = packet_get_string(&strlen); | 178 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
201 | recv_tok.length = strlen; | 179 | &recv_tok)) != 0 || |
180 | (r = sshpkt_get_end(ssh)) != 0) | ||
181 | fatal("Failed to read token: %s", ssh_err(r)); | ||
202 | break; | 182 | break; |
203 | case SSH2_MSG_KEXGSS_COMPLETE: | 183 | case SSH2_MSG_KEXGSS_COMPLETE: |
204 | debug("Received GSSAPI_COMPLETE"); | 184 | debug("Received GSSAPI_COMPLETE"); |
205 | packet_get_bignum2(dh_server_pub); | 185 | if (msg_tok.value != NULL) |
206 | msg_tok.value = packet_get_string(&strlen); | 186 | fatal("Received GSSAPI_COMPLETE twice?"); |
207 | msg_tok.length = strlen; | 187 | if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || |
188 | (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
189 | &msg_tok)) != 0) | ||
190 | fatal("Failed to read message: %s", ssh_err(r)); | ||
208 | 191 | ||
209 | /* Is there a token included? */ | 192 | /* Is there a token included? */ |
210 | if (packet_get_char()) { | 193 | if ((r = sshpkt_get_u8(ssh, &c)) != 0) |
211 | recv_tok.value= | 194 | fatal("sshpkt failed: %s", ssh_err(r)); |
212 | packet_get_string(&strlen); | 195 | if (c) { |
213 | recv_tok.length = strlen; | 196 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc( |
197 | ssh, &recv_tok)) != 0) | ||
198 | fatal("Failed to read token: %s", ssh_err(r)); | ||
214 | /* If we're already complete - protocol error */ | 199 | /* If we're already complete - protocol error */ |
215 | if (maj_status == GSS_S_COMPLETE) | 200 | if (maj_status == GSS_S_COMPLETE) |
216 | packet_disconnect("Protocol error: received token when complete"); | 201 | sshpkt_disconnect(ssh, "Protocol error: received token when complete"); |
217 | } else { | 202 | } else { |
218 | /* No token included */ | 203 | /* No token included */ |
219 | if (maj_status != GSS_S_COMPLETE) | 204 | if (maj_status != GSS_S_COMPLETE) |
220 | packet_disconnect("Protocol error: did not receive final token"); | 205 | sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); |
206 | } | ||
207 | if ((r = sshpkt_get_end(ssh)) != 0) { | ||
208 | fatal("Expecting end of packet."); | ||
221 | } | 209 | } |
222 | break; | 210 | break; |
223 | case SSH2_MSG_KEXGSS_ERROR: | 211 | case SSH2_MSG_KEXGSS_ERROR: |
224 | debug("Received Error"); | 212 | debug("Received Error"); |
225 | maj_status = packet_get_int(); | 213 | if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || |
226 | min_status = packet_get_int(); | 214 | (r = sshpkt_get_u32(ssh, &min_status)) != 0 || |
227 | msg = packet_get_string(NULL); | 215 | (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || |
228 | (void) packet_get_string_ptr(NULL); | 216 | (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ |
229 | fatal("GSSAPI Error: \n%.400s",msg); | 217 | (r = sshpkt_get_end(ssh)) != 0) |
218 | fatal("sshpkt_get failed: %s", ssh_err(r)); | ||
219 | fatal("GSSAPI Error: \n%.400s", msg); | ||
230 | default: | 220 | default: |
231 | packet_disconnect("Protocol error: didn't expect packet type %d", | 221 | sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", |
232 | type); | 222 | type); |
233 | } | 223 | } |
234 | token_ptr = &recv_tok; | 224 | token_ptr = &recv_tok; |
235 | } else { | 225 | } else { |
@@ -239,93 +229,358 @@ kexgss_client(struct ssh *ssh) { | |||
239 | } | 229 | } |
240 | } while (maj_status & GSS_S_CONTINUE_NEEDED); | 230 | } while (maj_status & GSS_S_CONTINUE_NEEDED); |
241 | 231 | ||
242 | /* | 232 | /* |
243 | * We _must_ have received a COMPLETE message in reply from the | 233 | * We _must_ have received a COMPLETE message in reply from the |
244 | * server, which will have set dh_server_pub and msg_tok | 234 | * server, which will have set server_blob and msg_tok |
245 | */ | 235 | */ |
246 | 236 | ||
247 | if (type != SSH2_MSG_KEXGSS_COMPLETE) | 237 | if (type != SSH2_MSG_KEXGSS_COMPLETE) |
248 | fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); | 238 | fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); |
249 | 239 | ||
250 | /* Check f in range [1, p-1] */ | 240 | /* compute shared secret */ |
251 | if (!dh_pub_is_valid(dh, dh_server_pub)) | 241 | switch (kex->kex_type) { |
252 | packet_disconnect("bad server public DH value"); | ||
253 | |||
254 | /* compute K=f^x mod p */ | ||
255 | klen = DH_size(dh); | ||
256 | kbuf = xmalloc(klen); | ||
257 | kout = DH_compute_key(kbuf, dh_server_pub, dh); | ||
258 | if (kout < 0) | ||
259 | fatal("DH_compute_key: failed"); | ||
260 | |||
261 | shared_secret = BN_new(); | ||
262 | if (shared_secret == NULL) | ||
263 | fatal("kexgss_client: BN_new failed"); | ||
264 | |||
265 | if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) | ||
266 | fatal("kexdh_client: BN_bin2bn failed"); | ||
267 | |||
268 | memset(kbuf, 0, klen); | ||
269 | free(kbuf); | ||
270 | |||
271 | hashlen = sizeof(hash); | ||
272 | switch (ssh->kex->kex_type) { | ||
273 | case KEX_GSS_GRP1_SHA1: | 242 | case KEX_GSS_GRP1_SHA1: |
274 | case KEX_GSS_GRP14_SHA1: | 243 | case KEX_GSS_GRP14_SHA1: |
275 | kex_dh_hash( | 244 | case KEX_GSS_GRP14_SHA256: |
276 | ssh->kex->hash_alg, | 245 | case KEX_GSS_GRP16_SHA512: |
277 | ssh->kex->client_version_string, | 246 | r = kex_dh_dec(kex, server_blob, &shared_secret); |
278 | ssh->kex->server_version_string, | 247 | break; |
279 | sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 248 | case KEX_GSS_C25519_SHA256: |
280 | sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 249 | if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80) |
281 | (serverhostkey ? serverhostkey : empty), slen, | 250 | fatal("The received key has MSB of last octet set!"); |
282 | pub_key, /* e */ | 251 | r = kex_c25519_dec(kex, server_blob, &shared_secret); |
283 | dh_server_pub, /* f */ | ||
284 | shared_secret, /* K */ | ||
285 | hash, &hashlen | ||
286 | ); | ||
287 | break; | 252 | break; |
288 | case KEX_GSS_GEX_SHA1: | 253 | case KEX_GSS_NISTP256_SHA256: |
289 | kexgex_hash( | 254 | if (sshbuf_len(server_blob) != 65) |
290 | ssh->kex->hash_alg, | 255 | fatal("The received NIST-P256 key did not match" |
291 | ssh->kex->client_version_string, | 256 | "expected length (expected 65, got %zu)", sshbuf_len(server_blob)); |
292 | ssh->kex->server_version_string, | 257 | |
293 | sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 258 | if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED) |
294 | sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 259 | fatal("The received NIST-P256 key does not have first octet 0x04"); |
295 | (serverhostkey ? serverhostkey : empty), slen, | 260 | |
296 | min, nbits, max, | 261 | r = kex_ecdh_dec(kex, server_blob, &shared_secret); |
297 | dh_p, dh_g, | ||
298 | pub_key, | ||
299 | dh_server_pub, | ||
300 | shared_secret, | ||
301 | hash, &hashlen | ||
302 | ); | ||
303 | break; | 262 | break; |
304 | default: | 263 | default: |
305 | fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 264 | r = SSH_ERR_INVALID_ARGUMENT; |
265 | break; | ||
266 | } | ||
267 | if (r != 0) | ||
268 | goto out; | ||
269 | |||
270 | if ((empty = sshbuf_new()) == NULL) { | ||
271 | r = SSH_ERR_ALLOC_FAIL; | ||
272 | goto out; | ||
306 | } | 273 | } |
307 | 274 | ||
275 | hashlen = sizeof(hash); | ||
276 | if ((r = kex_gen_hash( | ||
277 | kex->hash_alg, | ||
278 | kex->client_version, | ||
279 | kex->server_version, | ||
280 | kex->my, | ||
281 | kex->peer, | ||
282 | (server_host_key_blob ? server_host_key_blob : empty), | ||
283 | kex->client_pub, | ||
284 | server_blob, | ||
285 | shared_secret, | ||
286 | hash, &hashlen)) != 0) | ||
287 | fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); | ||
288 | |||
308 | gssbuf.value = hash; | 289 | gssbuf.value = hash; |
309 | gssbuf.length = hashlen; | 290 | gssbuf.length = hashlen; |
310 | 291 | ||
311 | /* Verify that the hash matches the MIC we just got. */ | 292 | /* Verify that the hash matches the MIC we just got. */ |
312 | if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) | 293 | if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) |
313 | packet_disconnect("Hash's MIC didn't verify"); | 294 | sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); |
314 | 295 | ||
315 | free(msg_tok.value); | 296 | gss_release_buffer(&min_status, &msg_tok); |
316 | 297 | ||
317 | DH_free(dh); | 298 | if (kex->gss_deleg_creds) |
318 | free(serverhostkey); | 299 | ssh_gssapi_credentials_updated(ctxt); |
319 | BN_clear_free(dh_server_pub); | 300 | |
301 | if (gss_kex_context == NULL) | ||
302 | gss_kex_context = ctxt; | ||
303 | else | ||
304 | ssh_gssapi_delete_ctx(&ctxt); | ||
305 | |||
306 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | ||
307 | r = kex_send_newkeys(ssh); | ||
308 | |||
309 | out: | ||
310 | explicit_bzero(hash, sizeof(hash)); | ||
311 | explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); | ||
312 | sshbuf_free(empty); | ||
313 | sshbuf_free(server_host_key_blob); | ||
314 | sshbuf_free(server_blob); | ||
315 | sshbuf_free(shared_secret); | ||
316 | sshbuf_free(kex->client_pub); | ||
317 | kex->client_pub = NULL; | ||
318 | return r; | ||
319 | } | ||
320 | |||
321 | int | ||
322 | kexgssgex_client(struct ssh *ssh) | ||
323 | { | ||
324 | struct kex *kex = ssh->kex; | ||
325 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER, | ||
326 | recv_tok = GSS_C_EMPTY_BUFFER, gssbuf, | ||
327 | msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr; | ||
328 | Gssctxt *ctxt; | ||
329 | OM_uint32 maj_status, min_status, ret_flags; | ||
330 | struct sshbuf *shared_secret = NULL; | ||
331 | BIGNUM *p = NULL; | ||
332 | BIGNUM *g = NULL; | ||
333 | struct sshbuf *buf = NULL; | ||
334 | struct sshbuf *server_host_key_blob = NULL; | ||
335 | struct sshbuf *server_blob = NULL; | ||
336 | BIGNUM *dh_server_pub = NULL; | ||
337 | u_char *msg; | ||
338 | int type = 0; | ||
339 | int first = 1; | ||
340 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
341 | size_t hashlen; | ||
342 | const BIGNUM *pub_key, *dh_p, *dh_g; | ||
343 | int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; | ||
344 | struct sshbuf *empty = NULL; | ||
345 | u_char c; | ||
346 | int r; | ||
347 | |||
348 | /* Initialise our GSSAPI world */ | ||
349 | ssh_gssapi_build_ctx(&ctxt); | ||
350 | if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) | ||
351 | == GSS_C_NO_OID) | ||
352 | fatal("Couldn't identify host exchange"); | ||
353 | |||
354 | if (ssh_gssapi_import_name(ctxt, kex->gss_host)) | ||
355 | fatal("Couldn't import hostname"); | ||
356 | |||
357 | if (kex->gss_client && | ||
358 | ssh_gssapi_client_identity(ctxt, kex->gss_client)) | ||
359 | fatal("Couldn't acquire client credentials"); | ||
360 | |||
361 | debug("Doing group exchange"); | ||
362 | nbits = dh_estimate(kex->dh_need * 8); | ||
363 | |||
364 | kex->min = DH_GRP_MIN; | ||
365 | kex->max = DH_GRP_MAX; | ||
366 | kex->nbits = nbits; | ||
367 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 || | ||
368 | (r = sshpkt_put_u32(ssh, min)) != 0 || | ||
369 | (r = sshpkt_put_u32(ssh, nbits)) != 0 || | ||
370 | (r = sshpkt_put_u32(ssh, max)) != 0 || | ||
371 | (r = sshpkt_send(ssh)) != 0) | ||
372 | fatal("Failed to construct a packet: %s", ssh_err(r)); | ||
373 | |||
374 | if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0) | ||
375 | fatal("Error: %s", ssh_err(r)); | ||
376 | |||
377 | if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 || | ||
378 | (r = sshpkt_get_bignum2(ssh, &g)) != 0 || | ||
379 | (r = sshpkt_get_end(ssh)) != 0) | ||
380 | fatal("shpkt_get_bignum2 failed: %s", ssh_err(r)); | ||
381 | |||
382 | if (BN_num_bits(p) < min || BN_num_bits(p) > max) | ||
383 | fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", | ||
384 | min, BN_num_bits(p), max); | ||
385 | |||
386 | if ((kex->dh = dh_new_group(g, p)) == NULL) | ||
387 | fatal("dn_new_group() failed"); | ||
388 | p = g = NULL; /* belong to kex->dh now */ | ||
389 | |||
390 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
391 | goto out; | ||
392 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
393 | |||
394 | token_ptr = GSS_C_NO_BUFFER; | ||
395 | |||
396 | do { | ||
397 | /* Step 2 - call GSS_Init_sec_context() */ | ||
398 | debug("Calling gss_init_sec_context"); | ||
399 | |||
400 | maj_status = ssh_gssapi_init_ctx(ctxt, | ||
401 | kex->gss_deleg_creds, token_ptr, &send_tok, | ||
402 | &ret_flags); | ||
403 | |||
404 | if (GSS_ERROR(maj_status)) { | ||
405 | /* XXX Useles code: Missing send? */ | ||
406 | if (send_tok.length != 0) { | ||
407 | if ((r = sshpkt_start(ssh, | ||
408 | SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
409 | (r = sshpkt_put_string(ssh, send_tok.value, | ||
410 | send_tok.length)) != 0) | ||
411 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
412 | } | ||
413 | fatal("gss_init_context failed"); | ||
414 | } | ||
415 | |||
416 | /* If we've got an old receive buffer get rid of it */ | ||
417 | if (token_ptr != GSS_C_NO_BUFFER) | ||
418 | gss_release_buffer(&min_status, &recv_tok); | ||
419 | |||
420 | if (maj_status == GSS_S_COMPLETE) { | ||
421 | /* If mutual state flag is not true, kex fails */ | ||
422 | if (!(ret_flags & GSS_C_MUTUAL_FLAG)) | ||
423 | fatal("Mutual authentication failed"); | ||
424 | |||
425 | /* If integ avail flag is not true kex fails */ | ||
426 | if (!(ret_flags & GSS_C_INTEG_FLAG)) | ||
427 | fatal("Integrity check failed"); | ||
428 | } | ||
429 | |||
430 | /* | ||
431 | * If we have data to send, then the last message that we | ||
432 | * received cannot have been a 'complete'. | ||
433 | */ | ||
434 | if (send_tok.length != 0) { | ||
435 | if (first) { | ||
436 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 || | ||
437 | (r = sshpkt_put_string(ssh, send_tok.value, | ||
438 | send_tok.length)) != 0 || | ||
439 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0) | ||
440 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
441 | first = 0; | ||
442 | } else { | ||
443 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
444 | (r = sshpkt_put_string(ssh,send_tok.value, | ||
445 | send_tok.length)) != 0) | ||
446 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
447 | } | ||
448 | if ((r = sshpkt_send(ssh)) != 0) | ||
449 | fatal("sshpkt_send failed: %s", ssh_err(r)); | ||
450 | gss_release_buffer(&min_status, &send_tok); | ||
451 | |||
452 | /* If we've sent them data, they should reply */ | ||
453 | do { | ||
454 | type = ssh_packet_read(ssh); | ||
455 | if (type == SSH2_MSG_KEXGSS_HOSTKEY) { | ||
456 | debug("Received KEXGSS_HOSTKEY"); | ||
457 | if (server_host_key_blob) | ||
458 | fatal("Server host key received more than once"); | ||
459 | if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0) | ||
460 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
461 | } | ||
462 | } while (type == SSH2_MSG_KEXGSS_HOSTKEY); | ||
463 | |||
464 | switch (type) { | ||
465 | case SSH2_MSG_KEXGSS_CONTINUE: | ||
466 | debug("Received GSSAPI_CONTINUE"); | ||
467 | if (maj_status == GSS_S_COMPLETE) | ||
468 | fatal("GSSAPI Continue received from server when complete"); | ||
469 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
470 | &recv_tok)) != 0 || | ||
471 | (r = sshpkt_get_end(ssh)) != 0) | ||
472 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
473 | break; | ||
474 | case SSH2_MSG_KEXGSS_COMPLETE: | ||
475 | debug("Received GSSAPI_COMPLETE"); | ||
476 | if (msg_tok.value != NULL) | ||
477 | fatal("Received GSSAPI_COMPLETE twice?"); | ||
478 | if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 || | ||
479 | (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
480 | &msg_tok)) != 0) | ||
481 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
482 | |||
483 | /* Is there a token included? */ | ||
484 | if ((r = sshpkt_get_u8(ssh, &c)) != 0) | ||
485 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
486 | if (c) { | ||
487 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc( | ||
488 | ssh, &recv_tok)) != 0 || | ||
489 | (r = sshpkt_get_end(ssh)) != 0) | ||
490 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
491 | /* If we're already complete - protocol error */ | ||
492 | if (maj_status == GSS_S_COMPLETE) | ||
493 | sshpkt_disconnect(ssh, "Protocol error: received token when complete"); | ||
494 | } else { | ||
495 | /* No token included */ | ||
496 | if (maj_status != GSS_S_COMPLETE) | ||
497 | sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); | ||
498 | } | ||
499 | break; | ||
500 | case SSH2_MSG_KEXGSS_ERROR: | ||
501 | debug("Received Error"); | ||
502 | if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 || | ||
503 | (r = sshpkt_get_u32(ssh, &min_status)) != 0 || | ||
504 | (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || | ||
505 | (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */ | ||
506 | (r = sshpkt_get_end(ssh)) != 0) | ||
507 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
508 | fatal("GSSAPI Error: \n%.400s", msg); | ||
509 | default: | ||
510 | sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d", | ||
511 | type); | ||
512 | } | ||
513 | token_ptr = &recv_tok; | ||
514 | } else { | ||
515 | /* No data, and not complete */ | ||
516 | if (maj_status != GSS_S_COMPLETE) | ||
517 | fatal("Not complete, and no token output"); | ||
518 | } | ||
519 | } while (maj_status & GSS_S_CONTINUE_NEEDED); | ||
520 | |||
521 | /* | ||
522 | * We _must_ have received a COMPLETE message in reply from the | ||
523 | * server, which will have set dh_server_pub and msg_tok | ||
524 | */ | ||
525 | |||
526 | if (type != SSH2_MSG_KEXGSS_COMPLETE) | ||
527 | fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); | ||
528 | |||
529 | /* 7. C verifies that the key Q_S is valid */ | ||
530 | /* 8. C computes shared secret */ | ||
531 | if ((buf = sshbuf_new()) == NULL || | ||
532 | (r = sshbuf_put_stringb(buf, server_blob)) != 0 || | ||
533 | (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0) | ||
534 | goto out; | ||
535 | sshbuf_free(buf); | ||
536 | buf = NULL; | ||
537 | |||
538 | if ((shared_secret = sshbuf_new()) == NULL) { | ||
539 | r = SSH_ERR_ALLOC_FAIL; | ||
540 | goto out; | ||
541 | } | ||
542 | |||
543 | if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0) | ||
544 | goto out; | ||
545 | if ((empty = sshbuf_new()) == NULL) { | ||
546 | r = SSH_ERR_ALLOC_FAIL; | ||
547 | goto out; | ||
548 | } | ||
549 | |||
550 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
551 | hashlen = sizeof(hash); | ||
552 | if ((r = kexgex_hash( | ||
553 | kex->hash_alg, | ||
554 | kex->client_version, | ||
555 | kex->server_version, | ||
556 | kex->my, | ||
557 | kex->peer, | ||
558 | (server_host_key_blob ? server_host_key_blob : empty), | ||
559 | kex->min, kex->nbits, kex->max, | ||
560 | dh_p, dh_g, | ||
561 | pub_key, | ||
562 | dh_server_pub, | ||
563 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
564 | hash, &hashlen)) != 0) | ||
565 | fatal("Failed to calculate hash: %s", ssh_err(r)); | ||
566 | |||
567 | gssbuf.value = hash; | ||
568 | gssbuf.length = hashlen; | ||
569 | |||
570 | /* Verify that the hash matches the MIC we just got. */ | ||
571 | if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) | ||
572 | sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); | ||
573 | |||
574 | gss_release_buffer(&min_status, &msg_tok); | ||
320 | 575 | ||
321 | /* save session id */ | 576 | /* save session id */ |
322 | if (ssh->kex->session_id == NULL) { | 577 | if (kex->session_id == NULL) { |
323 | ssh->kex->session_id_len = hashlen; | 578 | kex->session_id_len = hashlen; |
324 | ssh->kex->session_id = xmalloc(ssh->kex->session_id_len); | 579 | kex->session_id = xmalloc(kex->session_id_len); |
325 | memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len); | 580 | memcpy(kex->session_id, hash, kex->session_id_len); |
326 | } | 581 | } |
327 | 582 | ||
328 | if (ssh->kex->gss_deleg_creds) | 583 | if (kex->gss_deleg_creds) |
329 | ssh_gssapi_credentials_updated(ctxt); | 584 | ssh_gssapi_credentials_updated(ctxt); |
330 | 585 | ||
331 | if (gss_kex_context == NULL) | 586 | if (gss_kex_context == NULL) |
@@ -333,9 +588,19 @@ kexgss_client(struct ssh *ssh) { | |||
333 | else | 588 | else |
334 | ssh_gssapi_delete_ctx(&ctxt); | 589 | ssh_gssapi_delete_ctx(&ctxt); |
335 | 590 | ||
336 | kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); | 591 | /* Finally derive the keys and send them */ |
337 | BN_clear_free(shared_secret); | 592 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
338 | return kex_send_newkeys(ssh); | 593 | r = kex_send_newkeys(ssh); |
594 | out: | ||
595 | sshbuf_free(buf); | ||
596 | sshbuf_free(server_blob); | ||
597 | sshbuf_free(empty); | ||
598 | explicit_bzero(hash, sizeof(hash)); | ||
599 | DH_free(kex->dh); | ||
600 | kex->dh = NULL; | ||
601 | BN_clear_free(dh_server_pub); | ||
602 | sshbuf_free(shared_secret); | ||
603 | sshbuf_free(server_host_key_blob); | ||
604 | return r; | ||
339 | } | 605 | } |
340 | 606 | #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ | |
341 | #endif /* GSSAPI */ | ||
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | 26 | ||
27 | #ifdef GSSAPI | 27 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
28 | 28 | ||
29 | #include <string.h> | 29 | #include <string.h> |
30 | 30 | ||
@@ -42,40 +42,41 @@ | |||
42 | #include "dh.h" | 42 | #include "dh.h" |
43 | #include "ssh-gss.h" | 43 | #include "ssh-gss.h" |
44 | #include "monitor_wrap.h" | 44 | #include "monitor_wrap.h" |
45 | #include "misc.h" | 45 | #include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ |
46 | #include "servconf.h" | 46 | #include "servconf.h" |
47 | #include "ssh-gss.h" | ||
47 | #include "digest.h" | 48 | #include "digest.h" |
49 | #include "ssherr.h" | ||
48 | 50 | ||
49 | extern ServerOptions options; | 51 | extern ServerOptions options; |
50 | 52 | ||
51 | int | 53 | int |
52 | kexgss_server(struct ssh *ssh) | 54 | kexgss_server(struct ssh *ssh) |
53 | { | 55 | { |
56 | struct kex *kex = ssh->kex; | ||
54 | OM_uint32 maj_status, min_status; | 57 | OM_uint32 maj_status, min_status; |
55 | 58 | ||
56 | /* | 59 | /* |
57 | * Some GSSAPI implementations use the input value of ret_flags (an | 60 | * Some GSSAPI implementations use the input value of ret_flags (an |
58 | * output variable) as a means of triggering mechanism specific | 61 | * output variable) as a means of triggering mechanism specific |
59 | * features. Initializing it to zero avoids inadvertently | 62 | * features. Initializing it to zero avoids inadvertently |
60 | * activating this non-standard behaviour. | 63 | * activating this non-standard behaviour. |
61 | */ | 64 | */ |
62 | 65 | ||
63 | OM_uint32 ret_flags = 0; | 66 | OM_uint32 ret_flags = 0; |
64 | gss_buffer_desc gssbuf, recv_tok, msg_tok; | 67 | gss_buffer_desc gssbuf, recv_tok, msg_tok; |
65 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | 68 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; |
66 | Gssctxt *ctxt = NULL; | 69 | Gssctxt *ctxt = NULL; |
67 | u_int slen, klen, kout; | 70 | struct sshbuf *shared_secret = NULL; |
68 | u_char *kbuf; | 71 | struct sshbuf *client_pubkey = NULL; |
69 | DH *dh; | 72 | struct sshbuf *server_pubkey = NULL; |
70 | int min = -1, max = -1, nbits = -1; | 73 | struct sshbuf *empty = sshbuf_new(); |
71 | const BIGNUM *pub_key, *dh_p, *dh_g; | ||
72 | BIGNUM *shared_secret = NULL; | ||
73 | BIGNUM *dh_client_pub = NULL; | ||
74 | int type = 0; | 74 | int type = 0; |
75 | gss_OID oid; | 75 | gss_OID oid; |
76 | char *mechs; | 76 | char *mechs; |
77 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 77 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
78 | size_t hashlen; | 78 | size_t hashlen; |
79 | int r; | ||
79 | 80 | ||
80 | /* Initialise GSSAPI */ | 81 | /* Initialise GSSAPI */ |
81 | 82 | ||
@@ -88,8 +89,8 @@ kexgss_server(struct ssh *ssh) | |||
88 | free(mechs); | 89 | free(mechs); |
89 | } | 90 | } |
90 | 91 | ||
91 | debug2("%s: Identifying %s", __func__, ssh->kex->name); | 92 | debug2("%s: Identifying %s", __func__, kex->name); |
92 | oid = ssh_gssapi_id_kex(NULL, ssh->kex->name, ssh->kex->kex_type); | 93 | oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); |
93 | if (oid == GSS_C_NO_OID) | 94 | if (oid == GSS_C_NO_OID) |
94 | fatal("Unknown gssapi mechanism"); | 95 | fatal("Unknown gssapi mechanism"); |
95 | 96 | ||
@@ -98,94 +99,82 @@ kexgss_server(struct ssh *ssh) | |||
98 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) | 99 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) |
99 | fatal("Unable to acquire credentials for the server"); | 100 | fatal("Unable to acquire credentials for the server"); |
100 | 101 | ||
101 | switch (ssh->kex->kex_type) { | ||
102 | case KEX_GSS_GRP1_SHA1: | ||
103 | dh = dh_new_group1(); | ||
104 | break; | ||
105 | case KEX_GSS_GRP14_SHA1: | ||
106 | dh = dh_new_group14(); | ||
107 | break; | ||
108 | case KEX_GSS_GEX_SHA1: | ||
109 | debug("Doing group exchange"); | ||
110 | packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ); | ||
111 | min = packet_get_int(); | ||
112 | nbits = packet_get_int(); | ||
113 | max = packet_get_int(); | ||
114 | packet_check_eom(); | ||
115 | if (max < min || nbits < min || max < nbits) | ||
116 | fatal("GSS_GEX, bad parameters: %d !< %d !< %d", | ||
117 | min, nbits, max); | ||
118 | dh = PRIVSEP(choose_dh(MAX(DH_GRP_MIN, min), | ||
119 | nbits, MIN(DH_GRP_MAX, max))); | ||
120 | if (dh == NULL) | ||
121 | packet_disconnect("Protocol error: no matching group found"); | ||
122 | DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | ||
123 | |||
124 | packet_start(SSH2_MSG_KEXGSS_GROUP); | ||
125 | packet_put_bignum2(dh_p); | ||
126 | packet_put_bignum2(dh_g); | ||
127 | packet_send(); | ||
128 | |||
129 | packet_write_wait(); | ||
130 | break; | ||
131 | default: | ||
132 | fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | ||
133 | } | ||
134 | |||
135 | dh_gen_key(dh, ssh->kex->we_need * 8); | ||
136 | |||
137 | do { | 102 | do { |
138 | debug("Wait SSH2_MSG_GSSAPI_INIT"); | 103 | debug("Wait SSH2_MSG_KEXGSS_INIT"); |
139 | type = packet_read(); | 104 | type = ssh_packet_read(ssh); |
140 | switch(type) { | 105 | switch(type) { |
141 | case SSH2_MSG_KEXGSS_INIT: | 106 | case SSH2_MSG_KEXGSS_INIT: |
142 | if (dh_client_pub != NULL) | 107 | if (client_pubkey != NULL) |
143 | fatal("Received KEXGSS_INIT after initialising"); | 108 | fatal("Received KEXGSS_INIT after initialising"); |
144 | recv_tok.value = packet_get_string(&slen); | 109 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
145 | recv_tok.length = slen; | 110 | &recv_tok)) != 0 || |
146 | 111 | (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 || | |
147 | if ((dh_client_pub = BN_new()) == NULL) | 112 | (r = sshpkt_get_end(ssh)) != 0) |
148 | fatal("dh_client_pub == NULL"); | 113 | fatal("sshpkt failed: %s", ssh_err(r)); |
149 | 114 | ||
150 | packet_get_bignum2(dh_client_pub); | 115 | switch (kex->kex_type) { |
116 | case KEX_GSS_GRP1_SHA1: | ||
117 | case KEX_GSS_GRP14_SHA1: | ||
118 | case KEX_GSS_GRP14_SHA256: | ||
119 | case KEX_GSS_GRP16_SHA512: | ||
120 | r = kex_dh_enc(kex, client_pubkey, &server_pubkey, | ||
121 | &shared_secret); | ||
122 | break; | ||
123 | case KEX_GSS_NISTP256_SHA256: | ||
124 | r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey, | ||
125 | &shared_secret); | ||
126 | break; | ||
127 | case KEX_GSS_C25519_SHA256: | ||
128 | r = kex_c25519_enc(kex, client_pubkey, &server_pubkey, | ||
129 | &shared_secret); | ||
130 | break; | ||
131 | default: | ||
132 | fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); | ||
133 | } | ||
134 | if (r != 0) | ||
135 | goto out; | ||
151 | 136 | ||
152 | /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ | 137 | /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ |
153 | break; | 138 | break; |
154 | case SSH2_MSG_KEXGSS_CONTINUE: | 139 | case SSH2_MSG_KEXGSS_CONTINUE: |
155 | recv_tok.value = packet_get_string(&slen); | 140 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, |
156 | recv_tok.length = slen; | 141 | &recv_tok)) != 0 || |
142 | (r = sshpkt_get_end(ssh)) != 0) | ||
143 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
157 | break; | 144 | break; |
158 | default: | 145 | default: |
159 | packet_disconnect( | 146 | sshpkt_disconnect(ssh, |
160 | "Protocol error: didn't expect packet type %d", | 147 | "Protocol error: didn't expect packet type %d", |
161 | type); | 148 | type); |
162 | } | 149 | } |
163 | 150 | ||
164 | maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, | 151 | maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, |
165 | &send_tok, &ret_flags)); | 152 | &send_tok, &ret_flags)); |
166 | 153 | ||
167 | free(recv_tok.value); | 154 | gss_release_buffer(&min_status, &recv_tok); |
168 | 155 | ||
169 | if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) | 156 | if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) |
170 | fatal("Zero length token output when incomplete"); | 157 | fatal("Zero length token output when incomplete"); |
171 | 158 | ||
172 | if (dh_client_pub == NULL) | 159 | if (client_pubkey == NULL) |
173 | fatal("No client public key"); | 160 | fatal("No client public key"); |
174 | 161 | ||
175 | if (maj_status & GSS_S_CONTINUE_NEEDED) { | 162 | if (maj_status & GSS_S_CONTINUE_NEEDED) { |
176 | debug("Sending GSSAPI_CONTINUE"); | 163 | debug("Sending GSSAPI_CONTINUE"); |
177 | packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 164 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
178 | packet_put_string(send_tok.value, send_tok.length); | 165 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || |
179 | packet_send(); | 166 | (r = sshpkt_send(ssh)) != 0) |
167 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
180 | gss_release_buffer(&min_status, &send_tok); | 168 | gss_release_buffer(&min_status, &send_tok); |
181 | } | 169 | } |
182 | } while (maj_status & GSS_S_CONTINUE_NEEDED); | 170 | } while (maj_status & GSS_S_CONTINUE_NEEDED); |
183 | 171 | ||
184 | if (GSS_ERROR(maj_status)) { | 172 | if (GSS_ERROR(maj_status)) { |
185 | if (send_tok.length > 0) { | 173 | if (send_tok.length > 0) { |
186 | packet_start(SSH2_MSG_KEXGSS_CONTINUE); | 174 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || |
187 | packet_put_string(send_tok.value, send_tok.length); | 175 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || |
188 | packet_send(); | 176 | (r = sshpkt_send(ssh)) != 0) |
177 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
189 | } | 178 | } |
190 | fatal("accept_ctx died"); | 179 | fatal("accept_ctx died"); |
191 | } | 180 | } |
@@ -195,106 +184,291 @@ kexgss_server(struct ssh *ssh) | |||
195 | 184 | ||
196 | if (!(ret_flags & GSS_C_INTEG_FLAG)) | 185 | if (!(ret_flags & GSS_C_INTEG_FLAG)) |
197 | fatal("Integrity flag wasn't set"); | 186 | fatal("Integrity flag wasn't set"); |
198 | |||
199 | if (!dh_pub_is_valid(dh, dh_client_pub)) | ||
200 | packet_disconnect("bad client public DH value"); | ||
201 | 187 | ||
202 | klen = DH_size(dh); | 188 | hashlen = sizeof(hash); |
203 | kbuf = xmalloc(klen); | 189 | if ((r = kex_gen_hash( |
204 | kout = DH_compute_key(kbuf, dh_client_pub, dh); | 190 | kex->hash_alg, |
205 | if (kout < 0) | 191 | kex->client_version, |
206 | fatal("DH_compute_key: failed"); | 192 | kex->server_version, |
193 | kex->peer, | ||
194 | kex->my, | ||
195 | empty, | ||
196 | client_pubkey, | ||
197 | server_pubkey, | ||
198 | shared_secret, | ||
199 | hash, &hashlen)) != 0) | ||
200 | goto out; | ||
201 | |||
202 | gssbuf.value = hash; | ||
203 | gssbuf.length = hashlen; | ||
207 | 204 | ||
208 | shared_secret = BN_new(); | 205 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) |
209 | if (shared_secret == NULL) | 206 | fatal("Couldn't get MIC"); |
210 | fatal("kexgss_server: BN_new failed"); | ||
211 | 207 | ||
212 | if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) | 208 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || |
213 | fatal("kexgss_server: BN_bin2bn failed"); | 209 | (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 || |
210 | (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) | ||
211 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
214 | 212 | ||
215 | memset(kbuf, 0, klen); | 213 | if (send_tok.length != 0) { |
216 | free(kbuf); | 214 | if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ |
215 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) | ||
216 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
217 | } else { | ||
218 | if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ | ||
219 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
220 | } | ||
221 | if ((r = sshpkt_send(ssh)) != 0) | ||
222 | fatal("sshpkt_send failed: %s", ssh_err(r)); | ||
217 | 223 | ||
218 | DH_get0_key(dh, &pub_key, NULL); | 224 | gss_release_buffer(&min_status, &send_tok); |
219 | DH_get0_pqg(dh, &dh_p, NULL, &dh_g); | 225 | gss_release_buffer(&min_status, &msg_tok); |
220 | 226 | ||
221 | hashlen = sizeof(hash); | 227 | if (gss_kex_context == NULL) |
222 | switch (ssh->kex->kex_type) { | 228 | gss_kex_context = ctxt; |
223 | case KEX_GSS_GRP1_SHA1: | 229 | else |
224 | case KEX_GSS_GRP14_SHA1: | 230 | ssh_gssapi_delete_ctx(&ctxt); |
225 | kex_dh_hash( | 231 | |
226 | ssh->kex->hash_alg, | 232 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
227 | ssh->kex->client_version_string, ssh->kex->server_version_string, | 233 | r = kex_send_newkeys(ssh); |
228 | sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 234 | |
229 | sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 235 | /* If this was a rekey, then save out any delegated credentials we |
230 | NULL, 0, /* Change this if we start sending host keys */ | 236 | * just exchanged. */ |
231 | dh_client_pub, pub_key, shared_secret, | 237 | if (options.gss_store_rekey) |
232 | hash, &hashlen | 238 | ssh_gssapi_rekey_creds(); |
233 | ); | 239 | out: |
234 | break; | 240 | sshbuf_free(empty); |
235 | case KEX_GSS_GEX_SHA1: | 241 | explicit_bzero(hash, sizeof(hash)); |
236 | kexgex_hash( | 242 | sshbuf_free(shared_secret); |
237 | ssh->kex->hash_alg, | 243 | sshbuf_free(client_pubkey); |
238 | ssh->kex->client_version_string, ssh->kex->server_version_string, | 244 | sshbuf_free(server_pubkey); |
239 | sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer), | 245 | return r; |
240 | sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my), | 246 | } |
241 | NULL, 0, | 247 | |
242 | min, nbits, max, | 248 | int |
243 | dh_p, dh_g, | 249 | kexgssgex_server(struct ssh *ssh) |
244 | dh_client_pub, | 250 | { |
245 | pub_key, | 251 | struct kex *kex = ssh->kex; |
246 | shared_secret, | 252 | OM_uint32 maj_status, min_status; |
247 | hash, &hashlen | 253 | |
248 | ); | 254 | /* |
249 | break; | 255 | * Some GSSAPI implementations use the input value of ret_flags (an |
250 | default: | 256 | * output variable) as a means of triggering mechanism specific |
251 | fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type); | 257 | * features. Initializing it to zero avoids inadvertently |
258 | * activating this non-standard behaviour. | ||
259 | */ | ||
260 | |||
261 | OM_uint32 ret_flags = 0; | ||
262 | gss_buffer_desc gssbuf, recv_tok, msg_tok; | ||
263 | gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; | ||
264 | Gssctxt *ctxt = NULL; | ||
265 | struct sshbuf *shared_secret = NULL; | ||
266 | int type = 0; | ||
267 | gss_OID oid; | ||
268 | char *mechs; | ||
269 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
270 | size_t hashlen; | ||
271 | BIGNUM *dh_client_pub = NULL; | ||
272 | const BIGNUM *pub_key, *dh_p, *dh_g; | ||
273 | int min = -1, max = -1, nbits = -1; | ||
274 | int cmin = -1, cmax = -1; /* client proposal */ | ||
275 | struct sshbuf *empty = sshbuf_new(); | ||
276 | int r; | ||
277 | |||
278 | /* Initialise GSSAPI */ | ||
279 | |||
280 | /* If we're rekeying, privsep means that some of the private structures | ||
281 | * in the GSSAPI code are no longer available. This kludges them back | ||
282 | * into life | ||
283 | */ | ||
284 | if (!ssh_gssapi_oid_table_ok()) | ||
285 | if ((mechs = ssh_gssapi_server_mechanisms())) | ||
286 | free(mechs); | ||
287 | |||
288 | debug2("%s: Identifying %s", __func__, kex->name); | ||
289 | oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); | ||
290 | if (oid == GSS_C_NO_OID) | ||
291 | fatal("Unknown gssapi mechanism"); | ||
292 | |||
293 | debug2("%s: Acquiring credentials", __func__); | ||
294 | |||
295 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) | ||
296 | fatal("Unable to acquire credentials for the server"); | ||
297 | |||
298 | /* 5. S generates an ephemeral key pair (do the allocations early) */ | ||
299 | debug("Doing group exchange"); | ||
300 | ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ); | ||
301 | /* store client proposal to provide valid signature */ | ||
302 | if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 || | ||
303 | (r = sshpkt_get_u32(ssh, &nbits)) != 0 || | ||
304 | (r = sshpkt_get_u32(ssh, &cmax)) != 0 || | ||
305 | (r = sshpkt_get_end(ssh)) != 0) | ||
306 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
307 | kex->nbits = nbits; | ||
308 | kex->min = cmin; | ||
309 | kex->max = cmax; | ||
310 | min = MAX(DH_GRP_MIN, cmin); | ||
311 | max = MIN(DH_GRP_MAX, cmax); | ||
312 | nbits = MAXIMUM(DH_GRP_MIN, nbits); | ||
313 | nbits = MINIMUM(DH_GRP_MAX, nbits); | ||
314 | if (max < min || nbits < min || max < nbits) | ||
315 | fatal("GSS_GEX, bad parameters: %d !< %d !< %d", | ||
316 | min, nbits, max); | ||
317 | kex->dh = PRIVSEP(choose_dh(min, nbits, max)); | ||
318 | if (kex->dh == NULL) { | ||
319 | sshpkt_disconnect(ssh, "Protocol error: no matching group found"); | ||
320 | fatal("Protocol error: no matching group found"); | ||
252 | } | 321 | } |
253 | 322 | ||
254 | BN_clear_free(dh_client_pub); | 323 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); |
324 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || | ||
325 | (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 || | ||
326 | (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 || | ||
327 | (r = sshpkt_send(ssh)) != 0) | ||
328 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
329 | |||
330 | if ((r = ssh_packet_write_wait(ssh)) != 0) | ||
331 | fatal("ssh_packet_write_wait: %s", ssh_err(r)); | ||
332 | |||
333 | /* Compute our exchange value in parallel with the client */ | ||
334 | if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | ||
335 | goto out; | ||
336 | |||
337 | do { | ||
338 | debug("Wait SSH2_MSG_GSSAPI_INIT"); | ||
339 | type = ssh_packet_read(ssh); | ||
340 | switch(type) { | ||
341 | case SSH2_MSG_KEXGSS_INIT: | ||
342 | if (dh_client_pub != NULL) | ||
343 | fatal("Received KEXGSS_INIT after initialising"); | ||
344 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
345 | &recv_tok)) != 0 || | ||
346 | (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || | ||
347 | (r = sshpkt_get_end(ssh)) != 0) | ||
348 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
349 | |||
350 | /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ | ||
351 | break; | ||
352 | case SSH2_MSG_KEXGSS_CONTINUE: | ||
353 | if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh, | ||
354 | &recv_tok)) != 0 || | ||
355 | (r = sshpkt_get_end(ssh)) != 0) | ||
356 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
357 | break; | ||
358 | default: | ||
359 | sshpkt_disconnect(ssh, | ||
360 | "Protocol error: didn't expect packet type %d", | ||
361 | type); | ||
362 | } | ||
363 | |||
364 | maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, | ||
365 | &send_tok, &ret_flags)); | ||
255 | 366 | ||
256 | if (ssh->kex->session_id == NULL) { | 367 | gss_release_buffer(&min_status, &recv_tok); |
257 | ssh->kex->session_id_len = hashlen; | 368 | |
258 | ssh->kex->session_id = xmalloc(ssh->kex->session_id_len); | 369 | if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) |
259 | memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len); | 370 | fatal("Zero length token output when incomplete"); |
371 | |||
372 | if (dh_client_pub == NULL) | ||
373 | fatal("No client public key"); | ||
374 | |||
375 | if (maj_status & GSS_S_CONTINUE_NEEDED) { | ||
376 | debug("Sending GSSAPI_CONTINUE"); | ||
377 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
378 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || | ||
379 | (r = sshpkt_send(ssh)) != 0) | ||
380 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
381 | gss_release_buffer(&min_status, &send_tok); | ||
382 | } | ||
383 | } while (maj_status & GSS_S_CONTINUE_NEEDED); | ||
384 | |||
385 | if (GSS_ERROR(maj_status)) { | ||
386 | if (send_tok.length > 0) { | ||
387 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 || | ||
388 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 || | ||
389 | (r = sshpkt_send(ssh)) != 0) | ||
390 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
391 | } | ||
392 | fatal("accept_ctx died"); | ||
393 | } | ||
394 | |||
395 | if (!(ret_flags & GSS_C_MUTUAL_FLAG)) | ||
396 | fatal("Mutual Authentication flag wasn't set"); | ||
397 | |||
398 | if (!(ret_flags & GSS_C_INTEG_FLAG)) | ||
399 | fatal("Integrity flag wasn't set"); | ||
400 | |||
401 | /* calculate shared secret */ | ||
402 | if ((shared_secret = sshbuf_new()) == NULL) { | ||
403 | r = SSH_ERR_ALLOC_FAIL; | ||
404 | goto out; | ||
260 | } | 405 | } |
406 | if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0) | ||
407 | goto out; | ||
408 | |||
409 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
410 | DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); | ||
411 | hashlen = sizeof(hash); | ||
412 | if ((r = kexgex_hash( | ||
413 | kex->hash_alg, | ||
414 | kex->client_version, | ||
415 | kex->server_version, | ||
416 | kex->peer, | ||
417 | kex->my, | ||
418 | empty, | ||
419 | cmin, nbits, cmax, | ||
420 | dh_p, dh_g, | ||
421 | dh_client_pub, | ||
422 | pub_key, | ||
423 | sshbuf_ptr(shared_secret), sshbuf_len(shared_secret), | ||
424 | hash, &hashlen)) != 0) | ||
425 | fatal("kexgex_hash failed: %s", ssh_err(r)); | ||
261 | 426 | ||
262 | gssbuf.value = hash; | 427 | gssbuf.value = hash; |
263 | gssbuf.length = hashlen; | 428 | gssbuf.length = hashlen; |
264 | 429 | ||
265 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok)))) | 430 | if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok)))) |
266 | fatal("Couldn't get MIC"); | 431 | fatal("Couldn't get MIC"); |
267 | 432 | ||
268 | packet_start(SSH2_MSG_KEXGSS_COMPLETE); | 433 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 || |
269 | packet_put_bignum2(pub_key); | 434 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || |
270 | packet_put_string(msg_tok.value,msg_tok.length); | 435 | (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0) |
436 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
271 | 437 | ||
272 | if (send_tok.length != 0) { | 438 | if (send_tok.length != 0) { |
273 | packet_put_char(1); /* true */ | 439 | if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */ |
274 | packet_put_string(send_tok.value, send_tok.length); | 440 | (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0) |
441 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
275 | } else { | 442 | } else { |
276 | packet_put_char(0); /* false */ | 443 | if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */ |
444 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
277 | } | 445 | } |
278 | packet_send(); | 446 | if ((r = sshpkt_send(ssh)) != 0) |
447 | fatal("sshpkt failed: %s", ssh_err(r)); | ||
279 | 448 | ||
280 | gss_release_buffer(&min_status, &send_tok); | 449 | gss_release_buffer(&min_status, &send_tok); |
281 | gss_release_buffer(&min_status, &msg_tok); | 450 | gss_release_buffer(&min_status, &msg_tok); |
282 | 451 | ||
283 | if (gss_kex_context == NULL) | 452 | if (gss_kex_context == NULL) |
284 | gss_kex_context = ctxt; | 453 | gss_kex_context = ctxt; |
285 | else | 454 | else |
286 | ssh_gssapi_delete_ctx(&ctxt); | 455 | ssh_gssapi_delete_ctx(&ctxt); |
287 | 456 | ||
288 | DH_free(dh); | 457 | /* Finally derive the keys and send them */ |
289 | 458 | if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) | |
290 | kex_derive_keys_bn(ssh, hash, hashlen, shared_secret); | 459 | r = kex_send_newkeys(ssh); |
291 | BN_clear_free(shared_secret); | ||
292 | kex_send_newkeys(ssh); | ||
293 | 460 | ||
294 | /* If this was a rekey, then save out any delegated credentials we | 461 | /* If this was a rekey, then save out any delegated credentials we |
295 | * just exchanged. */ | 462 | * just exchanged. */ |
296 | if (options.gss_store_rekey) | 463 | if (options.gss_store_rekey) |
297 | ssh_gssapi_rekey_creds(); | 464 | ssh_gssapi_rekey_creds(); |
298 | return 0; | 465 | out: |
466 | sshbuf_free(empty); | ||
467 | explicit_bzero(hash, sizeof(hash)); | ||
468 | DH_free(kex->dh); | ||
469 | kex->dh = NULL; | ||
470 | BN_clear_free(dh_client_pub); | ||
471 | sshbuf_free(shared_secret); | ||
472 | return r; | ||
299 | } | 473 | } |
300 | #endif /* GSSAPI */ | 474 | #endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ |
diff --git a/kexsntrup4591761x25519.c b/kexsntrup4591761x25519.c new file mode 100644 index 000000000..3b9b664f8 --- /dev/null +++ b/kexsntrup4591761x25519.c | |||
@@ -0,0 +1,219 @@ | |||
1 | /* $OpenBSD: kexsntrup4591761x25519.c,v 1.3 2019/01/21 10:40:11 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2019 Markus Friedl. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #include <sys/types.h> | ||
29 | |||
30 | #include <stdio.h> | ||
31 | #include <string.h> | ||
32 | #include <signal.h> | ||
33 | |||
34 | #include "sshkey.h" | ||
35 | #include "kex.h" | ||
36 | #include "sshbuf.h" | ||
37 | #include "digest.h" | ||
38 | #include "ssherr.h" | ||
39 | |||
40 | int | ||
41 | kex_kem_sntrup4591761x25519_keypair(struct kex *kex) | ||
42 | { | ||
43 | struct sshbuf *buf = NULL; | ||
44 | u_char *cp = NULL; | ||
45 | size_t need; | ||
46 | int r; | ||
47 | |||
48 | if ((buf = sshbuf_new()) == NULL) | ||
49 | return SSH_ERR_ALLOC_FAIL; | ||
50 | need = crypto_kem_sntrup4591761_PUBLICKEYBYTES + CURVE25519_SIZE; | ||
51 | if ((r = sshbuf_reserve(buf, need, &cp)) != 0) | ||
52 | goto out; | ||
53 | crypto_kem_sntrup4591761_keypair(cp, kex->sntrup4591761_client_key); | ||
54 | #ifdef DEBUG_KEXECDH | ||
55 | dump_digest("client public key sntrup4591761:", cp, | ||
56 | crypto_kem_sntrup4591761_PUBLICKEYBYTES); | ||
57 | #endif | ||
58 | cp += crypto_kem_sntrup4591761_PUBLICKEYBYTES; | ||
59 | kexc25519_keygen(kex->c25519_client_key, cp); | ||
60 | #ifdef DEBUG_KEXECDH | ||
61 | dump_digest("client public key c25519:", cp, CURVE25519_SIZE); | ||
62 | #endif | ||
63 | kex->client_pub = buf; | ||
64 | buf = NULL; | ||
65 | out: | ||
66 | sshbuf_free(buf); | ||
67 | return r; | ||
68 | } | ||
69 | |||
70 | int | ||
71 | kex_kem_sntrup4591761x25519_enc(struct kex *kex, | ||
72 | const struct sshbuf *client_blob, struct sshbuf **server_blobp, | ||
73 | struct sshbuf **shared_secretp) | ||
74 | { | ||
75 | struct sshbuf *server_blob = NULL; | ||
76 | struct sshbuf *buf = NULL; | ||
77 | const u_char *client_pub; | ||
78 | u_char *kem_key, *ciphertext, *server_pub; | ||
79 | u_char server_key[CURVE25519_SIZE]; | ||
80 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
81 | size_t need; | ||
82 | int r; | ||
83 | |||
84 | *server_blobp = NULL; | ||
85 | *shared_secretp = NULL; | ||
86 | |||
87 | /* client_blob contains both KEM and ECDH client pubkeys */ | ||
88 | need = crypto_kem_sntrup4591761_PUBLICKEYBYTES + CURVE25519_SIZE; | ||
89 | if (sshbuf_len(client_blob) != need) { | ||
90 | r = SSH_ERR_SIGNATURE_INVALID; | ||
91 | goto out; | ||
92 | } | ||
93 | client_pub = sshbuf_ptr(client_blob); | ||
94 | #ifdef DEBUG_KEXECDH | ||
95 | dump_digest("client public key sntrup4591761:", client_pub, | ||
96 | crypto_kem_sntrup4591761_PUBLICKEYBYTES); | ||
97 | dump_digest("client public key 25519:", | ||
98 | client_pub + crypto_kem_sntrup4591761_PUBLICKEYBYTES, | ||
99 | CURVE25519_SIZE); | ||
100 | #endif | ||
101 | /* allocate buffer for concatenation of KEM key and ECDH shared key */ | ||
102 | /* the buffer will be hashed and the result is the shared secret */ | ||
103 | if ((buf = sshbuf_new()) == NULL) { | ||
104 | r = SSH_ERR_ALLOC_FAIL; | ||
105 | goto out; | ||
106 | } | ||
107 | if ((r = sshbuf_reserve(buf, crypto_kem_sntrup4591761_BYTES, | ||
108 | &kem_key)) != 0) | ||
109 | goto out; | ||
110 | /* allocate space for encrypted KEM key and ECDH pub key */ | ||
111 | if ((server_blob = sshbuf_new()) == NULL) { | ||
112 | r = SSH_ERR_ALLOC_FAIL; | ||
113 | goto out; | ||
114 | } | ||
115 | need = crypto_kem_sntrup4591761_CIPHERTEXTBYTES + CURVE25519_SIZE; | ||
116 | if ((r = sshbuf_reserve(server_blob, need, &ciphertext)) != 0) | ||
117 | goto out; | ||
118 | /* generate and encrypt KEM key with client key */ | ||
119 | crypto_kem_sntrup4591761_enc(ciphertext, kem_key, client_pub); | ||
120 | /* generate ECDH key pair, store server pubkey after ciphertext */ | ||
121 | server_pub = ciphertext + crypto_kem_sntrup4591761_CIPHERTEXTBYTES; | ||
122 | kexc25519_keygen(server_key, server_pub); | ||
123 | /* append ECDH shared key */ | ||
124 | client_pub += crypto_kem_sntrup4591761_PUBLICKEYBYTES; | ||
125 | if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 1)) < 0) | ||
126 | goto out; | ||
127 | if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) | ||
128 | goto out; | ||
129 | #ifdef DEBUG_KEXECDH | ||
130 | dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE); | ||
131 | dump_digest("server cipher text:", ciphertext, | ||
132 | crypto_kem_sntrup4591761_CIPHERTEXTBYTES); | ||
133 | dump_digest("server kem key:", kem_key, sizeof(kem_key)); | ||
134 | dump_digest("concatenation of KEM key and ECDH shared key:", | ||
135 | sshbuf_ptr(buf), sshbuf_len(buf)); | ||
136 | #endif | ||
137 | /* string-encoded hash is resulting shared secret */ | ||
138 | sshbuf_reset(buf); | ||
139 | if ((r = sshbuf_put_string(buf, hash, | ||
140 | ssh_digest_bytes(kex->hash_alg))) != 0) | ||
141 | goto out; | ||
142 | #ifdef DEBUG_KEXECDH | ||
143 | dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); | ||
144 | #endif | ||
145 | *server_blobp = server_blob; | ||
146 | *shared_secretp = buf; | ||
147 | server_blob = NULL; | ||
148 | buf = NULL; | ||
149 | out: | ||
150 | explicit_bzero(hash, sizeof(hash)); | ||
151 | explicit_bzero(server_key, sizeof(server_key)); | ||
152 | sshbuf_free(server_blob); | ||
153 | sshbuf_free(buf); | ||
154 | return r; | ||
155 | } | ||
156 | |||
157 | int | ||
158 | kex_kem_sntrup4591761x25519_dec(struct kex *kex, | ||
159 | const struct sshbuf *server_blob, struct sshbuf **shared_secretp) | ||
160 | { | ||
161 | struct sshbuf *buf = NULL; | ||
162 | u_char *kem_key = NULL; | ||
163 | const u_char *ciphertext, *server_pub; | ||
164 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | ||
165 | size_t need; | ||
166 | int r, decoded; | ||
167 | |||
168 | *shared_secretp = NULL; | ||
169 | |||
170 | need = crypto_kem_sntrup4591761_CIPHERTEXTBYTES + CURVE25519_SIZE; | ||
171 | if (sshbuf_len(server_blob) != need) { | ||
172 | r = SSH_ERR_SIGNATURE_INVALID; | ||
173 | goto out; | ||
174 | } | ||
175 | ciphertext = sshbuf_ptr(server_blob); | ||
176 | server_pub = ciphertext + crypto_kem_sntrup4591761_CIPHERTEXTBYTES; | ||
177 | #ifdef DEBUG_KEXECDH | ||
178 | dump_digest("server cipher text:", ciphertext, | ||
179 | crypto_kem_sntrup4591761_CIPHERTEXTBYTES); | ||
180 | dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE); | ||
181 | #endif | ||
182 | /* hash concatenation of KEM key and ECDH shared key */ | ||
183 | if ((buf = sshbuf_new()) == NULL) { | ||
184 | r = SSH_ERR_ALLOC_FAIL; | ||
185 | goto out; | ||
186 | } | ||
187 | if ((r = sshbuf_reserve(buf, crypto_kem_sntrup4591761_BYTES, | ||
188 | &kem_key)) != 0) | ||
189 | goto out; | ||
190 | decoded = crypto_kem_sntrup4591761_dec(kem_key, ciphertext, | ||
191 | kex->sntrup4591761_client_key); | ||
192 | if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, | ||
193 | buf, 1)) < 0) | ||
194 | goto out; | ||
195 | if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) | ||
196 | goto out; | ||
197 | #ifdef DEBUG_KEXECDH | ||
198 | dump_digest("client kem key:", kem_key, sizeof(kem_key)); | ||
199 | dump_digest("concatenation of KEM key and ECDH shared key:", | ||
200 | sshbuf_ptr(buf), sshbuf_len(buf)); | ||
201 | #endif | ||
202 | sshbuf_reset(buf); | ||
203 | if ((r = sshbuf_put_string(buf, hash, | ||
204 | ssh_digest_bytes(kex->hash_alg))) != 0) | ||
205 | goto out; | ||
206 | #ifdef DEBUG_KEXECDH | ||
207 | dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf)); | ||
208 | #endif | ||
209 | if (decoded != 0) { | ||
210 | r = SSH_ERR_SIGNATURE_INVALID; | ||
211 | goto out; | ||
212 | } | ||
213 | *shared_secretp = buf; | ||
214 | buf = NULL; | ||
215 | out: | ||
216 | explicit_bzero(hash, sizeof(hash)); | ||
217 | sshbuf_free(buf); | ||
218 | return r; | ||
219 | } | ||
diff --git a/loginrec.c b/loginrec.c index 9a427dec4..5f2a47797 100644 --- a/loginrec.c +++ b/loginrec.c | |||
@@ -467,7 +467,7 @@ login_write(struct logininfo *li) | |||
467 | #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN | 467 | #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN |
468 | if (li->type == LTYPE_LOGIN && | 468 | if (li->type == LTYPE_LOGIN && |
469 | !sys_auth_record_login(li->username,li->hostname,li->line, | 469 | !sys_auth_record_login(li->username,li->hostname,li->line, |
470 | &loginmsg)) | 470 | loginmsg)) |
471 | logit("Writing login record failed for %s", li->username); | 471 | logit("Writing login record failed for %s", li->username); |
472 | #endif | 472 | #endif |
473 | #ifdef SSH_AUDIT_EVENTS | 473 | #ifdef SSH_AUDIT_EVENTS |
@@ -1653,7 +1653,7 @@ utmpx_get_entry(struct logininfo *li) | |||
1653 | */ | 1653 | */ |
1654 | 1654 | ||
1655 | void | 1655 | void |
1656 | record_failed_login(const char *username, const char *hostname, | 1656 | record_failed_login(struct ssh *ssh, const char *username, const char *hostname, |
1657 | const char *ttyn) | 1657 | const char *ttyn) |
1658 | { | 1658 | { |
1659 | int fd; | 1659 | int fd; |
@@ -1696,8 +1696,8 @@ record_failed_login(const char *username, const char *hostname, | |||
1696 | /* strncpy because we don't necessarily want nul termination */ | 1696 | /* strncpy because we don't necessarily want nul termination */ |
1697 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); | 1697 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); |
1698 | 1698 | ||
1699 | if (packet_connection_is_on_socket() && | 1699 | if (ssh_packet_connection_is_on_socket(ssh) && |
1700 | getpeername(packet_get_connection_in(), | 1700 | getpeername(ssh_packet_get_connection_in(ssh), |
1701 | (struct sockaddr *)&from, &fromlen) == 0) { | 1701 | (struct sockaddr *)&from, &fromlen) == 0) { |
1702 | ipv64_normalise_mapped(&from, &fromlen); | 1702 | ipv64_normalise_mapped(&from, &fromlen); |
1703 | if (from.ss_family == AF_INET) { | 1703 | if (from.ss_family == AF_INET) { |
diff --git a/loginrec.h b/loginrec.h index 28923e781..62cc0e78c 100644 --- a/loginrec.h +++ b/loginrec.h | |||
@@ -31,6 +31,8 @@ | |||
31 | 31 | ||
32 | #include "includes.h" | 32 | #include "includes.h" |
33 | 33 | ||
34 | struct ssh; | ||
35 | |||
34 | /** | 36 | /** |
35 | ** you should use the login_* calls to work around platform dependencies | 37 | ** you should use the login_* calls to work around platform dependencies |
36 | **/ | 38 | **/ |
@@ -126,6 +128,7 @@ char *line_fullname(char *dst, const char *src, u_int dstsize); | |||
126 | char *line_stripname(char *dst, const char *src, int dstsize); | 128 | char *line_stripname(char *dst, const char *src, int dstsize); |
127 | char *line_abbrevname(char *dst, const char *src, int dstsize); | 129 | char *line_abbrevname(char *dst, const char *src, int dstsize); |
128 | 130 | ||
129 | void record_failed_login(const char *, const char *, const char *); | 131 | void record_failed_login(struct ssh *, const char *, const char *, |
132 | const char *); | ||
130 | 133 | ||
131 | #endif /* _HAVE_LOGINREC_H_ */ | 134 | #endif /* _HAVE_LOGINREC_H_ */ |
@@ -29,6 +29,7 @@ | |||
29 | 29 | ||
30 | #include <string.h> | 30 | #include <string.h> |
31 | #include <stdio.h> | 31 | #include <stdio.h> |
32 | #include <stdlib.h> | ||
32 | 33 | ||
33 | #include "digest.h" | 34 | #include "digest.h" |
34 | #include "hmac.h" | 35 | #include "hmac.h" |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */ | 1 | /* $OpenBSD: match.c,v 1.39 2019/03/06 22:14:23 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -170,6 +170,19 @@ match_pattern_list(const char *string, const char *pattern, int dolower) | |||
170 | return got_positive; | 170 | return got_positive; |
171 | } | 171 | } |
172 | 172 | ||
173 | /* Match a list representing users or groups. */ | ||
174 | int | ||
175 | match_usergroup_pattern_list(const char *string, const char *pattern) | ||
176 | { | ||
177 | #ifdef HAVE_CYGWIN | ||
178 | /* Windows usernames may be Unicode and are not case sensitive */ | ||
179 | return cygwin_ug_match_pattern_list(string, pattern); | ||
180 | #else | ||
181 | /* Case insensitive match */ | ||
182 | return match_pattern_list(string, pattern, 0); | ||
183 | #endif | ||
184 | } | ||
185 | |||
173 | /* | 186 | /* |
174 | * Tries to match the host name (which must be in all lowercase) against the | 187 | * Tries to match the host name (which must be in all lowercase) against the |
175 | * comma-separated sequence of subpatterns (each possibly preceded by ! to | 188 | * comma-separated sequence of subpatterns (each possibly preceded by ! to |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: match.h,v 1.18 2018/07/04 13:49:31 djm Exp $ */ | 1 | /* $OpenBSD: match.h,v 1.19 2019/03/06 22:14:23 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -16,6 +16,7 @@ | |||
16 | 16 | ||
17 | int match_pattern(const char *, const char *); | 17 | int match_pattern(const char *, const char *); |
18 | int match_pattern_list(const char *, const char *, int); | 18 | int match_pattern_list(const char *, const char *, int); |
19 | int match_usergroup_pattern_list(const char *, const char *); | ||
19 | int match_hostname(const char *, const char *); | 20 | int match_hostname(const char *, const char *); |
20 | int match_host_and_ip(const char *, const char *, const char *); | 21 | int match_host_and_ip(const char *, const char *, const char *); |
21 | int match_user(const char *, const char *, const char *, const char *); | 22 | int match_user(const char *, const char *, const char *, const char *); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.c,v 1.133 2018/10/05 14:26:09 naddy Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.137 2019/01/23 21:50:56 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
@@ -38,6 +38,7 @@ | |||
38 | #ifdef HAVE_LIBGEN_H | 38 | #ifdef HAVE_LIBGEN_H |
39 | # include <libgen.h> | 39 | # include <libgen.h> |
40 | #endif | 40 | #endif |
41 | #include <poll.h> | ||
41 | #include <signal.h> | 42 | #include <signal.h> |
42 | #include <stdarg.h> | 43 | #include <stdarg.h> |
43 | #include <stdio.h> | 44 | #include <stdio.h> |
@@ -235,6 +236,80 @@ set_rdomain(int fd, const char *name) | |||
235 | #endif | 236 | #endif |
236 | } | 237 | } |
237 | 238 | ||
239 | /* | ||
240 | * Wait up to *timeoutp milliseconds for fd to be readable. Updates | ||
241 | * *timeoutp with time remaining. | ||
242 | * Returns 0 if fd ready or -1 on timeout or error (see errno). | ||
243 | */ | ||
244 | int | ||
245 | waitrfd(int fd, int *timeoutp) | ||
246 | { | ||
247 | struct pollfd pfd; | ||
248 | struct timeval t_start; | ||
249 | int oerrno, r; | ||
250 | |||
251 | monotime_tv(&t_start); | ||
252 | pfd.fd = fd; | ||
253 | pfd.events = POLLIN; | ||
254 | for (; *timeoutp >= 0;) { | ||
255 | r = poll(&pfd, 1, *timeoutp); | ||
256 | oerrno = errno; | ||
257 | ms_subtract_diff(&t_start, timeoutp); | ||
258 | errno = oerrno; | ||
259 | if (r > 0) | ||
260 | return 0; | ||
261 | else if (r == -1 && errno != EAGAIN) | ||
262 | return -1; | ||
263 | else if (r == 0) | ||
264 | break; | ||
265 | } | ||
266 | /* timeout */ | ||
267 | errno = ETIMEDOUT; | ||
268 | return -1; | ||
269 | } | ||
270 | |||
271 | /* | ||
272 | * Attempt a non-blocking connect(2) to the specified address, waiting up to | ||
273 | * *timeoutp milliseconds for the connection to complete. If the timeout is | ||
274 | * <=0, then wait indefinitely. | ||
275 | * | ||
276 | * Returns 0 on success or -1 on failure. | ||
277 | */ | ||
278 | int | ||
279 | timeout_connect(int sockfd, const struct sockaddr *serv_addr, | ||
280 | socklen_t addrlen, int *timeoutp) | ||
281 | { | ||
282 | int optval = 0; | ||
283 | socklen_t optlen = sizeof(optval); | ||
284 | |||
285 | /* No timeout: just do a blocking connect() */ | ||
286 | if (timeoutp == NULL || *timeoutp <= 0) | ||
287 | return connect(sockfd, serv_addr, addrlen); | ||
288 | |||
289 | set_nonblock(sockfd); | ||
290 | if (connect(sockfd, serv_addr, addrlen) == 0) { | ||
291 | /* Succeeded already? */ | ||
292 | unset_nonblock(sockfd); | ||
293 | return 0; | ||
294 | } else if (errno != EINPROGRESS) | ||
295 | return -1; | ||
296 | |||
297 | if (waitrfd(sockfd, timeoutp) == -1) | ||
298 | return -1; | ||
299 | |||
300 | /* Completed or failed */ | ||
301 | if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) { | ||
302 | debug("getsockopt: %s", strerror(errno)); | ||
303 | return -1; | ||
304 | } | ||
305 | if (optval != 0) { | ||
306 | errno = optval; | ||
307 | return -1; | ||
308 | } | ||
309 | unset_nonblock(sockfd); | ||
310 | return 0; | ||
311 | } | ||
312 | |||
238 | /* Characters considered whitespace in strsep calls. */ | 313 | /* Characters considered whitespace in strsep calls. */ |
239 | #define WHITESPACE " \t\r\n" | 314 | #define WHITESPACE " \t\r\n" |
240 | #define QUOTE "\"" | 315 | #define QUOTE "\"" |
@@ -490,7 +565,7 @@ put_host_port(const char *host, u_short port) | |||
490 | * The delimiter char, if present, is stored in delim. | 565 | * The delimiter char, if present, is stored in delim. |
491 | * If this is the last field, *cp is set to NULL. | 566 | * If this is the last field, *cp is set to NULL. |
492 | */ | 567 | */ |
493 | static char * | 568 | char * |
494 | hpdelim2(char **cp, char *delim) | 569 | hpdelim2(char **cp, char *delim) |
495 | { | 570 | { |
496 | char *s, *old; | 571 | char *s, *old; |
@@ -1385,11 +1460,11 @@ bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) | |||
1385 | { | 1460 | { |
1386 | bw->buflen = buflen; | 1461 | bw->buflen = buflen; |
1387 | bw->rate = kbps; | 1462 | bw->rate = kbps; |
1388 | bw->thresh = bw->rate; | 1463 | bw->thresh = buflen; |
1389 | bw->lamt = 0; | 1464 | bw->lamt = 0; |
1390 | timerclear(&bw->bwstart); | 1465 | timerclear(&bw->bwstart); |
1391 | timerclear(&bw->bwend); | 1466 | timerclear(&bw->bwend); |
1392 | } | 1467 | } |
1393 | 1468 | ||
1394 | /* Callback from read/write loop to insert bandwidth-limiting delays */ | 1469 | /* Callback from read/write loop to insert bandwidth-limiting delays */ |
1395 | void | 1470 | void |
@@ -1398,12 +1473,11 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len) | |||
1398 | u_int64_t waitlen; | 1473 | u_int64_t waitlen; |
1399 | struct timespec ts, rm; | 1474 | struct timespec ts, rm; |
1400 | 1475 | ||
1476 | bw->lamt += read_len; | ||
1401 | if (!timerisset(&bw->bwstart)) { | 1477 | if (!timerisset(&bw->bwstart)) { |
1402 | monotime_tv(&bw->bwstart); | 1478 | monotime_tv(&bw->bwstart); |
1403 | return; | 1479 | return; |
1404 | } | 1480 | } |
1405 | |||
1406 | bw->lamt += read_len; | ||
1407 | if (bw->lamt < bw->thresh) | 1481 | if (bw->lamt < bw->thresh) |
1408 | return; | 1482 | return; |
1409 | 1483 | ||
@@ -2085,3 +2159,10 @@ format_absolute_time(uint64_t t, char *buf, size_t len) | |||
2085 | localtime_r(&tt, &tm); | 2159 | localtime_r(&tt, &tm); |
2086 | strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm); | 2160 | strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm); |
2087 | } | 2161 | } |
2162 | |||
2163 | /* check if path is absolute */ | ||
2164 | int | ||
2165 | path_absolute(const char *path) | ||
2166 | { | ||
2167 | return (*path == '/') ? 1 : 0; | ||
2168 | } | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.75 2018/10/03 06:38:35 djm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.79 2019/01/23 21:50:56 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -17,6 +17,7 @@ | |||
17 | 17 | ||
18 | #include <sys/time.h> | 18 | #include <sys/time.h> |
19 | #include <sys/types.h> | 19 | #include <sys/types.h> |
20 | #include <sys/socket.h> | ||
20 | 21 | ||
21 | /* Data structure for representing a forwarding request. */ | 22 | /* Data structure for representing a forwarding request. */ |
22 | struct Forward { | 23 | struct Forward { |
@@ -51,9 +52,12 @@ void set_nodelay(int); | |||
51 | int set_reuseaddr(int); | 52 | int set_reuseaddr(int); |
52 | char *get_rdomain(int); | 53 | char *get_rdomain(int); |
53 | int set_rdomain(int, const char *); | 54 | int set_rdomain(int, const char *); |
55 | int waitrfd(int, int *); | ||
56 | int timeout_connect(int, const struct sockaddr *, socklen_t, int *); | ||
54 | int a2port(const char *); | 57 | int a2port(const char *); |
55 | int a2tun(const char *, int *); | 58 | int a2tun(const char *, int *); |
56 | char *put_host_port(const char *, u_short); | 59 | char *put_host_port(const char *, u_short); |
60 | char *hpdelim2(char **, char *); | ||
57 | char *hpdelim(char **); | 61 | char *hpdelim(char **); |
58 | char *cleanhostname(char *); | 62 | char *cleanhostname(char *); |
59 | char *colon(char *); | 63 | char *colon(char *); |
@@ -78,6 +82,7 @@ int valid_env_name(const char *); | |||
78 | const char *atoi_err(const char *, int *); | 82 | const char *atoi_err(const char *, int *); |
79 | int parse_absolute_time(const char *, uint64_t *); | 83 | int parse_absolute_time(const char *, uint64_t *); |
80 | void format_absolute_time(uint64_t, char *, size_t); | 84 | void format_absolute_time(uint64_t, char *, size_t); |
85 | int path_absolute(const char *); | ||
81 | 86 | ||
82 | void sock_set_v6only(int); | 87 | void sock_set_v6only(int); |
83 | 88 | ||
@@ -134,7 +139,9 @@ void put_u32_le(void *, u_int32_t) | |||
134 | 139 | ||
135 | struct bwlimit { | 140 | struct bwlimit { |
136 | size_t buflen; | 141 | size_t buflen; |
137 | u_int64_t rate, thresh, lamt; | 142 | u_int64_t rate; /* desired rate in kbit/s */ |
143 | u_int64_t thresh; /* threshold after which we'll check timers */ | ||
144 | u_int64_t lamt; /* amount written in last timer interval */ | ||
138 | struct timeval bwstart, bwend; | 145 | struct timeval bwstart, bwend; |
139 | }; | 146 | }; |
140 | 147 | ||
@@ -1,428 +1,452 @@ | |||
1 | # $OpenBSD: moduli,v 1.22 2018/09/20 08:07:03 dtucker Exp $ | 1 | # $OpenBSD: moduli,v 1.23 2018/10/31 11:20:04 dtucker Exp $ |
2 | # Time Type Tests Tries Size Generator Modulus | 2 | # Time Type Tests Tries Size Generator Modulus |
3 | 20180403031539 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A591E4B57 | 3 | 20180920083436 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0BE8103 |
4 | 20180403031604 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5923D0DB | 4 | 20180920083444 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0C7C3CF |
5 | 20180403031626 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A592B11B7 | 5 | 20180920083448 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0C8204B |
6 | 20180403031845 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A59715A73 | 6 | 20180920083506 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0E7A6DB |
7 | 20180403032143 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A59CDE963 | 7 | 20180920083516 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0F5096B |
8 | 20180403032347 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A11B463 | 8 | 20180920083532 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE11027BF |
9 | 20180403032438 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A2BBC5F | 9 | 20180920083549 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE12EA013 |
10 | 20180403032617 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A6308C3 | 10 | 20180920083601 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE13F42E7 |
11 | 20180403032923 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5ADA5523 | 11 | 20180920083617 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE15AA2C3 |
12 | 20180403033405 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5B9A6B37 | 12 | 20180920083643 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE18AB6BB |
13 | 20180403033427 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5B9F8E27 | 13 | 20180920083714 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE1C69837 |
14 | 20180403033655 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C00897F | 14 | 20180920083747 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE207143B |
15 | 20180403033742 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C172DBB | 15 | 20180920083825 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE24E3977 |
16 | 20180403033837 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C33AEAB | 16 | 20180920083852 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2843EE7 |
17 | 20180403033952 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C5F6067 | 17 | 20180920083857 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE285908B |
18 | 20180403034409 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5CEE2AD7 | 18 | 20180920083917 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2A7511B |
19 | 20180403034453 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5CFFE4F3 | 19 | 20180920083924 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2B08EBF |
20 | 20180403034601 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5D1A691B | 20 | 20180920083936 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2C326CF |
21 | 20180403035311 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E04B193 | 21 | 20180920083953 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2E0BCBB |
22 | 20180403035645 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E75D66F | 22 | 20180920084017 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE30D862B |
23 | 20180403035724 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E864847 | 23 | 20180920084034 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE32AADEF |
24 | 20180403035828 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5EA44DCF | 24 | 20180920084040 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE32F8FDB |
25 | 20180403035953 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5ECCB51B | 25 | 20180920084114 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE372E443 |
26 | 20180403040048 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5EE55A9F | 26 | 20180920084154 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE3C3748F |
27 | 20180403040339 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5F4D5E6F | 27 | 20180920084236 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4158847 |
28 | 20180403040523 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5F8939A3 | 28 | 20180920084247 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4262F2F |
29 | 20180403040638 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5FB85E8B | 29 | 20180920084310 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE452029F |
30 | 20180403040715 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5FCC3033 | 30 | 20180920084323 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE467FAEB |
31 | 20180403041128 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A60755C57 | 31 | 20180920084353 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4A3A77B |
32 | 20180403041637 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336541B76F | 32 | 20180920084435 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4F4FEC3 |
33 | 20180403041935 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365BF1D13 | 33 | 20180920084446 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE50404F3 |
34 | 20180403042035 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365E41E47 | 34 | 20180920084451 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE50889BB |
35 | 20180403042109 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365F700BB | 35 | 20180920084547 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE57A3D23 |
36 | 20180403042214 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336624FF2B | 36 | 20180920084627 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5CC4913 |
37 | 20180403042419 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336687845B | 37 | 20180920084636 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5D944FB |
38 | 20180403042507 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3366A8266B | 38 | 20180920084649 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5EF41F7 |
39 | 20180403042626 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3366E23603 | 39 | 20180920084732 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE646894F |
40 | 20180403042722 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367059073 | 40 | 20180920084755 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE670C3B7 |
41 | 20180403042819 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367289EC3 | 41 | 20180920084818 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE69AD617 |
42 | 20180403042928 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367519D23 | 42 | 20180920084821 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE69AE223 |
43 | 20180403042946 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336758BFC3 | 43 | 20180920084833 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE6ADE1B3 |
44 | 20180403043032 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336774A8EB | 44 | 20180920084844 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE6BD0ACF |
45 | 20180403043218 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367BAAE3F | 45 | 20180920085036 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7ACC18B |
46 | 20180403043245 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367C6B5CB | 46 | 20180920085043 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7B37CAB |
47 | 20180403043522 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3368340BB3 | 47 | 20180920085052 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7BF34CF |
48 | 20180403043954 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33690CEBC3 | 48 | 20180920085121 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7F719A3 |
49 | 20180403044107 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33693DA563 | 49 | 20180920085126 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7F7A70F |
50 | 20180403044245 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33697A63FB | 50 | 20180920085132 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7FD3383 |
51 | 20180403044527 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3369F3CAFF | 51 | 20180920085137 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7FF6C03 |
52 | 20180403044559 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A09E6EB | 52 | 20180920085143 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE806800F |
53 | 20180403044611 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A0C4F53 | 53 | 20180920085147 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE807F56B |
54 | 20180403044719 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A4348BF | 54 | 20180920085153 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE80BD7DF |
55 | 20180403044820 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A6E3193 | 55 | 20180920085205 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE81F7F6F |
56 | 20180403044844 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A7A9C7F | 56 | 20180920085257 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE88D9BB7 |
57 | 20180403045235 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336B2E2173 | 57 | 20180920085403 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79F990A17 |
58 | 20180403045518 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336BAD847B | 58 | 20180920085428 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79FC4B55B |
59 | 20180403045629 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336BE29A4B | 59 | 20180920085452 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79FF25EFF |
60 | 20180403045953 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336C865153 | 60 | 20180920085519 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0250433 |
61 | 20180403050042 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336CA6948F | 61 | 20180920085620 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0A900D3 |
62 | 20180403055314 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57012EEDBB | 62 | 20180920085639 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0C7B767 |
63 | 20180403055637 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57015FFFAB | 63 | 20180920085651 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0DB38C3 |
64 | 20180403060753 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57021C5763 | 64 | 20180920085658 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0E45E73 |
65 | 20180403061035 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570243FBBB | 65 | 20180920085744 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A13B7883 |
66 | 20180403061925 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5702CE55A3 | 66 | 20180920085800 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A155F0FF |
67 | 20180403062241 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5702FA4263 | 67 | 20180920085834 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A19802C3 |
68 | 20180403062828 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5703495AD7 | 68 | 20180920085838 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A198FC0B |
69 | 20180403063232 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570383322F | 69 | 20180920085854 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A1B38723 |
70 | 20180403063441 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57039D0EE7 | 70 | 20180920085908 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A1CBBC3F |
71 | 20180403065803 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5704F5DFCB | 71 | 20180920090009 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A24638B7 |
72 | 20180403070250 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570535A157 | 72 | 20180920090031 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A26FE49F |
73 | 20180403071043 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5705AD5B2B | 73 | 20180920090036 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A272126F |
74 | 20180403072237 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57066B3AFF | 74 | 20180920090057 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2962B0B |
75 | 20180403072347 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5706763D5B | 75 | 20180920090107 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2A69E27 |
76 | 20180403072612 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570696B733 | 76 | 20180920090148 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2F49F9B |
77 | 20180403073322 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707062E2B | 77 | 20180920090155 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2FC98C7 |
78 | 20180403073825 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707547607 | 78 | 20180920090222 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A32E8983 |
79 | 20180403073948 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570762843F | 79 | 20180920090227 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A332034B |
80 | 20180403074104 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57076EC3DB | 80 | 20180920090238 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A341BC13 |
81 | 20180403074403 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570799DD63 | 81 | 20180920090357 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A3E82A8B |
82 | 20180403074828 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707D93973 | 82 | 20180920090414 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A405F593 |
83 | 20180403075240 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570814F21B | 83 | 20180920090443 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A44029BB |
84 | 20180403075918 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570878D0DB | 84 | 20180920090533 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4A62F13 |
85 | 20180403080045 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708890F47 | 85 | 20180920090600 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4D96A23 |
86 | 20180403080212 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570898D8B3 | 86 | 20180920090616 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4F1B05B |
87 | 20180403080523 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708C1E14B | 87 | 20180920090637 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5184683 |
88 | 20180403080854 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708EEE0AF | 88 | 20180920090705 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A549FBCF |
89 | 20180403081003 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708F7F537 | 89 | 20180920090716 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5593157 |
90 | 20180403081710 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570961D7DB | 90 | 20180920090727 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5681F87 |
91 | 20180403082007 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570988E91B | 91 | 20180920090741 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A57EC4B3 |
92 | 20180403082804 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570A02958B | 92 | 20180920090828 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5DD04FF |
93 | 20180403084609 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B1FC24F | 93 | 20180920090834 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5E3B3D7 |
94 | 20180403084705 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B262033 | 94 | 20180920090935 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A660A94F |
95 | 20180403084905 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B3DD5AB | 95 | 20180920091000 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A68FC267 |
96 | 20180403085348 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B82B95B | 96 | 20180920094201 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11528E4B7 |
97 | 20180403090858 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570C6C2E5F | 97 | 20180920094613 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B115D90A53 |
98 | 20180403091014 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570C766563 | 98 | 20180920094828 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116301C17 |
99 | 20180403092356 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570D49B077 | 99 | 20180920094842 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11631DCAF |
100 | 20180403092842 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570D8D7FEB | 100 | 20180920095300 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116E4CA3B |
101 | 20180403093424 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570DE274D7 | 101 | 20180920095312 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116E4E133 |
102 | 20180403093850 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570E28C2BB | 102 | 20180920095413 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B117068663 |
103 | 20180403094634 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570EA36EDF | 103 | 20180920095436 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1170E270F |
104 | 20180403094738 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570EACDABB | 104 | 20180920100204 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1184656D3 |
105 | 20180403095906 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570F67B813 | 105 | 20180920100341 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11883D577 |
106 | 20180403101909 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710AFC157 | 106 | 20180920100505 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118B728DB |
107 | 20180403102057 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710C6E1FB | 107 | 20180920100550 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118D00F87 |
108 | 20180403102257 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710DF2FD7 | 108 | 20180920100609 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118D567E7 |
109 | 20180403102711 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57111EFB2F | 109 | 20180920100942 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1196905F7 |
110 | 20180403104106 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5711F3B14F | 110 | 20180920101027 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11980B233 |
111 | 20180403104411 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5712188817 | 111 | 20180920101047 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B119877CCB |
112 | 20180403104503 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57121EA02F | 112 | 20180920101204 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B119B78FAF |
113 | 20180403104712 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57123CDA13 | 113 | 20180920101600 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11A5CA257 |
114 | 20180403104901 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57125332B3 | 114 | 20180920102200 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B5728B7 |
115 | 20180403105756 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE03762997 | 115 | 20180920102235 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B698D4F |
116 | 20180403111214 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0468815B | 116 | 20180920102336 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B8BE2EF |
117 | 20180403111819 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE04C53C43 | 117 | 20180920102711 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11C1D39BB |
118 | 20180403111907 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE04CAC50F | 118 | 20180920102826 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11C4B4083 |
119 | 20180403112635 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0540031F | 119 | 20180920103322 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11D1356A7 |
120 | 20180403113403 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE05B956F7 | 120 | 20180920103630 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11D93FB63 |
121 | 20180403113943 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0619B7F3 | 121 | 20180920103932 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11E0CAEBB |
122 | 20180403114045 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06220B07 | 122 | 20180920104303 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11E9CB9E3 |
123 | 20180403114120 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0622E517 | 123 | 20180920104717 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11F4E4B63 |
124 | 20180403115211 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06D363E7 | 124 | 20180920104816 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11F72025B |
125 | 20180403115424 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06F22507 | 125 | 20180920105139 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11FFAA343 |
126 | 20180403115558 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE070516F3 | 126 | 20180920105211 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B120087713 |
127 | 20180403115753 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE071E3297 | 127 | 20180920105407 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B12052E023 |
128 | 20180403115927 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0731011F | 128 | 20180920105834 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1210F24F7 |
129 | 20180403121723 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE085D2303 | 129 | 20180920110033 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1215A8893 |
130 | 20180403122312 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE08B88A7F | 130 | 20180920110055 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B12161A467 |
131 | 20180403123158 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09563C53 | 131 | 20180920111239 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1234E3F83 |
132 | 20180403123328 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0969A18F | 132 | 20180920111553 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B123D4E7B7 |
133 | 20180403123534 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09876D27 | 133 | 20180920113107 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BD211E4B |
134 | 20180403124247 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09F3F4CF | 134 | 20180920113301 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BD69A2F3 |
135 | 20180403124446 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0A10443F | 135 | 20180920113601 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BDE3D567 |
136 | 20180403125400 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0AA6560F | 136 | 20180920113838 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BE4DA06B |
137 | 20180403131328 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0BF05873 | 137 | 20180920114445 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BF499357 |
138 | 20180403131708 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0C28FCF3 | 138 | 20180920114933 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C00F4FE3 |
139 | 20180403132618 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0CC05D43 | 139 | 20180920115406 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C0C7C2CF |
140 | 20180403140905 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0FBCA05B | 140 | 20180920115734 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C159195F |
141 | 20180403141813 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1054C7EF | 141 | 20180920120001 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C1B99ABF |
142 | 20180403143434 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1176152B | 142 | 20180920120514 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C29330EB |
143 | 20180403143933 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE11C90E93 | 143 | 20180920120628 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C2C100E7 |
144 | 20180403144751 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE125A12D3 | 144 | 20180920120657 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C2CD60CF |
145 | 20180403145406 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12C4F6CF | 145 | 20180920120944 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C33CEF4F |
146 | 20180403145448 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12CA246F | 146 | 20180920121341 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C3E0892F |
147 | 20180403145549 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12D582AB | 147 | 20180920121628 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C44E0077 |
148 | 20180403150132 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE13386F43 | 148 | 20180920121700 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C45D1D9F |
149 | 20180403150512 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1373A2CB | 149 | 20180920121822 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C493C143 |
150 | 20180403150605 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE137CA7DB | 150 | 20180920122041 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C4EF9D0B |
151 | 20180403151404 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE140AEF53 | 151 | 20180920122429 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C5898C03 |
152 | 20180403152834 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE14BB5263 | 152 | 20180920122505 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C59B843B |
153 | 20180403164629 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F2ACFC43 | 153 | 20180920122536 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C5A94107 |
154 | 20180403173943 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F45D568B | 154 | 20180920122806 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C60D5BBB |
155 | 20180403183028 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F603359B | 155 | 20180920123304 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C6DD0793 |
156 | 20180403183423 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F61BDC27 | 156 | 20180920123753 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C7A1DB4B |
157 | 20180403194550 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F877D863 | 157 | 20180920124152 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C842B8B7 |
158 | 20180403202122 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F9A0304B | 158 | 20180920124601 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C8EEDABB |
159 | 20180403210313 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FAFCEC73 | 159 | 20180920124906 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C96EA9B7 |
160 | 20180403213851 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FC2F80FF | 160 | 20180920125743 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CAE0E013 |
161 | 20180403215353 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FCA8B737 | 161 | 20180920125855 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB0BFEAB |
162 | 20180403222440 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FDAD53EF | 162 | 20180920125915 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB10BF07 |
163 | 20180403224035 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FE2EF2E3 | 163 | 20180920130235 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB9812B3 |
164 | 20180403224214 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FE343553 | 164 | 20180920130731 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CC62B69B |
165 | 20180403234157 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446002B2C0F | 165 | 20180920130910 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CC9EFAAB |
166 | 20180404012449 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446038F5C77 | 166 | 20180920131150 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD0A69F7 |
167 | 20180404012740 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446039F760B | 167 | 20180920131303 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD357E3F |
168 | 20180404013701 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44603E742CF | 168 | 20180920131355 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD51C05F |
169 | 20180404024209 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460610756B | 169 | 20180920131419 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD5A0C83 |
170 | 20180404034850 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446083DCDA7 | 170 | 20180920131529 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD82F3D3 |
171 | 20180404035100 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446084796E3 | 171 | 20180920134626 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1925064B |
172 | 20180404035224 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446084ACD8B | 172 | 20180920135427 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A19BA1E2B |
173 | 20180404040621 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44608BABFE3 | 173 | 20180920141147 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1B0331C7 |
174 | 20180404043706 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44609B60613 | 174 | 20180920145454 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1E40577F |
175 | 20180404044213 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44609DB5067 | 175 | 20180920150140 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1EBA2BA3 |
176 | 20180404050247 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460A8585C3 | 176 | 20180920161629 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A24551BC7 |
177 | 20180404053546 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460B94238B | 177 | 20180920163144 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A256E6A8B |
178 | 20180404054127 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460BBC6C0B | 178 | 20180920164626 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26848667 |
179 | 20180404060250 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460C67CBB7 | 179 | 20180920164921 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26B3187F |
180 | 20180404061330 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460CA93683 | 180 | 20180920165252 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26EC656B |
181 | 20180404084828 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446115943A3 | 181 | 20180920165723 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A273A8833 |
182 | 20180404085435 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4461181EE57 | 182 | 20180920170336 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A27A959BF |
183 | 20180404093010 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B396361597 | 183 | 20180920170729 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A27EBBC83 |
184 | 20180404100034 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3973953BB | 184 | 20180920171833 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A28B88307 |
185 | 20180404112136 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B399EA8DDF | 185 | 20180920173958 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2A47E5BF |
186 | 20180404112714 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39A1427A3 | 186 | 20180920174751 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2AD76CDB |
187 | 20180404115040 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39AD94553 | 187 | 20180920175337 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2B3F16FF |
188 | 20180404130727 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39D6ABE8B | 188 | 20180920180736 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2C416607 |
189 | 20180404132841 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39E19247F | 189 | 20180920181108 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2C7C62CF |
190 | 20180404140647 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39F5CFEAB | 190 | 20180920182003 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2D1C8377 |
191 | 20180404144308 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A087B8A7 | 191 | 20180920183639 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2E532EF7 |
192 | 20180404154403 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A271BD2F | 192 | 20180920185506 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2FAEF903 |
193 | 20180404155315 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A2B7E4DF | 193 | 20180920190842 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A30A680FB |
194 | 20180404164237 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A451FC23 | 194 | 20180920193433 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A328D6FAB |
195 | 20180404165126 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A494B437 | 195 | 20180920193735 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A32BD423F |
196 | 20180404172833 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A5C78E83 | 196 | 20180920194925 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A339269AB |
197 | 20180404175448 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A6A037D3 | 197 | 20180920200058 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A34692BDB |
198 | 20180404183147 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A7D443E3 | 198 | 20180920200225 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A347B8EFF |
199 | 20180404183316 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A7D883F3 | 199 | 20180920200812 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A34DFF2BB |
200 | 20180404190024 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A8B7BF5F | 200 | 20180920202050 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A35C67F5F |
201 | 20180404194132 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA11DC3B | 201 | 20180920204239 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A3758AE93 |
202 | 20180404195020 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA5664E3 | 202 | 20180920204648 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A379DD5F3 |
203 | 20180404195123 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA56EAF3 | 203 | 20180920212404 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C3B843C3 |
204 | 20180404202233 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AB5A9C37 | 204 | 20180920212755 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C3FC854F |
205 | 20180404202802 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AB8229D3 | 205 | 20180920213937 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C4D5B923 |
206 | 20180404203244 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ABA0DD8B | 206 | 20180920214830 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C578D833 |
207 | 20180404203913 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ABCF8F47 | 207 | 20180920215602 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C60301F7 |
208 | 20180404210704 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ACB6CB0B | 208 | 20180920222334 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C80CD293 |
209 | 20180404213123 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AD7FE977 | 209 | 20180920223427 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C8D7E023 |
210 | 20180404223506 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AF9772FB | 210 | 20180920224739 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C9CDF40F |
211 | 20180404225041 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B016049F | 211 | 20180920224953 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C9EF64FB |
212 | 20180404225753 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B04C3C37 | 212 | 20180920225400 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CA3777C7 |
213 | 20180404230652 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B092364B | 213 | 20180920225652 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CA6853C3 |
214 | 20180404231941 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B0F7D807 | 214 | 20180920230359 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CAE81C2F |
215 | 20180404232637 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B127CC5B | 215 | 20180920233313 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CD0FC883 |
216 | 20180404233306 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B154E443 | 216 | 20180920233505 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CD297D7B |
217 | 20180405003707 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B373FAF3 | 217 | 20180920234143 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CDA00627 |
218 | 20180405012137 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B4E4FE3B | 218 | 20180920235433 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CE8651DF |
219 | 20180405071813 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436983FC590B | 219 | 20180920235640 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CEA46B8F |
220 | 20180405072141 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436983FCDA2F | 220 | 20180921000133 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CEFBF913 |
221 | 20180405132535 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698806F173 | 221 | 20180921001904 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D039AC1B |
222 | 20180405133926 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436988262AB7 | 222 | 20180921002105 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D0557A5B |
223 | 20180405165648 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698A47BC0B | 223 | 20180921003739 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D184F8BB |
224 | 20180405195101 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698C28BB2F | 224 | 20180921004140 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D1C803A3 |
225 | 20180405213026 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698D395FBB | 225 | 20180921004415 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D1F094A7 |
226 | 20180405220015 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698D843327 | 226 | 20180921004716 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D21F8203 |
227 | 20180405231702 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698E544067 | 227 | 20180921005129 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D268646B |
228 | 20180406025336 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436990AEC063 | 228 | 20180921010446 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D3556B5B |
229 | 20180406035121 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699149227B | 229 | 20180921013214 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D556768F |
230 | 20180406063935 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436992C6FC43 | 230 | 20180921014417 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D62CB7EF |
231 | 20180406115213 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436995ACE13F | 231 | 20180921021218 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D835583B |
232 | 20180406155248 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436997C8EA27 | 232 | 20180921023434 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D9D786F3 |
233 | 20180406170431 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436998593AD3 | 233 | 20180921024155 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DA550ABB |
234 | 20180406184640 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699940ADB7 | 234 | 20180921031006 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DC5EBE23 |
235 | 20180407000748 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699C562CCB | 235 | 20180921031034 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DC5EC45F |
236 | 20180407041558 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699EECE453 | 236 | 20180921032220 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD2F3B53 |
237 | 20180407070330 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A0B1D577 | 237 | 20180921032554 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD68BE4B |
238 | 20180407100408 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A29D405B | 238 | 20180921032729 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD7D755B |
239 | 20180407103952 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A2F83A33 | 239 | 20180921034633 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DED7E937 |
240 | 20180407123940 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A43ACBEB | 240 | 20180921035421 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DF60EDC7 |
241 | 20180407154812 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A62F48B7 | 241 | 20180921035905 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DFAC40E3 |
242 | 20180407170835 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A704C5AF | 242 | 20180921041542 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002E0D7FD93 |
243 | 20180407175007 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A76C88B7 | 243 | 20180921042022 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002E12169CB |
244 | 20180407184438 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A7F65E03 | 244 | 20180921053713 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC509A2DF |
245 | 20180407195743 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A8B41617 | 245 | 20180921055252 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC560A423 |
246 | 20180408071229 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369AFC7905B | 246 | 20180921065744 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC6F28D1F |
247 | 20180408075553 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B03562E7 | 247 | 20180921071557 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC75F93C3 |
248 | 20180408124736 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B3416E27 | 248 | 20180921113009 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4ACDA5C3BF |
249 | 20180408125929 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B35942B3 | 249 | 20180921133701 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD0A30BD7 |
250 | 20180409023705 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369BBCCDCBB | 250 | 20180921151331 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD2DFFEAB |
251 | 20180409072217 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369BEB6303F | 251 | 20180921154930 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD3B43EF3 |
252 | 20180409124237 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C1F95DB3 | 252 | 20180921162910 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD4A147DB |
253 | 20180409150941 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C3A97BA7 | 253 | 20180921183414 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD79B0197 |
254 | 20180409162805 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C56C92A7 | 254 | 20180921184903 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD7F055F3 |
255 | 20180409185627 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C8DC8A0F | 255 | 20180921190227 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD837F15B |
256 | 20180409201511 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E047122A7 | 256 | 20180922004824 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE097172B |
257 | 20180409212042 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E06189297 | 257 | 20180922040435 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE5403DDB |
258 | 20180410021123 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0D35B28F | 258 | 20180922052522 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE71BA84B |
259 | 20180410022638 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0D8CA623 | 259 | 20180922073622 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEA2D28E3 |
260 | 20180410024637 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0E02E03F | 260 | 20180922084529 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEBD11737 |
261 | 20180410063306 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E1393582B | 261 | 20180922095510 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AED6CB613 |
262 | 20180410063848 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E13B0682B | 262 | 20180922100442 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEDA11D23 |
263 | 20180410071153 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E147AB73B | 263 | 20180922102739 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEE243617 |
264 | 20180410082253 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E16363257 | 264 | 20180922111522 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEF3698BF |
265 | 20180410101335 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E18F03B13 | 265 | 20180922122645 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF0DFB873 |
266 | 20180410105609 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E19F1DE37 | 266 | 20180922135149 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF2D2C0A3 |
267 | 20180410152104 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E205A4ACB | 267 | 20180922135535 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF2DFCAFB |
268 | 20180410153733 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E20B2606F | 268 | 20180922143740 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF3D211A3 |
269 | 20180410175655 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E240655BF | 269 | 20180922150118 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF45675DB |
270 | 20180410204830 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E281EDA87 | 270 | 20180922161720 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF614E323 |
271 | 20180410231426 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2B95718B | 271 | 20180922174324 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF80E023F |
272 | 20180410233438 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2C0621C7 | 272 | 20180922183959 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF956439F |
273 | 20180410234833 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2C5297E3 | 273 | 20180922202104 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFBAC649B |
274 | 20180411035657 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E32375BE3 | 274 | 20180922210150 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFC958F53 |
275 | 20180411053901 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3499E12F | 275 | 20180922213354 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFD502EE3 |
276 | 20180411073150 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3738967B | 276 | 20180922232002 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFFC84A6B |
277 | 20180411073910 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E375B7807 | 277 | 20180923014322 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B031123EB |
278 | 20180411075734 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E37C0C66B | 278 | 20180923030251 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B04EC8B2B |
279 | 20180411081855 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E383A5BCB | 279 | 20180923042422 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B06C56A47 |
280 | 20180411093848 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3A0D60EB | 280 | 20180923075109 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B0B7BA467 |
281 | 20180411094657 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3A351317 | 281 | 20180923091429 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1949920F8B |
282 | 20180411110541 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3C08A7A7 | 282 | 20180923122354 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB194E3CB3E3 |
283 | 20180411120731 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3D6EB9BB | 283 | 20180923132927 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB194FD1CDE7 |
284 | 20180411130125 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3EAD50F3 | 284 | 20180923135953 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB195089F093 |
285 | 20180411151653 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E41CC6D9F | 285 | 20180923141725 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1950F052F7 |
286 | 20180411152943 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4210423B | 286 | 20180923153745 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1952DF5333 |
287 | 20180411184911 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E46A13843 | 287 | 20180923161625 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1953CC5B37 |
288 | 20180411191726 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E473E26CF | 288 | 20180923174651 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1955FDACA3 |
289 | 20180411205712 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E498A1853 | 289 | 20180923174907 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB195602AE57 |
290 | 20180411212652 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4A2D607F | 290 | 20180923185706 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1957A5593B |
291 | 20180411215657 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4AD99963 | 291 | 20180923201932 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1959A6D687 |
292 | 20180412095549 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D1E908A07 | 292 | 20180924141921 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973A572FF |
293 | 20180412222127 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D28C808CB | 293 | 20180924142936 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973D9C983 |
294 | 20180413014812 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D2B32FFD3 | 294 | 20180924143229 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973E18163 |
295 | 20180413033600 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D2C8AD64F | 295 | 20180924144304 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19741666EB |
296 | 20180413142737 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D34F03213 | 296 | 20180924164032 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1976CE68FB |
297 | 20180413150907 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D35714FEF | 297 | 20180924164811 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1976F40FA7 |
298 | 20180413164654 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D36BB8D1B | 298 | 20180924172248 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1977BCD9FB |
299 | 20180413202724 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D39A4E13B | 299 | 20180924193420 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197ACC31C7 |
300 | 20180413203949 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D39C6A4FB | 300 | 20180924195813 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197B54F0A3 |
301 | 20180413211909 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D3A44F883 | 301 | 20180924213953 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197DA923D7 |
302 | 20180414010718 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D3D3D3257 | 302 | 20180924220006 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197E18BC83 |
303 | 20180414125221 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D467C1523 | 303 | 20180924221925 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197E83B0E7 |
304 | 20180414181319 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4AA2837B | 304 | 20180924230442 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197F8509D7 |
305 | 20180414202910 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4C60657F | 305 | 20180925002733 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198168A38B |
306 | 20180414210359 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4CCB3D87 | 306 | 20180925022629 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19842450D7 |
307 | 20180415054313 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D53659F57 | 307 | 20180925032318 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19856CA53F |
308 | 20180415133017 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D596ABEFF | 308 | 20180925033018 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19858EBEEB |
309 | 20180415160204 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D5B5415B7 | 309 | 20180925033504 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1985A24167 |
310 | 20180415222232 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6018A3AB | 310 | 20180925040411 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19864B479F |
311 | 20180415224834 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6064EF13 | 311 | 20180925075729 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198B9EEEC3 |
312 | 20180416005338 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D61F17307 | 312 | 20180925083607 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198C77AA37 |
313 | 20180416021119 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D62E1D04F | 313 | 20180925142730 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416C2EDFD4B |
314 | 20180416083930 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D67B78127 | 314 | 20180926003216 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416CB3AFEA3 |
315 | 20180416182014 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6EDFEF6B | 315 | 20180926041318 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416CE37F7FB |
316 | 20180416190916 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6F71FA97 | 316 | 20180926074350 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D109F343 |
317 | 20180416195012 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6FE60F77 | 317 | 20180926090735 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D2224817 |
318 | 20180417005002 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D737F03EF | 318 | 20180926125425 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D526B7D3 |
319 | 20180417031611 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D75497E7B | 319 | 20180926162303 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D7F88093 |
320 | 20180417042601 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D761E7D7F | 320 | 20180926165118 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D85194CB |
321 | 20180417230051 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D83ABCCEF | 321 | 20180926224609 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DD089B0F |
322 | 20180417231044 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D83C22B2F | 322 | 20180926225812 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DD2A3B6B |
323 | 20180418011858 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D8545B2B3 | 323 | 20180927013355 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DF3A214F |
324 | 20180418054538 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00823770B | 324 | 20180927022646 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DFE1C77F |
325 | 20180418071157 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00950BDC3 | 325 | 20180927025105 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E02B64E3 |
326 | 20180418085254 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00AAFBDDB | 326 | 20180927073721 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E3F7C30F |
327 | 20180418174929 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01225DA53 | 327 | 20180927091345 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E533987B |
328 | 20180418210652 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA014D6E5DF | 328 | 20180927094940 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E5A3AA83 |
329 | 20180418211238 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA014E1D75B | 329 | 20180927172504 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416EB936ECF |
330 | 20180418224228 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA016133603 | 330 | 20180927221028 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416EF491CEF |
331 | 20180418233547 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA016C53D1F | 331 | 20180928031538 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F33826BF |
332 | 20180419053435 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01B7B0413 | 332 | 20180928061816 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F58E9E8B |
333 | 20180419055744 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01BC212DB | 333 | 20180928065908 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F6069543 |
334 | 20180419135850 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA022362F53 | 334 | 20180928120844 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F9FC5BCB |
335 | 20180419162659 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02429C813 | 335 | 20180928170131 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416FDB2EF23 |
336 | 20180419214419 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA0286020EF | 336 | 20180928221854 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B41701B64E6B |
337 | 20180420033054 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02CE157FF | 337 | 20180929042224 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B417064EC2FF |
338 | 20180420033355 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02CE22F0F | 338 | 20180929093251 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170A2F02DB |
339 | 20180420131137 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03463D903 | 339 | 20180929124700 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170C92055B |
340 | 20180420174655 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA037E8E853 | 340 | 20180929125705 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170CA966AF |
341 | 20180420224816 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03BC5BAEB | 341 | 20180929140557 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170D7B99EB |
342 | 20180421002804 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03CFF8483 | 342 | 20180929225234 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171409B02B |
343 | 20180421033707 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03F5CEF07 | 343 | 20180930030835 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B417172F0403 |
344 | 20180421044121 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04029ED83 | 344 | 20180930110353 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171D11BFBF |
345 | 20180421054539 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA040F07753 | 345 | 20180930124634 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171E461903 |
346 | 20180421080206 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA042A70927 | 346 | 20180930150219 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171FE2013B |
347 | 20180421084346 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04323E033 | 347 | 20181001021616 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4172812EAEB |
348 | 20180421135101 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04708373F | 348 | 20181001072125 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4172BC07FE7 |
349 | 20180421220150 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04D33A023 | 349 | 20181001133408 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B41730368927 |
350 | 20180421233337 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04E52D9FF | 350 | 20181002022928 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4608E66C77 |
351 | 20180422094542 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA055FBBC03 | 351 | 20181002041648 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C460A539D5F |
352 | 20180422151643 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA05A0B8E53 | 352 | 20181002080547 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C460D765A73 |
353 | 20180422163933 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA05B02DF5B | 353 | 20181002132925 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4611D8F2D7 |
354 | 20180423004105 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA060EDD493 | 354 | 20181002195913 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46170D027F |
355 | 20180423045850 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA06410777F | 355 | 20181003044410 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461E0FB427 |
356 | 20180423175352 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA06D85A5C3 | 356 | 20181003045243 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461E245A3F |
357 | 20180424034739 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA074B2314F | 357 | 20181003065635 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461FC358AF |
358 | 20180424155916 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFACFC9C07 | 358 | 20181003081458 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4620C4118B |
359 | 20180424222331 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFB180A887 | 359 | 20181003091804 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4621936EAF |
360 | 20180425154127 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFBD59073B | 360 | 20181003093652 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4621C96C57 |
361 | 20180426001519 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFC3391D93 | 361 | 20181003213125 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C462B2BBD5B |
362 | 20180426011753 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFC3E66CFF | 362 | 20181004064641 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4632523CCF |
363 | 20180426121313 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFCB4C31C7 | 363 | 20181004083341 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4633A72497 |
364 | 20180426192735 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD02C1487 | 364 | 20181004113212 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4635EC630B |
365 | 20180427041246 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD60EF383 | 365 | 20181004123633 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4636B93337 |
366 | 20180427102113 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD9FE975B | 366 | 20181004144119 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C463844D7C3 |
367 | 20180427110709 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFDA77CFC7 | 367 | 20181005025309 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4641A155C7 |
368 | 20180427115833 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFDB032A8F | 368 | 20181005044622 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46430AFEB3 |
369 | 20180427231209 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE24BAFE7 | 369 | 20181005053156 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464390BAB3 |
370 | 20180428032748 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE509AE73 | 370 | 20181005074342 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464535BB4B |
371 | 20180428050334 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE60622B3 | 371 | 20181005094350 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4646B220EF |
372 | 20180428204832 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF035C75F | 372 | 20181005154803 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464B3844E3 |
373 | 20180428220506 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF0FF9743 | 373 | 20181005164416 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464BE2332F |
374 | 20180428221212 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF108842F | 374 | 20181005203233 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464EAB7A73 |
375 | 20180429040829 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF4BDEDDF | 375 | 20181006030808 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46538BEADB |
376 | 20180429045604 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF5372357 | 376 | 20181006045927 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4654E5E903 |
377 | 20180429052346 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF57C9113 | 377 | 20181006134442 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465B551BBB |
378 | 20180429053535 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF591B0F3 | 378 | 20181006162315 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465D3CDE9F |
379 | 20180429234833 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D000DBC47B | 379 | 20181006171548 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465DD9203F |
380 | 20180430061137 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D004DD4873 | 380 | 20181006173731 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465E163313 |
381 | 20180430071004 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D0056DDF9F | 381 | 20181006214027 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466102759F |
382 | 20180430074559 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D005C5181B | 382 | 20181007065411 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4667A72DC3 |
383 | 20180430091811 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D006B26D17 | 383 | 20181007123656 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466BB5F597 |
384 | 20180430191732 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D00CD17013 | 384 | 20181007145027 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466D436643 |
385 | 20180501005739 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01047BA13 | 385 | 20181007184043 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C467005CF4B |
386 | 20180501022059 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01117B47B | 386 | 20181007223658 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211133D9A97 |
387 | 20180501025617 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D0116B88A7 | 387 | 20181008074149 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21119A92B8B |
388 | 20180501031400 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01190866F | 388 | 20181008163451 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2111FD14FAB |
389 | 20180501201356 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01BDDAB3B | 389 | 20181008224318 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211241066AB |
390 | 20180501204003 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01C18942F | 390 | 20181009003245 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211254A0343 |
391 | 20180502033416 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D02024C2DB | 391 | 20181009070543 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21129CA56FB |
392 | 20180502214537 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED639CFC883 | 392 | 20181009111433 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2112C8E0D93 |
393 | 20180503020255 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED63CD06DCB | 393 | 20181009152706 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2112F6601C7 |
394 | 20180503022319 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED63D0368DF | 394 | 20181009164722 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2113048398B |
395 | 20180503125648 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6446836FF | 395 | 20181009203858 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21132D1168F |
396 | 20180503155809 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED64679B30F | 396 | 20181010040332 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21137C65BFB |
397 | 20180503191156 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED648AEA87F | 397 | 20181011070638 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21149914247 |
398 | 20180504050354 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED64F75441F | 398 | 20181011150252 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2114EAE7D3B |
399 | 20180504071143 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED650DC49F3 | 399 | 20181011153554 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2114EFEE58B |
400 | 20180504084722 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED651F00D33 | 400 | 20181011234311 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211542C97AF |
401 | 20180504103430 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65316D0B7 | 401 | 20181012043844 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21157397D47 |
402 | 20180504105453 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65348CDBB | 402 | 20181012060434 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115803DB63 |
403 | 20180504234946 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65BF5CBBF | 403 | 20181012142459 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115CF3077F |
404 | 20180505042813 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65F0A04E7 | 404 | 20181012162028 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115E1C6FCB |
405 | 20180505043446 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65F133337 | 405 | 20181012182332 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115F5E2D97 |
406 | 20180505082348 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6618FACC3 | 406 | 20181012182843 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115F623A23 |
407 | 20180505142452 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED665916E9B | 407 | 20181012201834 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211608810CB |
408 | 20180505191845 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED668B9BE0B | 408 | 20181012223139 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21161EAF243 |
409 | 20180506011717 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED66CA10377 | 409 | 20181013114842 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2116A336C63 |
410 | 20180506064643 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67028E243 | 410 | 20181013221122 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21170A23417 |
411 | 20180506091931 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED671CB9597 | 411 | 20181013221710 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21170A81107 |
412 | 20180506094237 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67201565B | 412 | 20181014032132 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21173C1D793 |
413 | 20180506200807 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED678BDEA8B | 413 | 20181014035731 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117416EF17 |
414 | 20180507012051 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67C15F093 | 414 | 20181014044029 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211747D7B4B |
415 | 20180507102714 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED681E510A7 | 415 | 20181014092738 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117764D6CF |
416 | 20180507105523 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6822806B3 | 416 | 20181014125735 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21179863787 |
417 | 20180507204038 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6885CE023 | 417 | 20181014151837 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117AE70AF7 |
418 | 20180508025258 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED68C4A13A7 | 418 | 20181014175821 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117C7CCCA7 |
419 | 20180508064503 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED68EAB2CC7 | 419 | 20181014225732 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117F8262DB |
420 | 20180508094511 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED69078137B | 420 | 20181014233346 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117FD8EA63 |
421 | 20180509200633 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A5AB6E77 | 421 | 20181015001106 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211803251C3 |
422 | 20180509233450 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A7C34C7F | 422 | 20181015101051 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21185F9BDF3 |
423 | 20180510003712 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A85E2007 | 423 | 20181016055751 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211914B6C57 |
424 | 20180510011010 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A8ABBDA3 | 424 | 20181016115955 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA20E92F77 |
425 | 20180510075358 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AC65344B | 425 | 20181017081453 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA2E7C1F6B |
426 | 20180510102028 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6ADD74BF3 | 426 | 20181017142420 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA32237C3F |
427 | 20180510111207 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AE56234B | 427 | 20181017185818 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA353F763B |
428 | 20180510122304 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AF06789F | 428 | 20181017191239 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA355F350B |
429 | 20181018142458 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4281917F | ||
430 | 20181018172424 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA44764C13 | ||
431 | 20181019021923 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4A5411D3 | ||
432 | 20181019034359 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4B386FC3 | ||
433 | 20181019143855 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA5262DD0F | ||
434 | 20181019175117 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA547B23C3 | ||
435 | 20181019180938 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA54A6C53B | ||
436 | 20181019200034 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA55D16287 | ||
437 | 20181020003801 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA58CB384B | ||
438 | 20181020112657 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA5F85360B | ||
439 | 20181020201319 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA652B1403 | ||
440 | 20181020203144 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6552017F | ||
441 | 20181021021352 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA68F8AE73 | ||
442 | 20181021071146 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6C1C6B53 | ||
443 | 20181021104137 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6E492B5B | ||
444 | 20181021162701 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA71E3AEBB | ||
445 | 20181021164042 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA71FF6D23 | ||
446 | 20181022114359 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA7D41FB5F | ||
447 | 20181023003127 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA852BE5A7 | ||
448 | 20181023054524 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA88559E07 | ||
449 | 20181023122409 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8C5B7A9F | ||
450 | 20181023161120 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8EA11AB7 | ||
451 | 20181023174619 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8F91F893 | ||
452 | 20181023175924 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8FAACDB7 | ||
@@ -71,4 +71,4 @@ STANDARDS | |||
71 | the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, | 71 | the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, |
72 | 2006. | 72 | 2006. |
73 | 73 | ||
74 | OpenBSD 6.4 September 26, 2012 OpenBSD 6.4 | 74 | OpenBSD 6.5 September 26, 2012 OpenBSD 6.5 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.32 2017/12/08 03:45:52 deraadt Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.34 2019/01/23 09:49:00 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -582,7 +582,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
582 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; | 582 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; |
583 | unsigned long last_processed = 0, end_lineno; | 583 | unsigned long last_processed = 0, end_lineno; |
584 | time_t time_start, time_stop; | 584 | time_t time_start, time_stop; |
585 | int res; | 585 | int res, is_prime; |
586 | 586 | ||
587 | if (trials < TRIAL_MINIMUM) { | 587 | if (trials < TRIAL_MINIMUM) { |
588 | error("Minimum primality trials is %d", TRIAL_MINIMUM); | 588 | error("Minimum primality trials is %d", TRIAL_MINIMUM); |
@@ -716,8 +716,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
716 | if (generator_known == 0) { | 716 | if (generator_known == 0) { |
717 | if (BN_mod_word(p, 24) == 11) | 717 | if (BN_mod_word(p, 24) == 11) |
718 | generator_known = 2; | 718 | generator_known = 2; |
719 | else if (BN_mod_word(p, 12) == 5) | ||
720 | generator_known = 3; | ||
721 | else { | 719 | else { |
722 | u_int32_t r = BN_mod_word(p, 10); | 720 | u_int32_t r = BN_mod_word(p, 10); |
723 | 721 | ||
@@ -753,7 +751,10 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
753 | * that p is also prime. A single pass will weed out the | 751 | * that p is also prime. A single pass will weed out the |
754 | * vast majority of composite q's. | 752 | * vast majority of composite q's. |
755 | */ | 753 | */ |
756 | if (BN_is_prime_ex(q, 1, ctx, NULL) <= 0) { | 754 | is_prime = BN_is_prime_ex(q, 1, ctx, NULL); |
755 | if (is_prime < 0) | ||
756 | fatal("BN_is_prime_ex failed"); | ||
757 | if (is_prime == 0) { | ||
757 | debug("%10u: q failed first possible prime test", | 758 | debug("%10u: q failed first possible prime test", |
758 | count_in); | 759 | count_in); |
759 | continue; | 760 | continue; |
@@ -766,14 +767,20 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
766 | * will show up on the first Rabin-Miller iteration so it | 767 | * will show up on the first Rabin-Miller iteration so it |
767 | * doesn't hurt to specify a high iteration count. | 768 | * doesn't hurt to specify a high iteration count. |
768 | */ | 769 | */ |
769 | if (!BN_is_prime_ex(p, trials, ctx, NULL)) { | 770 | is_prime = BN_is_prime_ex(p, trials, ctx, NULL); |
771 | if (is_prime < 0) | ||
772 | fatal("BN_is_prime_ex failed"); | ||
773 | if (is_prime == 0) { | ||
770 | debug("%10u: p is not prime", count_in); | 774 | debug("%10u: p is not prime", count_in); |
771 | continue; | 775 | continue; |
772 | } | 776 | } |
773 | debug("%10u: p is almost certainly prime", count_in); | 777 | debug("%10u: p is almost certainly prime", count_in); |
774 | 778 | ||
775 | /* recheck q more rigorously */ | 779 | /* recheck q more rigorously */ |
776 | if (!BN_is_prime_ex(q, trials - 1, ctx, NULL)) { | 780 | is_prime = BN_is_prime_ex(q, trials - 1, ctx, NULL); |
781 | if (is_prime < 0) | ||
782 | fatal("BN_is_prime_ex failed"); | ||
783 | if (is_prime == 0) { | ||
777 | debug("%10u: q is not prime", count_in); | 784 | debug("%10u: q is not prime", count_in); |
778 | continue; | 785 | continue; |
779 | } | 786 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -112,51 +112,51 @@ static struct sshbuf *child_state; | |||
112 | 112 | ||
113 | /* Functions on the monitor that answer unprivileged requests */ | 113 | /* Functions on the monitor that answer unprivileged requests */ |
114 | 114 | ||
115 | int mm_answer_moduli(int, struct sshbuf *); | 115 | int mm_answer_moduli(struct ssh *, int, struct sshbuf *); |
116 | int mm_answer_sign(int, struct sshbuf *); | 116 | int mm_answer_sign(struct ssh *, int, struct sshbuf *); |
117 | int mm_answer_pwnamallow(int, struct sshbuf *); | 117 | int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *); |
118 | int mm_answer_auth2_read_banner(int, struct sshbuf *); | 118 | int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *); |
119 | int mm_answer_authserv(int, struct sshbuf *); | 119 | int mm_answer_authserv(struct ssh *, int, struct sshbuf *); |
120 | int mm_answer_authrole(int, struct sshbuf *); | 120 | int mm_answer_authrole(struct ssh *, int, struct sshbuf *); |
121 | int mm_answer_authpassword(int, struct sshbuf *); | 121 | int mm_answer_authpassword(struct ssh *, int, struct sshbuf *); |
122 | int mm_answer_bsdauthquery(int, struct sshbuf *); | 122 | int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *); |
123 | int mm_answer_bsdauthrespond(int, struct sshbuf *); | 123 | int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *); |
124 | int mm_answer_keyallowed(int, struct sshbuf *); | 124 | int mm_answer_skeyquery(struct ssh *, int, struct sshbuf *); |
125 | int mm_answer_keyverify(int, struct sshbuf *); | 125 | int mm_answer_skeyrespond(struct ssh *, int, struct sshbuf *); |
126 | int mm_answer_pty(int, struct sshbuf *); | 126 | int mm_answer_keyallowed(struct ssh *, int, struct sshbuf *); |
127 | int mm_answer_pty_cleanup(int, struct sshbuf *); | 127 | int mm_answer_keyverify(struct ssh *, int, struct sshbuf *); |
128 | int mm_answer_term(int, struct sshbuf *); | 128 | int mm_answer_pty(struct ssh *, int, struct sshbuf *); |
129 | int mm_answer_rsa_keyallowed(int, struct sshbuf *); | 129 | int mm_answer_pty_cleanup(struct ssh *, int, struct sshbuf *); |
130 | int mm_answer_rsa_challenge(int, struct sshbuf *); | 130 | int mm_answer_term(struct ssh *, int, struct sshbuf *); |
131 | int mm_answer_rsa_response(int, struct sshbuf *); | 131 | int mm_answer_rsa_keyallowed(struct ssh *, int, struct sshbuf *); |
132 | int mm_answer_sesskey(int, struct sshbuf *); | 132 | int mm_answer_rsa_challenge(struct ssh *, int, struct sshbuf *); |
133 | int mm_answer_sessid(int, struct sshbuf *); | 133 | int mm_answer_rsa_response(struct ssh *, int, struct sshbuf *); |
134 | int mm_answer_sesskey(struct ssh *, int, struct sshbuf *); | ||
135 | int mm_answer_sessid(struct ssh *, int, struct sshbuf *); | ||
134 | 136 | ||
135 | #ifdef USE_PAM | 137 | #ifdef USE_PAM |
136 | int mm_answer_pam_start(int, struct sshbuf *); | 138 | int mm_answer_pam_start(struct ssh *, int, struct sshbuf *); |
137 | int mm_answer_pam_account(int, struct sshbuf *); | 139 | int mm_answer_pam_account(struct ssh *, int, struct sshbuf *); |
138 | int mm_answer_pam_init_ctx(int, struct sshbuf *); | 140 | int mm_answer_pam_init_ctx(struct ssh *, int, struct sshbuf *); |
139 | int mm_answer_pam_query(int, struct sshbuf *); | 141 | int mm_answer_pam_query(struct ssh *, int, struct sshbuf *); |
140 | int mm_answer_pam_respond(int, struct sshbuf *); | 142 | int mm_answer_pam_respond(struct ssh *, int, struct sshbuf *); |
141 | int mm_answer_pam_free_ctx(int, struct sshbuf *); | 143 | int mm_answer_pam_free_ctx(struct ssh *, int, struct sshbuf *); |
142 | #endif | 144 | #endif |
143 | 145 | ||
144 | #ifdef GSSAPI | 146 | #ifdef GSSAPI |
145 | int mm_answer_gss_setup_ctx(int, struct sshbuf *); | 147 | int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *); |
146 | int mm_answer_gss_accept_ctx(int, struct sshbuf *); | 148 | int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); |
147 | int mm_answer_gss_userok(int, struct sshbuf *); | 149 | int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); |
148 | int mm_answer_gss_checkmic(int, struct sshbuf *); | 150 | int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); |
149 | int mm_answer_gss_sign(int, struct sshbuf *); | 151 | int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *); |
150 | int mm_answer_gss_updatecreds(int, struct sshbuf *); | 152 | int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *); |
151 | #endif | 153 | #endif |
152 | 154 | ||
153 | #ifdef SSH_AUDIT_EVENTS | 155 | #ifdef SSH_AUDIT_EVENTS |
154 | int mm_answer_audit_event(int, struct sshbuf *); | 156 | int mm_answer_audit_event(struct ssh *, int, struct sshbuf *); |
155 | int mm_answer_audit_command(int, struct sshbuf *); | 157 | int mm_answer_audit_command(struct ssh *, int, struct sshbuf *); |
156 | #endif | 158 | #endif |
157 | 159 | ||
158 | static int monitor_read_log(struct monitor *); | ||
159 | |||
160 | static Authctxt *authctxt; | 160 | static Authctxt *authctxt; |
161 | 161 | ||
162 | /* local state for key verify */ | 162 | /* local state for key verify */ |
@@ -175,7 +175,7 @@ static pid_t monitor_child_pid; | |||
175 | struct mon_table { | 175 | struct mon_table { |
176 | enum monitor_reqtype type; | 176 | enum monitor_reqtype type; |
177 | int flags; | 177 | int flags; |
178 | int (*f)(int, struct sshbuf *); | 178 | int (*f)(struct ssh *, int, struct sshbuf *); |
179 | }; | 179 | }; |
180 | 180 | ||
181 | #define MON_ISAUTH 0x0004 /* Required for Authentication */ | 181 | #define MON_ISAUTH 0x0004 /* Required for Authentication */ |
@@ -187,6 +187,10 @@ struct mon_table { | |||
187 | 187 | ||
188 | #define MON_PERMIT 0x1000 /* Request is permitted */ | 188 | #define MON_PERMIT 0x1000 /* Request is permitted */ |
189 | 189 | ||
190 | static int monitor_read(struct ssh *, struct monitor *, struct mon_table *, | ||
191 | struct mon_table **); | ||
192 | static int monitor_read_log(struct monitor *); | ||
193 | |||
190 | struct mon_table mon_dispatch_proto20[] = { | 194 | struct mon_table mon_dispatch_proto20[] = { |
191 | #ifdef WITH_OPENSSL | 195 | #ifdef WITH_OPENSSL |
192 | {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, | 196 | {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, |
@@ -276,9 +280,8 @@ monitor_permit_authentications(int permit) | |||
276 | } | 280 | } |
277 | 281 | ||
278 | void | 282 | void |
279 | monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | 283 | monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor) |
280 | { | 284 | { |
281 | struct ssh *ssh = active_state; /* XXX */ | ||
282 | struct mon_table *ent; | 285 | struct mon_table *ent; |
283 | int authenticated = 0, partial = 0; | 286 | int authenticated = 0, partial = 0; |
284 | 287 | ||
@@ -290,7 +293,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
290 | close(pmonitor->m_log_sendfd); | 293 | close(pmonitor->m_log_sendfd); |
291 | pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; | 294 | pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1; |
292 | 295 | ||
293 | authctxt = _authctxt; | 296 | authctxt = (Authctxt *)ssh->authctxt; |
294 | memset(authctxt, 0, sizeof(*authctxt)); | 297 | memset(authctxt, 0, sizeof(*authctxt)); |
295 | ssh->authctxt = authctxt; | 298 | ssh->authctxt = authctxt; |
296 | 299 | ||
@@ -312,7 +315,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
312 | auth_submethod = NULL; | 315 | auth_submethod = NULL; |
313 | auth2_authctxt_reset_info(authctxt); | 316 | auth2_authctxt_reset_info(authctxt); |
314 | 317 | ||
315 | authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1); | 318 | authenticated = (monitor_read(ssh, pmonitor, |
319 | mon_dispatch, &ent) == 1); | ||
316 | 320 | ||
317 | /* Special handling for multiple required authentications */ | 321 | /* Special handling for multiple required authentications */ |
318 | if (options.num_auth_methods != 0) { | 322 | if (options.num_auth_methods != 0) { |
@@ -344,13 +348,13 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
344 | mm_request_receive_expect(pmonitor->m_sendfd, | 348 | mm_request_receive_expect(pmonitor->m_sendfd, |
345 | MONITOR_REQ_PAM_ACCOUNT, m); | 349 | MONITOR_REQ_PAM_ACCOUNT, m); |
346 | authenticated = mm_answer_pam_account( | 350 | authenticated = mm_answer_pam_account( |
347 | pmonitor->m_sendfd, m); | 351 | ssh, pmonitor->m_sendfd, m); |
348 | sshbuf_free(m); | 352 | sshbuf_free(m); |
349 | } | 353 | } |
350 | #endif | 354 | #endif |
351 | } | 355 | } |
352 | if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { | 356 | if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { |
353 | auth_log(authctxt, authenticated, partial, | 357 | auth_log(ssh, authenticated, partial, |
354 | auth_method, auth_submethod); | 358 | auth_method, auth_submethod); |
355 | if (!partial && !authenticated) | 359 | if (!partial && !authenticated) |
356 | authctxt->failures++; | 360 | authctxt->failures++; |
@@ -371,7 +375,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
371 | ssh->authctxt = NULL; | 375 | ssh->authctxt = NULL; |
372 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | 376 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); |
373 | 377 | ||
374 | mm_get_keystate(pmonitor); | 378 | mm_get_keystate(ssh, pmonitor); |
375 | 379 | ||
376 | /* Drain any buffered messages from the child */ | 380 | /* Drain any buffered messages from the child */ |
377 | while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) | 381 | while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0) |
@@ -397,7 +401,7 @@ monitor_child_handler(int sig) | |||
397 | } | 401 | } |
398 | 402 | ||
399 | void | 403 | void |
400 | monitor_child_postauth(struct monitor *pmonitor) | 404 | monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) |
401 | { | 405 | { |
402 | close(pmonitor->m_recvfd); | 406 | close(pmonitor->m_recvfd); |
403 | pmonitor->m_recvfd = -1; | 407 | pmonitor->m_recvfd = -1; |
@@ -419,7 +423,7 @@ monitor_child_postauth(struct monitor *pmonitor) | |||
419 | #ifdef GSSAPI | 423 | #ifdef GSSAPI |
420 | /* and for the GSSAPI key exchange */ | 424 | /* and for the GSSAPI key exchange */ |
421 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); | 425 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); |
422 | #endif | 426 | #endif |
423 | 427 | ||
424 | if (auth_opts->permit_pty_flag) { | 428 | if (auth_opts->permit_pty_flag) { |
425 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); | 429 | monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); |
@@ -427,7 +431,7 @@ monitor_child_postauth(struct monitor *pmonitor) | |||
427 | } | 431 | } |
428 | 432 | ||
429 | for (;;) | 433 | for (;;) |
430 | monitor_read(pmonitor, mon_dispatch, NULL); | 434 | monitor_read(ssh, pmonitor, mon_dispatch, NULL); |
431 | } | 435 | } |
432 | 436 | ||
433 | static int | 437 | static int |
@@ -482,8 +486,8 @@ monitor_read_log(struct monitor *pmonitor) | |||
482 | return 0; | 486 | return 0; |
483 | } | 487 | } |
484 | 488 | ||
485 | int | 489 | static int |
486 | monitor_read(struct monitor *pmonitor, struct mon_table *ent, | 490 | monitor_read(struct ssh *ssh, struct monitor *pmonitor, struct mon_table *ent, |
487 | struct mon_table **pent) | 491 | struct mon_table **pent) |
488 | { | 492 | { |
489 | struct sshbuf *m; | 493 | struct sshbuf *m; |
@@ -533,7 +537,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent, | |||
533 | if (!(ent->flags & MON_PERMIT)) | 537 | if (!(ent->flags & MON_PERMIT)) |
534 | fatal("%s: unpermitted request %d", __func__, | 538 | fatal("%s: unpermitted request %d", __func__, |
535 | type); | 539 | type); |
536 | ret = (*ent->f)(pmonitor->m_sendfd, m); | 540 | ret = (*ent->f)(ssh, pmonitor->m_sendfd, m); |
537 | sshbuf_free(m); | 541 | sshbuf_free(m); |
538 | 542 | ||
539 | /* The child may use this request only once, disable it */ | 543 | /* The child may use this request only once, disable it */ |
@@ -584,7 +588,7 @@ monitor_reset_key_state(void) | |||
584 | 588 | ||
585 | #ifdef WITH_OPENSSL | 589 | #ifdef WITH_OPENSSL |
586 | int | 590 | int |
587 | mm_answer_moduli(int sock, struct sshbuf *m) | 591 | mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m) |
588 | { | 592 | { |
589 | DH *dh; | 593 | DH *dh; |
590 | const BIGNUM *dh_p, *dh_g; | 594 | const BIGNUM *dh_p, *dh_g; |
@@ -626,9 +630,8 @@ mm_answer_moduli(int sock, struct sshbuf *m) | |||
626 | #endif | 630 | #endif |
627 | 631 | ||
628 | int | 632 | int |
629 | mm_answer_sign(int sock, struct sshbuf *m) | 633 | mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) |
630 | { | 634 | { |
631 | struct ssh *ssh = active_state; /* XXX */ | ||
632 | extern int auth_sock; /* XXX move to state struct? */ | 635 | extern int auth_sock; /* XXX move to state struct? */ |
633 | struct sshkey *key; | 636 | struct sshkey *key; |
634 | struct sshbuf *sigbuf = NULL; | 637 | struct sshbuf *sigbuf = NULL; |
@@ -729,9 +732,8 @@ mm_answer_sign(int sock, struct sshbuf *m) | |||
729 | /* Retrieves the password entry and also checks if the user is permitted */ | 732 | /* Retrieves the password entry and also checks if the user is permitted */ |
730 | 733 | ||
731 | int | 734 | int |
732 | mm_answer_pwnamallow(int sock, struct sshbuf *m) | 735 | mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) |
733 | { | 736 | { |
734 | struct ssh *ssh = active_state; /* XXX */ | ||
735 | char *username; | 737 | char *username; |
736 | struct passwd *pwent; | 738 | struct passwd *pwent; |
737 | int r, allowed = 0; | 739 | int r, allowed = 0; |
@@ -745,7 +747,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m) | |||
745 | if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0) | 747 | if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0) |
746 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 748 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
747 | 749 | ||
748 | pwent = getpwnamallow(username); | 750 | pwent = getpwnamallow(ssh, username); |
749 | 751 | ||
750 | authctxt->user = xstrdup(username); | 752 | authctxt->user = xstrdup(username); |
751 | setproctitle("%s [priv]", pwent ? username : "unknown"); | 753 | setproctitle("%s [priv]", pwent ? username : "unknown"); |
@@ -830,7 +832,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m) | |||
830 | return (0); | 832 | return (0); |
831 | } | 833 | } |
832 | 834 | ||
833 | int mm_answer_auth2_read_banner(int sock, struct sshbuf *m) | 835 | int mm_answer_auth2_read_banner(struct ssh *ssh, int sock, struct sshbuf *m) |
834 | { | 836 | { |
835 | char *banner; | 837 | char *banner; |
836 | int r; | 838 | int r; |
@@ -846,7 +848,7 @@ int mm_answer_auth2_read_banner(int sock, struct sshbuf *m) | |||
846 | } | 848 | } |
847 | 849 | ||
848 | int | 850 | int |
849 | mm_answer_authserv(int sock, struct sshbuf *m) | 851 | mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m) |
850 | { | 852 | { |
851 | int r; | 853 | int r; |
852 | 854 | ||
@@ -873,7 +875,7 @@ mm_answer_authserv(int sock, struct sshbuf *m) | |||
873 | } | 875 | } |
874 | 876 | ||
875 | int | 877 | int |
876 | mm_answer_authrole(int sock, struct sshbuf *m) | 878 | mm_answer_authrole(struct ssh *ssh, int sock, struct sshbuf *m) |
877 | { | 879 | { |
878 | int r; | 880 | int r; |
879 | 881 | ||
@@ -922,9 +924,8 @@ key_base_type_match(const char *method, const struct sshkey *key, | |||
922 | } | 924 | } |
923 | 925 | ||
924 | int | 926 | int |
925 | mm_answer_authpassword(int sock, struct sshbuf *m) | 927 | mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) |
926 | { | 928 | { |
927 | struct ssh *ssh = active_state; /* XXX */ | ||
928 | static int call_count; | 929 | static int call_count; |
929 | char *passwd; | 930 | char *passwd; |
930 | int r, authenticated; | 931 | int r, authenticated; |
@@ -963,7 +964,7 @@ mm_answer_authpassword(int sock, struct sshbuf *m) | |||
963 | 964 | ||
964 | #ifdef BSD_AUTH | 965 | #ifdef BSD_AUTH |
965 | int | 966 | int |
966 | mm_answer_bsdauthquery(int sock, struct sshbuf *m) | 967 | mm_answer_bsdauthquery(struct ssh *ssh, int sock, struct sshbuf *m) |
967 | { | 968 | { |
968 | char *name, *infotxt; | 969 | char *name, *infotxt; |
969 | u_int numprompts, *echo_on, success; | 970 | u_int numprompts, *echo_on, success; |
@@ -997,7 +998,7 @@ mm_answer_bsdauthquery(int sock, struct sshbuf *m) | |||
997 | } | 998 | } |
998 | 999 | ||
999 | int | 1000 | int |
1000 | mm_answer_bsdauthrespond(int sock, struct sshbuf *m) | 1001 | mm_answer_bsdauthrespond(struct ssh *ssh, int sock, struct sshbuf *m) |
1001 | { | 1002 | { |
1002 | char *response; | 1003 | char *response; |
1003 | int r, authok; | 1004 | int r, authok; |
@@ -1031,12 +1032,12 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m) | |||
1031 | 1032 | ||
1032 | #ifdef USE_PAM | 1033 | #ifdef USE_PAM |
1033 | int | 1034 | int |
1034 | mm_answer_pam_start(int sock, struct sshbuf *m) | 1035 | mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m) |
1035 | { | 1036 | { |
1036 | if (!options.use_pam) | 1037 | if (!options.use_pam) |
1037 | fatal("UsePAM not set, but ended up in %s anyway", __func__); | 1038 | fatal("UsePAM not set, but ended up in %s anyway", __func__); |
1038 | 1039 | ||
1039 | start_pam(authctxt); | 1040 | start_pam(ssh); |
1040 | 1041 | ||
1041 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); | 1042 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1); |
1042 | if (options.kbd_interactive_authentication) | 1043 | if (options.kbd_interactive_authentication) |
@@ -1046,7 +1047,7 @@ mm_answer_pam_start(int sock, struct sshbuf *m) | |||
1046 | } | 1047 | } |
1047 | 1048 | ||
1048 | int | 1049 | int |
1049 | mm_answer_pam_account(int sock, struct sshbuf *m) | 1050 | mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m) |
1050 | { | 1051 | { |
1051 | u_int ret; | 1052 | u_int ret; |
1052 | int r; | 1053 | int r; |
@@ -1069,7 +1070,7 @@ static void *sshpam_ctxt, *sshpam_authok; | |||
1069 | extern KbdintDevice sshpam_device; | 1070 | extern KbdintDevice sshpam_device; |
1070 | 1071 | ||
1071 | int | 1072 | int |
1072 | mm_answer_pam_init_ctx(int sock, struct sshbuf *m) | 1073 | mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
1073 | { | 1074 | { |
1074 | u_int ok = 0; | 1075 | u_int ok = 0; |
1075 | int r; | 1076 | int r; |
@@ -1094,7 +1095,7 @@ mm_answer_pam_init_ctx(int sock, struct sshbuf *m) | |||
1094 | } | 1095 | } |
1095 | 1096 | ||
1096 | int | 1097 | int |
1097 | mm_answer_pam_query(int sock, struct sshbuf *m) | 1098 | mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m) |
1098 | { | 1099 | { |
1099 | char *name = NULL, *info = NULL, **prompts = NULL; | 1100 | char *name = NULL, *info = NULL, **prompts = NULL; |
1100 | u_int i, num = 0, *echo_on = 0; | 1101 | u_int i, num = 0, *echo_on = 0; |
@@ -1135,7 +1136,7 @@ mm_answer_pam_query(int sock, struct sshbuf *m) | |||
1135 | } | 1136 | } |
1136 | 1137 | ||
1137 | int | 1138 | int |
1138 | mm_answer_pam_respond(int sock, struct sshbuf *m) | 1139 | mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m) |
1139 | { | 1140 | { |
1140 | char **resp; | 1141 | char **resp; |
1141 | u_int i, num; | 1142 | u_int i, num; |
@@ -1173,7 +1174,7 @@ mm_answer_pam_respond(int sock, struct sshbuf *m) | |||
1173 | } | 1174 | } |
1174 | 1175 | ||
1175 | int | 1176 | int |
1176 | mm_answer_pam_free_ctx(int sock, struct sshbuf *m) | 1177 | mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
1177 | { | 1178 | { |
1178 | int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; | 1179 | int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; |
1179 | 1180 | ||
@@ -1193,9 +1194,8 @@ mm_answer_pam_free_ctx(int sock, struct sshbuf *m) | |||
1193 | #endif | 1194 | #endif |
1194 | 1195 | ||
1195 | int | 1196 | int |
1196 | mm_answer_keyallowed(int sock, struct sshbuf *m) | 1197 | mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m) |
1197 | { | 1198 | { |
1198 | struct ssh *ssh = active_state; /* XXX */ | ||
1199 | struct sshkey *key = NULL; | 1199 | struct sshkey *key = NULL; |
1200 | char *cuser, *chost; | 1200 | char *cuser, *chost; |
1201 | u_int pubkey_auth_attempt; | 1201 | u_int pubkey_auth_attempt; |
@@ -1241,7 +1241,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) | |||
1241 | if (!key_base_type_match(auth_method, key, | 1241 | if (!key_base_type_match(auth_method, key, |
1242 | options.hostbased_key_types)) | 1242 | options.hostbased_key_types)) |
1243 | break; | 1243 | break; |
1244 | allowed = hostbased_key_allowed(authctxt->pw, | 1244 | allowed = hostbased_key_allowed(ssh, authctxt->pw, |
1245 | cuser, chost, key); | 1245 | cuser, chost, key); |
1246 | auth2_record_info(authctxt, | 1246 | auth2_record_info(authctxt, |
1247 | "client user \"%.100s\", client host \"%.100s\"", | 1247 | "client user \"%.100s\", client host \"%.100s\"", |
@@ -1273,7 +1273,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) | |||
1273 | hostbased_chost = chost; | 1273 | hostbased_chost = chost; |
1274 | } else { | 1274 | } else { |
1275 | /* Log failed attempt */ | 1275 | /* Log failed attempt */ |
1276 | auth_log(authctxt, 0, 0, auth_method, NULL); | 1276 | auth_log(ssh, 0, 0, auth_method, NULL); |
1277 | free(cuser); | 1277 | free(cuser); |
1278 | free(chost); | 1278 | free(chost); |
1279 | } | 1279 | } |
@@ -1430,9 +1430,8 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, | |||
1430 | } | 1430 | } |
1431 | 1431 | ||
1432 | int | 1432 | int |
1433 | mm_answer_keyverify(int sock, struct sshbuf *m) | 1433 | mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m) |
1434 | { | 1434 | { |
1435 | struct ssh *ssh = active_state; /* XXX */ | ||
1436 | struct sshkey *key; | 1435 | struct sshkey *key; |
1437 | u_char *signature, *data, *blob; | 1436 | u_char *signature, *data, *blob; |
1438 | char *sigalg; | 1437 | char *sigalg; |
@@ -1477,7 +1476,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m) | |||
1477 | fatal("%s: bad signature data blob", __func__); | 1476 | fatal("%s: bad signature data blob", __func__); |
1478 | 1477 | ||
1479 | ret = sshkey_verify(key, signature, signaturelen, data, datalen, | 1478 | ret = sshkey_verify(key, signature, signaturelen, data, datalen, |
1480 | sigalg, active_state->compat); | 1479 | sigalg, ssh->compat); |
1481 | debug3("%s: %s %p signature %s", __func__, auth_method, key, | 1480 | debug3("%s: %s %p signature %s", __func__, auth_method, key, |
1482 | (ret == 0) ? "verified" : "unverified"); | 1481 | (ret == 0) ? "verified" : "unverified"); |
1483 | auth2_record_key(authctxt, ret == 0, key); | 1482 | auth2_record_key(authctxt, ret == 0, key); |
@@ -1504,9 +1503,8 @@ mm_answer_keyverify(int sock, struct sshbuf *m) | |||
1504 | } | 1503 | } |
1505 | 1504 | ||
1506 | static void | 1505 | static void |
1507 | mm_record_login(Session *s, struct passwd *pw) | 1506 | mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw) |
1508 | { | 1507 | { |
1509 | struct ssh *ssh = active_state; /* XXX */ | ||
1510 | socklen_t fromlen; | 1508 | socklen_t fromlen; |
1511 | struct sockaddr_storage from; | 1509 | struct sockaddr_storage from; |
1512 | 1510 | ||
@@ -1516,8 +1514,8 @@ mm_record_login(Session *s, struct passwd *pw) | |||
1516 | */ | 1514 | */ |
1517 | memset(&from, 0, sizeof(from)); | 1515 | memset(&from, 0, sizeof(from)); |
1518 | fromlen = sizeof(from); | 1516 | fromlen = sizeof(from); |
1519 | if (packet_connection_is_on_socket()) { | 1517 | if (ssh_packet_connection_is_on_socket(ssh)) { |
1520 | if (getpeername(packet_get_connection_in(), | 1518 | if (getpeername(ssh_packet_get_connection_in(ssh), |
1521 | (struct sockaddr *)&from, &fromlen) < 0) { | 1519 | (struct sockaddr *)&from, &fromlen) < 0) { |
1522 | debug("getpeername: %.100s", strerror(errno)); | 1520 | debug("getpeername: %.100s", strerror(errno)); |
1523 | cleanup_exit(255); | 1521 | cleanup_exit(255); |
@@ -1541,7 +1539,7 @@ mm_session_close(Session *s) | |||
1541 | } | 1539 | } |
1542 | 1540 | ||
1543 | int | 1541 | int |
1544 | mm_answer_pty(int sock, struct sshbuf *m) | 1542 | mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) |
1545 | { | 1543 | { |
1546 | extern struct monitor *pmonitor; | 1544 | extern struct monitor *pmonitor; |
1547 | Session *s; | 1545 | Session *s; |
@@ -1569,7 +1567,7 @@ mm_answer_pty(int sock, struct sshbuf *m) | |||
1569 | if (dup2(s->ttyfd, 0) == -1) | 1567 | if (dup2(s->ttyfd, 0) == -1) |
1570 | fatal("%s: dup2", __func__); | 1568 | fatal("%s: dup2", __func__); |
1571 | 1569 | ||
1572 | mm_record_login(s, authctxt->pw); | 1570 | mm_record_login(ssh, s, authctxt->pw); |
1573 | 1571 | ||
1574 | /* Now we can close the file descriptor again */ | 1572 | /* Now we can close the file descriptor again */ |
1575 | close(0); | 1573 | close(0); |
@@ -1611,7 +1609,7 @@ mm_answer_pty(int sock, struct sshbuf *m) | |||
1611 | } | 1609 | } |
1612 | 1610 | ||
1613 | int | 1611 | int |
1614 | mm_answer_pty_cleanup(int sock, struct sshbuf *m) | 1612 | mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m) |
1615 | { | 1613 | { |
1616 | Session *s; | 1614 | Session *s; |
1617 | char *tty; | 1615 | char *tty; |
@@ -1629,9 +1627,8 @@ mm_answer_pty_cleanup(int sock, struct sshbuf *m) | |||
1629 | } | 1627 | } |
1630 | 1628 | ||
1631 | int | 1629 | int |
1632 | mm_answer_term(int sock, struct sshbuf *req) | 1630 | mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req) |
1633 | { | 1631 | { |
1634 | struct ssh *ssh = active_state; /* XXX */ | ||
1635 | extern struct monitor *pmonitor; | 1632 | extern struct monitor *pmonitor; |
1636 | int res, status; | 1633 | int res, status; |
1637 | 1634 | ||
@@ -1658,7 +1655,7 @@ mm_answer_term(int sock, struct sshbuf *req) | |||
1658 | #ifdef SSH_AUDIT_EVENTS | 1655 | #ifdef SSH_AUDIT_EVENTS |
1659 | /* Report that an audit event occurred */ | 1656 | /* Report that an audit event occurred */ |
1660 | int | 1657 | int |
1661 | mm_answer_audit_event(int socket, struct sshbuf *m) | 1658 | mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m) |
1662 | { | 1659 | { |
1663 | u_int n; | 1660 | u_int n; |
1664 | ssh_audit_event_t event; | 1661 | ssh_audit_event_t event; |
@@ -1677,7 +1674,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m) | |||
1677 | case SSH_LOGIN_ROOT_DENIED: | 1674 | case SSH_LOGIN_ROOT_DENIED: |
1678 | case SSH_CONNECTION_CLOSE: | 1675 | case SSH_CONNECTION_CLOSE: |
1679 | case SSH_INVALID_USER: | 1676 | case SSH_INVALID_USER: |
1680 | audit_event(event); | 1677 | audit_event(ssh, event); |
1681 | break; | 1678 | break; |
1682 | default: | 1679 | default: |
1683 | fatal("Audit event type %d not permitted", event); | 1680 | fatal("Audit event type %d not permitted", event); |
@@ -1687,7 +1684,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m) | |||
1687 | } | 1684 | } |
1688 | 1685 | ||
1689 | int | 1686 | int |
1690 | mm_answer_audit_command(int socket, struct sshbuf *m) | 1687 | mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m) |
1691 | { | 1688 | { |
1692 | char *cmd; | 1689 | char *cmd; |
1693 | int r; | 1690 | int r; |
@@ -1703,10 +1700,8 @@ mm_answer_audit_command(int socket, struct sshbuf *m) | |||
1703 | #endif /* SSH_AUDIT_EVENTS */ | 1700 | #endif /* SSH_AUDIT_EVENTS */ |
1704 | 1701 | ||
1705 | void | 1702 | void |
1706 | monitor_clear_keystate(struct monitor *pmonitor) | 1703 | monitor_clear_keystate(struct ssh *ssh, struct monitor *pmonitor) |
1707 | { | 1704 | { |
1708 | struct ssh *ssh = active_state; /* XXX */ | ||
1709 | |||
1710 | ssh_clear_newkeys(ssh, MODE_IN); | 1705 | ssh_clear_newkeys(ssh, MODE_IN); |
1711 | ssh_clear_newkeys(ssh, MODE_OUT); | 1706 | ssh_clear_newkeys(ssh, MODE_OUT); |
1712 | sshbuf_free(child_state); | 1707 | sshbuf_free(child_state); |
@@ -1714,9 +1709,8 @@ monitor_clear_keystate(struct monitor *pmonitor) | |||
1714 | } | 1709 | } |
1715 | 1710 | ||
1716 | void | 1711 | void |
1717 | monitor_apply_keystate(struct monitor *pmonitor) | 1712 | monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor) |
1718 | { | 1713 | { |
1719 | struct ssh *ssh = active_state; /* XXX */ | ||
1720 | struct kex *kex; | 1714 | struct kex *kex; |
1721 | int r; | 1715 | int r; |
1722 | 1716 | ||
@@ -1729,25 +1723,30 @@ monitor_apply_keystate(struct monitor *pmonitor) | |||
1729 | if ((kex = ssh->kex) != NULL) { | 1723 | if ((kex = ssh->kex) != NULL) { |
1730 | /* XXX set callbacks */ | 1724 | /* XXX set callbacks */ |
1731 | #ifdef WITH_OPENSSL | 1725 | #ifdef WITH_OPENSSL |
1732 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 1726 | kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
1733 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 1727 | kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
1734 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | 1728 | kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
1735 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | 1729 | kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
1736 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | 1730 | kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
1737 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1731 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
1738 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 1732 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
1739 | # ifdef OPENSSL_HAS_ECC | 1733 | # ifdef OPENSSL_HAS_ECC |
1740 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 1734 | kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
1741 | # endif | 1735 | # endif |
1742 | #endif /* WITH_OPENSSL */ | 1736 | # ifdef GSSAPI |
1743 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | ||
1744 | #ifdef GSSAPI | ||
1745 | if (options.gss_keyex) { | 1737 | if (options.gss_keyex) { |
1746 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 1738 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
1747 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | 1739 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; |
1748 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | 1740 | kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; |
1741 | kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; | ||
1742 | kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; | ||
1743 | kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; | ||
1744 | kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; | ||
1749 | } | 1745 | } |
1750 | #endif | 1746 | # endif |
1747 | #endif /* WITH_OPENSSL */ | ||
1748 | kex->kex[KEX_C25519_SHA256] = kex_gen_server; | ||
1749 | kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; | ||
1751 | kex->load_host_public_key=&get_hostkey_public_by_type; | 1750 | kex->load_host_public_key=&get_hostkey_public_by_type; |
1752 | kex->load_host_private_key=&get_hostkey_private_by_type; | 1751 | kex->load_host_private_key=&get_hostkey_private_by_type; |
1753 | kex->host_key_index=&get_hostkey_index; | 1752 | kex->host_key_index=&get_hostkey_index; |
@@ -1758,7 +1757,7 @@ monitor_apply_keystate(struct monitor *pmonitor) | |||
1758 | /* This function requries careful sanity checking */ | 1757 | /* This function requries careful sanity checking */ |
1759 | 1758 | ||
1760 | void | 1759 | void |
1761 | mm_get_keystate(struct monitor *pmonitor) | 1760 | mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) |
1762 | { | 1761 | { |
1763 | debug3("%s: Waiting for new keys", __func__); | 1762 | debug3("%s: Waiting for new keys", __func__); |
1764 | 1763 | ||
@@ -1830,7 +1829,7 @@ monitor_reinit(struct monitor *mon) | |||
1830 | 1829 | ||
1831 | #ifdef GSSAPI | 1830 | #ifdef GSSAPI |
1832 | int | 1831 | int |
1833 | mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) | 1832 | mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
1834 | { | 1833 | { |
1835 | gss_OID_desc goid; | 1834 | gss_OID_desc goid; |
1836 | OM_uint32 major; | 1835 | OM_uint32 major; |
@@ -1863,7 +1862,7 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m) | |||
1863 | } | 1862 | } |
1864 | 1863 | ||
1865 | int | 1864 | int |
1866 | mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | 1865 | mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m) |
1867 | { | 1866 | { |
1868 | gss_buffer_desc in; | 1867 | gss_buffer_desc in; |
1869 | gss_buffer_desc out = GSS_C_EMPTY_BUFFER; | 1868 | gss_buffer_desc out = GSS_C_EMPTY_BUFFER; |
@@ -1898,7 +1897,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m) | |||
1898 | } | 1897 | } |
1899 | 1898 | ||
1900 | int | 1899 | int |
1901 | mm_answer_gss_checkmic(int sock, struct sshbuf *m) | 1900 | mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m) |
1902 | { | 1901 | { |
1903 | gss_buffer_desc gssbuf, mic; | 1902 | gss_buffer_desc gssbuf, mic; |
1904 | OM_uint32 ret; | 1903 | OM_uint32 ret; |
@@ -1929,16 +1928,19 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m) | |||
1929 | } | 1928 | } |
1930 | 1929 | ||
1931 | int | 1930 | int |
1932 | mm_answer_gss_userok(int sock, struct sshbuf *m) | 1931 | mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) |
1933 | { | 1932 | { |
1934 | int r, authenticated; | 1933 | int r, authenticated, kex; |
1935 | const char *displayname; | 1934 | const char *displayname; |
1936 | 1935 | ||
1937 | if (!options.gss_authentication && !options.gss_keyex) | 1936 | if (!options.gss_authentication && !options.gss_keyex) |
1938 | fatal("%s: GSSAPI not enabled", __func__); | 1937 | fatal("%s: GSSAPI not enabled", __func__); |
1939 | 1938 | ||
1940 | authenticated = authctxt->valid && | 1939 | if ((r = sshbuf_get_u32(m, &kex)) != 0) |
1941 | ssh_gssapi_userok(authctxt->user, authctxt->pw); | 1940 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
1941 | |||
1942 | authenticated = authctxt->valid && | ||
1943 | ssh_gssapi_userok(authctxt->user, authctxt->pw, kex); | ||
1942 | 1944 | ||
1943 | sshbuf_reset(m); | 1945 | sshbuf_reset(m); |
1944 | if ((r = sshbuf_put_u32(m, authenticated)) != 0) | 1946 | if ((r = sshbuf_put_u32(m, authenticated)) != 0) |
@@ -1947,7 +1949,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m) | |||
1947 | debug3("%s: sending result %d", __func__, authenticated); | 1949 | debug3("%s: sending result %d", __func__, authenticated); |
1948 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); | 1950 | mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); |
1949 | 1951 | ||
1950 | auth_method = "gssapi-with-mic"; | 1952 | if (kex) { |
1953 | auth_method = "gssapi-keyex"; | ||
1954 | } else { | ||
1955 | auth_method = "gssapi-with-mic"; | ||
1956 | } | ||
1951 | 1957 | ||
1952 | if ((displayname = ssh_gssapi_displayname()) != NULL) | 1958 | if ((displayname = ssh_gssapi_displayname()) != NULL) |
1953 | auth2_record_info(authctxt, "%s", displayname); | 1959 | auth2_record_info(authctxt, "%s", displayname); |
@@ -1956,14 +1962,14 @@ mm_answer_gss_userok(int sock, struct sshbuf *m) | |||
1956 | return (authenticated); | 1962 | return (authenticated); |
1957 | } | 1963 | } |
1958 | 1964 | ||
1959 | int | 1965 | int |
1960 | mm_answer_gss_sign(int socket, struct sshbuf *m) | 1966 | mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m) |
1961 | { | 1967 | { |
1962 | gss_buffer_desc data; | 1968 | gss_buffer_desc data; |
1963 | gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; | 1969 | gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; |
1964 | OM_uint32 major, minor; | 1970 | OM_uint32 major, minor; |
1965 | size_t len; | 1971 | size_t len; |
1966 | u_char *p; | 1972 | u_char *p = NULL; |
1967 | int r; | 1973 | int r; |
1968 | 1974 | ||
1969 | if (!options.gss_authentication && !options.gss_keyex) | 1975 | if (!options.gss_authentication && !options.gss_keyex) |
@@ -1973,8 +1979,9 @@ mm_answer_gss_sign(int socket, struct sshbuf *m) | |||
1973 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 1979 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
1974 | data.value = p; | 1980 | data.value = p; |
1975 | data.length = len; | 1981 | data.length = len; |
1976 | if (data.length != 20) | 1982 | /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */ |
1977 | fatal("%s: data length incorrect: %d", __func__, | 1983 | if (data.length != 20 && data.length != 32 && data.length != 64) |
1984 | fatal("%s: data length incorrect: %d", __func__, | ||
1978 | (int) data.length); | 1985 | (int) data.length); |
1979 | 1986 | ||
1980 | /* Save the session ID on the first time around */ | 1987 | /* Save the session ID on the first time around */ |
@@ -1988,6 +1995,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m) | |||
1988 | free(data.value); | 1995 | free(data.value); |
1989 | 1996 | ||
1990 | sshbuf_reset(m); | 1997 | sshbuf_reset(m); |
1998 | |||
1991 | if ((r = sshbuf_put_u32(m, major)) != 0 || | 1999 | if ((r = sshbuf_put_u32(m, major)) != 0 || |
1992 | (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) | 2000 | (r = sshbuf_put_string(m, hash.value, hash.length)) != 0) |
1993 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2001 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
@@ -1998,7 +2006,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m) | |||
1998 | 2006 | ||
1999 | /* Turn on getpwnam permissions */ | 2007 | /* Turn on getpwnam permissions */ |
2000 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); | 2008 | monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); |
2001 | 2009 | ||
2002 | /* And credential updating, for when rekeying */ | 2010 | /* And credential updating, for when rekeying */ |
2003 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); | 2011 | monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); |
2004 | 2012 | ||
@@ -2006,16 +2014,16 @@ mm_answer_gss_sign(int socket, struct sshbuf *m) | |||
2006 | } | 2014 | } |
2007 | 2015 | ||
2008 | int | 2016 | int |
2009 | mm_answer_gss_updatecreds(int socket, struct sshbuf *m) { | 2017 | mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) { |
2010 | ssh_gssapi_ccache store; | 2018 | ssh_gssapi_ccache store; |
2011 | int r, ok; | 2019 | int r, ok; |
2012 | 2020 | ||
2013 | if (!options.gss_authentication && !options.gss_keyex) | 2021 | if (!options.gss_authentication && !options.gss_keyex) |
2014 | fatal("%s: GSSAPI not enabled", __func__); | 2022 | fatal("%s: GSSAPI not enabled", __func__); |
2015 | 2023 | ||
2016 | if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 || | 2024 | if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 || |
2017 | (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 || | 2025 | (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 || |
2018 | (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0) | 2026 | (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0) |
2019 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 2027 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
2020 | 2028 | ||
2021 | ok = ssh_gssapi_update_creds(&store); | 2029 | ok = ssh_gssapi_update_creds(&store); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.h,v 1.21 2018/07/09 21:53:45 markus Exp $ */ | 1 | /* $OpenBSD: monitor.h,v 1.23 2019/01/19 21:43:56 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
@@ -67,9 +67,10 @@ enum monitor_reqtype { | |||
67 | MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, | 67 | MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, |
68 | 68 | ||
69 | MONITOR_REQ_AUTHROLE = 154, | 69 | MONITOR_REQ_AUTHROLE = 154, |
70 | |||
71 | }; | 70 | }; |
72 | 71 | ||
72 | struct ssh; | ||
73 | |||
73 | struct monitor { | 74 | struct monitor { |
74 | int m_recvfd; | 75 | int m_recvfd; |
75 | int m_sendfd; | 76 | int m_sendfd; |
@@ -83,15 +84,16 @@ struct monitor *monitor_init(void); | |||
83 | void monitor_reinit(struct monitor *); | 84 | void monitor_reinit(struct monitor *); |
84 | 85 | ||
85 | struct Authctxt; | 86 | struct Authctxt; |
86 | void monitor_child_preauth(struct Authctxt *, struct monitor *); | 87 | void monitor_child_preauth(struct ssh *, struct monitor *); |
87 | void monitor_child_postauth(struct monitor *); | 88 | void monitor_child_postauth(struct ssh *, struct monitor *); |
88 | 89 | ||
89 | struct mon_table; | 90 | void monitor_clear_keystate(struct ssh *, struct monitor *); |
90 | int monitor_read(struct monitor*, struct mon_table *, struct mon_table **); | 91 | void monitor_apply_keystate(struct ssh *, struct monitor *); |
91 | 92 | ||
92 | /* Prototypes for request sending and receiving */ | 93 | /* Prototypes for request sending and receiving */ |
93 | void mm_request_send(int, enum monitor_reqtype, struct sshbuf *); | 94 | void mm_request_send(int, enum monitor_reqtype, struct sshbuf *); |
94 | void mm_request_receive(int, struct sshbuf *); | 95 | void mm_request_receive(int, struct sshbuf *); |
95 | void mm_request_receive_expect(int, enum monitor_reqtype, struct sshbuf *); | 96 | void mm_request_receive_expect(int, enum monitor_reqtype, struct sshbuf *); |
97 | void mm_get_keystate(struct ssh *, struct monitor *); | ||
96 | 98 | ||
97 | #endif /* _MONITOR_H_ */ | 99 | #endif /* _MONITOR_H_ */ |
diff --git a/monitor_wrap.c b/monitor_wrap.c index fd4d7eb3b..6b3a6251c 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.112 2019/01/21 09:54:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -202,12 +202,8 @@ mm_choose_dh(int min, int nbits, int max) | |||
202 | if (success == 0) | 202 | if (success == 0) |
203 | fatal("%s: MONITOR_ANS_MODULI failed", __func__); | 203 | fatal("%s: MONITOR_ANS_MODULI failed", __func__); |
204 | 204 | ||
205 | if ((p = BN_new()) == NULL) | 205 | if ((r = sshbuf_get_bignum2(m, &p)) != 0 || |
206 | fatal("%s: BN_new failed", __func__); | 206 | (r = sshbuf_get_bignum2(m, &g)) != 0) |
207 | if ((g = BN_new()) == NULL) | ||
208 | fatal("%s: BN_new failed", __func__); | ||
209 | if ((r = sshbuf_get_bignum2(m, p)) != 0 || | ||
210 | (r = sshbuf_get_bignum2(m, g)) != 0) | ||
211 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 207 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
212 | 208 | ||
213 | debug3("%s: remaining %zu", __func__, sshbuf_len(m)); | 209 | debug3("%s: remaining %zu", __func__, sshbuf_len(m)); |
@@ -218,12 +214,12 @@ mm_choose_dh(int min, int nbits, int max) | |||
218 | #endif | 214 | #endif |
219 | 215 | ||
220 | int | 216 | int |
221 | mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, | 217 | mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, |
222 | const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat) | 218 | const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat) |
223 | { | 219 | { |
224 | struct kex *kex = *pmonitor->m_pkex; | 220 | struct kex *kex = *pmonitor->m_pkex; |
225 | struct sshbuf *m; | 221 | struct sshbuf *m; |
226 | u_int ndx = kex->host_key_index(key, 0, active_state); | 222 | u_int ndx = kex->host_key_index(key, 0, ssh); |
227 | int r; | 223 | int r; |
228 | 224 | ||
229 | debug3("%s entering", __func__); | 225 | debug3("%s entering", __func__); |
@@ -248,9 +244,8 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, | |||
248 | } | 244 | } |
249 | 245 | ||
250 | struct passwd * | 246 | struct passwd * |
251 | mm_getpwnamallow(const char *username) | 247 | mm_getpwnamallow(struct ssh *ssh, const char *username) |
252 | { | 248 | { |
253 | struct ssh *ssh = active_state; /* XXX */ | ||
254 | struct sshbuf *m; | 249 | struct sshbuf *m; |
255 | struct passwd *pw; | 250 | struct passwd *pw; |
256 | size_t len; | 251 | size_t len; |
@@ -459,8 +454,8 @@ mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, | |||
459 | } | 454 | } |
460 | 455 | ||
461 | int | 456 | int |
462 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, | 457 | mm_hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, |
463 | struct sshkey *key) | 458 | const char *user, const char *host, struct sshkey *key) |
464 | { | 459 | { |
465 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL)); | 460 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL)); |
466 | } | 461 | } |
@@ -553,9 +548,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, | |||
553 | } | 548 | } |
554 | 549 | ||
555 | void | 550 | void |
556 | mm_send_keystate(struct monitor *monitor) | 551 | mm_send_keystate(struct ssh *ssh, struct monitor *monitor) |
557 | { | 552 | { |
558 | struct ssh *ssh = active_state; /* XXX */ | ||
559 | struct sshbuf *m; | 553 | struct sshbuf *m; |
560 | int r; | 554 | int r; |
561 | 555 | ||
@@ -649,7 +643,7 @@ mm_session_pty_cleanup2(Session *s) | |||
649 | 643 | ||
650 | #ifdef USE_PAM | 644 | #ifdef USE_PAM |
651 | void | 645 | void |
652 | mm_start_pam(Authctxt *authctxt) | 646 | mm_start_pam(struct ssh *ssh) |
653 | { | 647 | { |
654 | struct sshbuf *m; | 648 | struct sshbuf *m; |
655 | 649 | ||
@@ -890,7 +884,7 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) | |||
890 | 884 | ||
891 | #ifdef SSH_AUDIT_EVENTS | 885 | #ifdef SSH_AUDIT_EVENTS |
892 | void | 886 | void |
893 | mm_audit_event(ssh_audit_event_t event) | 887 | mm_audit_event(struct ssh *ssh, ssh_audit_event_t event) |
894 | { | 888 | { |
895 | struct sshbuf *m; | 889 | struct sshbuf *m; |
896 | int r; | 890 | int r; |
@@ -1005,13 +999,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) | |||
1005 | } | 999 | } |
1006 | 1000 | ||
1007 | int | 1001 | int |
1008 | mm_ssh_gssapi_userok(char *user, struct passwd *pw) | 1002 | mm_ssh_gssapi_userok(char *user, struct passwd *pw, int kex) |
1009 | { | 1003 | { |
1010 | struct sshbuf *m; | 1004 | struct sshbuf *m; |
1011 | int r, authenticated = 0; | 1005 | int r, authenticated = 0; |
1012 | 1006 | ||
1013 | if ((m = sshbuf_new()) == NULL) | 1007 | if ((m = sshbuf_new()) == NULL) |
1014 | fatal("%s: sshbuf_new failed", __func__); | 1008 | fatal("%s: sshbuf_new failed", __func__); |
1009 | if ((r = sshbuf_put_u32(m, kex)) != 0) | ||
1010 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1015 | 1011 | ||
1016 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); | 1012 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m); |
1017 | mm_request_receive_expect(pmonitor->m_recvfd, | 1013 | mm_request_receive_expect(pmonitor->m_recvfd, |
@@ -1046,7 +1042,7 @@ mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) | |||
1046 | 1042 | ||
1047 | sshbuf_free(m); | 1043 | sshbuf_free(m); |
1048 | 1044 | ||
1049 | return(major); | 1045 | return (major); |
1050 | } | 1046 | } |
1051 | 1047 | ||
1052 | int | 1048 | int |
@@ -1057,6 +1053,7 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) | |||
1057 | 1053 | ||
1058 | if ((m = sshbuf_new()) == NULL) | 1054 | if ((m = sshbuf_new()) == NULL) |
1059 | fatal("%s: sshbuf_new failed", __func__); | 1055 | fatal("%s: sshbuf_new failed", __func__); |
1056 | |||
1060 | if ((r = sshbuf_put_cstring(m, | 1057 | if ((r = sshbuf_put_cstring(m, |
1061 | store->filename ? store->filename : "")) != 0 || | 1058 | store->filename ? store->filename : "")) != 0 || |
1062 | (r = sshbuf_put_cstring(m, | 1059 | (r = sshbuf_put_cstring(m, |
@@ -1070,6 +1067,7 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) | |||
1070 | 1067 | ||
1071 | if ((r = sshbuf_get_u32(m, &ok)) != 0) | 1068 | if ((r = sshbuf_get_u32(m, &ok)) != 0) |
1072 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 1069 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
1070 | |||
1073 | sshbuf_free(m); | 1071 | sshbuf_free(m); |
1074 | 1072 | ||
1075 | return (ok); | 1073 | return (ok); |
diff --git a/monitor_wrap.h b/monitor_wrap.h index 79e78cc90..3d0e32d48 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.h,v 1.38 2018/07/11 18:53:29 markus Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.h,v 1.41 2019/01/19 21:43:56 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
@@ -33,6 +33,7 @@ extern int use_privsep; | |||
33 | 33 | ||
34 | enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY }; | 34 | enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY }; |
35 | 35 | ||
36 | struct ssh; | ||
36 | struct monitor; | 37 | struct monitor; |
37 | struct Authctxt; | 38 | struct Authctxt; |
38 | struct sshkey; | 39 | struct sshkey; |
@@ -41,18 +42,18 @@ struct sshauthopt; | |||
41 | void mm_log_handler(LogLevel, const char *, void *); | 42 | void mm_log_handler(LogLevel, const char *, void *); |
42 | int mm_is_monitor(void); | 43 | int mm_is_monitor(void); |
43 | DH *mm_choose_dh(int, int, int); | 44 | DH *mm_choose_dh(int, int, int); |
44 | int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, | 45 | int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, |
45 | const char *, u_int compat); | 46 | const u_char *, size_t, const char *, u_int compat); |
46 | void mm_inform_authserv(char *, char *, char *); | 47 | void mm_inform_authserv(char *, char *, char *); |
47 | void mm_inform_authrole(char *); | 48 | void mm_inform_authrole(char *); |
48 | struct passwd *mm_getpwnamallow(const char *); | 49 | struct passwd *mm_getpwnamallow(struct ssh *, const char *); |
49 | char *mm_auth2_read_banner(void); | 50 | char *mm_auth2_read_banner(void); |
50 | int mm_auth_password(struct ssh *, char *); | 51 | int mm_auth_password(struct ssh *, char *); |
51 | int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, | 52 | int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, |
52 | int, struct sshauthopt **); | 53 | int, struct sshauthopt **); |
53 | int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, | 54 | int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int, |
54 | struct sshauthopt **); | 55 | struct sshauthopt **); |
55 | int mm_hostbased_key_allowed(struct passwd *, const char *, | 56 | int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *, |
56 | const char *, struct sshkey *); | 57 | const char *, struct sshkey *); |
57 | int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, | 58 | int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, |
58 | const u_char *, size_t, const char *, u_int); | 59 | const u_char *, size_t, const char *, u_int); |
@@ -61,14 +62,14 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, | |||
61 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 62 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
62 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, | 63 | OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, |
63 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); | 64 | gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); |
64 | int mm_ssh_gssapi_userok(char *user, struct passwd *); | 65 | int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex); |
65 | OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); | 66 | OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); |
66 | OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); | 67 | OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); |
67 | int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); | 68 | int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); |
68 | #endif | 69 | #endif |
69 | 70 | ||
70 | #ifdef USE_PAM | 71 | #ifdef USE_PAM |
71 | void mm_start_pam(struct Authctxt *); | 72 | void mm_start_pam(struct ssh *ssh); |
72 | u_int mm_do_pam_account(void); | 73 | u_int mm_do_pam_account(void); |
73 | void *mm_sshpam_init_ctx(struct Authctxt *); | 74 | void *mm_sshpam_init_ctx(struct Authctxt *); |
74 | int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **); | 75 | int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **); |
@@ -78,7 +79,7 @@ void mm_sshpam_free_ctx(void *); | |||
78 | 79 | ||
79 | #ifdef SSH_AUDIT_EVENTS | 80 | #ifdef SSH_AUDIT_EVENTS |
80 | #include "audit.h" | 81 | #include "audit.h" |
81 | void mm_audit_event(ssh_audit_event_t); | 82 | void mm_audit_event(struct ssh *, ssh_audit_event_t); |
82 | void mm_audit_run_command(const char *); | 83 | void mm_audit_run_command(const char *); |
83 | #endif | 84 | #endif |
84 | 85 | ||
@@ -91,10 +92,7 @@ void mm_session_pty_cleanup2(struct Session *); | |||
91 | struct newkeys *mm_newkeys_from_blob(u_char *, int); | 92 | struct newkeys *mm_newkeys_from_blob(u_char *, int); |
92 | int mm_newkeys_to_blob(int, u_char **, u_int *); | 93 | int mm_newkeys_to_blob(int, u_char **, u_int *); |
93 | 94 | ||
94 | void monitor_clear_keystate(struct monitor *); | 95 | void mm_send_keystate(struct ssh *, struct monitor*); |
95 | void monitor_apply_keystate(struct monitor *); | ||
96 | void mm_get_keystate(struct monitor *); | ||
97 | void mm_send_keystate(struct monitor*); | ||
98 | 96 | ||
99 | /* bsdauth */ | 97 | /* bsdauth */ |
100 | int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); | 98 | int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.77 2018/09/26 07:32:44 djm Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.79 2019/01/19 21:35:25 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -610,6 +610,7 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | |||
610 | struct Forward *rfwd; | 610 | struct Forward *rfwd; |
611 | Channel *c; | 611 | Channel *c; |
612 | struct sshbuf *out; | 612 | struct sshbuf *out; |
613 | u_int port; | ||
613 | int r; | 614 | int r; |
614 | 615 | ||
615 | if ((c = channel_by_id(ssh, fctx->cid)) == NULL) { | 616 | if ((c = channel_by_id(ssh, fctx->cid)) == NULL) { |
@@ -632,7 +633,15 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | |||
632 | rfwd->connect_host, rfwd->connect_port); | 633 | rfwd->connect_host, rfwd->connect_port); |
633 | if (type == SSH2_MSG_REQUEST_SUCCESS) { | 634 | if (type == SSH2_MSG_REQUEST_SUCCESS) { |
634 | if (rfwd->listen_port == 0) { | 635 | if (rfwd->listen_port == 0) { |
635 | rfwd->allocated_port = packet_get_int(); | 636 | if ((r = sshpkt_get_u32(ssh, &port)) != 0) |
637 | fatal("%s: packet error: %s", | ||
638 | __func__, ssh_err(r)); | ||
639 | if (port > 65535) { | ||
640 | fatal("Invalid allocated port %u for " | ||
641 | "mux remote forward to %s:%d", port, | ||
642 | rfwd->connect_host, rfwd->connect_port); | ||
643 | } | ||
644 | rfwd->allocated_port = (int)port; | ||
636 | debug("Allocated port %u for mux remote forward" | 645 | debug("Allocated port %u for mux remote forward" |
637 | " to %s:%d", rfwd->allocated_port, | 646 | " to %s:%d", rfwd->allocated_port, |
638 | rfwd->connect_host, rfwd->connect_port); | 647 | rfwd->connect_host, rfwd->connect_port); |
@@ -1406,7 +1415,8 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg) | |||
1406 | if (cctx->want_agent_fwd && options.forward_agent) { | 1415 | if (cctx->want_agent_fwd && options.forward_agent) { |
1407 | debug("Requesting authentication agent forwarding."); | 1416 | debug("Requesting authentication agent forwarding."); |
1408 | channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); | 1417 | channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); |
1409 | packet_send(); | 1418 | if ((r = sshpkt_send(ssh)) != 0) |
1419 | fatal("%s: packet error: %s", __func__, ssh_err(r)); | ||
1410 | } | 1420 | } |
1411 | 1421 | ||
1412 | client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys, | 1422 | client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys, |
diff --git a/myproposal.h b/myproposal.h index 27b4a15a1..f16729876 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: myproposal.h,v 1.57 2018/09/12 01:34:02 djm Exp $ */ | 1 | /* $OpenBSD: myproposal.h,v 1.58 2019/02/23 08:20:43 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -90,20 +90,15 @@ | |||
90 | # else | 90 | # else |
91 | # define KEX_CURVE25519_METHODS "" | 91 | # define KEX_CURVE25519_METHODS "" |
92 | # endif | 92 | # endif |
93 | #define KEX_COMMON_KEX \ | 93 | #define KEX_SERVER_KEX \ |
94 | KEX_CURVE25519_METHODS \ | 94 | KEX_CURVE25519_METHODS \ |
95 | KEX_ECDH_METHODS \ | 95 | KEX_ECDH_METHODS \ |
96 | KEX_SHA2_METHODS | 96 | KEX_SHA2_METHODS \ |
97 | |||
98 | #define KEX_SERVER_KEX KEX_COMMON_KEX \ | ||
99 | KEX_SHA2_GROUP14 \ | ||
100 | "diffie-hellman-group14-sha1" \ | ||
101 | |||
102 | #define KEX_CLIENT_KEX KEX_COMMON_KEX \ | ||
103 | "diffie-hellman-group-exchange-sha1," \ | ||
104 | KEX_SHA2_GROUP14 \ | 97 | KEX_SHA2_GROUP14 \ |
105 | "diffie-hellman-group14-sha1" | 98 | "diffie-hellman-group14-sha1" |
106 | 99 | ||
100 | #define KEX_CLIENT_KEX KEX_SERVER_KEX | ||
101 | |||
107 | #define KEX_DEFAULT_PK_ALG \ | 102 | #define KEX_DEFAULT_PK_ALG \ |
108 | HOSTKEY_ECDSA_CERT_METHODS \ | 103 | HOSTKEY_ECDSA_CERT_METHODS \ |
109 | "ssh-ed25519-cert-v01@openssh.com," \ | 104 | "ssh-ed25519-cert-v01@openssh.com," \ |
diff --git a/opacket.c b/opacket.c deleted file mode 100644 index 7672c0b59..000000000 --- a/opacket.c +++ /dev/null | |||
@@ -1,320 +0,0 @@ | |||
1 | /* $OpenBSD: opacket.c,v 1.7 2017/10/20 01:56:39 djm Exp $ */ | ||
2 | /* Written by Markus Friedl. Placed in the public domain. */ | ||
3 | |||
4 | #include "includes.h" | ||
5 | |||
6 | #include <stdarg.h> | ||
7 | |||
8 | #include "ssherr.h" | ||
9 | #include "packet.h" | ||
10 | #include "log.h" | ||
11 | |||
12 | struct ssh *active_state, *backup_state; | ||
13 | |||
14 | /* Map old to new API */ | ||
15 | |||
16 | void | ||
17 | ssh_packet_start(struct ssh *ssh, u_char type) | ||
18 | { | ||
19 | int r; | ||
20 | |||
21 | if ((r = sshpkt_start(ssh, type)) != 0) | ||
22 | fatal("%s: %s", __func__, ssh_err(r)); | ||
23 | } | ||
24 | |||
25 | void | ||
26 | ssh_packet_put_char(struct ssh *ssh, int value) | ||
27 | { | ||
28 | u_char ch = value; | ||
29 | int r; | ||
30 | |||
31 | if ((r = sshpkt_put_u8(ssh, ch)) != 0) | ||
32 | fatal("%s: %s", __func__, ssh_err(r)); | ||
33 | } | ||
34 | |||
35 | void | ||
36 | ssh_packet_put_int(struct ssh *ssh, u_int value) | ||
37 | { | ||
38 | int r; | ||
39 | |||
40 | if ((r = sshpkt_put_u32(ssh, value)) != 0) | ||
41 | fatal("%s: %s", __func__, ssh_err(r)); | ||
42 | } | ||
43 | |||
44 | void | ||
45 | ssh_packet_put_int64(struct ssh *ssh, u_int64_t value) | ||
46 | { | ||
47 | int r; | ||
48 | |||
49 | if ((r = sshpkt_put_u64(ssh, value)) != 0) | ||
50 | fatal("%s: %s", __func__, ssh_err(r)); | ||
51 | } | ||
52 | |||
53 | void | ||
54 | ssh_packet_put_string(struct ssh *ssh, const void *buf, u_int len) | ||
55 | { | ||
56 | int r; | ||
57 | |||
58 | if ((r = sshpkt_put_string(ssh, buf, len)) != 0) | ||
59 | fatal("%s: %s", __func__, ssh_err(r)); | ||
60 | } | ||
61 | |||
62 | void | ||
63 | ssh_packet_put_cstring(struct ssh *ssh, const char *str) | ||
64 | { | ||
65 | int r; | ||
66 | |||
67 | if ((r = sshpkt_put_cstring(ssh, str)) != 0) | ||
68 | fatal("%s: %s", __func__, ssh_err(r)); | ||
69 | } | ||
70 | |||
71 | void | ||
72 | ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len) | ||
73 | { | ||
74 | int r; | ||
75 | |||
76 | if ((r = sshpkt_put(ssh, buf, len)) != 0) | ||
77 | fatal("%s: %s", __func__, ssh_err(r)); | ||
78 | } | ||
79 | |||
80 | |||
81 | #ifdef WITH_OPENSSL | ||
82 | void | ||
83 | ssh_packet_put_bignum2(struct ssh *ssh, const BIGNUM * value) | ||
84 | { | ||
85 | int r; | ||
86 | |||
87 | if ((r = sshpkt_put_bignum2(ssh, value)) != 0) | ||
88 | fatal("%s: %s", __func__, ssh_err(r)); | ||
89 | } | ||
90 | |||
91 | # ifdef OPENSSL_HAS_ECC | ||
92 | void | ||
93 | ssh_packet_put_ecpoint(struct ssh *ssh, const EC_GROUP *curve, | ||
94 | const EC_POINT *point) | ||
95 | { | ||
96 | int r; | ||
97 | |||
98 | if ((r = sshpkt_put_ec(ssh, point, curve)) != 0) | ||
99 | fatal("%s: %s", __func__, ssh_err(r)); | ||
100 | } | ||
101 | # endif | ||
102 | #endif /* WITH_OPENSSL */ | ||
103 | |||
104 | void | ||
105 | ssh_packet_send(struct ssh *ssh) | ||
106 | { | ||
107 | int r; | ||
108 | |||
109 | if ((r = sshpkt_send(ssh)) != 0) | ||
110 | fatal("%s: %s", __func__, ssh_err(r)); | ||
111 | } | ||
112 | |||
113 | u_int | ||
114 | ssh_packet_get_char(struct ssh *ssh) | ||
115 | { | ||
116 | u_char ch; | ||
117 | int r; | ||
118 | |||
119 | if ((r = sshpkt_get_u8(ssh, &ch)) != 0) | ||
120 | fatal("%s: %s", __func__, ssh_err(r)); | ||
121 | return ch; | ||
122 | } | ||
123 | |||
124 | u_int | ||
125 | ssh_packet_get_int(struct ssh *ssh) | ||
126 | { | ||
127 | u_int val; | ||
128 | int r; | ||
129 | |||
130 | if ((r = sshpkt_get_u32(ssh, &val)) != 0) | ||
131 | fatal("%s: %s", __func__, ssh_err(r)); | ||
132 | return val; | ||
133 | } | ||
134 | |||
135 | u_int64_t | ||
136 | ssh_packet_get_int64(struct ssh *ssh) | ||
137 | { | ||
138 | u_int64_t val; | ||
139 | int r; | ||
140 | |||
141 | if ((r = sshpkt_get_u64(ssh, &val)) != 0) | ||
142 | fatal("%s: %s", __func__, ssh_err(r)); | ||
143 | return val; | ||
144 | } | ||
145 | |||
146 | |||
147 | #ifdef WITH_OPENSSL | ||
148 | void | ||
149 | ssh_packet_get_bignum2(struct ssh *ssh, BIGNUM * value) | ||
150 | { | ||
151 | int r; | ||
152 | |||
153 | if ((r = sshpkt_get_bignum2(ssh, value)) != 0) | ||
154 | fatal("%s: %s", __func__, ssh_err(r)); | ||
155 | } | ||
156 | |||
157 | # ifdef OPENSSL_HAS_ECC | ||
158 | void | ||
159 | ssh_packet_get_ecpoint(struct ssh *ssh, const EC_GROUP *curve, EC_POINT *point) | ||
160 | { | ||
161 | int r; | ||
162 | |||
163 | if ((r = sshpkt_get_ec(ssh, point, curve)) != 0) | ||
164 | fatal("%s: %s", __func__, ssh_err(r)); | ||
165 | } | ||
166 | # endif | ||
167 | #endif /* WITH_OPENSSL */ | ||
168 | |||
169 | void * | ||
170 | ssh_packet_get_string(struct ssh *ssh, u_int *length_ptr) | ||
171 | { | ||
172 | int r; | ||
173 | size_t len; | ||
174 | u_char *val; | ||
175 | |||
176 | if ((r = sshpkt_get_string(ssh, &val, &len)) != 0) | ||
177 | fatal("%s: %s", __func__, ssh_err(r)); | ||
178 | if (length_ptr != NULL) | ||
179 | *length_ptr = (u_int)len; | ||
180 | return val; | ||
181 | } | ||
182 | |||
183 | const void * | ||
184 | ssh_packet_get_string_ptr(struct ssh *ssh, u_int *length_ptr) | ||
185 | { | ||
186 | int r; | ||
187 | size_t len; | ||
188 | const u_char *val; | ||
189 | |||
190 | if ((r = sshpkt_get_string_direct(ssh, &val, &len)) != 0) | ||
191 | fatal("%s: %s", __func__, ssh_err(r)); | ||
192 | if (length_ptr != NULL) | ||
193 | *length_ptr = (u_int)len; | ||
194 | return val; | ||
195 | } | ||
196 | |||
197 | char * | ||
198 | ssh_packet_get_cstring(struct ssh *ssh, u_int *length_ptr) | ||
199 | { | ||
200 | int r; | ||
201 | size_t len; | ||
202 | char *val; | ||
203 | |||
204 | if ((r = sshpkt_get_cstring(ssh, &val, &len)) != 0) | ||
205 | fatal("%s: %s", __func__, ssh_err(r)); | ||
206 | if (length_ptr != NULL) | ||
207 | *length_ptr = (u_int)len; | ||
208 | return val; | ||
209 | } | ||
210 | |||
211 | /* Old API, that had to be reimplemented */ | ||
212 | |||
213 | void | ||
214 | packet_set_connection(int fd_in, int fd_out) | ||
215 | { | ||
216 | active_state = ssh_packet_set_connection(active_state, fd_in, fd_out); | ||
217 | if (active_state == NULL) | ||
218 | fatal("%s: ssh_packet_set_connection failed", __func__); | ||
219 | } | ||
220 | |||
221 | u_int | ||
222 | packet_get_char(void) | ||
223 | { | ||
224 | return (ssh_packet_get_char(active_state)); | ||
225 | } | ||
226 | |||
227 | u_int | ||
228 | packet_get_int(void) | ||
229 | { | ||
230 | return (ssh_packet_get_int(active_state)); | ||
231 | } | ||
232 | |||
233 | int | ||
234 | packet_read_seqnr(u_int32_t *seqnr) | ||
235 | { | ||
236 | u_char type; | ||
237 | int r; | ||
238 | |||
239 | if ((r = ssh_packet_read_seqnr(active_state, &type, seqnr)) != 0) | ||
240 | sshpkt_fatal(active_state, __func__, r); | ||
241 | return type; | ||
242 | } | ||
243 | |||
244 | int | ||
245 | packet_read_poll_seqnr(u_int32_t *seqnr) | ||
246 | { | ||
247 | u_char type; | ||
248 | int r; | ||
249 | |||
250 | if ((r = ssh_packet_read_poll_seqnr(active_state, &type, seqnr))) | ||
251 | sshpkt_fatal(active_state, __func__, r); | ||
252 | return type; | ||
253 | } | ||
254 | |||
255 | void | ||
256 | packet_close(void) | ||
257 | { | ||
258 | ssh_packet_close(active_state); | ||
259 | active_state = NULL; | ||
260 | } | ||
261 | |||
262 | void | ||
263 | packet_process_incoming(const char *buf, u_int len) | ||
264 | { | ||
265 | int r; | ||
266 | |||
267 | if ((r = ssh_packet_process_incoming(active_state, buf, len)) != 0) | ||
268 | sshpkt_fatal(active_state, __func__, r); | ||
269 | } | ||
270 | |||
271 | void | ||
272 | packet_write_wait(void) | ||
273 | { | ||
274 | int r; | ||
275 | |||
276 | if ((r = ssh_packet_write_wait(active_state)) != 0) | ||
277 | sshpkt_fatal(active_state, __func__, r); | ||
278 | } | ||
279 | |||
280 | void | ||
281 | packet_write_poll(void) | ||
282 | { | ||
283 | int r; | ||
284 | |||
285 | if ((r = ssh_packet_write_poll(active_state)) != 0) | ||
286 | sshpkt_fatal(active_state, __func__, r); | ||
287 | } | ||
288 | |||
289 | void | ||
290 | packet_read_expect(int expected_type) | ||
291 | { | ||
292 | int r; | ||
293 | |||
294 | if ((r = ssh_packet_read_expect(active_state, expected_type)) != 0) | ||
295 | sshpkt_fatal(active_state, __func__, r); | ||
296 | } | ||
297 | |||
298 | void | ||
299 | packet_disconnect(const char *fmt, ...) | ||
300 | { | ||
301 | char buf[1024]; | ||
302 | va_list args; | ||
303 | |||
304 | va_start(args, fmt); | ||
305 | vsnprintf(buf, sizeof(buf), fmt, args); | ||
306 | va_end(args); | ||
307 | ssh_packet_disconnect(active_state, "%s", buf); | ||
308 | } | ||
309 | |||
310 | void | ||
311 | packet_send_debug(const char *fmt, ...) | ||
312 | { | ||
313 | char buf[1024]; | ||
314 | va_list args; | ||
315 | |||
316 | va_start(args, fmt); | ||
317 | vsnprintf(buf, sizeof(buf), fmt, args); | ||
318 | va_end(args); | ||
319 | ssh_packet_send_debug(active_state, "%s", buf); | ||
320 | } | ||
diff --git a/opacket.h b/opacket.h deleted file mode 100644 index 1cf66a2d3..000000000 --- a/opacket.h +++ /dev/null | |||
@@ -1,154 +0,0 @@ | |||
1 | /* $OpenBSD: opacket.h,v 1.13 2018/07/06 09:03:02 sf Exp $ */ | ||
2 | #ifndef _OPACKET_H | ||
3 | /* Written by Markus Friedl. Placed in the public domain. */ | ||
4 | |||
5 | /* Map old to new API */ | ||
6 | void ssh_packet_start(struct ssh *, u_char); | ||
7 | void ssh_packet_put_char(struct ssh *, int ch); | ||
8 | void ssh_packet_put_int(struct ssh *, u_int value); | ||
9 | void ssh_packet_put_int64(struct ssh *, u_int64_t value); | ||
10 | void ssh_packet_put_bignum2(struct ssh *, const BIGNUM * value); | ||
11 | void ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *); | ||
12 | void ssh_packet_put_string(struct ssh *, const void *buf, u_int len); | ||
13 | void ssh_packet_put_cstring(struct ssh *, const char *str); | ||
14 | void ssh_packet_put_raw(struct ssh *, const void *buf, u_int len); | ||
15 | void ssh_packet_send(struct ssh *); | ||
16 | |||
17 | u_int ssh_packet_get_char(struct ssh *); | ||
18 | u_int ssh_packet_get_int(struct ssh *); | ||
19 | u_int64_t ssh_packet_get_int64(struct ssh *); | ||
20 | void ssh_packet_get_bignum2(struct ssh *, BIGNUM * value); | ||
21 | void ssh_packet_get_ecpoint(struct ssh *, const EC_GROUP *, EC_POINT *); | ||
22 | void *ssh_packet_get_string(struct ssh *, u_int *length_ptr); | ||
23 | char *ssh_packet_get_cstring(struct ssh *, u_int *length_ptr); | ||
24 | |||
25 | /* don't allow remaining bytes after the end of the message */ | ||
26 | #define ssh_packet_check_eom(ssh) \ | ||
27 | do { \ | ||
28 | int _len = ssh_packet_remaining(ssh); \ | ||
29 | if (_len > 0) { \ | ||
30 | logit("Packet integrity error (%d bytes remaining) at %s:%d", \ | ||
31 | _len ,__FILE__, __LINE__); \ | ||
32 | ssh_packet_disconnect(ssh, \ | ||
33 | "Packet integrity error."); \ | ||
34 | } \ | ||
35 | } while (0) | ||
36 | |||
37 | /* old API */ | ||
38 | void packet_close(void); | ||
39 | u_int packet_get_char(void); | ||
40 | u_int packet_get_int(void); | ||
41 | void packet_set_connection(int, int); | ||
42 | int packet_read_seqnr(u_int32_t *); | ||
43 | int packet_read_poll_seqnr(u_int32_t *); | ||
44 | void packet_process_incoming(const char *buf, u_int len); | ||
45 | void packet_write_wait(void); | ||
46 | void packet_write_poll(void); | ||
47 | void packet_read_expect(int expected_type); | ||
48 | #define packet_set_timeout(timeout, count) \ | ||
49 | ssh_packet_set_timeout(active_state, (timeout), (count)) | ||
50 | #define packet_connection_is_on_socket() \ | ||
51 | ssh_packet_connection_is_on_socket(active_state) | ||
52 | #define packet_set_nonblocking() \ | ||
53 | ssh_packet_set_nonblocking(active_state) | ||
54 | #define packet_get_connection_in() \ | ||
55 | ssh_packet_get_connection_in(active_state) | ||
56 | #define packet_get_connection_out() \ | ||
57 | ssh_packet_get_connection_out(active_state) | ||
58 | #define packet_set_protocol_flags(protocol_flags) \ | ||
59 | ssh_packet_set_protocol_flags(active_state, (protocol_flags)) | ||
60 | #define packet_get_protocol_flags() \ | ||
61 | ssh_packet_get_protocol_flags(active_state) | ||
62 | #define packet_start(type) \ | ||
63 | ssh_packet_start(active_state, (type)) | ||
64 | #define packet_put_char(value) \ | ||
65 | ssh_packet_put_char(active_state, (value)) | ||
66 | #define packet_put_int(value) \ | ||
67 | ssh_packet_put_int(active_state, (value)) | ||
68 | #define packet_put_int64(value) \ | ||
69 | ssh_packet_put_int64(active_state, (value)) | ||
70 | #define packet_put_string( buf, len) \ | ||
71 | ssh_packet_put_string(active_state, (buf), (len)) | ||
72 | #define packet_put_cstring(str) \ | ||
73 | ssh_packet_put_cstring(active_state, (str)) | ||
74 | #define packet_put_raw(buf, len) \ | ||
75 | ssh_packet_put_raw(active_state, (buf), (len)) | ||
76 | #define packet_put_bignum2(value) \ | ||
77 | ssh_packet_put_bignum2(active_state, (value)) | ||
78 | #define packet_send() \ | ||
79 | ssh_packet_send(active_state) | ||
80 | #define packet_read() \ | ||
81 | ssh_packet_read(active_state) | ||
82 | #define packet_get_int64() \ | ||
83 | ssh_packet_get_int64(active_state) | ||
84 | #define packet_get_bignum2(value) \ | ||
85 | ssh_packet_get_bignum2(active_state, (value)) | ||
86 | #define packet_remaining() \ | ||
87 | ssh_packet_remaining(active_state) | ||
88 | #define packet_get_string(length_ptr) \ | ||
89 | ssh_packet_get_string(active_state, (length_ptr)) | ||
90 | #define packet_get_string_ptr(length_ptr) \ | ||
91 | ssh_packet_get_string_ptr(active_state, (length_ptr)) | ||
92 | #define packet_get_cstring(length_ptr) \ | ||
93 | ssh_packet_get_cstring(active_state, (length_ptr)) | ||
94 | void packet_send_debug(const char *, ...) | ||
95 | __attribute__((format(printf, 1, 2))); | ||
96 | void packet_disconnect(const char *, ...) | ||
97 | __attribute__((format(printf, 1, 2))) | ||
98 | __attribute__((noreturn)); | ||
99 | #define packet_have_data_to_write() \ | ||
100 | ssh_packet_have_data_to_write(active_state) | ||
101 | #define packet_not_very_much_data_to_write() \ | ||
102 | ssh_packet_not_very_much_data_to_write(active_state) | ||
103 | #define packet_set_interactive(interactive, qos_interactive, qos_bulk) \ | ||
104 | ssh_packet_set_interactive(active_state, (interactive), (qos_interactive), (qos_bulk)) | ||
105 | #define packet_is_interactive() \ | ||
106 | ssh_packet_is_interactive(active_state) | ||
107 | #define packet_set_maxsize(s) \ | ||
108 | ssh_packet_set_maxsize(active_state, (s)) | ||
109 | #define packet_inc_alive_timeouts() \ | ||
110 | ssh_packet_inc_alive_timeouts(active_state) | ||
111 | #define packet_set_alive_timeouts(ka) \ | ||
112 | ssh_packet_set_alive_timeouts(active_state, (ka)) | ||
113 | #define packet_get_maxsize() \ | ||
114 | ssh_packet_get_maxsize(active_state) | ||
115 | #define packet_add_padding(pad) \ | ||
116 | sshpkt_add_padding(active_state, (pad)) | ||
117 | #define packet_send_ignore(nbytes) \ | ||
118 | ssh_packet_send_ignore(active_state, (nbytes)) | ||
119 | #define packet_set_server() \ | ||
120 | ssh_packet_set_server(active_state) | ||
121 | #define packet_set_authenticated() \ | ||
122 | ssh_packet_set_authenticated(active_state) | ||
123 | #define packet_get_input() \ | ||
124 | ssh_packet_get_input(active_state) | ||
125 | #define packet_get_output() \ | ||
126 | ssh_packet_get_output(active_state) | ||
127 | #define packet_check_eom() \ | ||
128 | ssh_packet_check_eom(active_state) | ||
129 | #define set_newkeys(mode) \ | ||
130 | ssh_set_newkeys(active_state, (mode)) | ||
131 | #define packet_get_state(m) \ | ||
132 | ssh_packet_get_state(active_state, m) | ||
133 | #define packet_set_state(m) \ | ||
134 | ssh_packet_set_state(active_state, m) | ||
135 | #define packet_get_raw(lenp) \ | ||
136 | sshpkt_ptr(active_state, lenp) | ||
137 | #define packet_get_ecpoint(c,p) \ | ||
138 | ssh_packet_get_ecpoint(active_state, c, p) | ||
139 | #define packet_put_ecpoint(c,p) \ | ||
140 | ssh_packet_put_ecpoint(active_state, c, p) | ||
141 | #define packet_get_rekey_timeout() \ | ||
142 | ssh_packet_get_rekey_timeout(active_state) | ||
143 | #define packet_set_rekey_limits(x,y) \ | ||
144 | ssh_packet_set_rekey_limits(active_state, x, y) | ||
145 | #define packet_get_bytes(x,y) \ | ||
146 | ssh_packet_get_bytes(active_state, x, y) | ||
147 | #define packet_set_mux() \ | ||
148 | ssh_packet_set_mux(active_state) | ||
149 | #define packet_get_mux() \ | ||
150 | ssh_packet_get_mux(active_state) | ||
151 | #define packet_clear_keys() \ | ||
152 | ssh_packet_clear_keys(active_state) | ||
153 | |||
154 | #endif /* _OPACKET_H */ | ||
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index fb49e30f5..54628e260 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
@@ -37,6 +37,9 @@ | |||
37 | #include <string.h> | 37 | #include <string.h> |
38 | #include <unistd.h> | 38 | #include <unistd.h> |
39 | #include <stdarg.h> | 39 | #include <stdarg.h> |
40 | #include <stdlib.h> | ||
41 | #include <wchar.h> | ||
42 | #include <wctype.h> | ||
40 | 43 | ||
41 | #include "xmalloc.h" | 44 | #include "xmalloc.h" |
42 | 45 | ||
@@ -117,4 +120,150 @@ free_windows_environment(char **p) | |||
117 | free(p); | 120 | free(p); |
118 | } | 121 | } |
119 | 122 | ||
123 | /* | ||
124 | * Returns true if the given string matches the pattern (which may contain ? | ||
125 | * and * as wildcards), and zero if it does not match. | ||
126 | * | ||
127 | * The Cygwin version of this function must be case-insensitive and take | ||
128 | * Unicode characters into account. | ||
129 | */ | ||
130 | |||
131 | static int | ||
132 | __match_pattern (const wchar_t *s, const wchar_t *pattern) | ||
133 | { | ||
134 | for (;;) { | ||
135 | /* If at end of pattern, accept if also at end of string. */ | ||
136 | if (!*pattern) | ||
137 | return !*s; | ||
138 | |||
139 | if (*pattern == '*') { | ||
140 | /* Skip the asterisk. */ | ||
141 | pattern++; | ||
142 | |||
143 | /* If at end of pattern, accept immediately. */ | ||
144 | if (!*pattern) | ||
145 | return 1; | ||
146 | |||
147 | /* If next character in pattern is known, optimize. */ | ||
148 | if (*pattern != '?' && *pattern != '*') { | ||
149 | /* | ||
150 | * Look instances of the next character in | ||
151 | * pattern, and try to match starting from | ||
152 | * those. | ||
153 | */ | ||
154 | for (; *s; s++) | ||
155 | if (*s == *pattern && | ||
156 | __match_pattern(s + 1, pattern + 1)) | ||
157 | return 1; | ||
158 | /* Failed. */ | ||
159 | return 0; | ||
160 | } | ||
161 | /* | ||
162 | * Move ahead one character at a time and try to | ||
163 | * match at each position. | ||
164 | */ | ||
165 | for (; *s; s++) | ||
166 | if (__match_pattern(s, pattern)) | ||
167 | return 1; | ||
168 | /* Failed. */ | ||
169 | return 0; | ||
170 | } | ||
171 | /* | ||
172 | * There must be at least one more character in the string. | ||
173 | * If we are at the end, fail. | ||
174 | */ | ||
175 | if (!*s) | ||
176 | return 0; | ||
177 | |||
178 | /* Check if the next character of the string is acceptable. */ | ||
179 | if (*pattern != '?' && towlower(*pattern) != towlower(*s)) | ||
180 | return 0; | ||
181 | |||
182 | /* Move to the next character, both in string and in pattern. */ | ||
183 | s++; | ||
184 | pattern++; | ||
185 | } | ||
186 | /* NOTREACHED */ | ||
187 | } | ||
188 | |||
189 | static int | ||
190 | _match_pattern(const char *s, const char *pattern) | ||
191 | { | ||
192 | wchar_t *ws; | ||
193 | wchar_t *wpattern; | ||
194 | size_t len; | ||
195 | int ret; | ||
196 | |||
197 | if ((len = mbstowcs(NULL, s, 0)) < 0) | ||
198 | return 0; | ||
199 | ws = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t)); | ||
200 | mbstowcs(ws, s, len + 1); | ||
201 | if ((len = mbstowcs(NULL, pattern, 0)) < 0) | ||
202 | return 0; | ||
203 | wpattern = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t)); | ||
204 | mbstowcs(wpattern, pattern, len + 1); | ||
205 | ret = __match_pattern (ws, wpattern); | ||
206 | free(ws); | ||
207 | free(wpattern); | ||
208 | return ret; | ||
209 | } | ||
210 | |||
211 | /* | ||
212 | * Tries to match the string against the | ||
213 | * comma-separated sequence of subpatterns (each possibly preceded by ! to | ||
214 | * indicate negation). Returns -1 if negation matches, 1 if there is | ||
215 | * a positive match, 0 if there is no match at all. | ||
216 | */ | ||
217 | int | ||
218 | cygwin_ug_match_pattern_list(const char *string, const char *pattern) | ||
219 | { | ||
220 | char sub[1024]; | ||
221 | int negated; | ||
222 | int got_positive; | ||
223 | u_int i, subi, len = strlen(pattern); | ||
224 | |||
225 | got_positive = 0; | ||
226 | for (i = 0; i < len;) { | ||
227 | /* Check if the subpattern is negated. */ | ||
228 | if (pattern[i] == '!') { | ||
229 | negated = 1; | ||
230 | i++; | ||
231 | } else | ||
232 | negated = 0; | ||
233 | |||
234 | /* | ||
235 | * Extract the subpattern up to a comma or end. Convert the | ||
236 | * subpattern to lowercase. | ||
237 | */ | ||
238 | for (subi = 0; | ||
239 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; | ||
240 | subi++, i++) | ||
241 | sub[subi] = pattern[i]; | ||
242 | /* If subpattern too long, return failure (no match). */ | ||
243 | if (subi >= sizeof(sub) - 1) | ||
244 | return 0; | ||
245 | |||
246 | /* If the subpattern was terminated by a comma, then skip it. */ | ||
247 | if (i < len && pattern[i] == ',') | ||
248 | i++; | ||
249 | |||
250 | /* Null-terminate the subpattern. */ | ||
251 | sub[subi] = '\0'; | ||
252 | |||
253 | /* Try to match the subpattern against the string. */ | ||
254 | if (_match_pattern(string, sub)) { | ||
255 | if (negated) | ||
256 | return -1; /* Negative */ | ||
257 | else | ||
258 | got_positive = 1; /* Positive */ | ||
259 | } | ||
260 | } | ||
261 | |||
262 | /* | ||
263 | * Return success if got a positive match. If there was a negative | ||
264 | * match, we have already returned -1 and never get here. | ||
265 | */ | ||
266 | return got_positive; | ||
267 | } | ||
268 | |||
120 | #endif /* HAVE_CYGWIN */ | 269 | #endif /* HAVE_CYGWIN */ |
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h index 202c055db..55c5a5b81 100644 --- a/openbsd-compat/bsd-cygwin_util.h +++ b/openbsd-compat/bsd-cygwin_util.h | |||
@@ -55,6 +55,7 @@ int binary_open(const char *, int , ...); | |||
55 | int check_ntsec(const char *); | 55 | int check_ntsec(const char *); |
56 | char **fetch_windows_environment(void); | 56 | char **fetch_windows_environment(void); |
57 | void free_windows_environment(char **); | 57 | void free_windows_environment(char **); |
58 | int cygwin_ug_match_pattern_list(const char *, const char *); | ||
58 | 59 | ||
59 | #ifndef NO_BINARY_OPEN | 60 | #ifndef NO_BINARY_OPEN |
60 | #define open binary_open | 61 | #define open binary_open |
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 5d7540a70..aa1c7d7a3 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c | |||
@@ -25,6 +25,7 @@ | |||
25 | # include <sys/time.h> | 25 | # include <sys/time.h> |
26 | #endif | 26 | #endif |
27 | 27 | ||
28 | #include <fcntl.h> | ||
28 | #include <string.h> | 29 | #include <string.h> |
29 | #include <signal.h> | 30 | #include <signal.h> |
30 | #include <stdlib.h> | 31 | #include <stdlib.h> |
@@ -117,6 +118,106 @@ int utimes(char *filename, struct timeval *tvp) | |||
117 | } | 118 | } |
118 | #endif | 119 | #endif |
119 | 120 | ||
121 | #ifndef HAVE_UTIMENSAT | ||
122 | /* | ||
123 | * A limited implementation of utimensat() that only implements the | ||
124 | * functionality used by OpenSSH, currently only AT_FDCWD and | ||
125 | * AT_SYMLINK_NOFOLLOW. | ||
126 | */ | ||
127 | int | ||
128 | utimensat(int fd, const char *path, const struct timespec times[2], | ||
129 | int flag) | ||
130 | { | ||
131 | struct timeval tv[2]; | ||
132 | int ret, oflags = O_WRONLY; | ||
133 | |||
134 | tv[0].tv_sec = times[0].tv_sec; | ||
135 | tv[0].tv_usec = times[0].tv_nsec / 1000; | ||
136 | tv[1].tv_sec = times[1].tv_sec; | ||
137 | tv[1].tv_usec = times[1].tv_nsec / 1000; | ||
138 | |||
139 | if (fd != AT_FDCWD) { | ||
140 | errno = ENOSYS; | ||
141 | return -1; | ||
142 | } | ||
143 | # ifndef HAVE_FUTIMES | ||
144 | return utimes(path, tv); | ||
145 | # else | ||
146 | # ifdef O_NOFOLLOW | ||
147 | if (flag & AT_SYMLINK_NOFOLLOW) | ||
148 | oflags |= O_NOFOLLOW; | ||
149 | # endif /* O_NOFOLLOW */ | ||
150 | if ((fd = open(path, oflags)) == -1) | ||
151 | return -1; | ||
152 | ret = futimes(fd, tv); | ||
153 | close(fd); | ||
154 | return ret; | ||
155 | # endif | ||
156 | } | ||
157 | #endif | ||
158 | |||
159 | #ifndef HAVE_FCHOWNAT | ||
160 | /* | ||
161 | * A limited implementation of fchownat() that only implements the | ||
162 | * functionality used by OpenSSH, currently only AT_FDCWD and | ||
163 | * AT_SYMLINK_NOFOLLOW. | ||
164 | */ | ||
165 | int | ||
166 | fchownat(int fd, const char *path, uid_t owner, gid_t group, int flag) | ||
167 | { | ||
168 | int ret, oflags = O_WRONLY; | ||
169 | |||
170 | if (fd != AT_FDCWD) { | ||
171 | errno = ENOSYS; | ||
172 | return -1; | ||
173 | } | ||
174 | # ifndef HAVE_FCHOWN | ||
175 | return chown(pathname, owner, group); | ||
176 | # else | ||
177 | # ifdef O_NOFOLLOW | ||
178 | if (flag & AT_SYMLINK_NOFOLLOW) | ||
179 | oflags |= O_NOFOLLOW; | ||
180 | # endif /* O_NOFOLLOW */ | ||
181 | if ((fd = open(path, oflags)) == -1) | ||
182 | return -1; | ||
183 | ret = fchown(fd, owner, group); | ||
184 | close(fd); | ||
185 | return ret; | ||
186 | # endif | ||
187 | } | ||
188 | #endif | ||
189 | |||
190 | #ifndef HAVE_FCHMODAT | ||
191 | /* | ||
192 | * A limited implementation of fchmodat() that only implements the | ||
193 | * functionality used by OpenSSH, currently only AT_FDCWD and | ||
194 | * AT_SYMLINK_NOFOLLOW. | ||
195 | */ | ||
196 | int | ||
197 | fchmodat(int fd, const char *path, mode_t mode, int flag) | ||
198 | { | ||
199 | int ret, oflags = O_WRONLY; | ||
200 | |||
201 | if (fd != AT_FDCWD) { | ||
202 | errno = ENOSYS; | ||
203 | return -1; | ||
204 | } | ||
205 | # ifndef HAVE_FCHMOD | ||
206 | return chown(pathname, owner, group); | ||
207 | # else | ||
208 | # ifdef O_NOFOLLOW | ||
209 | if (flag & AT_SYMLINK_NOFOLLOW) | ||
210 | oflags |= O_NOFOLLOW; | ||
211 | # endif /* O_NOFOLLOW */ | ||
212 | if ((fd = open(path, oflags)) == -1) | ||
213 | return -1; | ||
214 | ret = fchmod(fd, mode); | ||
215 | close(fd); | ||
216 | return ret; | ||
217 | # endif | ||
218 | } | ||
219 | #endif | ||
220 | |||
120 | #ifndef HAVE_TRUNCATE | 221 | #ifndef HAVE_TRUNCATE |
121 | int truncate(const char *path, off_t length) | 222 | int truncate(const char *path, off_t length) |
122 | { | 223 | { |
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 52ec52853..cb158cd5c 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h | |||
@@ -64,6 +64,26 @@ struct timeval { | |||
64 | int utimes(char *, struct timeval *); | 64 | int utimes(char *, struct timeval *); |
65 | #endif /* HAVE_UTIMES */ | 65 | #endif /* HAVE_UTIMES */ |
66 | 66 | ||
67 | #ifndef HAVE_UTIMENSAT | ||
68 | /* start with the high bits and work down to minimise risk of overlap */ | ||
69 | # ifndef AT_SYMLINK_NOFOLLOW | ||
70 | # define AT_SYMLINK_NOFOLLOW 0x80000000 | ||
71 | # endif | ||
72 | int utimensat(int, const char *, const struct timespec[2], int); | ||
73 | #endif | ||
74 | |||
75 | #ifndef AT_FDCWD | ||
76 | # define AT_FDCWD (-2) | ||
77 | #endif | ||
78 | |||
79 | #ifndef HAVE_FCHMODAT | ||
80 | int fchmodat(int, const char *, mode_t, int); | ||
81 | #endif | ||
82 | |||
83 | #ifndef HAVE_FCHOWNAT | ||
84 | int fchownat(int, const char *, uid_t, gid_t, int); | ||
85 | #endif | ||
86 | |||
67 | #ifndef HAVE_TRUNCATE | 87 | #ifndef HAVE_TRUNCATE |
68 | int truncate (const char *, off_t); | 88 | int truncate (const char *, off_t); |
69 | #endif /* HAVE_TRUNCATE */ | 89 | #endif /* HAVE_TRUNCATE */ |
diff --git a/openbsd-compat/libressl-api-compat.c b/openbsd-compat/libressl-api-compat.c index de3e64a63..ae00ff593 100644 --- a/openbsd-compat/libressl-api-compat.c +++ b/openbsd-compat/libressl-api-compat.c | |||
@@ -152,7 +152,9 @@ | |||
152 | #include <openssl/dsa.h> | 152 | #include <openssl/dsa.h> |
153 | #include <openssl/rsa.h> | 153 | #include <openssl/rsa.h> |
154 | #include <openssl/evp.h> | 154 | #include <openssl/evp.h> |
155 | #ifdef OPENSSL_HAS_ECC | ||
155 | #include <openssl/ecdsa.h> | 156 | #include <openssl/ecdsa.h> |
157 | #endif | ||
156 | #include <openssl/dh.h> | 158 | #include <openssl/dh.h> |
157 | 159 | ||
158 | #ifndef HAVE_DSA_GET0_PQG | 160 | #ifndef HAVE_DSA_GET0_PQG |
@@ -417,6 +419,7 @@ DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) | |||
417 | } | 419 | } |
418 | #endif /* HAVE_DSA_SIG_SET0 */ | 420 | #endif /* HAVE_DSA_SIG_SET0 */ |
419 | 421 | ||
422 | #ifdef OPENSSL_HAS_ECC | ||
420 | #ifndef HAVE_ECDSA_SIG_GET0 | 423 | #ifndef HAVE_ECDSA_SIG_GET0 |
421 | void | 424 | void |
422 | ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) | 425 | ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) |
@@ -442,6 +445,7 @@ ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) | |||
442 | return 1; | 445 | return 1; |
443 | } | 446 | } |
444 | #endif /* HAVE_ECDSA_SIG_SET0 */ | 447 | #endif /* HAVE_ECDSA_SIG_SET0 */ |
448 | #endif /* OPENSSL_HAS_ECC */ | ||
445 | 449 | ||
446 | #ifndef HAVE_DH_GET0_PQG | 450 | #ifndef HAVE_DH_GET0_PQG |
447 | void | 451 | void |
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index f5c833bf2..865aaee53 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h | |||
@@ -61,6 +61,7 @@ void closefrom(int); | |||
61 | #endif | 61 | #endif |
62 | 62 | ||
63 | #ifndef HAVE_GETLINE | 63 | #ifndef HAVE_GETLINE |
64 | #include <stdio.h> | ||
64 | ssize_t getline(char **, size_t *, FILE *); | 65 | ssize_t getline(char **, size_t *, FILE *); |
65 | #endif | 66 | #endif |
66 | 67 | ||
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index ea0b0c9fb..c1749210d 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c | |||
@@ -66,23 +66,31 @@ ssh_compatible_openssl(long headerver, long libver) | |||
66 | return 0; | 66 | return 0; |
67 | } | 67 | } |
68 | 68 | ||
69 | #ifdef USE_OPENSSL_ENGINE | ||
70 | void | 69 | void |
71 | ssh_OpenSSL_add_all_algorithms(void) | 70 | ssh_libcrypto_init(void) |
72 | { | 71 | { |
72 | #if defined(HAVE_OPENSSL_INIT_CRYPTO) && \ | ||
73 | defined(OPENSSL_INIT_ADD_ALL_CIPHERS) && \ | ||
74 | defined(OPENSSL_INIT_ADD_ALL_DIGESTS) | ||
75 | OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | | ||
76 | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); | ||
77 | #elif defined(HAVE_OPENSSL_ADD_ALL_ALGORITHMS) | ||
73 | OpenSSL_add_all_algorithms(); | 78 | OpenSSL_add_all_algorithms(); |
79 | #endif | ||
74 | 80 | ||
81 | #ifdef USE_OPENSSL_ENGINE | ||
75 | /* Enable use of crypto hardware */ | 82 | /* Enable use of crypto hardware */ |
76 | ENGINE_load_builtin_engines(); | 83 | ENGINE_load_builtin_engines(); |
77 | ENGINE_register_all_complete(); | 84 | ENGINE_register_all_complete(); |
78 | 85 | ||
79 | #if OPENSSL_VERSION_NUMBER < 0x10001000L | 86 | /* Load the libcrypto config file to pick up engines defined there */ |
80 | OPENSSL_config(NULL); | 87 | # if defined(HAVE_OPENSSL_INIT_CRYPTO) && defined(OPENSSL_INIT_LOAD_CONFIG) |
81 | #else | ||
82 | OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | | 88 | OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | |
83 | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); | 89 | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); |
84 | #endif | 90 | # else |
91 | OPENSSL_config(NULL); | ||
92 | # endif | ||
93 | #endif /* USE_OPENSSL_ENGINE */ | ||
85 | } | 94 | } |
86 | #endif | ||
87 | 95 | ||
88 | #endif /* WITH_OPENSSL */ | 96 | #endif /* WITH_OPENSSL */ |
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 9e0264c04..917bc6f7c 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h | |||
@@ -21,16 +21,32 @@ | |||
21 | #ifdef WITH_OPENSSL | 21 | #ifdef WITH_OPENSSL |
22 | 22 | ||
23 | #include <openssl/opensslv.h> | 23 | #include <openssl/opensslv.h> |
24 | #include <openssl/crypto.h> | ||
24 | #include <openssl/evp.h> | 25 | #include <openssl/evp.h> |
25 | #include <openssl/rsa.h> | 26 | #include <openssl/rsa.h> |
26 | #include <openssl/dsa.h> | 27 | #include <openssl/dsa.h> |
28 | #ifdef OPENSSL_HAS_ECC | ||
27 | #include <openssl/ecdsa.h> | 29 | #include <openssl/ecdsa.h> |
30 | #endif | ||
28 | #include <openssl/dh.h> | 31 | #include <openssl/dh.h> |
29 | 32 | ||
30 | int ssh_compatible_openssl(long, long); | 33 | int ssh_compatible_openssl(long, long); |
34 | void ssh_libcrypto_init(void); | ||
35 | |||
36 | #if (OPENSSL_VERSION_NUMBER < 0x1000100fL) | ||
37 | # error OpenSSL 1.0.1 or greater is required | ||
38 | #endif | ||
39 | |||
40 | #ifndef OPENSSL_VERSION | ||
41 | # define OPENSSL_VERSION SSLEAY_VERSION | ||
42 | #endif | ||
43 | |||
44 | #ifndef HAVE_OPENSSL_VERSION | ||
45 | # define OpenSSL_version(x) SSLeay_version(x) | ||
46 | #endif | ||
31 | 47 | ||
32 | #if (OPENSSL_VERSION_NUMBER <= 0x0090805fL) | 48 | #ifndef HAVE_OPENSSL_VERSION_NUM |
33 | # error OpenSSL 0.9.8f or greater is required | 49 | # define OpenSSL_version_num SSLeay |
34 | #endif | 50 | #endif |
35 | 51 | ||
36 | #if OPENSSL_VERSION_NUMBER < 0x10000001L | 52 | #if OPENSSL_VERSION_NUMBER < 0x10000001L |
@@ -77,27 +93,6 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t); | |||
77 | # endif | 93 | # endif |
78 | #endif | 94 | #endif |
79 | 95 | ||
80 | /* | ||
81 | * We overload some of the OpenSSL crypto functions with ssh_* equivalents | ||
82 | * to automatically handle OpenSSL engine initialisation. | ||
83 | * | ||
84 | * In order for the compat library to call the real functions, it must | ||
85 | * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and | ||
86 | * implement the ssh_* equivalents. | ||
87 | */ | ||
88 | #ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS | ||
89 | |||
90 | # ifdef USE_OPENSSL_ENGINE | ||
91 | # ifdef OpenSSL_add_all_algorithms | ||
92 | # undef OpenSSL_add_all_algorithms | ||
93 | # endif | ||
94 | # define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms() | ||
95 | # endif | ||
96 | |||
97 | void ssh_OpenSSL_add_all_algorithms(void); | ||
98 | |||
99 | #endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ | ||
100 | |||
101 | /* LibreSSL/OpenSSL 1.1x API compat */ | 96 | /* LibreSSL/OpenSSL 1.1x API compat */ |
102 | #ifndef HAVE_DSA_GET0_PQG | 97 | #ifndef HAVE_DSA_GET0_PQG |
103 | void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, | 98 | void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, |
@@ -161,6 +156,7 @@ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); | |||
161 | int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); | 156 | int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); |
162 | #endif /* DSA_SIG_SET0 */ | 157 | #endif /* DSA_SIG_SET0 */ |
163 | 158 | ||
159 | #ifdef OPENSSL_HAS_ECC | ||
164 | #ifndef HAVE_ECDSA_SIG_GET0 | 160 | #ifndef HAVE_ECDSA_SIG_GET0 |
165 | void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); | 161 | void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); |
166 | #endif /* HAVE_ECDSA_SIG_GET0 */ | 162 | #endif /* HAVE_ECDSA_SIG_GET0 */ |
@@ -168,6 +164,7 @@ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); | |||
168 | #ifndef HAVE_ECDSA_SIG_SET0 | 164 | #ifndef HAVE_ECDSA_SIG_SET0 |
169 | int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); | 165 | int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); |
170 | #endif /* HAVE_ECDSA_SIG_SET0 */ | 166 | #endif /* HAVE_ECDSA_SIG_SET0 */ |
167 | #endif /* OPENSSL_HAS_ECC */ | ||
171 | 168 | ||
172 | #ifndef HAVE_DH_GET0_PQG | 169 | #ifndef HAVE_DH_GET0_PQG |
173 | void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, | 170 | void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, |
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 943177c70..fc80dc39f 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c | |||
@@ -313,7 +313,8 @@ sys_auth_get_lastlogin_msg(const char *user, uid_t uid) | |||
313 | * record_failed_login: generic "login failed" interface function | 313 | * record_failed_login: generic "login failed" interface function |
314 | */ | 314 | */ |
315 | void | 315 | void |
316 | record_failed_login(const char *user, const char *hostname, const char *ttyname) | 316 | record_failed_login(struct ssh *ssh, const char *user, const char *hostname, |
317 | const char *ttyname) | ||
317 | { | 318 | { |
318 | if (geteuid() != 0) | 319 | if (geteuid() != 0) |
319 | return; | 320 | return; |
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 748c0e4e3..904de3096 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h | |||
@@ -30,6 +30,7 @@ | |||
30 | # include <sys/socket.h> | 30 | # include <sys/socket.h> |
31 | #endif | 31 | #endif |
32 | 32 | ||
33 | struct ssh; | ||
33 | struct sshbuf; | 34 | struct sshbuf; |
34 | 35 | ||
35 | /* These should be in the system headers but are not. */ | 36 | /* These should be in the system headers but are not. */ |
@@ -89,8 +90,8 @@ void aix_usrinfo(struct passwd *); | |||
89 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 | 90 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 |
90 | int sys_auth_allowed_user(struct passwd *, struct sshbuf *); | 91 | int sys_auth_allowed_user(struct passwd *, struct sshbuf *); |
91 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 | 92 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 |
92 | int sys_auth_record_login(const char *, const char *, | 93 | int sys_auth_record_login(const char *, const char *, const char *, |
93 | const char *, struct sshbuf *); | 94 | struct sshbuf *); |
94 | # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG | 95 | # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG |
95 | char *sys_auth_get_lastlogin_msg(const char *, uid_t); | 96 | char *sys_auth_get_lastlogin_msg(const char *, uid_t); |
96 | # define CUSTOM_FAILED_LOGIN 1 | 97 | # define CUSTOM_FAILED_LOGIN 1 |
diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in index 529331be5..c5aae61e2 100644 --- a/openbsd-compat/regress/Makefile.in +++ b/openbsd-compat/regress/Makefile.in | |||
@@ -14,7 +14,7 @@ LIBS=@LIBS@ | |||
14 | LDFLAGS=@LDFLAGS@ $(LIBCOMPAT) | 14 | LDFLAGS=@LDFLAGS@ $(LIBCOMPAT) |
15 | 15 | ||
16 | TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \ | 16 | TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \ |
17 | strtonumtest$(EXEEXT) opensslvertest$(EXEEXT) | 17 | strtonumtest$(EXEEXT) opensslvertest$(EXEEXT) utimensattest$(EXEEXT) |
18 | 18 | ||
19 | all: t-exec ${OTHERTESTS} | 19 | all: t-exec ${OTHERTESTS} |
20 | 20 | ||
diff --git a/openbsd-compat/regress/utimensattest.c b/openbsd-compat/regress/utimensattest.c new file mode 100644 index 000000000..a7bc7634b --- /dev/null +++ b/openbsd-compat/regress/utimensattest.c | |||
@@ -0,0 +1,97 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2019 Darren Tucker | ||
3 | * | ||
4 | * Permission to use, copy, modify, and distribute this software for any | ||
5 | * purpose with or without fee is hereby granted, provided that the above | ||
6 | * copyright notice and this permission notice appear in all copies. | ||
7 | * | ||
8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
15 | */ | ||
16 | |||
17 | #include <sys/types.h> | ||
18 | #include <sys/stat.h> | ||
19 | |||
20 | #include <errno.h> | ||
21 | #include <fcntl.h> | ||
22 | #include <stdio.h> | ||
23 | #include <stdlib.h> | ||
24 | #include <string.h> | ||
25 | #include <unistd.h> | ||
26 | |||
27 | #define TMPFILE "utimensat.tmp" | ||
28 | #define TMPFILE2 "utimensat.tmp2" | ||
29 | |||
30 | #ifndef AT_SYMLINK_NOFOLLOW | ||
31 | # define AT_SYMLINK_NOFOLLOW 0x80000000 | ||
32 | #endif | ||
33 | |||
34 | int utimensat(int, const char *, const struct timespec[2], int); | ||
35 | |||
36 | void | ||
37 | fail(char *msg, long expect, long got) | ||
38 | { | ||
39 | int saved_errno = errno; | ||
40 | |||
41 | if (expect == got && got == 0) | ||
42 | fprintf(stderr, "utimensat: %s: %s\n", msg, | ||
43 | strerror(saved_errno)); | ||
44 | else | ||
45 | fprintf(stderr, "utimensat: %s: expected %ld got %ld\n", | ||
46 | msg, expect, got); | ||
47 | exit(1); | ||
48 | } | ||
49 | |||
50 | int | ||
51 | main(void) | ||
52 | { | ||
53 | int fd; | ||
54 | struct stat sb; | ||
55 | struct timespec ts[2]; | ||
56 | |||
57 | if ((fd = open(TMPFILE, O_CREAT, 0600)) == -1) | ||
58 | fail("open", 0, 0); | ||
59 | close(fd); | ||
60 | |||
61 | ts[0].tv_sec = 12345678; | ||
62 | ts[0].tv_nsec = 23456789; | ||
63 | ts[1].tv_sec = 34567890; | ||
64 | ts[1].tv_nsec = 45678901; | ||
65 | if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) == -1) | ||
66 | fail("utimensat", 0, 0); | ||
67 | |||
68 | if (stat(TMPFILE, &sb) == -1) | ||
69 | fail("stat", 0, 0 ); | ||
70 | if (sb.st_atime != 12345678) | ||
71 | fail("st_atime", 0, 0 ); | ||
72 | if (sb.st_mtime != 34567890) | ||
73 | fail("st_mtime", 0, 0 ); | ||
74 | #if 0 | ||
75 | /* | ||
76 | * Results expected to be rounded to the nearest microsecond. | ||
77 | * Depends on timestamp precision in kernel and filesystem so | ||
78 | * disabled by default. | ||
79 | */ | ||
80 | if (sb.st_atim.tv_nsec != 23456000) | ||
81 | fail("atim.tv_nsec", 23456000, sb.st_atim.tv_nsec); | ||
82 | if (sb.st_mtim.tv_nsec != 45678000) | ||
83 | fail("mtim.tv_nsec", 45678000, sb.st_mtim.tv_nsec); | ||
84 | #endif | ||
85 | |||
86 | if (rename(TMPFILE, TMPFILE2) == -1) | ||
87 | fail("rename", 0, 0); | ||
88 | if (symlink(TMPFILE2, TMPFILE) == -1) | ||
89 | fail("symlink", 0, 0); | ||
90 | |||
91 | if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) != -1) | ||
92 | fail("utimensat followed symlink", 0, 0); | ||
93 | |||
94 | if (!(unlink(TMPFILE) == 0 && unlink(TMPFILE2) == 0)) | ||
95 | fail("unlink", 0, 0); | ||
96 | exit(0); | ||
97 | } | ||
diff --git a/openbsd-compat/sys-queue.h b/openbsd-compat/sys-queue.h index af93d6814..5108f394c 100644 --- a/openbsd-compat/sys-queue.h +++ b/openbsd-compat/sys-queue.h | |||
@@ -81,6 +81,7 @@ | |||
81 | #undef SIMPLEQ_EMPTY | 81 | #undef SIMPLEQ_EMPTY |
82 | #undef SIMPLEQ_NEXT | 82 | #undef SIMPLEQ_NEXT |
83 | #undef SIMPLEQ_FOREACH | 83 | #undef SIMPLEQ_FOREACH |
84 | #undef SIMPLEQ_FOREACH_SAFE | ||
84 | #undef SIMPLEQ_INIT | 85 | #undef SIMPLEQ_INIT |
85 | #undef SIMPLEQ_INSERT_HEAD | 86 | #undef SIMPLEQ_INSERT_HEAD |
86 | #undef SIMPLEQ_INSERT_TAIL | 87 | #undef SIMPLEQ_INSERT_TAIL |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.277 2018/07/16 03:09:13 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.283 2019/03/01 03:29:32 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -58,6 +58,7 @@ | |||
58 | #include <string.h> | 58 | #include <string.h> |
59 | #include <unistd.h> | 59 | #include <unistd.h> |
60 | #include <limits.h> | 60 | #include <limits.h> |
61 | #include <poll.h> | ||
61 | #include <signal.h> | 62 | #include <signal.h> |
62 | #include <time.h> | 63 | #include <time.h> |
63 | 64 | ||
@@ -228,6 +229,7 @@ ssh_alloc_session_state(void) | |||
228 | 229 | ||
229 | if ((ssh = calloc(1, sizeof(*ssh))) == NULL || | 230 | if ((ssh = calloc(1, sizeof(*ssh))) == NULL || |
230 | (state = calloc(1, sizeof(*state))) == NULL || | 231 | (state = calloc(1, sizeof(*state))) == NULL || |
232 | (ssh->kex = kex_new()) == NULL || | ||
231 | (state->input = sshbuf_new()) == NULL || | 233 | (state->input = sshbuf_new()) == NULL || |
232 | (state->output = sshbuf_new()) == NULL || | 234 | (state->output = sshbuf_new()) == NULL || |
233 | (state->outgoing_packet = sshbuf_new()) == NULL || | 235 | (state->outgoing_packet = sshbuf_new()) == NULL || |
@@ -250,6 +252,10 @@ ssh_alloc_session_state(void) | |||
250 | ssh->state = state; | 252 | ssh->state = state; |
251 | return ssh; | 253 | return ssh; |
252 | fail: | 254 | fail: |
255 | if (ssh) { | ||
256 | kex_free(ssh->kex); | ||
257 | free(ssh); | ||
258 | } | ||
253 | if (state) { | 259 | if (state) { |
254 | sshbuf_free(state->input); | 260 | sshbuf_free(state->input); |
255 | sshbuf_free(state->output); | 261 | sshbuf_free(state->output); |
@@ -257,7 +263,6 @@ ssh_alloc_session_state(void) | |||
257 | sshbuf_free(state->outgoing_packet); | 263 | sshbuf_free(state->outgoing_packet); |
258 | free(state); | 264 | free(state); |
259 | } | 265 | } |
260 | free(ssh); | ||
261 | return NULL; | 266 | return NULL; |
262 | } | 267 | } |
263 | 268 | ||
@@ -272,8 +277,7 @@ ssh_packet_set_input_hook(struct ssh *ssh, ssh_packet_hook_fn *hook, void *ctx) | |||
272 | int | 277 | int |
273 | ssh_packet_is_rekeying(struct ssh *ssh) | 278 | ssh_packet_is_rekeying(struct ssh *ssh) |
274 | { | 279 | { |
275 | return ssh->state->rekeying || | 280 | return ssh->state->rekeying || ssh->kex->done == 0; |
276 | (ssh->kex != NULL && ssh->kex->done == 0); | ||
277 | } | 281 | } |
278 | 282 | ||
279 | /* | 283 | /* |
@@ -837,6 +841,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
837 | u_int64_t *max_blocks; | 841 | u_int64_t *max_blocks; |
838 | const char *wmsg; | 842 | const char *wmsg; |
839 | int r, crypt_type; | 843 | int r, crypt_type; |
844 | const char *dir = mode == MODE_OUT ? "out" : "in"; | ||
840 | 845 | ||
841 | debug2("set_newkeys: mode %d", mode); | 846 | debug2("set_newkeys: mode %d", mode); |
842 | 847 | ||
@@ -852,14 +857,12 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
852 | max_blocks = &state->max_blocks_in; | 857 | max_blocks = &state->max_blocks_in; |
853 | } | 858 | } |
854 | if (state->newkeys[mode] != NULL) { | 859 | if (state->newkeys[mode] != NULL) { |
855 | debug("set_newkeys: rekeying, input %llu bytes %llu blocks, " | 860 | debug("%s: rekeying %s, input %llu bytes %llu blocks, " |
856 | "output %llu bytes %llu blocks", | 861 | "output %llu bytes %llu blocks", __func__, dir, |
857 | (unsigned long long)state->p_read.bytes, | 862 | (unsigned long long)state->p_read.bytes, |
858 | (unsigned long long)state->p_read.blocks, | 863 | (unsigned long long)state->p_read.blocks, |
859 | (unsigned long long)state->p_send.bytes, | 864 | (unsigned long long)state->p_send.bytes, |
860 | (unsigned long long)state->p_send.blocks); | 865 | (unsigned long long)state->p_send.blocks); |
861 | cipher_free(*ccp); | ||
862 | *ccp = NULL; | ||
863 | kex_free_newkeys(state->newkeys[mode]); | 866 | kex_free_newkeys(state->newkeys[mode]); |
864 | state->newkeys[mode] = NULL; | 867 | state->newkeys[mode] = NULL; |
865 | } | 868 | } |
@@ -877,7 +880,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
877 | return r; | 880 | return r; |
878 | } | 881 | } |
879 | mac->enabled = 1; | 882 | mac->enabled = 1; |
880 | DBG(debug("cipher_init_context: %d", mode)); | 883 | DBG(debug("%s: cipher_init_context: %s", __func__, dir)); |
884 | cipher_free(*ccp); | ||
885 | *ccp = NULL; | ||
881 | if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len, | 886 | if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len, |
882 | enc->iv, enc->iv_len, crypt_type)) != 0) | 887 | enc->iv, enc->iv_len, crypt_type)) != 0) |
883 | return r; | 888 | return r; |
@@ -916,7 +921,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
916 | if (state->rekey_limit) | 921 | if (state->rekey_limit) |
917 | *max_blocks = MINIMUM(*max_blocks, | 922 | *max_blocks = MINIMUM(*max_blocks, |
918 | state->rekey_limit / enc->block_size); | 923 | state->rekey_limit / enc->block_size); |
919 | debug("rekey after %llu blocks", (unsigned long long)*max_blocks); | 924 | debug("rekey %s after %llu blocks", dir, |
925 | (unsigned long long)*max_blocks); | ||
920 | return 0; | 926 | return 0; |
921 | } | 927 | } |
922 | 928 | ||
@@ -932,7 +938,7 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len) | |||
932 | return 0; | 938 | return 0; |
933 | 939 | ||
934 | /* Haven't keyed yet or KEX in progress. */ | 940 | /* Haven't keyed yet or KEX in progress. */ |
935 | if (ssh->kex == NULL || ssh_packet_is_rekeying(ssh)) | 941 | if (ssh_packet_is_rekeying(ssh)) |
936 | return 0; | 942 | return 0; |
937 | 943 | ||
938 | /* Peer can't rekey */ | 944 | /* Peer can't rekey */ |
@@ -1805,10 +1811,10 @@ sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l) | |||
1805 | /* | 1811 | /* |
1806 | * Pretty-print connection-terminating errors and exit. | 1812 | * Pretty-print connection-terminating errors and exit. |
1807 | */ | 1813 | */ |
1808 | void | 1814 | static void |
1809 | sshpkt_fatal(struct ssh *ssh, const char *tag, int r) | 1815 | sshpkt_vfatal(struct ssh *ssh, int r, const char *fmt, va_list ap) |
1810 | { | 1816 | { |
1811 | char remote_id[512]; | 1817 | char *tag = NULL, remote_id[512]; |
1812 | 1818 | ||
1813 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); | 1819 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); |
1814 | 1820 | ||
@@ -1842,6 +1848,11 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) | |||
1842 | } | 1848 | } |
1843 | /* FALLTHROUGH */ | 1849 | /* FALLTHROUGH */ |
1844 | default: | 1850 | default: |
1851 | if (vasprintf(&tag, fmt, ap) == -1) { | ||
1852 | ssh_packet_clear_keys(ssh); | ||
1853 | logdie("%s: could not allocate failure message", | ||
1854 | __func__); | ||
1855 | } | ||
1845 | ssh_packet_clear_keys(ssh); | 1856 | ssh_packet_clear_keys(ssh); |
1846 | logdie("%s%sConnection %s %s: %s", | 1857 | logdie("%s%sConnection %s %s: %s", |
1847 | tag != NULL ? tag : "", tag != NULL ? ": " : "", | 1858 | tag != NULL ? tag : "", tag != NULL ? ": " : "", |
@@ -1850,6 +1861,18 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) | |||
1850 | } | 1861 | } |
1851 | } | 1862 | } |
1852 | 1863 | ||
1864 | void | ||
1865 | sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...) | ||
1866 | { | ||
1867 | va_list ap; | ||
1868 | |||
1869 | va_start(ap, fmt); | ||
1870 | sshpkt_vfatal(ssh, r, fmt, ap); | ||
1871 | /* NOTREACHED */ | ||
1872 | va_end(ap); | ||
1873 | logdie("%s: should have exited", __func__); | ||
1874 | } | ||
1875 | |||
1853 | /* | 1876 | /* |
1854 | * Logs the error plus constructs and sends a disconnect packet, closes the | 1877 | * Logs the error plus constructs and sends a disconnect packet, closes the |
1855 | * connection, and exits. This function never returns. The error message | 1878 | * connection, and exits. This function never returns. The error message |
@@ -1885,10 +1908,10 @@ ssh_packet_disconnect(struct ssh *ssh, const char *fmt,...) | |||
1885 | * for it to get sent. | 1908 | * for it to get sent. |
1886 | */ | 1909 | */ |
1887 | if ((r = sshpkt_disconnect(ssh, "%s", buf)) != 0) | 1910 | if ((r = sshpkt_disconnect(ssh, "%s", buf)) != 0) |
1888 | sshpkt_fatal(ssh, __func__, r); | 1911 | sshpkt_fatal(ssh, r, "%s", __func__); |
1889 | 1912 | ||
1890 | if ((r = ssh_packet_write_wait(ssh)) != 0) | 1913 | if ((r = ssh_packet_write_wait(ssh)) != 0) |
1891 | sshpkt_fatal(ssh, __func__, r); | 1914 | sshpkt_fatal(ssh, r, "%s", __func__); |
1892 | 1915 | ||
1893 | /* Close the connection. */ | 1916 | /* Close the connection. */ |
1894 | ssh_packet_close(ssh); | 1917 | ssh_packet_close(ssh); |
@@ -2123,6 +2146,7 @@ void | |||
2123 | ssh_packet_set_server(struct ssh *ssh) | 2146 | ssh_packet_set_server(struct ssh *ssh) |
2124 | { | 2147 | { |
2125 | ssh->state->server_side = 1; | 2148 | ssh->state->server_side = 1; |
2149 | ssh->kex->server = 1; /* XXX unify? */ | ||
2126 | } | 2150 | } |
2127 | 2151 | ||
2128 | void | 2152 | void |
@@ -2175,9 +2199,9 @@ kex_to_blob(struct sshbuf *m, struct kex *kex) | |||
2175 | (r = sshbuf_put_u32(m, kex->kex_type)) != 0 || | 2199 | (r = sshbuf_put_u32(m, kex->kex_type)) != 0 || |
2176 | (r = sshbuf_put_stringb(m, kex->my)) != 0 || | 2200 | (r = sshbuf_put_stringb(m, kex->my)) != 0 || |
2177 | (r = sshbuf_put_stringb(m, kex->peer)) != 0 || | 2201 | (r = sshbuf_put_stringb(m, kex->peer)) != 0 || |
2178 | (r = sshbuf_put_u32(m, kex->flags)) != 0 || | 2202 | (r = sshbuf_put_stringb(m, kex->client_version)) != 0 || |
2179 | (r = sshbuf_put_cstring(m, kex->client_version_string)) != 0 || | 2203 | (r = sshbuf_put_stringb(m, kex->server_version)) != 0 || |
2180 | (r = sshbuf_put_cstring(m, kex->server_version_string)) != 0) | 2204 | (r = sshbuf_put_u32(m, kex->flags)) != 0) |
2181 | return r; | 2205 | return r; |
2182 | return 0; | 2206 | return 0; |
2183 | } | 2207 | } |
@@ -2327,12 +2351,8 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp) | |||
2327 | struct kex *kex; | 2351 | struct kex *kex; |
2328 | int r; | 2352 | int r; |
2329 | 2353 | ||
2330 | if ((kex = calloc(1, sizeof(struct kex))) == NULL || | 2354 | if ((kex = kex_new()) == NULL) |
2331 | (kex->my = sshbuf_new()) == NULL || | 2355 | return SSH_ERR_ALLOC_FAIL; |
2332 | (kex->peer = sshbuf_new()) == NULL) { | ||
2333 | r = SSH_ERR_ALLOC_FAIL; | ||
2334 | goto out; | ||
2335 | } | ||
2336 | if ((r = sshbuf_get_string(m, &kex->session_id, &kex->session_id_len)) != 0 || | 2356 | if ((r = sshbuf_get_string(m, &kex->session_id, &kex->session_id_len)) != 0 || |
2337 | (r = sshbuf_get_u32(m, &kex->we_need)) != 0 || | 2357 | (r = sshbuf_get_u32(m, &kex->we_need)) != 0 || |
2338 | (r = sshbuf_get_cstring(m, &kex->hostkey_alg, NULL)) != 0 || | 2358 | (r = sshbuf_get_cstring(m, &kex->hostkey_alg, NULL)) != 0 || |
@@ -2341,23 +2361,20 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp) | |||
2341 | (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 || | 2361 | (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 || |
2342 | (r = sshbuf_get_stringb(m, kex->my)) != 0 || | 2362 | (r = sshbuf_get_stringb(m, kex->my)) != 0 || |
2343 | (r = sshbuf_get_stringb(m, kex->peer)) != 0 || | 2363 | (r = sshbuf_get_stringb(m, kex->peer)) != 0 || |
2344 | (r = sshbuf_get_u32(m, &kex->flags)) != 0 || | 2364 | (r = sshbuf_get_stringb(m, kex->client_version)) != 0 || |
2345 | (r = sshbuf_get_cstring(m, &kex->client_version_string, NULL)) != 0 || | 2365 | (r = sshbuf_get_stringb(m, kex->server_version)) != 0 || |
2346 | (r = sshbuf_get_cstring(m, &kex->server_version_string, NULL)) != 0) | 2366 | (r = sshbuf_get_u32(m, &kex->flags)) != 0) |
2347 | goto out; | 2367 | goto out; |
2348 | kex->server = 1; | 2368 | kex->server = 1; |
2349 | kex->done = 1; | 2369 | kex->done = 1; |
2350 | r = 0; | 2370 | r = 0; |
2351 | out: | 2371 | out: |
2352 | if (r != 0 || kexp == NULL) { | 2372 | if (r != 0 || kexp == NULL) { |
2353 | if (kex != NULL) { | 2373 | kex_free(kex); |
2354 | sshbuf_free(kex->my); | ||
2355 | sshbuf_free(kex->peer); | ||
2356 | free(kex); | ||
2357 | } | ||
2358 | if (kexp != NULL) | 2374 | if (kexp != NULL) |
2359 | *kexp = NULL; | 2375 | *kexp = NULL; |
2360 | } else { | 2376 | } else { |
2377 | kex_free(*kexp); | ||
2361 | *kexp = kex; | 2378 | *kexp = kex; |
2362 | } | 2379 | } |
2363 | return r; | 2380 | return r; |
@@ -2468,6 +2485,12 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v) | |||
2468 | return sshbuf_put_stringb(ssh->state->outgoing_packet, v); | 2485 | return sshbuf_put_stringb(ssh->state->outgoing_packet, v); |
2469 | } | 2486 | } |
2470 | 2487 | ||
2488 | int | ||
2489 | sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp) | ||
2490 | { | ||
2491 | return sshbuf_froms(ssh->state->incoming_packet, valp); | ||
2492 | } | ||
2493 | |||
2471 | #ifdef WITH_OPENSSL | 2494 | #ifdef WITH_OPENSSL |
2472 | #ifdef OPENSSL_HAS_ECC | 2495 | #ifdef OPENSSL_HAS_ECC |
2473 | int | 2496 | int |
@@ -2544,11 +2567,10 @@ sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) | |||
2544 | } | 2567 | } |
2545 | #endif /* OPENSSL_HAS_ECC */ | 2568 | #endif /* OPENSSL_HAS_ECC */ |
2546 | 2569 | ||
2547 | |||
2548 | int | 2570 | int |
2549 | sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) | 2571 | sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp) |
2550 | { | 2572 | { |
2551 | return sshbuf_get_bignum2(ssh->state->incoming_packet, v); | 2573 | return sshbuf_get_bignum2(ssh->state->incoming_packet, valp); |
2552 | } | 2574 | } |
2553 | #endif /* WITH_OPENSSL */ | 2575 | #endif /* WITH_OPENSSL */ |
2554 | 2576 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.h,v 1.86 2018/07/09 21:20:26 markus Exp $ */ | 1 | /* $OpenBSD: packet.h,v 1.90 2019/01/21 10:35:09 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -176,7 +176,8 @@ int sshpkt_send(struct ssh *ssh); | |||
176 | int sshpkt_disconnect(struct ssh *, const char *fmt, ...) | 176 | int sshpkt_disconnect(struct ssh *, const char *fmt, ...) |
177 | __attribute__((format(printf, 2, 3))); | 177 | __attribute__((format(printf, 2, 3))); |
178 | int sshpkt_add_padding(struct ssh *, u_char); | 178 | int sshpkt_add_padding(struct ssh *, u_char); |
179 | void sshpkt_fatal(struct ssh *ssh, const char *tag, int r); | 179 | void sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...) |
180 | __attribute__((format(printf, 3, 4))); | ||
180 | int sshpkt_msg_ignore(struct ssh *, u_int); | 181 | int sshpkt_msg_ignore(struct ssh *, u_int); |
181 | 182 | ||
182 | int sshpkt_put(struct ssh *ssh, const void *v, size_t len); | 183 | int sshpkt_put(struct ssh *ssh, const void *v, size_t len); |
@@ -198,16 +199,13 @@ int sshpkt_get_string(struct ssh *ssh, u_char **valp, size_t *lenp); | |||
198 | int sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); | 199 | int sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); |
199 | int sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); | 200 | int sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp); |
200 | int sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp); | 201 | int sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp); |
202 | int sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp); | ||
201 | int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g); | 203 | int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g); |
202 | int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v); | 204 | int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp); |
203 | int sshpkt_get_end(struct ssh *ssh); | 205 | int sshpkt_get_end(struct ssh *ssh); |
204 | void sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l); | 206 | void sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l); |
205 | const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); | 207 | const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); |
206 | 208 | ||
207 | /* OLD API */ | ||
208 | extern struct ssh *active_state; | ||
209 | #include "opacket.h" | ||
210 | |||
211 | #if !defined(WITH_OPENSSL) | 209 | #if !defined(WITH_OPENSSL) |
212 | # undef BIGNUM | 210 | # undef BIGNUM |
213 | # undef EC_KEY | 211 | # undef EC_KEY |
diff --git a/readconf.c b/readconf.c index 6d046f063..2ba312441 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.300 2018/10/05 14:26:09 naddy Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.304 2019/03/01 02:08:50 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -67,6 +67,7 @@ | |||
67 | #include "uidswap.h" | 67 | #include "uidswap.h" |
68 | #include "myproposal.h" | 68 | #include "myproposal.h" |
69 | #include "digest.h" | 69 | #include "digest.h" |
70 | #include "ssh-gss.h" | ||
70 | 71 | ||
71 | /* Format of the configuration file: | 72 | /* Format of the configuration file: |
72 | 73 | ||
@@ -133,10 +134,11 @@ | |||
133 | 134 | ||
134 | static int read_config_file_depth(const char *filename, struct passwd *pw, | 135 | static int read_config_file_depth(const char *filename, struct passwd *pw, |
135 | const char *host, const char *original_host, Options *options, | 136 | const char *host, const char *original_host, Options *options, |
136 | int flags, int *activep, int depth); | 137 | int flags, int *activep, int *want_final_pass, int depth); |
137 | static int process_config_line_depth(Options *options, struct passwd *pw, | 138 | static int process_config_line_depth(Options *options, struct passwd *pw, |
138 | const char *host, const char *original_host, char *line, | 139 | const char *host, const char *original_host, char *line, |
139 | const char *filename, int linenum, int *activep, int flags, int depth); | 140 | const char *filename, int linenum, int *activep, int flags, |
141 | int *want_final_pass, int depth); | ||
140 | 142 | ||
141 | /* Keyword tokens. */ | 143 | /* Keyword tokens. */ |
142 | 144 | ||
@@ -162,7 +164,7 @@ typedef enum { | |||
162 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 164 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
163 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 165 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
164 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, | 166 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, |
165 | oGssServerIdentity, | 167 | oGssServerIdentity, oGssKexAlgorithms, |
166 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 168 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
167 | oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, | 169 | oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, |
168 | oHashKnownHosts, | 170 | oHashKnownHosts, |
@@ -211,6 +213,7 @@ static struct { | |||
211 | { "gssapiclientidentity", oGssClientIdentity }, | 213 | { "gssapiclientidentity", oGssClientIdentity }, |
212 | { "gssapiserveridentity", oGssServerIdentity }, | 214 | { "gssapiserveridentity", oGssServerIdentity }, |
213 | { "gssapirenewalforcesrekey", oGssRenewalRekey }, | 215 | { "gssapirenewalforcesrekey", oGssRenewalRekey }, |
216 | { "gssapikexalgorithms", oGssKexAlgorithms }, | ||
214 | # else | 217 | # else |
215 | { "gssapiauthentication", oUnsupported }, | 218 | { "gssapiauthentication", oUnsupported }, |
216 | { "gssapikeyexchange", oUnsupported }, | 219 | { "gssapikeyexchange", oUnsupported }, |
@@ -219,10 +222,11 @@ static struct { | |||
219 | { "gssapiclientidentity", oUnsupported }, | 222 | { "gssapiclientidentity", oUnsupported }, |
220 | { "gssapiserveridentity", oUnsupported }, | 223 | { "gssapiserveridentity", oUnsupported }, |
221 | { "gssapirenewalforcesrekey", oUnsupported }, | 224 | { "gssapirenewalforcesrekey", oUnsupported }, |
225 | { "gssapikexalgorithms", oUnsupported }, | ||
222 | #endif | 226 | #endif |
223 | #ifdef ENABLE_PKCS11 | 227 | #ifdef ENABLE_PKCS11 |
224 | { "smartcarddevice", oPKCS11Provider }, | ||
225 | { "pkcs11provider", oPKCS11Provider }, | 228 | { "pkcs11provider", oPKCS11Provider }, |
229 | { "smartcarddevice", oPKCS11Provider }, | ||
226 | # else | 230 | # else |
227 | { "smartcarddevice", oUnsupported }, | 231 | { "smartcarddevice", oUnsupported }, |
228 | { "pkcs11provider", oUnsupported }, | 232 | { "pkcs11provider", oUnsupported }, |
@@ -555,8 +559,8 @@ execute_in_shell(const char *cmd) | |||
555 | */ | 559 | */ |
556 | static int | 560 | static int |
557 | match_cfg_line(Options *options, char **condition, struct passwd *pw, | 561 | match_cfg_line(Options *options, char **condition, struct passwd *pw, |
558 | const char *host_arg, const char *original_host, int post_canon, | 562 | const char *host_arg, const char *original_host, int final_pass, |
559 | const char *filename, int linenum) | 563 | int *want_final_pass, const char *filename, int linenum) |
560 | { | 564 | { |
561 | char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria; | 565 | char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria; |
562 | const char *ruser; | 566 | const char *ruser; |
@@ -570,7 +574,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, | |||
570 | */ | 574 | */ |
571 | port = options->port <= 0 ? default_ssh_port() : options->port; | 575 | port = options->port <= 0 ? default_ssh_port() : options->port; |
572 | ruser = options->user == NULL ? pw->pw_name : options->user; | 576 | ruser = options->user == NULL ? pw->pw_name : options->user; |
573 | if (post_canon) { | 577 | if (final_pass) { |
574 | host = xstrdup(options->hostname); | 578 | host = xstrdup(options->hostname); |
575 | } else if (options->hostname != NULL) { | 579 | } else if (options->hostname != NULL) { |
576 | /* NB. Please keep in sync with ssh.c:main() */ | 580 | /* NB. Please keep in sync with ssh.c:main() */ |
@@ -602,8 +606,16 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, | |||
602 | goto out; | 606 | goto out; |
603 | } | 607 | } |
604 | attributes++; | 608 | attributes++; |
605 | if (strcasecmp(attrib, "canonical") == 0) { | 609 | if (strcasecmp(attrib, "canonical") == 0 || |
606 | r = !!post_canon; /* force bitmask member to boolean */ | 610 | strcasecmp(attrib, "final") == 0) { |
611 | /* | ||
612 | * If the config requests "Match final" then remember | ||
613 | * this so we can perform a second pass later. | ||
614 | */ | ||
615 | if (strcasecmp(attrib, "final") == 0 && | ||
616 | want_final_pass != NULL) | ||
617 | *want_final_pass = 1; | ||
618 | r = !!final_pass; /* force bitmask member to boolean */ | ||
607 | if (r == (negate ? 1 : 0)) | 619 | if (r == (negate ? 1 : 0)) |
608 | this_result = result = 0; | 620 | this_result = result = 0; |
609 | debug3("%.200s line %d: %smatched '%s'", | 621 | debug3("%.200s line %d: %smatched '%s'", |
@@ -840,14 +852,14 @@ process_config_line(Options *options, struct passwd *pw, const char *host, | |||
840 | int linenum, int *activep, int flags) | 852 | int linenum, int *activep, int flags) |
841 | { | 853 | { |
842 | return process_config_line_depth(options, pw, host, original_host, | 854 | return process_config_line_depth(options, pw, host, original_host, |
843 | line, filename, linenum, activep, flags, 0); | 855 | line, filename, linenum, activep, flags, NULL, 0); |
844 | } | 856 | } |
845 | 857 | ||
846 | #define WHITESPACE " \t\r\n" | 858 | #define WHITESPACE " \t\r\n" |
847 | static int | 859 | static int |
848 | process_config_line_depth(Options *options, struct passwd *pw, const char *host, | 860 | process_config_line_depth(Options *options, struct passwd *pw, const char *host, |
849 | const char *original_host, char *line, const char *filename, | 861 | const char *original_host, char *line, const char *filename, |
850 | int linenum, int *activep, int flags, int depth) | 862 | int linenum, int *activep, int flags, int *want_final_pass, int depth) |
851 | { | 863 | { |
852 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; | 864 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; |
853 | char **cpptr, fwdarg[256]; | 865 | char **cpptr, fwdarg[256]; |
@@ -1014,6 +1026,18 @@ parse_time: | |||
1014 | intptr = &options->gss_renewal_rekey; | 1026 | intptr = &options->gss_renewal_rekey; |
1015 | goto parse_flag; | 1027 | goto parse_flag; |
1016 | 1028 | ||
1029 | case oGssKexAlgorithms: | ||
1030 | arg = strdelim(&s); | ||
1031 | if (!arg || *arg == '\0') | ||
1032 | fatal("%.200s line %d: Missing argument.", | ||
1033 | filename, linenum); | ||
1034 | if (!kex_gss_names_valid(arg)) | ||
1035 | fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", | ||
1036 | filename, linenum, arg ? arg : "<NONE>"); | ||
1037 | if (*activep && options->gss_kex_algorithms == NULL) | ||
1038 | options->gss_kex_algorithms = xstrdup(arg); | ||
1039 | break; | ||
1040 | |||
1017 | case oBatchMode: | 1041 | case oBatchMode: |
1018 | intptr = &options->batch_mode; | 1042 | intptr = &options->batch_mode; |
1019 | goto parse_flag; | 1043 | goto parse_flag; |
@@ -1375,7 +1399,8 @@ parse_keytypes: | |||
1375 | fatal("Host directive not supported as a command-line " | 1399 | fatal("Host directive not supported as a command-line " |
1376 | "option"); | 1400 | "option"); |
1377 | value = match_cfg_line(options, &s, pw, host, original_host, | 1401 | value = match_cfg_line(options, &s, pw, host, original_host, |
1378 | flags & SSHCONF_POSTCANON, filename, linenum); | 1402 | flags & SSHCONF_FINAL, want_final_pass, |
1403 | filename, linenum); | ||
1379 | if (value < 0) | 1404 | if (value < 0) |
1380 | fatal("%.200s line %d: Bad Match condition", filename, | 1405 | fatal("%.200s line %d: Bad Match condition", filename, |
1381 | linenum); | 1406 | linenum); |
@@ -1559,7 +1584,7 @@ parse_keytypes: | |||
1559 | if (*arg == '~' && (flags & SSHCONF_USERCONF) == 0) | 1584 | if (*arg == '~' && (flags & SSHCONF_USERCONF) == 0) |
1560 | fatal("%.200s line %d: bad include path %s.", | 1585 | fatal("%.200s line %d: bad include path %s.", |
1561 | filename, linenum, arg); | 1586 | filename, linenum, arg); |
1562 | if (*arg != '/' && *arg != '~') { | 1587 | if (!path_absolute(arg) && *arg != '~') { |
1563 | xasprintf(&arg2, "%s/%s", | 1588 | xasprintf(&arg2, "%s/%s", |
1564 | (flags & SSHCONF_USERCONF) ? | 1589 | (flags & SSHCONF_USERCONF) ? |
1565 | "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); | 1590 | "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); |
@@ -1586,7 +1611,7 @@ parse_keytypes: | |||
1586 | pw, host, original_host, options, | 1611 | pw, host, original_host, options, |
1587 | flags | SSHCONF_CHECKPERM | | 1612 | flags | SSHCONF_CHECKPERM | |
1588 | (oactive ? 0 : SSHCONF_NEVERMATCH), | 1613 | (oactive ? 0 : SSHCONF_NEVERMATCH), |
1589 | activep, depth + 1); | 1614 | activep, want_final_pass, depth + 1); |
1590 | if (r != 1 && errno != ENOENT) { | 1615 | if (r != 1 && errno != ENOENT) { |
1591 | fatal("Can't open user config file " | 1616 | fatal("Can't open user config file " |
1592 | "%.100s: %.100s", gl.gl_pathv[i], | 1617 | "%.100s: %.100s", gl.gl_pathv[i], |
@@ -1789,19 +1814,20 @@ parse_keytypes: | |||
1789 | */ | 1814 | */ |
1790 | int | 1815 | int |
1791 | read_config_file(const char *filename, struct passwd *pw, const char *host, | 1816 | read_config_file(const char *filename, struct passwd *pw, const char *host, |
1792 | const char *original_host, Options *options, int flags) | 1817 | const char *original_host, Options *options, int flags, |
1818 | int *want_final_pass) | ||
1793 | { | 1819 | { |
1794 | int active = 1; | 1820 | int active = 1; |
1795 | 1821 | ||
1796 | return read_config_file_depth(filename, pw, host, original_host, | 1822 | return read_config_file_depth(filename, pw, host, original_host, |
1797 | options, flags, &active, 0); | 1823 | options, flags, &active, want_final_pass, 0); |
1798 | } | 1824 | } |
1799 | 1825 | ||
1800 | #define READCONF_MAX_DEPTH 16 | 1826 | #define READCONF_MAX_DEPTH 16 |
1801 | static int | 1827 | static int |
1802 | read_config_file_depth(const char *filename, struct passwd *pw, | 1828 | read_config_file_depth(const char *filename, struct passwd *pw, |
1803 | const char *host, const char *original_host, Options *options, | 1829 | const char *host, const char *original_host, Options *options, |
1804 | int flags, int *activep, int depth) | 1830 | int flags, int *activep, int *want_final_pass, int depth) |
1805 | { | 1831 | { |
1806 | FILE *f; | 1832 | FILE *f; |
1807 | char *line = NULL; | 1833 | char *line = NULL; |
@@ -1835,7 +1861,8 @@ read_config_file_depth(const char *filename, struct passwd *pw, | |||
1835 | /* Update line number counter. */ | 1861 | /* Update line number counter. */ |
1836 | linenum++; | 1862 | linenum++; |
1837 | if (process_config_line_depth(options, pw, host, original_host, | 1863 | if (process_config_line_depth(options, pw, host, original_host, |
1838 | line, filename, linenum, activep, flags, depth) != 0) | 1864 | line, filename, linenum, activep, flags, want_final_pass, |
1865 | depth) != 0) | ||
1839 | bad_options++; | 1866 | bad_options++; |
1840 | } | 1867 | } |
1841 | free(line); | 1868 | free(line); |
@@ -1885,6 +1912,7 @@ initialize_options(Options * options) | |||
1885 | options->gss_renewal_rekey = -1; | 1912 | options->gss_renewal_rekey = -1; |
1886 | options->gss_client_identity = NULL; | 1913 | options->gss_client_identity = NULL; |
1887 | options->gss_server_identity = NULL; | 1914 | options->gss_server_identity = NULL; |
1915 | options->gss_kex_algorithms = NULL; | ||
1888 | options->password_authentication = -1; | 1916 | options->password_authentication = -1; |
1889 | options->kbd_interactive_authentication = -1; | 1917 | options->kbd_interactive_authentication = -1; |
1890 | options->kbd_interactive_devices = NULL; | 1918 | options->kbd_interactive_devices = NULL; |
@@ -2038,6 +2066,10 @@ fill_default_options(Options * options) | |||
2038 | options->gss_trust_dns = 0; | 2066 | options->gss_trust_dns = 0; |
2039 | if (options->gss_renewal_rekey == -1) | 2067 | if (options->gss_renewal_rekey == -1) |
2040 | options->gss_renewal_rekey = 0; | 2068 | options->gss_renewal_rekey = 0; |
2069 | #ifdef GSSAPI | ||
2070 | if (options->gss_kex_algorithms == NULL) | ||
2071 | options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); | ||
2072 | #endif | ||
2041 | if (options->password_authentication == -1) | 2073 | if (options->password_authentication == -1) |
2042 | options->password_authentication = 1; | 2074 | options->password_authentication = 1; |
2043 | if (options->kbd_interactive_authentication == -1) | 2075 | if (options->kbd_interactive_authentication == -1) |
@@ -2163,9 +2195,9 @@ fill_default_options(Options * options) | |||
2163 | defaults, all)) != 0) \ | 2195 | defaults, all)) != 0) \ |
2164 | fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ | 2196 | fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ |
2165 | } while (0) | 2197 | } while (0) |
2166 | ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); | 2198 | ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher); |
2167 | ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); | 2199 | ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac); |
2168 | ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); | 2200 | ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex); |
2169 | ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); | 2201 | ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); |
2170 | ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); | 2202 | ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); |
2171 | ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); | 2203 | ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig); |
@@ -2188,6 +2220,7 @@ fill_default_options(Options * options) | |||
2188 | CLEAR_ON_NONE(options->proxy_command); | 2220 | CLEAR_ON_NONE(options->proxy_command); |
2189 | CLEAR_ON_NONE(options->control_path); | 2221 | CLEAR_ON_NONE(options->control_path); |
2190 | CLEAR_ON_NONE(options->revoked_host_keys); | 2222 | CLEAR_ON_NONE(options->revoked_host_keys); |
2223 | CLEAR_ON_NONE(options->pkcs11_provider); | ||
2191 | if (options->jump_host != NULL && | 2224 | if (options->jump_host != NULL && |
2192 | strcmp(options->jump_host, "none") == 0 && | 2225 | strcmp(options->jump_host, "none") == 0 && |
2193 | options->jump_port == 0 && options->jump_user == NULL) { | 2226 | options->jump_port == 0 && options->jump_user == NULL) { |
@@ -2656,7 +2689,14 @@ dump_client_config(Options *o, const char *host) | |||
2656 | dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); | 2689 | dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); |
2657 | #ifdef GSSAPI | 2690 | #ifdef GSSAPI |
2658 | dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); | 2691 | dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); |
2692 | dump_cfg_fmtint(oGssKeyEx, o->gss_keyex); | ||
2659 | dump_cfg_fmtint(oGssDelegateCreds, o->gss_deleg_creds); | 2693 | dump_cfg_fmtint(oGssDelegateCreds, o->gss_deleg_creds); |
2694 | dump_cfg_fmtint(oGssTrustDns, o->gss_trust_dns); | ||
2695 | dump_cfg_fmtint(oGssRenewalRekey, o->gss_renewal_rekey); | ||
2696 | dump_cfg_string(oGssClientIdentity, o->gss_client_identity); | ||
2697 | dump_cfg_string(oGssServerIdentity, o->gss_server_identity); | ||
2698 | dump_cfg_string(oGssKexAlgorithms, o->gss_kex_algorithms ? | ||
2699 | o->gss_kex_algorithms : GSS_KEX_DEFAULT_KEX); | ||
2660 | #endif /* GSSAPI */ | 2700 | #endif /* GSSAPI */ |
2661 | dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); | 2701 | dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); |
2662 | dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); | 2702 | dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); |
diff --git a/readconf.h b/readconf.h index 8e4900d01..0bff6d80a 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.128 2018/09/20 03:30:44 djm Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.129 2018/11/23 05:08:07 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -46,6 +46,7 @@ typedef struct { | |||
46 | int gss_renewal_rekey; /* Credential renewal forces rekey */ | 46 | int gss_renewal_rekey; /* Credential renewal forces rekey */ |
47 | char *gss_client_identity; /* Principal to initiate GSSAPI with */ | 47 | char *gss_client_identity; /* Principal to initiate GSSAPI with */ |
48 | char *gss_server_identity; /* GSSAPI target principal */ | 48 | char *gss_server_identity; /* GSSAPI target principal */ |
49 | char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ | ||
49 | int password_authentication; /* Try password | 50 | int password_authentication; /* Try password |
50 | * authentication. */ | 51 | * authentication. */ |
51 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ | 52 | int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ |
@@ -190,7 +191,7 @@ typedef struct { | |||
190 | 191 | ||
191 | #define SSHCONF_CHECKPERM 1 /* check permissions on config file */ | 192 | #define SSHCONF_CHECKPERM 1 /* check permissions on config file */ |
192 | #define SSHCONF_USERCONF 2 /* user provided config file not system */ | 193 | #define SSHCONF_USERCONF 2 /* user provided config file not system */ |
193 | #define SSHCONF_POSTCANON 4 /* After hostname canonicalisation */ | 194 | #define SSHCONF_FINAL 4 /* Final pass over config, after canon. */ |
194 | #define SSHCONF_NEVERMATCH 8 /* Match/Host never matches; internal only */ | 195 | #define SSHCONF_NEVERMATCH 8 /* Match/Host never matches; internal only */ |
195 | 196 | ||
196 | #define SSH_UPDATE_HOSTKEYS_NO 0 | 197 | #define SSH_UPDATE_HOSTKEYS_NO 0 |
@@ -208,7 +209,7 @@ void fill_default_options_for_canonicalization(Options *); | |||
208 | int process_config_line(Options *, struct passwd *, const char *, | 209 | int process_config_line(Options *, struct passwd *, const char *, |
209 | const char *, char *, const char *, int, int *, int); | 210 | const char *, char *, const char *, int, int *, int); |
210 | int read_config_file(const char *, struct passwd *, const char *, | 211 | int read_config_file(const char *, struct passwd *, const char *, |
211 | const char *, Options *, int); | 212 | const char *, Options *, int, int *); |
212 | int parse_forward(struct Forward *, const char *, int, int); | 213 | int parse_forward(struct Forward *, const char *, int, int); |
213 | int parse_jump(const char *, Options *, int); | 214 | int parse_jump(const char *, Options *, int); |
214 | int parse_ssh_uri(const char *, char **, char **, int *); | 215 | int parse_ssh_uri(const char *, char **, char **, int *); |
diff --git a/readpass.c b/readpass.c index f160f866b..44014ef8a 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readpass.c,v 1.52 2018/07/18 11:34:04 dtucker Exp $ */ | 1 | /* $OpenBSD: readpass.c,v 1.53 2019/01/19 04:15:56 tb Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -117,7 +117,7 @@ ssh_askpass(char *askpass, const char *msg) | |||
117 | char * | 117 | char * |
118 | read_passphrase(const char *prompt, int flags) | 118 | read_passphrase(const char *prompt, int flags) |
119 | { | 119 | { |
120 | char *askpass = NULL, *ret, buf[1024]; | 120 | char cr = '\r', *askpass = NULL, *ret, buf[1024]; |
121 | int rppflags, use_askpass = 0, ttyfd; | 121 | int rppflags, use_askpass = 0, ttyfd; |
122 | 122 | ||
123 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; | 123 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; |
@@ -131,9 +131,16 @@ read_passphrase(const char *prompt, int flags) | |||
131 | } else { | 131 | } else { |
132 | rppflags |= RPP_REQUIRE_TTY; | 132 | rppflags |= RPP_REQUIRE_TTY; |
133 | ttyfd = open(_PATH_TTY, O_RDWR); | 133 | ttyfd = open(_PATH_TTY, O_RDWR); |
134 | if (ttyfd >= 0) | 134 | if (ttyfd >= 0) { |
135 | /* | ||
136 | * If we're on a tty, ensure that show the prompt at | ||
137 | * the beginning of the line. This will hopefully | ||
138 | * clobber any password characters the user has | ||
139 | * optimistically typed before echo is disabled. | ||
140 | */ | ||
141 | (void)write(ttyfd, &cr, 1); | ||
135 | close(ttyfd); | 142 | close(ttyfd); |
136 | else { | 143 | } else { |
137 | debug("read_passphrase: can't open %s: %s", _PATH_TTY, | 144 | debug("read_passphrase: can't open %s: %s", _PATH_TTY, |
138 | strerror(errno)); | 145 | strerror(errno)); |
139 | use_askpass = 1; | 146 | use_askpass = 1; |
diff --git a/regress/Makefile b/regress/Makefile index 6e462a4f6..6fdfcc8ca 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.97 2018/06/07 04:46:34 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.100 2019/01/20 23:24:19 djm Exp $ |
2 | 2 | ||
3 | REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec | 3 | REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec |
4 | tests: prep $(REGRESS_TARGETS) | 4 | tests: prep $(REGRESS_TARGETS) |
@@ -11,7 +11,6 @@ prep: | |||
11 | 11 | ||
12 | clean: | 12 | clean: |
13 | for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done | 13 | for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done |
14 | test -z "${SUDO}" || ${SUDO} rm -f ${SUDO_CLEAN} | ||
15 | rm -rf $(OBJ).putty | 14 | rm -rf $(OBJ).putty |
16 | 15 | ||
17 | distclean: clean | 16 | distclean: clean |
@@ -92,7 +91,8 @@ LTESTS= connect \ | |||
92 | INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers | 91 | INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers |
93 | #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp | 92 | #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp |
94 | 93 | ||
95 | #LTESTS= cipher-speed | 94 | EXTRA_TESTS= agent-pkcs11 |
95 | #EXTRA_TESTS+= cipher-speed | ||
96 | 96 | ||
97 | USERNAME= ${LOGNAME} | 97 | USERNAME= ${LOGNAME} |
98 | CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ | 98 | CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ |
@@ -123,8 +123,6 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ | |||
123 | t8.out t8.out.pub t9.out t9.out.pub testdata \ | 123 | t8.out t8.out.pub t9.out t9.out.pub testdata \ |
124 | user_*key* user_ca* user_key* | 124 | user_*key* user_ca* user_key* |
125 | 125 | ||
126 | SUDO_CLEAN+= /var/run/testdata_${USERNAME} /var/run/keycommand_${USERNAME} | ||
127 | |||
128 | # Enable all malloc(3) randomisations and checks | 126 | # Enable all malloc(3) randomisations and checks |
129 | TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" | 127 | TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" |
130 | 128 | ||
@@ -218,6 +216,13 @@ t-exec-interop: ${INTEROP_TESTS:=.sh} | |||
218 | (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ | 216 | (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ |
219 | done | 217 | done |
220 | 218 | ||
219 | t-extra: ${EXTRA_TESTS:=.sh} | ||
220 | @if [ "x$?" = "x" ]; then exit 0; fi; \ | ||
221 | for TEST in ""$?; do \ | ||
222 | echo "run test $${TEST}" ... 1>&2; \ | ||
223 | (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ | ||
224 | done | ||
225 | |||
221 | # Not run by default | 226 | # Not run by default |
222 | interop: ${INTEROP_TARGETS} | 227 | interop: ${INTEROP_TARGETS} |
223 | 228 | ||
diff --git a/regress/agent-pkcs11.sh b/regress/agent-pkcs11.sh index db3018b88..5205d9067 100644 --- a/regress/agent-pkcs11.sh +++ b/regress/agent-pkcs11.sh | |||
@@ -1,16 +1,53 @@ | |||
1 | # $OpenBSD: agent-pkcs11.sh,v 1.3 2017/04/30 23:34:55 djm Exp $ | 1 | # $OpenBSD: agent-pkcs11.sh,v 1.6 2019/01/21 09:13:41 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="pkcs11 agent test" | 4 | tid="pkcs11 agent test" |
5 | 5 | ||
6 | TEST_SSH_PIN="" | 6 | try_token_libs() { |
7 | TEST_SSH_PKCS11=/usr/local/lib/soft-pkcs11.so.0.0 | 7 | for _lib in "$@" ; do |
8 | if test -f "$_lib" ; then | ||
9 | verbose "Using token library $_lib" | ||
10 | TEST_SSH_PKCS11="$_lib" | ||
11 | return | ||
12 | fi | ||
13 | done | ||
14 | echo "skipped: Unable to find PKCS#11 token library" | ||
15 | exit 0 | ||
16 | } | ||
17 | |||
18 | try_token_libs \ | ||
19 | /usr/local/lib/softhsm/libsofthsm2.so \ | ||
20 | /usr/lib64/pkcs11/libsofthsm2.so \ | ||
21 | /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so | ||
22 | |||
23 | TEST_SSH_PIN=1234 | ||
24 | TEST_SSH_SOPIN=12345678 | ||
25 | if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then | ||
26 | SSH_PKCS11_HELPER="${TEST_SSH_SSHPKCS11HELPER}" | ||
27 | export SSH_PKCS11_HELPER | ||
28 | fi | ||
8 | 29 | ||
9 | test -f "$TEST_SSH_PKCS11" || fatal "$TEST_SSH_PKCS11 does not exist" | 30 | test -f "$TEST_SSH_PKCS11" || fatal "$TEST_SSH_PKCS11 does not exist" |
10 | 31 | ||
11 | # setup environment for soft-pkcs11 token | 32 | # setup environment for softhsm2 token |
12 | SOFTPKCS11RC=$OBJ/pkcs11.info | 33 | DIR=$OBJ/SOFTHSM |
13 | export SOFTPKCS11RC | 34 | rm -rf $DIR |
35 | TOKEN=$DIR/tokendir | ||
36 | mkdir -p $TOKEN | ||
37 | SOFTHSM2_CONF=$DIR/softhsm2.conf | ||
38 | export SOFTHSM2_CONF | ||
39 | cat > $SOFTHSM2_CONF << EOF | ||
40 | # SoftHSM v2 configuration file | ||
41 | directories.tokendir = ${TOKEN} | ||
42 | objectstore.backend = file | ||
43 | # ERROR, WARNING, INFO, DEBUG | ||
44 | log.level = DEBUG | ||
45 | # If CKF_REMOVABLE_DEVICE flag should be set | ||
46 | slots.removable = false | ||
47 | EOF | ||
48 | out=$(softhsm2-util --init-token --free --label token-slot-0 --pin "$TEST_SSH_PIN" --so-pin "$TEST_SSH_SOPIN") | ||
49 | slot=$(echo -- $out | sed 's/.* //') | ||
50 | |||
14 | # prevent ssh-agent from calling ssh-askpass | 51 | # prevent ssh-agent from calling ssh-askpass |
15 | SSH_ASKPASS=/usr/bin/true | 52 | SSH_ASKPASS=/usr/bin/true |
16 | export SSH_ASKPASS | 53 | export SSH_ASKPASS |
@@ -22,22 +59,27 @@ notty() { | |||
22 | if (fork) { wait; exit($? >> 8); } else { exec(@ARGV) }' "$@" | 59 | if (fork) { wait; exit($? >> 8); } else { exec(@ARGV) }' "$@" |
23 | } | 60 | } |
24 | 61 | ||
62 | trace "generating keys" | ||
63 | RSA=${DIR}/RSA | ||
64 | EC=${DIR}/EC | ||
65 | openssl genpkey -algorithm rsa > $RSA | ||
66 | openssl pkcs8 -nocrypt -in $RSA |\ | ||
67 | softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" --import /dev/stdin | ||
68 | openssl genpkey \ | ||
69 | -genparam \ | ||
70 | -algorithm ec \ | ||
71 | -pkeyopt ec_paramgen_curve:prime256v1 |\ | ||
72 | openssl genpkey \ | ||
73 | -paramfile /dev/stdin > $EC | ||
74 | openssl pkcs8 -nocrypt -in $EC |\ | ||
75 | softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" --import /dev/stdin | ||
76 | |||
25 | trace "start agent" | 77 | trace "start agent" |
26 | eval `${SSHAGENT} -s` > /dev/null | 78 | eval `${SSHAGENT} -s` > /dev/null |
27 | r=$? | 79 | r=$? |
28 | if [ $r -ne 0 ]; then | 80 | if [ $r -ne 0 ]; then |
29 | fail "could not start ssh-agent: exit code $r" | 81 | fail "could not start ssh-agent: exit code $r" |
30 | else | 82 | else |
31 | trace "generating key/cert" | ||
32 | rm -f $OBJ/pkcs11.key $OBJ/pkcs11.crt | ||
33 | openssl genrsa -out $OBJ/pkcs11.key 2048 > /dev/null 2>&1 | ||
34 | chmod 600 $OBJ/pkcs11.key | ||
35 | openssl req -key $OBJ/pkcs11.key -new -x509 \ | ||
36 | -out $OBJ/pkcs11.crt -text -subj '/CN=pkcs11 test' > /dev/null | ||
37 | printf "a\ta\t$OBJ/pkcs11.crt\t$OBJ/pkcs11.key" > $SOFTPKCS11RC | ||
38 | # add to authorized keys | ||
39 | ${SSHKEYGEN} -y -f $OBJ/pkcs11.key > $OBJ/authorized_keys_$USER | ||
40 | |||
41 | trace "add pkcs11 key to agent" | 83 | trace "add pkcs11 key to agent" |
42 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 | 84 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 |
43 | r=$? | 85 | r=$? |
@@ -52,12 +94,23 @@ else | |||
52 | fail "ssh-add -l failed: exit code $r" | 94 | fail "ssh-add -l failed: exit code $r" |
53 | fi | 95 | fi |
54 | 96 | ||
55 | trace "pkcs11 connect via agent" | 97 | for k in $RSA $EC; do |
56 | ${SSH} -F $OBJ/ssh_proxy somehost exit 5 | 98 | trace "testing $k" |
57 | r=$? | 99 | chmod 600 $k |
58 | if [ $r -ne 5 ]; then | 100 | ssh-keygen -y -f $k > $k.pub |
59 | fail "ssh connect failed (exit code $r)" | 101 | pub=$(cat $k.pub) |
60 | fi | 102 | ${SSHADD} -L | grep -q "$pub" || fail "key $k missing in ssh-add -L" |
103 | ${SSHADD} -T $k.pub || fail "ssh-add -T with $k failed" | ||
104 | |||
105 | # add to authorized keys | ||
106 | cat $k.pub > $OBJ/authorized_keys_$USER | ||
107 | trace "pkcs11 connect via agent ($k)" | ||
108 | ${SSH} -F $OBJ/ssh_proxy somehost exit 5 | ||
109 | r=$? | ||
110 | if [ $r -ne 5 ]; then | ||
111 | fail "ssh connect failed (exit code $r)" | ||
112 | fi | ||
113 | done | ||
61 | 114 | ||
62 | trace "remove pkcs11 keys" | 115 | trace "remove pkcs11 keys" |
63 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 | 116 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 |
diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh index 9598c2032..80012f80c 100644 --- a/regress/agent-timeout.sh +++ b/regress/agent-timeout.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: agent-timeout.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ | 1 | # $OpenBSD: agent-timeout.sh,v 1.4 2019/01/28 00:08:26 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="agent timeout test" | 4 | tid="agent timeout test" |
@@ -12,16 +12,18 @@ if [ $r -ne 0 ]; then | |||
12 | fail "could not start ssh-agent: exit code $r" | 12 | fail "could not start ssh-agent: exit code $r" |
13 | else | 13 | else |
14 | trace "add keys with timeout" | 14 | trace "add keys with timeout" |
15 | keys=0 | ||
15 | for t in ${SSH_KEYTYPES}; do | 16 | for t in ${SSH_KEYTYPES}; do |
16 | ${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1 | 17 | ${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1 |
17 | if [ $? -ne 0 ]; then | 18 | if [ $? -ne 0 ]; then |
18 | fail "ssh-add did succeed exit code 0" | 19 | fail "ssh-add did succeed exit code 0" |
19 | fi | 20 | fi |
21 | keys=$((${keys} + 1)) | ||
20 | done | 22 | done |
21 | n=`${SSHADD} -l 2> /dev/null | wc -l` | 23 | n=`${SSHADD} -l 2> /dev/null | wc -l` |
22 | trace "agent has $n keys" | 24 | trace "agent has $n keys" |
23 | if [ $n -ne 2 ]; then | 25 | if [ $n -ne $keys ]; then |
24 | fail "ssh-add -l did not return 2 keys: $n" | 26 | fail "ssh-add -l did not return $keys keys: $n" |
25 | fi | 27 | fi |
26 | trace "sleeping 2*${SSHAGENT_TIMEOUT} seconds" | 28 | trace "sleeping 2*${SSHAGENT_TIMEOUT} seconds" |
27 | sleep ${SSHAGENT_TIMEOUT} | 29 | sleep ${SSHAGENT_TIMEOUT} |
diff --git a/regress/agent.sh b/regress/agent.sh index 7111056c9..788b02064 100644 --- a/regress/agent.sh +++ b/regress/agent.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: agent.sh,v 1.13 2017/12/19 00:49:30 djm Exp $ | 1 | # $OpenBSD: agent.sh,v 1.14 2019/01/28 00:12:36 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="simple agent test" | 4 | tid="simple agent test" |
@@ -27,6 +27,9 @@ ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key \ | |||
27 | trace "overwrite authorized keys" | 27 | trace "overwrite authorized keys" |
28 | printf '' > $OBJ/authorized_keys_$USER | 28 | printf '' > $OBJ/authorized_keys_$USER |
29 | 29 | ||
30 | echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/ssh_proxy | ||
31 | echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/sshd_proxy | ||
32 | |||
30 | for t in ${SSH_KEYTYPES}; do | 33 | for t in ${SSH_KEYTYPES}; do |
31 | # generate user key for agent | 34 | # generate user key for agent |
32 | rm -f $OBJ/$t-agent $OBJ/$t-agent.pub* | 35 | rm -f $OBJ/$t-agent $OBJ/$t-agent.pub* |
@@ -96,6 +99,7 @@ fi | |||
96 | (printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \ | 99 | (printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \ |
97 | > $OBJ/authorized_keys_$USER | 100 | > $OBJ/authorized_keys_$USER |
98 | for t in ${SSH_KEYTYPES}; do | 101 | for t in ${SSH_KEYTYPES}; do |
102 | if [ "$t" != "ssh-dss" ]; then | ||
99 | trace "connect via agent using $t key" | 103 | trace "connect via agent using $t key" |
100 | ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \ | 104 | ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \ |
101 | -oCertificateFile=$OBJ/$t-agent-cert.pub \ | 105 | -oCertificateFile=$OBJ/$t-agent-cert.pub \ |
@@ -104,6 +108,7 @@ for t in ${SSH_KEYTYPES}; do | |||
104 | if [ $r -ne 52 ]; then | 108 | if [ $r -ne 52 ]; then |
105 | fail "ssh connect with failed (exit code $r)" | 109 | fail "ssh connect with failed (exit code $r)" |
106 | fi | 110 | fi |
111 | fi | ||
107 | done | 112 | done |
108 | 113 | ||
109 | trace "delete all agent keys" | 114 | trace "delete all agent keys" |
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh index d2ecd318b..3ce777967 100644 --- a/regress/cert-hostkey.sh +++ b/regress/cert-hostkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-hostkey.sh,v 1.16 2018/07/03 11:43:49 djm Exp $ | 1 | # $OpenBSD: cert-hostkey.sh,v 1.17 2018/10/31 11:09:27 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified host keys" | 4 | tid="certified host keys" |
@@ -127,7 +127,7 @@ attempt_connect() { | |||
127 | } | 127 | } |
128 | 128 | ||
129 | # Basic connect and revocation tests. | 129 | # Basic connect and revocation tests. |
130 | for privsep in yes no ; do | 130 | for privsep in yes sandbox ; do |
131 | for ktype in $PLAIN_TYPES ; do | 131 | for ktype in $PLAIN_TYPES ; do |
132 | verbose "$tid: host ${ktype} cert connect privsep $privsep" | 132 | verbose "$tid: host ${ktype} cert connect privsep $privsep" |
133 | ( | 133 | ( |
@@ -165,7 +165,7 @@ for ktype in $PLAIN_TYPES ; do | |||
165 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig | 165 | kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig |
166 | done | 166 | done |
167 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert | 167 | cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert |
168 | for privsep in yes no ; do | 168 | for privsep in yes sandbox ; do |
169 | for ktype in $PLAIN_TYPES ; do | 169 | for ktype in $PLAIN_TYPES ; do |
170 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" | 170 | verbose "$tid: host ${ktype} revoked cert privsep $privsep" |
171 | ( | 171 | ( |
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh index 30c2c156d..6849e9922 100644 --- a/regress/cert-userkey.sh +++ b/regress/cert-userkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: cert-userkey.sh,v 1.19 2018/03/12 00:54:04 djm Exp $ | 1 | # $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="certified user keys" | 4 | tid="certified user keys" |
@@ -47,7 +47,7 @@ done | |||
47 | # Test explicitly-specified principals | 47 | # Test explicitly-specified principals |
48 | for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do | 48 | for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do |
49 | t=$(kname $ktype) | 49 | t=$(kname $ktype) |
50 | for privsep in yes no ; do | 50 | for privsep in yes sandbox ; do |
51 | _prefix="${ktype} privsep $privsep" | 51 | _prefix="${ktype} privsep $privsep" |
52 | 52 | ||
53 | # Setup for AuthorizedPrincipalsFile | 53 | # Setup for AuthorizedPrincipalsFile |
diff --git a/regress/keys-command.sh b/regress/keys-command.sh index 4029e2c78..d166fc589 100644 --- a/regress/keys-command.sh +++ b/regress/keys-command.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: keys-command.sh,v 1.4 2016/09/26 21:34:38 bluhm Exp $ | 1 | # $OpenBSD: keys-command.sh,v 1.5 2018/11/22 08:48:32 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="authorized keys from command" | 4 | tid="authorized keys from command" |
@@ -19,7 +19,8 @@ expected_key_fp=`$SSHKEYGEN -lf $OBJ/rsa.pub | awk '{ print $2 }'` | |||
19 | 19 | ||
20 | # Establish a AuthorizedKeysCommand in /var/run where it will have | 20 | # Establish a AuthorizedKeysCommand in /var/run where it will have |
21 | # acceptable directory permissions. | 21 | # acceptable directory permissions. |
22 | KEY_COMMAND="/var/run/keycommand_${LOGNAME}" | 22 | KEY_COMMAND="/var/run/keycommand_${LOGNAME}.$$" |
23 | trap "${SUDO} rm -f ${KEY_COMMAND}" 0 | ||
23 | cat << _EOF | $SUDO sh -c "rm -f '$KEY_COMMAND' ; cat > '$KEY_COMMAND'" | 24 | cat << _EOF | $SUDO sh -c "rm -f '$KEY_COMMAND' ; cat > '$KEY_COMMAND'" |
24 | #!/bin/sh | 25 | #!/bin/sh |
25 | echo args: "\$@" >> $OBJ/keys-command-args | 26 | echo args: "\$@" >> $OBJ/keys-command-args |
@@ -78,5 +79,3 @@ if [ -x $KEY_COMMAND ]; then | |||
78 | else | 79 | else |
79 | echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" | 80 | echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" |
80 | fi | 81 | fi |
81 | |||
82 | $SUDO rm -f $KEY_COMMAND | ||
diff --git a/regress/keyscan.sh b/regress/keyscan.sh index 3bde1219a..8940d24b6 100644 --- a/regress/keyscan.sh +++ b/regress/keyscan.sh | |||
@@ -1,14 +1,20 @@ | |||
1 | # $OpenBSD: keyscan.sh,v 1.6 2017/04/30 23:34:55 djm Exp $ | 1 | # $OpenBSD: keyscan.sh,v 1.9 2019/01/28 03:50:39 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="keyscan" | 4 | tid="keyscan" |
5 | 5 | ||
6 | # remove DSA hostkey | 6 | KEYTYPES=`${SSH} -Q key-plain` |
7 | rm -f ${OBJ}/host.dsa | 7 | for i in $KEYTYPES; do |
8 | if [ -z "$algs" ]; then | ||
9 | algs="$i" | ||
10 | else | ||
11 | algs="$algs,$i" | ||
12 | fi | ||
13 | done | ||
14 | echo "HostKeyAlgorithms $algs" >> $OBJ/sshd_config | ||
8 | 15 | ||
9 | start_sshd | 16 | start_sshd |
10 | 17 | ||
11 | KEYTYPES=`${SSH} -Q key-plain` | ||
12 | for t in $KEYTYPES; do | 18 | for t in $KEYTYPES; do |
13 | trace "keyscan type $t" | 19 | trace "keyscan type $t" |
14 | ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \ | 20 | ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \ |
diff --git a/regress/misc/kexfuzz/Makefile b/regress/misc/kexfuzz/Makefile index a7bb6b70d..20802cb87 100644 --- a/regress/misc/kexfuzz/Makefile +++ b/regress/misc/kexfuzz/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.3 2017/12/21 05:46:35 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.4 2019/01/21 12:50:12 djm Exp $ |
2 | 2 | ||
3 | .include <bsd.own.mk> | 3 | .include <bsd.own.mk> |
4 | .include <bsd.obj.mk> | 4 | .include <bsd.obj.mk> |
@@ -18,12 +18,21 @@ SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c | |||
18 | SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c | 18 | SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c |
19 | SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c | 19 | SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c |
20 | SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c | 20 | SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c |
21 | SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c | 21 | SRCS+=compat.c ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c |
22 | SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c | ||
23 | SRCS+=dh.c compat.c | ||
24 | SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c | ||
25 | SRCS+=cipher-chachapoly.c chacha.c poly1305.c | 22 | SRCS+=cipher-chachapoly.c chacha.c poly1305.c |
26 | SRCS+=smult_curve25519_ref.c | 23 | |
24 | SRCS+= kex.c | ||
25 | SRCS+= dh.c | ||
26 | SRCS+= kexdh.c | ||
27 | SRCS+= kexecdh.c | ||
28 | SRCS+= kexgex.c | ||
29 | SRCS+= kexgexc.c | ||
30 | SRCS+= kexgexs.c | ||
31 | SRCS+= kexc25519.c | ||
32 | SRCS+= smult_curve25519_ref.c | ||
33 | SRCS+= kexgen.c | ||
34 | SRCS+= kexsntrup4591761x25519.c | ||
35 | SRCS+= sntrup4591761.c | ||
27 | 36 | ||
28 | SRCS+=digest-openssl.c | 37 | SRCS+=digest-openssl.c |
29 | #SRCS+=digest-libc.c | 38 | #SRCS+=digest-libc.c |
diff --git a/regress/misc/kexfuzz/kexfuzz.c b/regress/misc/kexfuzz/kexfuzz.c index 3e2c48160..7051e87b1 100644 --- a/regress/misc/kexfuzz/kexfuzz.c +++ b/regress/misc/kexfuzz/kexfuzz.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexfuzz.c,v 1.4 2017/04/30 23:34:55 djm Exp $ */ | 1 | /* $OpenBSD: kexfuzz.c,v 1.5 2019/01/21 12:50:12 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Fuzz harness for KEX code | 3 | * Fuzz harness for KEX code |
4 | * | 4 | * |
@@ -29,8 +29,6 @@ | |||
29 | #include "authfile.h" | 29 | #include "authfile.h" |
30 | #include "log.h" | 30 | #include "log.h" |
31 | 31 | ||
32 | struct ssh *active_state = NULL; /* XXX - needed for linking */ | ||
33 | |||
34 | void kex_tests(void); | 32 | void kex_tests(void); |
35 | static int do_debug = 0; | 33 | static int do_debug = 0; |
36 | 34 | ||
@@ -275,18 +273,18 @@ do_kex_with_key(const char *kex, struct sshkey *prvkey, int *c2s, int *s2c, | |||
275 | ASSERT_PTR_NE(server2->kex, NULL); | 273 | ASSERT_PTR_NE(server2->kex, NULL); |
276 | /* XXX we need to set the callbacks */ | 274 | /* XXX we need to set the callbacks */ |
277 | #ifdef WITH_OPENSSL | 275 | #ifdef WITH_OPENSSL |
278 | server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 276 | server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
279 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 277 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
280 | server2->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | 278 | server2->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
281 | server2->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | 279 | server2->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
282 | server2->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | 280 | server2->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
283 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 281 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
284 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 282 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
285 | # ifdef OPENSSL_HAS_ECC | 283 | # ifdef OPENSSL_HAS_ECC |
286 | server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 284 | server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
287 | # endif | 285 | # endif |
288 | #endif | 286 | #endif |
289 | server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 287 | server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
290 | server2->kex->load_host_public_key = server->kex->load_host_public_key; | 288 | server2->kex->load_host_public_key = server->kex->load_host_public_key; |
291 | server2->kex->load_host_private_key = server->kex->load_host_private_key; | 289 | server2->kex->load_host_private_key = server->kex->load_host_private_key; |
292 | server2->kex->sign = server->kex->sign; | 290 | server2->kex->sign = server->kex->sign; |
diff --git a/regress/multiplex.sh b/regress/multiplex.sh index a6fad8eb8..de357c4d5 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: multiplex.sh,v 1.28 2017/04/30 23:34:55 djm Exp $ | 1 | # $OpenBSD: multiplex.sh,v 1.29 2019/01/01 22:20:16 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | make_tmpdir | 4 | make_tmpdir |
@@ -142,7 +142,8 @@ ${SSH} -F $OBJ/ssh_config -p$P otherhost true \ | |||
142 | verbose "test $tid: cmd forward local (UNIX)" | 142 | verbose "test $tid: cmd forward local (UNIX)" |
143 | ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \ | 143 | ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \ |
144 | || fail "request local forward failed" | 144 | || fail "request local forward failed" |
145 | echo "" | $NC -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \ | 145 | echo "" | $NC -U $OBJ/unix-1.fwd | \ |
146 | grep "Invalid SSH identification string" >/dev/null 2>&1 \ | ||
146 | || fail "connect to local forward path failed" | 147 | || fail "connect to local forward path failed" |
147 | ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \ | 148 | ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \ |
148 | || fail "cancel local forward failed" | 149 | || fail "cancel local forward failed" |
@@ -153,7 +154,8 @@ rm -f $OBJ/unix-1.fwd | |||
153 | verbose "test $tid: cmd forward remote (UNIX)" | 154 | verbose "test $tid: cmd forward remote (UNIX)" |
154 | ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \ | 155 | ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \ |
155 | || fail "request remote forward failed" | 156 | || fail "request remote forward failed" |
156 | echo "" | $NC -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \ | 157 | echo "" | $NC -U $OBJ/unix-1.fwd | \ |
158 | grep "Invalid SSH identification string" >/dev/null 2>&1 \ | ||
157 | || fail "connect to remote forwarded path failed" | 159 | || fail "connect to remote forwarded path failed" |
158 | ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \ | 160 | ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \ |
159 | || fail "cancel remote forward failed" | 161 | || fail "cancel remote forward failed" |
diff --git a/regress/multipubkey.sh b/regress/multipubkey.sh index e9d15306f..4d443ec45 100644 --- a/regress/multipubkey.sh +++ b/regress/multipubkey.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: multipubkey.sh,v 1.1 2014/12/22 08:06:03 djm Exp $ | 1 | # $OpenBSD: multipubkey.sh,v 1.2 2018/10/31 11:09:27 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="multiple pubkey" | 4 | tid="multiple pubkey" |
@@ -31,7 +31,7 @@ grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy | |||
31 | opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes" | 31 | opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes" |
32 | opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2" | 32 | opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2" |
33 | 33 | ||
34 | for privsep in no yes; do | 34 | for privsep in yes sandbox ; do |
35 | ( | 35 | ( |
36 | grep -v "Protocol" $OBJ/sshd_proxy.orig | 36 | grep -v "Protocol" $OBJ/sshd_proxy.orig |
37 | echo "Protocol 2" | 37 | echo "Protocol 2" |
diff --git a/regress/principals-command.sh b/regress/principals-command.sh index bcc68e80b..197c00021 100644 --- a/regress/principals-command.sh +++ b/regress/principals-command.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: principals-command.sh,v 1.4 2017/04/30 23:34:55 djm Exp $ | 1 | # $OpenBSD: principals-command.sh,v 1.6 2018/11/22 08:48:32 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="authorized principals command" | 4 | tid="authorized principals command" |
@@ -30,7 +30,8 @@ CA_FP=`${SSHKEYGEN} -lf $OBJ/user_ca_key.pub | awk '{ print $2 }'` | |||
30 | 30 | ||
31 | # Establish a AuthorizedPrincipalsCommand in /var/run where it will have | 31 | # Establish a AuthorizedPrincipalsCommand in /var/run where it will have |
32 | # acceptable directory permissions. | 32 | # acceptable directory permissions. |
33 | PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}" | 33 | PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}.$$" |
34 | trap "$SUDO rm -f ${PRINCIPALS_COMMAND}" 0 | ||
34 | cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'" | 35 | cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'" |
35 | #!/bin/sh | 36 | #!/bin/sh |
36 | test "x\$1" != "x${LOGNAME}" && exit 1 | 37 | test "x\$1" != "x${LOGNAME}" && exit 1 |
@@ -57,7 +58,7 @@ fi | |||
57 | 58 | ||
58 | if [ -x $PRINCIPALS_COMMAND ]; then | 59 | if [ -x $PRINCIPALS_COMMAND ]; then |
59 | # Test explicitly-specified principals | 60 | # Test explicitly-specified principals |
60 | for privsep in yes no ; do | 61 | for privsep in yes sandbox ; do |
61 | _prefix="privsep $privsep" | 62 | _prefix="privsep $privsep" |
62 | 63 | ||
63 | # Setup for AuthorizedPrincipalsCommand | 64 | # Setup for AuthorizedPrincipalsCommand |
diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh index ba5bd1efb..5acc4d2de 100644 --- a/regress/sftp-chroot.sh +++ b/regress/sftp-chroot.sh | |||
@@ -1,11 +1,12 @@ | |||
1 | # $OpenBSD: sftp-chroot.sh,v 1.6 2018/02/09 03:42:57 dtucker Exp $ | 1 | # $OpenBSD: sftp-chroot.sh,v 1.7 2018/11/22 08:48:32 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="sftp in chroot" | 4 | tid="sftp in chroot" |
5 | 5 | ||
6 | CHROOT=/var/run | 6 | CHROOT=/var/run |
7 | FILENAME=testdata_${USER} | 7 | FILENAME=testdata_${USER}.$$ |
8 | PRIVDATA=${CHROOT}/${FILENAME} | 8 | PRIVDATA=${CHROOT}/${FILENAME} |
9 | trap "${SUDO} rm -f ${PRIVDATA}" 0 | ||
9 | 10 | ||
10 | if [ -z "$SUDO" -a ! -w /var/run ]; then | 11 | if [ -z "$SUDO" -a ! -w /var/run ]; then |
11 | echo "need SUDO to create file in /var/run, test won't work without" | 12 | echo "need SUDO to create file in /var/run, test won't work without" |
@@ -28,5 +29,3 @@ ${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ | |||
28 | >>$TEST_REGRESS_LOGFILE 2>&1 || \ | 29 | >>$TEST_REGRESS_LOGFILE 2>&1 || \ |
29 | fatal "Fetch ${FILENAME} failed" | 30 | fatal "Fetch ${FILENAME} failed" |
30 | cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" | 31 | cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" |
31 | |||
32 | $SUDO rm $PRIVDATA | ||
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh index aad7fcac2..1289c4089 100644 --- a/regress/sftp-cmds.sh +++ b/regress/sftp-cmds.sh | |||
@@ -77,7 +77,6 @@ echo "get \"$DATA\" $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ | |||
77 | || fail "get failed" | 77 | || fail "get failed" |
78 | cmp $DATA ${COPY} || fail "corrupted copy after get" | 78 | cmp $DATA ${COPY} || fail "corrupted copy after get" |
79 | 79 | ||
80 | if [ "$os" != "cygwin" ]; then | ||
81 | rm -f ${QUOTECOPY} | 80 | rm -f ${QUOTECOPY} |
82 | cp $DATA ${QUOTECOPY} | 81 | cp $DATA ${QUOTECOPY} |
83 | verbose "$tid: get filename with quotes" | 82 | verbose "$tid: get filename with quotes" |
@@ -85,7 +84,6 @@ echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 | |||
85 | || fail "get failed" | 84 | || fail "get failed" |
86 | cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes" | 85 | cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes" |
87 | rm -f ${QUOTECOPY} ${COPY} | 86 | rm -f ${QUOTECOPY} ${COPY} |
88 | fi | ||
89 | 87 | ||
90 | rm -f "$SPACECOPY" ${COPY} | 88 | rm -f "$SPACECOPY" ${COPY} |
91 | cp $DATA "$SPACECOPY" | 89 | cp $DATA "$SPACECOPY" |
@@ -136,13 +134,11 @@ echo "put $DATA $COPY" | \ | |||
136 | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" | 134 | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" |
137 | cmp $DATA ${COPY} || fail "corrupted copy after put" | 135 | cmp $DATA ${COPY} || fail "corrupted copy after put" |
138 | 136 | ||
139 | if [ "$os" != "cygwin" ]; then | ||
140 | rm -f ${QUOTECOPY} | 137 | rm -f ${QUOTECOPY} |
141 | verbose "$tid: put filename with quotes" | 138 | verbose "$tid: put filename with quotes" |
142 | echo "put $DATA \"$QUOTECOPY_ARG\"" | \ | 139 | echo "put $DATA \"$QUOTECOPY_ARG\"" | \ |
143 | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" | 140 | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed" |
144 | cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes" | 141 | cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes" |
145 | fi | ||
146 | 142 | ||
147 | rm -f "$SPACECOPY" | 143 | rm -f "$SPACECOPY" |
148 | verbose "$tid: put filename with spaces" | 144 | verbose "$tid: put filename with spaces" |
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 1bbd47f25..08338121b 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: test-exec.sh,v 1.64 2018/08/10 01:35:49 dtucker Exp $ | 1 | # $OpenBSD: test-exec.sh,v 1.65 2019/01/27 06:30:53 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | #SUDO=sudo | 4 | #SUDO=sudo |
@@ -12,10 +12,6 @@ OSF1*) | |||
12 | BIN_SH=xpg4 | 12 | BIN_SH=xpg4 |
13 | export BIN_SH | 13 | export BIN_SH |
14 | ;; | 14 | ;; |
15 | CYGWIN_NT-5.0) | ||
16 | os=cygwin | ||
17 | TEST_SSH_IPV6=no | ||
18 | ;; | ||
19 | CYGWIN*) | 15 | CYGWIN*) |
20 | os=cygwin | 16 | os=cygwin |
21 | ;; | 17 | ;; |
@@ -469,11 +465,11 @@ fi | |||
469 | 465 | ||
470 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER | 466 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER |
471 | 467 | ||
472 | SSH_KEYTYPES="rsa ed25519" | 468 | SSH_KEYTYPES=`$SSH -Q key-plain` |
473 | 469 | ||
474 | trace "generate keys" | ||
475 | for t in ${SSH_KEYTYPES}; do | 470 | for t in ${SSH_KEYTYPES}; do |
476 | # generate user key | 471 | # generate user key |
472 | trace "generating key type $t" | ||
477 | if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then | 473 | if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then |
478 | rm -f $OBJ/$t | 474 | rm -f $OBJ/$t |
479 | ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ | 475 | ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ |
diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc index b509f4452..428ef6836 100644 --- a/regress/unittests/Makefile.inc +++ b/regress/unittests/Makefile.inc | |||
@@ -1,8 +1,25 @@ | |||
1 | # $OpenBSD: Makefile.inc,v 1.12 2017/12/21 00:41:22 djm Exp $ | 1 | # $OpenBSD: Makefile.inc,v 1.13 2018/10/17 23:28:05 djm Exp $ |
2 | |||
3 | REGRESS_FAIL_EARLY?= yes | ||
2 | 4 | ||
3 | .include <bsd.own.mk> | 5 | .include <bsd.own.mk> |
4 | .include <bsd.obj.mk> | 6 | .include <bsd.obj.mk> |
5 | 7 | ||
8 | # User-settable options | ||
9 | UNITTEST_FAST?= no # Skip slow tests (e.g. less intensive fuzzing). | ||
10 | UNITTEST_SLOW?= no # Include slower tests (e.g. more intensive fuzzing). | ||
11 | UNITTEST_VERBOSE?= no # Verbose test output (inc. per-test names). | ||
12 | |||
13 | MALLOC_OPTIONS?= CFGJRSUX | ||
14 | TEST_ENV?= MALLOC_OPTIONS=${MALLOC_OPTIONS} | ||
15 | |||
16 | # XXX detect from ssh binary? | ||
17 | OPENSSL?= yes | ||
18 | |||
19 | .if (${OPENSSL:L} == "yes") | ||
20 | CFLAGS+= -DWITH_OPENSSL | ||
21 | .endif | ||
22 | |||
6 | # enable warnings | 23 | # enable warnings |
7 | WARNINGS=Yes | 24 | WARNINGS=Yes |
8 | 25 | ||
@@ -49,5 +66,21 @@ DPADD+=${.CURDIR}/../test_helper/libtest_helper.a | |||
49 | 66 | ||
50 | .PATH: ${.CURDIR}/${SSHREL} | 67 | .PATH: ${.CURDIR}/${SSHREL} |
51 | 68 | ||
69 | LDADD+= -lutil | ||
70 | DPADD+= ${LIBUTIL} | ||
71 | |||
72 | .if (${OPENSSL:L} == "yes") | ||
52 | LDADD+= -lcrypto | 73 | LDADD+= -lcrypto |
53 | DPADD+= ${LIBCRYPTO} | 74 | DPADD+= ${LIBCRYPTO} |
75 | .endif | ||
76 | |||
77 | UNITTEST_ARGS?= | ||
78 | |||
79 | .if (${UNITTEST_VERBOSE:L} != "no") | ||
80 | UNITTEST_ARGS+= -v | ||
81 | .endif | ||
82 | .if (${UNITTEST_FAST:L} != "no") | ||
83 | UNITTEST_ARGS+= -f | ||
84 | .elif (${UNITTEST_SLOW:L} != "no") | ||
85 | UNITTEST_ARGS+= -F | ||
86 | .endif | ||
diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile index 5c61307a3..7b4c644e5 100644 --- a/regress/unittests/kex/Makefile +++ b/regress/unittests/kex/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.6 2019/01/21 12:35:20 djm Exp $ |
2 | 2 | ||
3 | PROG=test_kex | 3 | PROG=test_kex |
4 | SRCS=tests.c test_kex.c | 4 | SRCS=tests.c test_kex.c |
@@ -9,12 +9,21 @@ SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c | |||
9 | SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c | 9 | SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c |
10 | SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c | 10 | SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c |
11 | SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c | 11 | SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c |
12 | SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c | 12 | SRCS+=compat.c ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c |
13 | SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c | ||
14 | SRCS+=dh.c compat.c | ||
15 | SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c | ||
16 | SRCS+=cipher-chachapoly.c chacha.c poly1305.c | 13 | SRCS+=cipher-chachapoly.c chacha.c poly1305.c |
17 | SRCS+=smult_curve25519_ref.c | 14 | |
15 | SRCS+= kex.c | ||
16 | SRCS+= dh.c | ||
17 | SRCS+= kexdh.c | ||
18 | SRCS+= kexecdh.c | ||
19 | SRCS+= kexgex.c | ||
20 | SRCS+= kexgexc.c | ||
21 | SRCS+= kexgexs.c | ||
22 | SRCS+= kexc25519.c | ||
23 | SRCS+= smult_curve25519_ref.c | ||
24 | SRCS+= kexgen.c | ||
25 | SRCS+= kexsntrup4591761x25519.c | ||
26 | SRCS+= sntrup4591761.c | ||
18 | 27 | ||
19 | SRCS+=digest-openssl.c | 28 | SRCS+=digest-openssl.c |
20 | #SRCS+=digest-libc.c | 29 | #SRCS+=digest-libc.c |
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c index 6e5999bb9..a860efc02 100644 --- a/regress/unittests/kex/test_kex.c +++ b/regress/unittests/kex/test_kex.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_kex.c,v 1.2 2015/07/10 06:23:25 markus Exp $ */ | 1 | /* $OpenBSD: test_kex.c,v 1.4 2019/01/21 12:35:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test KEX | 3 | * Regress test KEX |
4 | * | 4 | * |
@@ -24,8 +24,6 @@ | |||
24 | #include "packet.h" | 24 | #include "packet.h" |
25 | #include "myproposal.h" | 25 | #include "myproposal.h" |
26 | 26 | ||
27 | struct ssh *active_state = NULL; /* XXX - needed for linking */ | ||
28 | |||
29 | void kex_tests(void); | 27 | void kex_tests(void); |
30 | static int do_debug = 0; | 28 | static int do_debug = 0; |
31 | 29 | ||
@@ -139,20 +137,19 @@ do_kex_with_key(char *kex, int keytype, int bits) | |||
139 | ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0); | 137 | ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0); |
140 | ASSERT_PTR_NE(server2, NULL); | 138 | ASSERT_PTR_NE(server2, NULL); |
141 | ASSERT_INT_EQ(ssh_add_hostkey(server2, private), 0); | 139 | ASSERT_INT_EQ(ssh_add_hostkey(server2, private), 0); |
142 | kex_free(server2->kex); /* XXX or should ssh_packet_set_state()? */ | ||
143 | ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0); | 140 | ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0); |
144 | ASSERT_INT_EQ(sshbuf_len(state), 0); | 141 | ASSERT_INT_EQ(sshbuf_len(state), 0); |
145 | sshbuf_free(state); | 142 | sshbuf_free(state); |
146 | ASSERT_PTR_NE(server2->kex, NULL); | 143 | ASSERT_PTR_NE(server2->kex, NULL); |
147 | /* XXX we need to set the callbacks */ | 144 | /* XXX we need to set the callbacks */ |
148 | server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 145 | server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
149 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 146 | server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
150 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 147 | server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
151 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 148 | server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
152 | #ifdef OPENSSL_HAS_ECC | 149 | #ifdef OPENSSL_HAS_ECC |
153 | server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 150 | server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
154 | #endif | 151 | #endif |
155 | server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 152 | server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
156 | server2->kex->load_host_public_key = server->kex->load_host_public_key; | 153 | server2->kex->load_host_public_key = server->kex->load_host_public_key; |
157 | server2->kex->load_host_private_key = server->kex->load_host_private_key; | 154 | server2->kex->load_host_private_key = server->kex->load_host_private_key; |
158 | server2->kex->sign = server->kex->sign; | 155 | server2->kex->sign = server->kex->sign; |
diff --git a/regress/unittests/sshbuf/Makefile b/regress/unittests/sshbuf/Makefile index 81d4f27a6..0e8e9fd10 100644 --- a/regress/unittests/sshbuf/Makefile +++ b/regress/unittests/sshbuf/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.6 2017/12/21 00:41:22 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.7 2018/10/17 23:28:05 djm Exp $ |
2 | 2 | ||
3 | .include <bsd.regress.mk> | 3 | .include <bsd.regress.mk> |
4 | 4 | ||
@@ -17,6 +17,5 @@ SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c | |||
17 | SRCS+=atomicio.c | 17 | SRCS+=atomicio.c |
18 | 18 | ||
19 | run-regress-${PROG}: ${PROG} | 19 | run-regress-${PROG}: ${PROG} |
20 | env ${TEST_ENV} ./${PROG} | 20 | env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} |
21 | |||
22 | 21 | ||
diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c index c52376b53..e236c82f9 100644 --- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_sshbuf_fuzz.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */ | 1 | /* $OpenBSD: test_sshbuf_fuzz.c,v 1.2 2018/10/17 23:28:05 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test for sshbuf.h buffer API | 3 | * Regress test for sshbuf.h buffer API |
4 | * | 4 | * |
@@ -30,10 +30,15 @@ sshbuf_fuzz_tests(void) | |||
30 | { | 30 | { |
31 | struct sshbuf *p1; | 31 | struct sshbuf *p1; |
32 | u_char *dp; | 32 | u_char *dp; |
33 | size_t sz, sz2, i; | 33 | size_t sz, sz2, i, ntests = NUM_FUZZ_TESTS; |
34 | u_int32_t r; | 34 | u_int32_t r; |
35 | int ret; | 35 | int ret; |
36 | 36 | ||
37 | if (test_is_fast()) | ||
38 | ntests >>= 2; | ||
39 | if (test_is_slow()) | ||
40 | ntests <<= 2; | ||
41 | |||
37 | /* NB. uses sshbuf internals */ | 42 | /* NB. uses sshbuf internals */ |
38 | TEST_START("fuzz alloc/dealloc"); | 43 | TEST_START("fuzz alloc/dealloc"); |
39 | p1 = sshbuf_new(); | 44 | p1 = sshbuf_new(); |
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c index a68e1329e..5d39e63e1 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */ | 1 | /* $OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test for sshbuf.h buffer API | 3 | * Regress test for sshbuf.h buffer API |
4 | * | 4 | * |
@@ -33,7 +33,6 @@ sshbuf_getput_crypto_tests(void) | |||
33 | { | 33 | { |
34 | struct sshbuf *p1; | 34 | struct sshbuf *p1; |
35 | BIGNUM *bn, *bn2; | 35 | BIGNUM *bn, *bn2; |
36 | /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */ | ||
37 | const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10"; | 36 | const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10"; |
38 | /* This one has MSB set to test bignum2 encoding negative-avoidance */ | 37 | /* This one has MSB set to test bignum2 encoding negative-avoidance */ |
39 | const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11"; | 38 | const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11"; |
@@ -77,54 +76,6 @@ sshbuf_getput_crypto_tests(void) | |||
77 | ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \ | 76 | ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \ |
78 | } while (0) | 77 | } while (0) |
79 | 78 | ||
80 | TEST_START("sshbuf_put_bignum1"); | ||
81 | MKBN(hexbn1, bn); | ||
82 | p1 = sshbuf_new(); | ||
83 | ASSERT_PTR_NE(p1, NULL); | ||
84 | ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0); | ||
85 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 2); | ||
86 | ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn)); | ||
87 | ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn1, sizeof(expbn1)); | ||
88 | BN_free(bn); | ||
89 | sshbuf_free(p1); | ||
90 | TEST_DONE(); | ||
91 | |||
92 | TEST_START("sshbuf_put_bignum1 limited"); | ||
93 | MKBN(hexbn1, bn); | ||
94 | p1 = sshbuf_new(); | ||
95 | ASSERT_PTR_NE(p1, NULL); | ||
96 | ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0); | ||
97 | r = sshbuf_put_bignum1(p1, bn); | ||
98 | ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE); | ||
99 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); | ||
100 | BN_free(bn); | ||
101 | sshbuf_free(p1); | ||
102 | TEST_DONE(); | ||
103 | |||
104 | TEST_START("sshbuf_put_bignum1 bn2"); | ||
105 | MKBN(hexbn2, bn); | ||
106 | p1 = sshbuf_new(); | ||
107 | ASSERT_PTR_NE(p1, NULL); | ||
108 | ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0); | ||
109 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 2); | ||
110 | ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn)); | ||
111 | ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn2, sizeof(expbn2)); | ||
112 | BN_free(bn); | ||
113 | sshbuf_free(p1); | ||
114 | TEST_DONE(); | ||
115 | |||
116 | TEST_START("sshbuf_put_bignum1 bn2 limited"); | ||
117 | MKBN(hexbn2, bn); | ||
118 | p1 = sshbuf_new(); | ||
119 | ASSERT_PTR_NE(p1, NULL); | ||
120 | ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0); | ||
121 | r = sshbuf_put_bignum1(p1, bn); | ||
122 | ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE); | ||
123 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0); | ||
124 | BN_free(bn); | ||
125 | sshbuf_free(p1); | ||
126 | TEST_DONE(); | ||
127 | |||
128 | TEST_START("sshbuf_put_bignum2"); | 79 | TEST_START("sshbuf_put_bignum2"); |
129 | MKBN(hexbn1, bn); | 80 | MKBN(hexbn1, bn); |
130 | p1 = sshbuf_new(); | 81 | p1 = sshbuf_new(); |
@@ -174,88 +125,6 @@ sshbuf_getput_crypto_tests(void) | |||
174 | sshbuf_free(p1); | 125 | sshbuf_free(p1); |
175 | TEST_DONE(); | 126 | TEST_DONE(); |
176 | 127 | ||
177 | TEST_START("sshbuf_get_bignum1"); | ||
178 | MKBN(hexbn1, bn); | ||
179 | p1 = sshbuf_new(); | ||
180 | ASSERT_PTR_NE(p1, NULL); | ||
181 | ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0); | ||
182 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0); | ||
183 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1)); | ||
184 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); | ||
185 | bn2 = BN_new(); | ||
186 | ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0); | ||
187 | ASSERT_BIGNUM_EQ(bn, bn2); | ||
188 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); | ||
189 | BN_free(bn); | ||
190 | BN_free(bn2); | ||
191 | sshbuf_free(p1); | ||
192 | TEST_DONE(); | ||
193 | |||
194 | TEST_START("sshbuf_get_bignum1 truncated"); | ||
195 | MKBN(hexbn1, bn); | ||
196 | p1 = sshbuf_new(); | ||
197 | ASSERT_PTR_NE(p1, NULL); | ||
198 | ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0); | ||
199 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0); | ||
200 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1); | ||
201 | bn2 = BN_new(); | ||
202 | r = sshbuf_get_bignum1(p1, bn2); | ||
203 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); | ||
204 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1); | ||
205 | BN_free(bn); | ||
206 | BN_free(bn2); | ||
207 | sshbuf_free(p1); | ||
208 | TEST_DONE(); | ||
209 | |||
210 | TEST_START("sshbuf_get_bignum1 giant"); | ||
211 | MKBN(hexbn1, bn); | ||
212 | p1 = sshbuf_new(); | ||
213 | ASSERT_PTR_NE(p1, NULL); | ||
214 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xffff), 0); | ||
215 | ASSERT_INT_EQ(sshbuf_reserve(p1, (0xffff + 7) / 8, NULL), 0); | ||
216 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8)); | ||
217 | bn2 = BN_new(); | ||
218 | r = sshbuf_get_bignum1(p1, bn2); | ||
219 | ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE); | ||
220 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8)); | ||
221 | BN_free(bn); | ||
222 | BN_free(bn2); | ||
223 | sshbuf_free(p1); | ||
224 | TEST_DONE(); | ||
225 | |||
226 | TEST_START("sshbuf_get_bignum1 bn2"); | ||
227 | MKBN(hexbn2, bn); | ||
228 | p1 = sshbuf_new(); | ||
229 | ASSERT_PTR_NE(p1, NULL); | ||
230 | ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0); | ||
231 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0); | ||
232 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2)); | ||
233 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); | ||
234 | bn2 = BN_new(); | ||
235 | ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0); | ||
236 | ASSERT_BIGNUM_EQ(bn, bn2); | ||
237 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); | ||
238 | BN_free(bn); | ||
239 | BN_free(bn2); | ||
240 | sshbuf_free(p1); | ||
241 | TEST_DONE(); | ||
242 | |||
243 | TEST_START("sshbuf_get_bignum1 bn2 truncated"); | ||
244 | MKBN(hexbn2, bn); | ||
245 | p1 = sshbuf_new(); | ||
246 | ASSERT_PTR_NE(p1, NULL); | ||
247 | ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0); | ||
248 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0); | ||
249 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1); | ||
250 | bn2 = BN_new(); | ||
251 | r = sshbuf_get_bignum1(p1, bn2); | ||
252 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); | ||
253 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1); | ||
254 | BN_free(bn); | ||
255 | BN_free(bn2); | ||
256 | sshbuf_free(p1); | ||
257 | TEST_DONE(); | ||
258 | |||
259 | TEST_START("sshbuf_get_bignum2"); | 128 | TEST_START("sshbuf_get_bignum2"); |
260 | MKBN(hexbn1, bn); | 129 | MKBN(hexbn1, bn); |
261 | p1 = sshbuf_new(); | 130 | p1 = sshbuf_new(); |
@@ -264,8 +133,8 @@ sshbuf_getput_crypto_tests(void) | |||
264 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0); | 133 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0); |
265 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1)); | 134 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1)); |
266 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); | 135 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); |
267 | bn2 = BN_new(); | 136 | bn2 = NULL; |
268 | ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0); | 137 | ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0); |
269 | ASSERT_BIGNUM_EQ(bn, bn2); | 138 | ASSERT_BIGNUM_EQ(bn, bn2); |
270 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); | 139 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); |
271 | BN_free(bn); | 140 | BN_free(bn); |
@@ -279,8 +148,8 @@ sshbuf_getput_crypto_tests(void) | |||
279 | ASSERT_PTR_NE(p1, NULL); | 148 | ASSERT_PTR_NE(p1, NULL); |
280 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0); | 149 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0); |
281 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0); | 150 | ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0); |
282 | bn2 = BN_new(); | 151 | bn2 = NULL; |
283 | r = sshbuf_get_bignum2(p1, bn2); | 152 | r = sshbuf_get_bignum2(p1, &bn2); |
284 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); | 153 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); |
285 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3); | 154 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3); |
286 | BN_free(bn); | 155 | BN_free(bn); |
@@ -294,8 +163,8 @@ sshbuf_getput_crypto_tests(void) | |||
294 | ASSERT_PTR_NE(p1, NULL); | 163 | ASSERT_PTR_NE(p1, NULL); |
295 | ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0); | 164 | ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0); |
296 | ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0); | 165 | ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0); |
297 | bn2 = BN_new(); | 166 | bn2 = NULL; |
298 | r = sshbuf_get_bignum2(p1, bn2); | 167 | r = sshbuf_get_bignum2(p1, &bn2); |
299 | ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE); | 168 | ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE); |
300 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4); | 169 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4); |
301 | BN_free(bn); | 170 | BN_free(bn); |
@@ -312,8 +181,8 @@ sshbuf_getput_crypto_tests(void) | |||
312 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0); | 181 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0); |
313 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2)); | 182 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2)); |
314 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); | 183 | ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0); |
315 | bn2 = BN_new(); | 184 | bn2 = NULL; |
316 | ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0); | 185 | ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0); |
317 | ASSERT_BIGNUM_EQ(bn, bn2); | 186 | ASSERT_BIGNUM_EQ(bn, bn2); |
318 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); | 187 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2); |
319 | BN_free(bn); | 188 | BN_free(bn); |
@@ -328,8 +197,8 @@ sshbuf_getput_crypto_tests(void) | |||
328 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0); | 197 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0); |
329 | ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0); | 198 | ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0); |
330 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0); | 199 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0); |
331 | bn2 = BN_new(); | 200 | bn2 = NULL; |
332 | r = sshbuf_get_bignum2(p1, bn2); | 201 | r = sshbuf_get_bignum2(p1, &bn2); |
333 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); | 202 | ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE); |
334 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1); | 203 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1); |
335 | BN_free(bn); | 204 | BN_free(bn); |
@@ -343,8 +212,8 @@ sshbuf_getput_crypto_tests(void) | |||
343 | ASSERT_PTR_NE(p1, NULL); | 212 | ASSERT_PTR_NE(p1, NULL); |
344 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0); | 213 | ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0); |
345 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0); | 214 | ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0); |
346 | bn2 = BN_new(); | 215 | bn2 = NULL; |
347 | r = sshbuf_get_bignum2(p1, bn2); | 216 | r = sshbuf_get_bignum2(p1, &bn2); |
348 | ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE); | 217 | ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE); |
349 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4); | 218 | ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4); |
350 | BN_free(bn); | 219 | BN_free(bn); |
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c index c6b5c29d1..ca06bfb00 100644 --- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c +++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.2 2014/05/02 02:54:00 djm Exp $ */ | 1 | /* $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Regress test for sshbuf.h buffer API | 3 | * Regress test for sshbuf.h buffer API |
4 | * | 4 | * |
@@ -54,11 +54,8 @@ attempt_parse_blob(u_char *blob, size_t len) | |||
54 | bzero(s, l); | 54 | bzero(s, l); |
55 | free(s); | 55 | free(s); |
56 | } | 56 | } |
57 | bn = BN_new(); | 57 | bn = NULL; |
58 | sshbuf_get_bignum1(p1, bn); | 58 | sshbuf_get_bignum2(p1, &bn); |
59 | BN_clear_free(bn); | ||
60 | bn = BN_new(); | ||
61 | sshbuf_get_bignum2(p1, bn); | ||
62 | BN_clear_free(bn); | 59 | BN_clear_free(bn); |
63 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) | 60 | #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) |
64 | eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); | 61 | eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
@@ -92,10 +89,6 @@ sshbuf_getput_fuzz_tests(void) | |||
92 | /* string */ | 89 | /* string */ |
93 | 0x00, 0x00, 0x00, 0x09, | 90 | 0x00, 0x00, 0x00, 0x09, |
94 | 'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!', | 91 | 'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!', |
95 | /* bignum1 */ | ||
96 | 0x79, | ||
97 | 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, | ||
98 | 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, | ||
99 | /* bignum2 */ | 92 | /* bignum2 */ |
100 | 0x00, 0x00, 0x00, 0x14, | 93 | 0x00, 0x00, 0x00, 0x14, |
101 | 0x00, | 94 | 0x00, |
@@ -115,11 +108,15 @@ sshbuf_getput_fuzz_tests(void) | |||
115 | 0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4, | 108 | 0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4, |
116 | }; | 109 | }; |
117 | struct fuzz *fuzz; | 110 | struct fuzz *fuzz; |
111 | u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP | | ||
112 | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | | ||
113 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END; | ||
114 | |||
115 | if (test_is_fast()) | ||
116 | fuzzers &= ~(FUZZ_2_BYTE_FLIP|FUZZ_2_BIT_FLIP); | ||
118 | 117 | ||
119 | TEST_START("fuzz blob parsing"); | 118 | TEST_START("fuzz blob parsing"); |
120 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP | | 119 | fuzz = fuzz_begin(fuzzers, blob, sizeof(blob)); |
121 | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | | ||
122 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, blob, sizeof(blob)); | ||
123 | TEST_ONERROR(onerror, fuzz); | 120 | TEST_ONERROR(onerror, fuzz); |
124 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) | 121 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) |
125 | attempt_parse_blob(blob, sizeof(blob)); | 122 | attempt_parse_blob(blob, sizeof(blob)); |
diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile index 1c940bec6..aa731df1c 100644 --- a/regress/unittests/sshkey/Makefile +++ b/regress/unittests/sshkey/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.6 2018/10/17 23:28:05 djm Exp $ |
2 | 2 | ||
3 | PROG=test_sshkey | 3 | PROG=test_sshkey |
4 | SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c | 4 | SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c |
@@ -18,7 +18,7 @@ SRCS+=digest-openssl.c | |||
18 | REGRESS_TARGETS=run-regress-${PROG} | 18 | REGRESS_TARGETS=run-regress-${PROG} |
19 | 19 | ||
20 | run-regress-${PROG}: ${PROG} | 20 | run-regress-${PROG}: ${PROG} |
21 | env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata | 21 | env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata |
22 | 22 | ||
23 | .include <bsd.regress.mk> | 23 | .include <bsd.regress.mk> |
24 | 24 | ||
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c index d3b0c92b4..5953de595 100644 --- a/regress/unittests/sshkey/test_fuzz.c +++ b/regress/unittests/sshkey/test_fuzz.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_fuzz.c,v 1.8 2017/12/21 00:41:22 djm Exp $ */ | 1 | /* $OpenBSD: test_fuzz.c,v 1.9 2018/10/17 23:28:05 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Fuzz tests for key parsing | 3 | * Fuzz tests for key parsing |
4 | * | 4 | * |
@@ -51,14 +51,16 @@ public_fuzz(struct sshkey *k) | |||
51 | struct sshkey *k1; | 51 | struct sshkey *k1; |
52 | struct sshbuf *buf; | 52 | struct sshbuf *buf; |
53 | struct fuzz *fuzz; | 53 | struct fuzz *fuzz; |
54 | u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | | ||
55 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END; | ||
54 | 56 | ||
57 | if (test_is_fast()) | ||
58 | fuzzers &= ~FUZZ_1_BIT_FLIP; | ||
59 | if (test_is_slow()) | ||
60 | fuzzers |= FUZZ_2_BIT_FLIP | FUZZ_2_BYTE_FLIP; | ||
55 | ASSERT_PTR_NE(buf = sshbuf_new(), NULL); | 61 | ASSERT_PTR_NE(buf = sshbuf_new(), NULL); |
56 | ASSERT_INT_EQ(sshkey_putb(k, buf), 0); | 62 | ASSERT_INT_EQ(sshkey_putb(k, buf), 0); |
57 | /* XXX need a way to run the tests in "slow, but complete" mode */ | 63 | fuzz = fuzz_begin(fuzzers, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); |
58 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */ | ||
59 | FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */ | ||
60 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, | ||
61 | sshbuf_mutable_ptr(buf), sshbuf_len(buf)); | ||
62 | ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf), | 64 | ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf), |
63 | &k1), 0); | 65 | &k1), 0); |
64 | sshkey_free(k1); | 66 | sshkey_free(k1); |
@@ -77,12 +79,17 @@ sig_fuzz(struct sshkey *k, const char *sig_alg) | |||
77 | struct fuzz *fuzz; | 79 | struct fuzz *fuzz; |
78 | u_char *sig, c[] = "some junk to be signed"; | 80 | u_char *sig, c[] = "some junk to be signed"; |
79 | size_t l; | 81 | size_t l; |
82 | u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | | ||
83 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END; | ||
84 | |||
85 | if (test_is_fast()) | ||
86 | fuzzers &= ~FUZZ_2_BYTE_FLIP; | ||
87 | if (test_is_slow()) | ||
88 | fuzzers |= FUZZ_2_BIT_FLIP; | ||
80 | 89 | ||
81 | ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0); | 90 | ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0); |
82 | ASSERT_SIZE_T_GT(l, 0); | 91 | ASSERT_SIZE_T_GT(l, 0); |
83 | fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */ | 92 | fuzz = fuzz_begin(fuzzers, sig, l); |
84 | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | | ||
85 | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sig, l); | ||
86 | ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0); | 93 | ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0); |
87 | free(sig); | 94 | free(sig); |
88 | TEST_ONERROR(onerror, fuzz); | 95 | TEST_ONERROR(onerror, fuzz); |
@@ -96,13 +103,15 @@ sig_fuzz(struct sshkey *k, const char *sig_alg) | |||
96 | fuzz_cleanup(fuzz); | 103 | fuzz_cleanup(fuzz); |
97 | } | 104 | } |
98 | 105 | ||
106 | #define NUM_FAST_BASE64_TESTS 1024 | ||
107 | |||
99 | void | 108 | void |
100 | sshkey_fuzz_tests(void) | 109 | sshkey_fuzz_tests(void) |
101 | { | 110 | { |
102 | struct sshkey *k1; | 111 | struct sshkey *k1; |
103 | struct sshbuf *buf, *fuzzed; | 112 | struct sshbuf *buf, *fuzzed; |
104 | struct fuzz *fuzz; | 113 | struct fuzz *fuzz; |
105 | int r; | 114 | int r, i; |
106 | 115 | ||
107 | 116 | ||
108 | TEST_START("fuzz RSA private"); | 117 | TEST_START("fuzz RSA private"); |
@@ -114,12 +123,14 @@ sshkey_fuzz_tests(void) | |||
114 | sshbuf_free(buf); | 123 | sshbuf_free(buf); |
115 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 124 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
116 | TEST_ONERROR(onerror, fuzz); | 125 | TEST_ONERROR(onerror, fuzz); |
117 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 126 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
118 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 127 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
119 | ASSERT_INT_EQ(r, 0); | 128 | ASSERT_INT_EQ(r, 0); |
120 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 129 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
121 | sshkey_free(k1); | 130 | sshkey_free(k1); |
122 | sshbuf_reset(fuzzed); | 131 | sshbuf_reset(fuzzed); |
132 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
133 | break; | ||
123 | } | 134 | } |
124 | sshbuf_free(fuzzed); | 135 | sshbuf_free(fuzzed); |
125 | fuzz_cleanup(fuzz); | 136 | fuzz_cleanup(fuzz); |
@@ -134,12 +145,14 @@ sshkey_fuzz_tests(void) | |||
134 | sshbuf_free(buf); | 145 | sshbuf_free(buf); |
135 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 146 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
136 | TEST_ONERROR(onerror, fuzz); | 147 | TEST_ONERROR(onerror, fuzz); |
137 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 148 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
138 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 149 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
139 | ASSERT_INT_EQ(r, 0); | 150 | ASSERT_INT_EQ(r, 0); |
140 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 151 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
141 | sshkey_free(k1); | 152 | sshkey_free(k1); |
142 | sshbuf_reset(fuzzed); | 153 | sshbuf_reset(fuzzed); |
154 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
155 | break; | ||
143 | } | 156 | } |
144 | sshbuf_free(fuzzed); | 157 | sshbuf_free(fuzzed); |
145 | fuzz_cleanup(fuzz); | 158 | fuzz_cleanup(fuzz); |
@@ -154,12 +167,14 @@ sshkey_fuzz_tests(void) | |||
154 | sshbuf_free(buf); | 167 | sshbuf_free(buf); |
155 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 168 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
156 | TEST_ONERROR(onerror, fuzz); | 169 | TEST_ONERROR(onerror, fuzz); |
157 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 170 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
158 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 171 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
159 | ASSERT_INT_EQ(r, 0); | 172 | ASSERT_INT_EQ(r, 0); |
160 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 173 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
161 | sshkey_free(k1); | 174 | sshkey_free(k1); |
162 | sshbuf_reset(fuzzed); | 175 | sshbuf_reset(fuzzed); |
176 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
177 | break; | ||
163 | } | 178 | } |
164 | sshbuf_free(fuzzed); | 179 | sshbuf_free(fuzzed); |
165 | fuzz_cleanup(fuzz); | 180 | fuzz_cleanup(fuzz); |
@@ -174,12 +189,14 @@ sshkey_fuzz_tests(void) | |||
174 | sshbuf_free(buf); | 189 | sshbuf_free(buf); |
175 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 190 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
176 | TEST_ONERROR(onerror, fuzz); | 191 | TEST_ONERROR(onerror, fuzz); |
177 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 192 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
178 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 193 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
179 | ASSERT_INT_EQ(r, 0); | 194 | ASSERT_INT_EQ(r, 0); |
180 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 195 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
181 | sshkey_free(k1); | 196 | sshkey_free(k1); |
182 | sshbuf_reset(fuzzed); | 197 | sshbuf_reset(fuzzed); |
198 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
199 | break; | ||
183 | } | 200 | } |
184 | sshbuf_free(fuzzed); | 201 | sshbuf_free(fuzzed); |
185 | fuzz_cleanup(fuzz); | 202 | fuzz_cleanup(fuzz); |
@@ -195,12 +212,14 @@ sshkey_fuzz_tests(void) | |||
195 | sshbuf_free(buf); | 212 | sshbuf_free(buf); |
196 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 213 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
197 | TEST_ONERROR(onerror, fuzz); | 214 | TEST_ONERROR(onerror, fuzz); |
198 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 215 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
199 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 216 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
200 | ASSERT_INT_EQ(r, 0); | 217 | ASSERT_INT_EQ(r, 0); |
201 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 218 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
202 | sshkey_free(k1); | 219 | sshkey_free(k1); |
203 | sshbuf_reset(fuzzed); | 220 | sshbuf_reset(fuzzed); |
221 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
222 | break; | ||
204 | } | 223 | } |
205 | sshbuf_free(fuzzed); | 224 | sshbuf_free(fuzzed); |
206 | fuzz_cleanup(fuzz); | 225 | fuzz_cleanup(fuzz); |
@@ -215,12 +234,14 @@ sshkey_fuzz_tests(void) | |||
215 | sshbuf_free(buf); | 234 | sshbuf_free(buf); |
216 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 235 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
217 | TEST_ONERROR(onerror, fuzz); | 236 | TEST_ONERROR(onerror, fuzz); |
218 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 237 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
219 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 238 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
220 | ASSERT_INT_EQ(r, 0); | 239 | ASSERT_INT_EQ(r, 0); |
221 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 240 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
222 | sshkey_free(k1); | 241 | sshkey_free(k1); |
223 | sshbuf_reset(fuzzed); | 242 | sshbuf_reset(fuzzed); |
243 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
244 | break; | ||
224 | } | 245 | } |
225 | sshbuf_free(fuzzed); | 246 | sshbuf_free(fuzzed); |
226 | fuzz_cleanup(fuzz); | 247 | fuzz_cleanup(fuzz); |
@@ -236,12 +257,14 @@ sshkey_fuzz_tests(void) | |||
236 | sshbuf_free(buf); | 257 | sshbuf_free(buf); |
237 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); | 258 | ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); |
238 | TEST_ONERROR(onerror, fuzz); | 259 | TEST_ONERROR(onerror, fuzz); |
239 | for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { | 260 | for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) { |
240 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); | 261 | r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); |
241 | ASSERT_INT_EQ(r, 0); | 262 | ASSERT_INT_EQ(r, 0); |
242 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) | 263 | if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) |
243 | sshkey_free(k1); | 264 | sshkey_free(k1); |
244 | sshbuf_reset(fuzzed); | 265 | sshbuf_reset(fuzzed); |
266 | if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS) | ||
267 | break; | ||
245 | } | 268 | } |
246 | sshbuf_free(fuzzed); | 269 | sshbuf_free(fuzzed); |
247 | fuzz_cleanup(fuzz); | 270 | fuzz_cleanup(fuzz); |
diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c index 13f265cdb..78aa9223d 100644 --- a/regress/unittests/sshkey/tests.c +++ b/regress/unittests/sshkey/tests.c | |||
@@ -7,8 +7,6 @@ | |||
7 | 7 | ||
8 | #include "includes.h" | 8 | #include "includes.h" |
9 | 9 | ||
10 | #include <openssl/evp.h> | ||
11 | |||
12 | #include "../test_helper/test_helper.h" | 10 | #include "../test_helper/test_helper.h" |
13 | 11 | ||
14 | void sshkey_tests(void); | 12 | void sshkey_tests(void); |
@@ -18,9 +16,6 @@ void sshkey_fuzz_tests(void); | |||
18 | void | 16 | void |
19 | tests(void) | 17 | tests(void) |
20 | { | 18 | { |
21 | OpenSSL_add_all_algorithms(); | ||
22 | ERR_load_CRYPTO_strings(); | ||
23 | |||
24 | sshkey_tests(); | 19 | sshkey_tests(); |
25 | sshkey_file_tests(); | 20 | sshkey_file_tests(); |
26 | sshkey_fuzz_tests(); | 21 | sshkey_fuzz_tests(); |
diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index 4cc70852c..e7a47b265 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_helper.c,v 1.8 2018/02/08 08:46:20 djm Exp $ */ | 1 | /* $OpenBSD: test_helper.c,v 1.11 2018/11/23 02:53:57 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller <djm@mindrot.org> | 3 | * Copyright (c) 2011 Damien Miller <djm@mindrot.org> |
4 | * | 4 | * |
@@ -35,11 +35,13 @@ | |||
35 | #include <signal.h> | 35 | #include <signal.h> |
36 | 36 | ||
37 | #include <openssl/bn.h> | 37 | #include <openssl/bn.h> |
38 | #include <openssl/err.h> | ||
38 | 39 | ||
39 | #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) | 40 | #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) |
40 | # include <vis.h> | 41 | # include <vis.h> |
41 | #endif | 42 | #endif |
42 | 43 | ||
44 | #include "entropy.h" | ||
43 | #include "test_helper.h" | 45 | #include "test_helper.h" |
44 | #include "atomicio.h" | 46 | #include "atomicio.h" |
45 | 47 | ||
@@ -115,12 +117,17 @@ static test_onerror_func_t *test_onerror = NULL; | |||
115 | static void *onerror_ctx = NULL; | 117 | static void *onerror_ctx = NULL; |
116 | static const char *data_dir = NULL; | 118 | static const char *data_dir = NULL; |
117 | static char subtest_info[512]; | 119 | static char subtest_info[512]; |
120 | static int fast = 0; | ||
121 | static int slow = 0; | ||
118 | 122 | ||
119 | int | 123 | int |
120 | main(int argc, char **argv) | 124 | main(int argc, char **argv) |
121 | { | 125 | { |
122 | int ch; | 126 | int ch; |
123 | 127 | ||
128 | seed_rng(); | ||
129 | ERR_load_CRYPTO_strings(); | ||
130 | |||
124 | /* Handle systems without __progname */ | 131 | /* Handle systems without __progname */ |
125 | if (__progname == NULL) { | 132 | if (__progname == NULL) { |
126 | __progname = strrchr(argv[0], '/'); | 133 | __progname = strrchr(argv[0], '/'); |
@@ -134,8 +141,14 @@ main(int argc, char **argv) | |||
134 | } | 141 | } |
135 | } | 142 | } |
136 | 143 | ||
137 | while ((ch = getopt(argc, argv, "vqd:")) != -1) { | 144 | while ((ch = getopt(argc, argv, "Ffvqd:")) != -1) { |
138 | switch (ch) { | 145 | switch (ch) { |
146 | case 'F': | ||
147 | slow = 1; | ||
148 | break; | ||
149 | case 'f': | ||
150 | fast = 1; | ||
151 | break; | ||
139 | case 'd': | 152 | case 'd': |
140 | data_dir = optarg; | 153 | data_dir = optarg; |
141 | break; | 154 | break; |
@@ -167,17 +180,29 @@ main(int argc, char **argv) | |||
167 | } | 180 | } |
168 | 181 | ||
169 | int | 182 | int |
170 | test_is_verbose() | 183 | test_is_verbose(void) |
171 | { | 184 | { |
172 | return verbose_mode; | 185 | return verbose_mode; |
173 | } | 186 | } |
174 | 187 | ||
175 | int | 188 | int |
176 | test_is_quiet() | 189 | test_is_quiet(void) |
177 | { | 190 | { |
178 | return quiet_mode; | 191 | return quiet_mode; |
179 | } | 192 | } |
180 | 193 | ||
194 | int | ||
195 | test_is_fast(void) | ||
196 | { | ||
197 | return fast; | ||
198 | } | ||
199 | |||
200 | int | ||
201 | test_is_slow(void) | ||
202 | { | ||
203 | return slow; | ||
204 | } | ||
205 | |||
181 | const char * | 206 | const char * |
182 | test_data_file(const char *name) | 207 | test_data_file(const char *name) |
183 | { | 208 | { |
diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h index 6da0066e9..1f893c8dd 100644 --- a/regress/unittests/test_helper/test_helper.h +++ b/regress/unittests/test_helper/test_helper.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: test_helper.h,v 1.8 2018/02/08 08:46:20 djm Exp $ */ | 1 | /* $OpenBSD: test_helper.h,v 1.9 2018/10/17 23:28:05 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller <djm@mindrot.org> | 3 | * Copyright (c) 2011 Damien Miller <djm@mindrot.org> |
4 | * | 4 | * |
@@ -45,6 +45,8 @@ void set_onerror_func(test_onerror_func_t *f, void *ctx); | |||
45 | void test_done(void); | 45 | void test_done(void); |
46 | int test_is_verbose(void); | 46 | int test_is_verbose(void); |
47 | int test_is_quiet(void); | 47 | int test_is_quiet(void); |
48 | int test_is_fast(void); | ||
49 | int test_is_slow(void); | ||
48 | void test_subtest_info(const char *fmt, ...) | 50 | void test_subtest_info(const char *fmt, ...) |
49 | __attribute__((format(printf, 1, 2))); | 51 | __attribute__((format(printf, 1, 2))); |
50 | void ssl_err_check(const char *file, int line); | 52 | void ssl_err_check(const char *file, int line); |
@@ -4,8 +4,9 @@ NAME | |||
4 | scp M-bM-^@M-^S secure copy (remote file copy program) | 4 | scp M-bM-^@M-^S secure copy (remote file copy program) |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] | 7 | scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file] |
8 | [-l limit] [-o ssh_option] [-P port] [-S program] source ... target | 8 | [-J destination] [-l limit] [-o ssh_option] [-P port] [-S program] |
9 | source ... target | ||
9 | 10 | ||
10 | DESCRIPTION | 11 | DESCRIPTION |
11 | scp copies files between hosts on a network. It uses ssh(1) for data | 12 | scp copies files between hosts on a network. It uses ssh(1) for data |
@@ -52,6 +53,14 @@ DESCRIPTION | |||
52 | key authentication is read. This option is directly passed to | 53 | key authentication is read. This option is directly passed to |
53 | ssh(1). | 54 | ssh(1). |
54 | 55 | ||
56 | -J destination | ||
57 | Connect to the target host by first making an scp connection to | ||
58 | the jump host described by destination and then establishing a | ||
59 | TCP forwarding to the ultimate destination from there. Multiple | ||
60 | jump hops may be specified separated by comma characters. This | ||
61 | is a shortcut to specify a ProxyJump configuration directive. | ||
62 | This option is directly passed to ssh(1). | ||
63 | |||
55 | -l limit | 64 | -l limit |
56 | Limits the used bandwidth, specified in Kbit/s. | 65 | Limits the used bandwidth, specified in Kbit/s. |
57 | 66 | ||
@@ -141,6 +150,16 @@ DESCRIPTION | |||
141 | Name of program to use for the encrypted connection. The program | 150 | Name of program to use for the encrypted connection. The program |
142 | must understand ssh(1) options. | 151 | must understand ssh(1) options. |
143 | 152 | ||
153 | -T Disable strict filename checking. By default when copying files | ||
154 | from a remote host to a local directory scp checks that the | ||
155 | received filenames match those requested on the command-line to | ||
156 | prevent the remote end from sending unexpected or unwanted files. | ||
157 | Because of differences in how various operating systems and | ||
158 | shells interpret filename wildcards, these checks may cause | ||
159 | wanted files to be rejected. This option disables these checks | ||
160 | at the expense of fully trusting that the server will not send | ||
161 | unexpected filenames. | ||
162 | |||
144 | -v Verbose mode. Causes scp and ssh(1) to print debugging messages | 163 | -v Verbose mode. Causes scp and ssh(1) to print debugging messages |
145 | about their progress. This is helpful in debugging connection, | 164 | about their progress. This is helpful in debugging connection, |
146 | authentication, and configuration problems. | 165 | authentication, and configuration problems. |
@@ -160,4 +179,4 @@ AUTHORS | |||
160 | Timo Rinne <tri@iki.fi> | 179 | Timo Rinne <tri@iki.fi> |
161 | Tatu Ylonen <ylo@cs.hut.fi> | 180 | Tatu Ylonen <ylo@cs.hut.fi> |
162 | 181 | ||
163 | OpenBSD 6.4 September 20, 2018 OpenBSD 6.4 | 182 | OpenBSD 6.5 January 26, 2019 OpenBSD 6.5 |
@@ -8,9 +8,9 @@ | |||
8 | .\" | 8 | .\" |
9 | .\" Created: Sun May 7 00:14:37 1995 ylo | 9 | .\" Created: Sun May 7 00:14:37 1995 ylo |
10 | .\" | 10 | .\" |
11 | .\" $OpenBSD: scp.1,v 1.81 2018/09/20 06:58:48 jmc Exp $ | 11 | .\" $OpenBSD: scp.1,v 1.85 2019/01/26 22:41:28 djm Exp $ |
12 | .\" | 12 | .\" |
13 | .Dd $Mdocdate: September 20 2018 $ | 13 | .Dd $Mdocdate: January 26 2019 $ |
14 | .Dt SCP 1 | 14 | .Dt SCP 1 |
15 | .Os | 15 | .Os |
16 | .Sh NAME | 16 | .Sh NAME |
@@ -22,6 +22,7 @@ | |||
22 | .Op Fl c Ar cipher | 22 | .Op Fl c Ar cipher |
23 | .Op Fl F Ar ssh_config | 23 | .Op Fl F Ar ssh_config |
24 | .Op Fl i Ar identity_file | 24 | .Op Fl i Ar identity_file |
25 | .Op Fl J Ar destination | ||
25 | .Op Fl l Ar limit | 26 | .Op Fl l Ar limit |
26 | .Op Fl o Ar ssh_option | 27 | .Op Fl o Ar ssh_option |
27 | .Op Fl P Ar port | 28 | .Op Fl P Ar port |
@@ -106,6 +107,19 @@ Selects the file from which the identity (private key) for public key | |||
106 | authentication is read. | 107 | authentication is read. |
107 | This option is directly passed to | 108 | This option is directly passed to |
108 | .Xr ssh 1 . | 109 | .Xr ssh 1 . |
110 | .It Fl J Ar destination | ||
111 | Connect to the target host by first making an | ||
112 | .Nm | ||
113 | connection to the jump host described by | ||
114 | .Ar destination | ||
115 | and then establishing a TCP forwarding to the ultimate destination from | ||
116 | there. | ||
117 | Multiple jump hops may be specified separated by comma characters. | ||
118 | This is a shortcut to specify a | ||
119 | .Cm ProxyJump | ||
120 | configuration directive. | ||
121 | This option is directly passed to | ||
122 | .Xr ssh 1 . | ||
109 | .It Fl l Ar limit | 123 | .It Fl l Ar limit |
110 | Limits the used bandwidth, specified in Kbit/s. | 124 | Limits the used bandwidth, specified in Kbit/s. |
111 | .It Fl o Ar ssh_option | 125 | .It Fl o Ar ssh_option |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -409,6 +409,8 @@ main(int argc, char **argv) | |||
409 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 409 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
410 | sanitise_stdfd(); | 410 | sanitise_stdfd(); |
411 | 411 | ||
412 | seed_rng(); | ||
413 | |||
412 | msetlocale(); | 414 | msetlocale(); |
413 | 415 | ||
414 | /* Copy argv, because we modify it */ | 416 | /* Copy argv, because we modify it */ |
@@ -432,7 +434,7 @@ main(int argc, char **argv) | |||
432 | 434 | ||
433 | fflag = Tflag = tflag = 0; | 435 | fflag = Tflag = tflag = 0; |
434 | while ((ch = getopt(argc, argv, | 436 | while ((ch = getopt(argc, argv, |
435 | "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { | 437 | "dfl:prtTvBCc:i:P:q12346S:o:F:J:")) != -1) { |
436 | switch (ch) { | 438 | switch (ch) { |
437 | /* User-visible flags. */ | 439 | /* User-visible flags. */ |
438 | case '1': | 440 | case '1': |
@@ -454,6 +456,7 @@ main(int argc, char **argv) | |||
454 | case 'c': | 456 | case 'c': |
455 | case 'i': | 457 | case 'i': |
456 | case 'F': | 458 | case 'F': |
459 | case 'J': | ||
457 | addargs(&remote_remote_args, "-%c", ch); | 460 | addargs(&remote_remote_args, "-%c", ch); |
458 | addargs(&remote_remote_args, "%s", optarg); | 461 | addargs(&remote_remote_args, "%s", optarg); |
459 | addargs(&args, "-%c", ch); | 462 | addargs(&args, "-%c", ch); |
@@ -1604,8 +1607,9 @@ void | |||
1604 | usage(void) | 1607 | usage(void) |
1605 | { | 1608 | { |
1606 | (void) fprintf(stderr, | 1609 | (void) fprintf(stderr, |
1607 | "usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n" | 1610 | "usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n" |
1608 | " [-l limit] [-o ssh_option] [-P port] [-S program] source ... target\n"); | 1611 | " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" |
1612 | " [-S program] source ... target\n"); | ||
1609 | exit(1); | 1613 | exit(1); |
1610 | } | 1614 | } |
1611 | 1615 | ||
diff --git a/servconf.c b/servconf.c index bf2669147..365e6ff1e 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,5 @@ | |||
1 | 1 | ||
2 | /* $OpenBSD: servconf.c,v 1.342 2018/09/20 23:40:16 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */ |
3 | /* | 3 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 5 | * All rights reserved |
@@ -64,6 +64,7 @@ | |||
64 | #include "auth.h" | 64 | #include "auth.h" |
65 | #include "myproposal.h" | 65 | #include "myproposal.h" |
66 | #include "digest.h" | 66 | #include "digest.h" |
67 | #include "ssh-gss.h" | ||
67 | 68 | ||
68 | static void add_listen_addr(ServerOptions *, const char *, | 69 | static void add_listen_addr(ServerOptions *, const char *, |
69 | const char *, int); | 70 | const char *, int); |
@@ -128,6 +129,7 @@ initialize_server_options(ServerOptions *options) | |||
128 | options->gss_cleanup_creds = -1; | 129 | options->gss_cleanup_creds = -1; |
129 | options->gss_strict_acceptor = -1; | 130 | options->gss_strict_acceptor = -1; |
130 | options->gss_store_rekey = -1; | 131 | options->gss_store_rekey = -1; |
132 | options->gss_kex_algorithms = NULL; | ||
131 | options->password_authentication = -1; | 133 | options->password_authentication = -1; |
132 | options->kbd_interactive_authentication = -1; | 134 | options->kbd_interactive_authentication = -1; |
133 | options->challenge_response_authentication = -1; | 135 | options->challenge_response_authentication = -1; |
@@ -224,26 +226,40 @@ assemble_algorithms(ServerOptions *o) | |||
224 | } | 226 | } |
225 | 227 | ||
226 | static void | 228 | static void |
227 | array_append(const char *file, const int line, const char *directive, | 229 | array_append2(const char *file, const int line, const char *directive, |
228 | char ***array, u_int *lp, const char *s) | 230 | char ***array, int **iarray, u_int *lp, const char *s, int i) |
229 | { | 231 | { |
230 | 232 | ||
231 | if (*lp >= INT_MAX) | 233 | if (*lp >= INT_MAX) |
232 | fatal("%s line %d: Too many %s entries", file, line, directive); | 234 | fatal("%s line %d: Too many %s entries", file, line, directive); |
233 | 235 | ||
236 | if (iarray != NULL) { | ||
237 | *iarray = xrecallocarray(*iarray, *lp, *lp + 1, | ||
238 | sizeof(**iarray)); | ||
239 | (*iarray)[*lp] = i; | ||
240 | } | ||
241 | |||
234 | *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array)); | 242 | *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array)); |
235 | (*array)[*lp] = xstrdup(s); | 243 | (*array)[*lp] = xstrdup(s); |
236 | (*lp)++; | 244 | (*lp)++; |
237 | } | 245 | } |
238 | 246 | ||
247 | static void | ||
248 | array_append(const char *file, const int line, const char *directive, | ||
249 | char ***array, u_int *lp, const char *s) | ||
250 | { | ||
251 | array_append2(file, line, directive, array, NULL, lp, s, 0); | ||
252 | } | ||
253 | |||
239 | void | 254 | void |
240 | servconf_add_hostkey(const char *file, const int line, | 255 | servconf_add_hostkey(const char *file, const int line, |
241 | ServerOptions *options, const char *path) | 256 | ServerOptions *options, const char *path, int userprovided) |
242 | { | 257 | { |
243 | char *apath = derelativise_path(path); | 258 | char *apath = derelativise_path(path); |
244 | 259 | ||
245 | array_append(file, line, "HostKey", | 260 | array_append2(file, line, "HostKey", |
246 | &options->host_key_files, &options->num_host_key_files, apath); | 261 | &options->host_key_files, &options->host_key_file_userprovided, |
262 | &options->num_host_key_files, apath, userprovided); | ||
247 | free(apath); | 263 | free(apath); |
248 | } | 264 | } |
249 | 265 | ||
@@ -271,16 +287,16 @@ fill_default_server_options(ServerOptions *options) | |||
271 | if (options->num_host_key_files == 0) { | 287 | if (options->num_host_key_files == 0) { |
272 | /* fill default hostkeys for protocols */ | 288 | /* fill default hostkeys for protocols */ |
273 | servconf_add_hostkey("[default]", 0, options, | 289 | servconf_add_hostkey("[default]", 0, options, |
274 | _PATH_HOST_RSA_KEY_FILE); | 290 | _PATH_HOST_RSA_KEY_FILE, 0); |
275 | #ifdef OPENSSL_HAS_ECC | 291 | #ifdef OPENSSL_HAS_ECC |
276 | servconf_add_hostkey("[default]", 0, options, | 292 | servconf_add_hostkey("[default]", 0, options, |
277 | _PATH_HOST_ECDSA_KEY_FILE); | 293 | _PATH_HOST_ECDSA_KEY_FILE, 0); |
278 | #endif | 294 | #endif |
279 | servconf_add_hostkey("[default]", 0, options, | 295 | servconf_add_hostkey("[default]", 0, options, |
280 | _PATH_HOST_ED25519_KEY_FILE); | 296 | _PATH_HOST_ED25519_KEY_FILE, 0); |
281 | #ifdef WITH_XMSS | 297 | #ifdef WITH_XMSS |
282 | servconf_add_hostkey("[default]", 0, options, | 298 | servconf_add_hostkey("[default]", 0, options, |
283 | _PATH_HOST_XMSS_KEY_FILE); | 299 | _PATH_HOST_XMSS_KEY_FILE, 0); |
284 | #endif /* WITH_XMSS */ | 300 | #endif /* WITH_XMSS */ |
285 | } | 301 | } |
286 | /* No certificates by default */ | 302 | /* No certificates by default */ |
@@ -348,6 +364,10 @@ fill_default_server_options(ServerOptions *options) | |||
348 | options->gss_strict_acceptor = 1; | 364 | options->gss_strict_acceptor = 1; |
349 | if (options->gss_store_rekey == -1) | 365 | if (options->gss_store_rekey == -1) |
350 | options->gss_store_rekey = 0; | 366 | options->gss_store_rekey = 0; |
367 | #ifdef GSSAPI | ||
368 | if (options->gss_kex_algorithms == NULL) | ||
369 | options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX); | ||
370 | #endif | ||
351 | if (options->password_authentication == -1) | 371 | if (options->password_authentication == -1) |
352 | options->password_authentication = 1; | 372 | options->password_authentication = 1; |
353 | if (options->kbd_interactive_authentication == -1) | 373 | if (options->kbd_interactive_authentication == -1) |
@@ -465,7 +485,6 @@ fill_default_server_options(ServerOptions *options) | |||
465 | options->compression = 0; | 485 | options->compression = 0; |
466 | } | 486 | } |
467 | #endif | 487 | #endif |
468 | |||
469 | } | 488 | } |
470 | 489 | ||
471 | /* Keyword tokens. */ | 490 | /* Keyword tokens. */ |
@@ -494,7 +513,7 @@ typedef enum { | |||
494 | sHostKeyAlgorithms, | 513 | sHostKeyAlgorithms, |
495 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, | 514 | sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, |
496 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, | 515 | sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, |
497 | sGssKeyEx, sGssStoreRekey, | 516 | sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey, |
498 | sAcceptEnv, sSetEnv, sPermitTunnel, | 517 | sAcceptEnv, sSetEnv, sPermitTunnel, |
499 | sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, | 518 | sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, |
500 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 519 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
@@ -574,6 +593,7 @@ static struct { | |||
574 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, | 593 | { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, |
575 | { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, | 594 | { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, |
576 | { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, | 595 | { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, |
596 | { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL }, | ||
577 | #else | 597 | #else |
578 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, | 598 | { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, |
579 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, | 599 | { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, |
@@ -581,6 +601,7 @@ static struct { | |||
581 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, | 601 | { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, |
582 | { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, | 602 | { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, |
583 | { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, | 603 | { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, |
604 | { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL }, | ||
584 | #endif | 605 | #endif |
585 | { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, | 606 | { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, |
586 | { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, | 607 | { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, |
@@ -723,7 +744,7 @@ derelativise_path(const char *path) | |||
723 | if (strcasecmp(path, "none") == 0) | 744 | if (strcasecmp(path, "none") == 0) |
724 | return xstrdup("none"); | 745 | return xstrdup("none"); |
725 | expanded = tilde_expand_filename(path, getuid()); | 746 | expanded = tilde_expand_filename(path, getuid()); |
726 | if (*expanded == '/') | 747 | if (path_absolute(expanded)) |
727 | return expanded; | 748 | return expanded; |
728 | if (getcwd(cwd, sizeof(cwd)) == NULL) | 749 | if (getcwd(cwd, sizeof(cwd)) == NULL) |
729 | fatal("%s: getcwd: %s", __func__, strerror(errno)); | 750 | fatal("%s: getcwd: %s", __func__, strerror(errno)); |
@@ -885,7 +906,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, | |||
885 | { | 906 | { |
886 | u_int i; | 907 | u_int i; |
887 | int port; | 908 | int port; |
888 | char *host, *arg, *oarg; | 909 | char *host, *arg, *oarg, ch; |
889 | int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; | 910 | int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; |
890 | const char *what = lookup_opcode_name(opcode); | 911 | const char *what = lookup_opcode_name(opcode); |
891 | 912 | ||
@@ -903,8 +924,9 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, | |||
903 | /* Otherwise treat it as a list of permitted host:port */ | 924 | /* Otherwise treat it as a list of permitted host:port */ |
904 | for (i = 0; i < num_opens; i++) { | 925 | for (i = 0; i < num_opens; i++) { |
905 | oarg = arg = xstrdup(opens[i]); | 926 | oarg = arg = xstrdup(opens[i]); |
906 | host = hpdelim(&arg); | 927 | ch = '\0'; |
907 | if (host == NULL) | 928 | host = hpdelim2(&arg, &ch); |
929 | if (host == NULL || ch == '/') | ||
908 | fatal("%s: missing host in %s", __func__, what); | 930 | fatal("%s: missing host in %s", __func__, what); |
909 | host = cleanhostname(host); | 931 | host = cleanhostname(host); |
910 | if (arg == NULL || ((port = permitopen_port(arg)) < 0)) | 932 | if (arg == NULL || ((port = permitopen_port(arg)) < 0)) |
@@ -930,12 +952,11 @@ process_permitopen(struct ssh *ssh, ServerOptions *options) | |||
930 | } | 952 | } |
931 | 953 | ||
932 | struct connection_info * | 954 | struct connection_info * |
933 | get_connection_info(int populate, int use_dns) | 955 | get_connection_info(struct ssh *ssh, int populate, int use_dns) |
934 | { | 956 | { |
935 | struct ssh *ssh = active_state; /* XXX */ | ||
936 | static struct connection_info ci; | 957 | static struct connection_info ci; |
937 | 958 | ||
938 | if (!populate) | 959 | if (ssh == NULL || !populate) |
939 | return &ci; | 960 | return &ci; |
940 | ci.host = auth_get_canonical_hostname(ssh, use_dns); | 961 | ci.host = auth_get_canonical_hostname(ssh, use_dns); |
941 | ci.address = ssh_remote_ipaddr(ssh); | 962 | ci.address = ssh_remote_ipaddr(ssh); |
@@ -1056,7 +1077,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
1056 | } | 1077 | } |
1057 | if (ci->user == NULL) | 1078 | if (ci->user == NULL) |
1058 | match_test_missing_fatal("User", "user"); | 1079 | match_test_missing_fatal("User", "user"); |
1059 | if (match_pattern_list(ci->user, arg, 0) != 1) | 1080 | if (match_usergroup_pattern_list(ci->user, arg) != 1) |
1060 | result = 0; | 1081 | result = 0; |
1061 | else | 1082 | else |
1062 | debug("user %.100s matched 'User %.100s' at " | 1083 | debug("user %.100s matched 'User %.100s' at " |
@@ -1222,7 +1243,7 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1222 | const char *filename, int linenum, int *activep, | 1243 | const char *filename, int linenum, int *activep, |
1223 | struct connection_info *connectinfo) | 1244 | struct connection_info *connectinfo) |
1224 | { | 1245 | { |
1225 | char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p; | 1246 | char ch, *cp, ***chararrayptr, **charptr, *arg, *arg2, *p; |
1226 | int cmdline = 0, *intptr, value, value2, n, port; | 1247 | int cmdline = 0, *intptr, value, value2, n, port; |
1227 | SyslogFacility *log_facility_ptr; | 1248 | SyslogFacility *log_facility_ptr; |
1228 | LogLevel *log_level_ptr; | 1249 | LogLevel *log_level_ptr; |
@@ -1322,8 +1343,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1322 | port = 0; | 1343 | port = 0; |
1323 | p = arg; | 1344 | p = arg; |
1324 | } else { | 1345 | } else { |
1325 | p = hpdelim(&arg); | 1346 | arg2 = NULL; |
1326 | if (p == NULL) | 1347 | ch = '\0'; |
1348 | p = hpdelim2(&arg, &ch); | ||
1349 | if (p == NULL || ch == '/') | ||
1327 | fatal("%s line %d: bad address:port usage", | 1350 | fatal("%s line %d: bad address:port usage", |
1328 | filename, linenum); | 1351 | filename, linenum); |
1329 | p = cleanhostname(p); | 1352 | p = cleanhostname(p); |
@@ -1376,8 +1399,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1376 | if (!arg || *arg == '\0') | 1399 | if (!arg || *arg == '\0') |
1377 | fatal("%s line %d: missing file name.", | 1400 | fatal("%s line %d: missing file name.", |
1378 | filename, linenum); | 1401 | filename, linenum); |
1379 | if (*activep) | 1402 | if (*activep) { |
1380 | servconf_add_hostkey(filename, linenum, options, arg); | 1403 | servconf_add_hostkey(filename, linenum, |
1404 | options, arg, 1); | ||
1405 | } | ||
1381 | break; | 1406 | break; |
1382 | 1407 | ||
1383 | case sHostKeyAgent: | 1408 | case sHostKeyAgent: |
@@ -1505,6 +1530,18 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1505 | intptr = &options->gss_store_rekey; | 1530 | intptr = &options->gss_store_rekey; |
1506 | goto parse_flag; | 1531 | goto parse_flag; |
1507 | 1532 | ||
1533 | case sGssKexAlgorithms: | ||
1534 | arg = strdelim(&cp); | ||
1535 | if (!arg || *arg == '\0') | ||
1536 | fatal("%.200s line %d: Missing argument.", | ||
1537 | filename, linenum); | ||
1538 | if (!kex_gss_names_valid(arg)) | ||
1539 | fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.", | ||
1540 | filename, linenum, arg ? arg : "<NONE>"); | ||
1541 | if (*activep && options->gss_kex_algorithms == NULL) | ||
1542 | options->gss_kex_algorithms = xstrdup(arg); | ||
1543 | break; | ||
1544 | |||
1508 | case sPasswordAuthentication: | 1545 | case sPasswordAuthentication: |
1509 | intptr = &options->password_authentication; | 1546 | intptr = &options->password_authentication; |
1510 | goto parse_flag; | 1547 | goto parse_flag; |
@@ -1957,8 +1994,9 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1957 | xasprintf(&arg2, "*:%s", arg); | 1994 | xasprintf(&arg2, "*:%s", arg); |
1958 | } else { | 1995 | } else { |
1959 | arg2 = xstrdup(arg); | 1996 | arg2 = xstrdup(arg); |
1960 | p = hpdelim(&arg); | 1997 | ch = '\0'; |
1961 | if (p == NULL) { | 1998 | p = hpdelim2(&arg, &ch); |
1999 | if (p == NULL || ch == '/') { | ||
1962 | fatal("%s line %d: missing host in %s", | 2000 | fatal("%s line %d: missing host in %s", |
1963 | filename, linenum, | 2001 | filename, linenum, |
1964 | lookup_opcode_name(opcode)); | 2002 | lookup_opcode_name(opcode)); |
@@ -2593,10 +2631,11 @@ dump_config(ServerOptions *o) | |||
2593 | #endif | 2631 | #endif |
2594 | #ifdef GSSAPI | 2632 | #ifdef GSSAPI |
2595 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); | 2633 | dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); |
2596 | dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); | ||
2597 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); | 2634 | dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); |
2635 | dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); | ||
2598 | dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); | 2636 | dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); |
2599 | dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); | 2637 | dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); |
2638 | dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); | ||
2600 | #endif | 2639 | #endif |
2601 | dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); | 2640 | dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); |
2602 | dump_cfg_fmtint(sKbdInteractiveAuthentication, | 2641 | dump_cfg_fmtint(sKbdInteractiveAuthentication, |
diff --git a/servconf.h b/servconf.h index 4e3c54042..986093ffa 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.137 2018/09/20 03:28:06 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.139 2019/01/19 21:37:48 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -75,6 +75,7 @@ typedef struct { | |||
75 | char *routing_domain; /* Bind session to routing domain */ | 75 | char *routing_domain; /* Bind session to routing domain */ |
76 | 76 | ||
77 | char **host_key_files; /* Files containing host keys. */ | 77 | char **host_key_files; /* Files containing host keys. */ |
78 | int *host_key_file_userprovided; /* Key was specified by user. */ | ||
78 | u_int num_host_key_files; /* Number of files for host keys. */ | 79 | u_int num_host_key_files; /* Number of files for host keys. */ |
79 | char **host_cert_files; /* Files containing host certs. */ | 80 | char **host_cert_files; /* Files containing host certs. */ |
80 | u_int num_host_cert_files; /* Number of files for host certs. */ | 81 | u_int num_host_cert_files; /* Number of files for host certs. */ |
@@ -129,6 +130,7 @@ typedef struct { | |||
129 | int gss_cleanup_creds; /* If true, destroy cred cache on logout */ | 130 | int gss_cleanup_creds; /* If true, destroy cred cache on logout */ |
130 | int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ | 131 | int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ |
131 | int gss_store_rekey; | 132 | int gss_store_rekey; |
133 | char *gss_kex_algorithms; /* GSSAPI kex methods to be offered by client. */ | ||
132 | int password_authentication; /* If true, permit password | 134 | int password_authentication; /* If true, permit password |
133 | * authentication. */ | 135 | * authentication. */ |
134 | int kbd_interactive_authentication; /* If true, permit */ | 136 | int kbd_interactive_authentication; /* If true, permit */ |
@@ -261,7 +263,7 @@ struct connection_info { | |||
261 | M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ | 263 | M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ |
262 | } while (0) | 264 | } while (0) |
263 | 265 | ||
264 | struct connection_info *get_connection_info(int, int); | 266 | struct connection_info *get_connection_info(struct ssh *, int, int); |
265 | void initialize_server_options(ServerOptions *); | 267 | void initialize_server_options(ServerOptions *); |
266 | void fill_default_server_options(ServerOptions *); | 268 | void fill_default_server_options(ServerOptions *); |
267 | int process_server_config_line(ServerOptions *, char *, const char *, int, | 269 | int process_server_config_line(ServerOptions *, char *, const char *, int, |
@@ -277,7 +279,7 @@ void copy_set_server_options(ServerOptions *, ServerOptions *, int); | |||
277 | void dump_config(ServerOptions *); | 279 | void dump_config(ServerOptions *); |
278 | char *derelativise_path(const char *); | 280 | char *derelativise_path(const char *); |
279 | void servconf_add_hostkey(const char *, const int, | 281 | void servconf_add_hostkey(const char *, const int, |
280 | ServerOptions *, const char *path); | 282 | ServerOptions *, const char *path, int); |
281 | void servconf_add_hostcert(const char *, const int, | 283 | void servconf_add_hostcert(const char *, const int, |
282 | ServerOptions *, const char *path); | 284 | ServerOptions *, const char *path); |
283 | 285 | ||
diff --git a/serverloop.c b/serverloop.c index 7be83e2d3..d7b04b37c 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.215 2019/03/27 09:29:14 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -49,6 +49,7 @@ | |||
49 | #include <errno.h> | 49 | #include <errno.h> |
50 | #include <fcntl.h> | 50 | #include <fcntl.h> |
51 | #include <pwd.h> | 51 | #include <pwd.h> |
52 | #include <limits.h> | ||
52 | #include <signal.h> | 53 | #include <signal.h> |
53 | #include <string.h> | 54 | #include <string.h> |
54 | #include <termios.h> | 55 | #include <termios.h> |
@@ -98,7 +99,7 @@ static volatile sig_atomic_t child_terminated = 0; /* The child has terminated. | |||
98 | static volatile sig_atomic_t received_sigterm = 0; | 99 | static volatile sig_atomic_t received_sigterm = 0; |
99 | 100 | ||
100 | /* prototypes */ | 101 | /* prototypes */ |
101 | static void server_init_dispatch(void); | 102 | static void server_init_dispatch(struct ssh *); |
102 | 103 | ||
103 | /* requested tunnel forwarding interface(s), shared with session.c */ | 104 | /* requested tunnel forwarding interface(s), shared with session.c */ |
104 | char *tun_fwd_ifnames = NULL; | 105 | char *tun_fwd_ifnames = NULL; |
@@ -179,11 +180,12 @@ sigterm_handler(int sig) | |||
179 | static void | 180 | static void |
180 | client_alive_check(struct ssh *ssh) | 181 | client_alive_check(struct ssh *ssh) |
181 | { | 182 | { |
182 | int channel_id; | ||
183 | char remote_id[512]; | 183 | char remote_id[512]; |
184 | int r, channel_id; | ||
184 | 185 | ||
185 | /* timeout, check to see how many we have had */ | 186 | /* timeout, check to see how many we have had */ |
186 | if (packet_inc_alive_timeouts() > options.client_alive_count_max) { | 187 | if (ssh_packet_inc_alive_timeouts(ssh) > |
188 | options.client_alive_count_max) { | ||
187 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); | 189 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); |
188 | logit("Timeout, client not responding from %s", remote_id); | 190 | logit("Timeout, client not responding from %s", remote_id); |
189 | cleanup_exit(255); | 191 | cleanup_exit(255); |
@@ -194,14 +196,17 @@ client_alive_check(struct ssh *ssh) | |||
194 | * we should get back a failure | 196 | * we should get back a failure |
195 | */ | 197 | */ |
196 | if ((channel_id = channel_find_open(ssh)) == -1) { | 198 | if ((channel_id = channel_find_open(ssh)) == -1) { |
197 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 199 | if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || |
198 | packet_put_cstring("keepalive@openssh.com"); | 200 | (r = sshpkt_put_cstring(ssh, "keepalive@openssh.com")) |
199 | packet_put_char(1); /* boolean: want reply */ | 201 | != 0 || |
202 | (r = sshpkt_put_u8(ssh, 1)) != 0) /* boolean: want reply */ | ||
203 | fatal("%s: %s", __func__, ssh_err(r)); | ||
200 | } else { | 204 | } else { |
201 | channel_request_start(ssh, channel_id, | 205 | channel_request_start(ssh, channel_id, |
202 | "keepalive@openssh.com", 1); | 206 | "keepalive@openssh.com", 1); |
203 | } | 207 | } |
204 | packet_send(); | 208 | if ((r = sshpkt_send(ssh)) != 0) |
209 | fatal("%s: %s", __func__, ssh_err(r)); | ||
205 | } | 210 | } |
206 | 211 | ||
207 | /* | 212 | /* |
@@ -220,6 +225,7 @@ wait_until_can_do_something(struct ssh *ssh, | |||
220 | int ret; | 225 | int ret; |
221 | time_t minwait_secs = 0; | 226 | time_t minwait_secs = 0; |
222 | int client_alive_scheduled = 0; | 227 | int client_alive_scheduled = 0; |
228 | /* time we last heard from the client OR sent a keepalive */ | ||
223 | static time_t last_client_time; | 229 | static time_t last_client_time; |
224 | 230 | ||
225 | /* Allocate and update select() masks for channel descriptors. */ | 231 | /* Allocate and update select() masks for channel descriptors. */ |
@@ -242,9 +248,10 @@ wait_until_can_do_something(struct ssh *ssh, | |||
242 | uint64_t keepalive_ms = | 248 | uint64_t keepalive_ms = |
243 | (uint64_t)options.client_alive_interval * 1000; | 249 | (uint64_t)options.client_alive_interval * 1000; |
244 | 250 | ||
245 | client_alive_scheduled = 1; | 251 | if (max_time_ms == 0 || max_time_ms > keepalive_ms) { |
246 | if (max_time_ms == 0 || max_time_ms > keepalive_ms) | ||
247 | max_time_ms = keepalive_ms; | 252 | max_time_ms = keepalive_ms; |
253 | client_alive_scheduled = 1; | ||
254 | } | ||
248 | } | 255 | } |
249 | 256 | ||
250 | #if 0 | 257 | #if 0 |
@@ -258,14 +265,14 @@ wait_until_can_do_something(struct ssh *ssh, | |||
258 | * If we have buffered packet data going to the client, mark that | 265 | * If we have buffered packet data going to the client, mark that |
259 | * descriptor. | 266 | * descriptor. |
260 | */ | 267 | */ |
261 | if (packet_have_data_to_write()) | 268 | if (ssh_packet_have_data_to_write(ssh)) |
262 | FD_SET(connection_out, *writesetp); | 269 | FD_SET(connection_out, *writesetp); |
263 | 270 | ||
264 | /* | 271 | /* |
265 | * If child has terminated and there is enough buffer space to read | 272 | * If child has terminated and there is enough buffer space to read |
266 | * from it, then read as much as is available and exit. | 273 | * from it, then read as much as is available and exit. |
267 | */ | 274 | */ |
268 | if (child_terminated && packet_not_very_much_data_to_write()) | 275 | if (child_terminated && ssh_packet_not_very_much_data_to_write(ssh)) |
269 | if (max_time_ms == 0 || client_alive_scheduled) | 276 | if (max_time_ms == 0 || client_alive_scheduled) |
270 | max_time_ms = 100; | 277 | max_time_ms = 100; |
271 | 278 | ||
@@ -288,13 +295,15 @@ wait_until_can_do_something(struct ssh *ssh, | |||
288 | } else if (client_alive_scheduled) { | 295 | } else if (client_alive_scheduled) { |
289 | time_t now = monotime(); | 296 | time_t now = monotime(); |
290 | 297 | ||
291 | if (ret == 0) { /* timeout */ | 298 | /* |
299 | * If the select timed out, or returned for some other reason | ||
300 | * but we haven't heard from the client in time, send keepalive. | ||
301 | */ | ||
302 | if (ret == 0 || (last_client_time != 0 && last_client_time + | ||
303 | options.client_alive_interval <= now)) { | ||
292 | client_alive_check(ssh); | 304 | client_alive_check(ssh); |
293 | } else if (FD_ISSET(connection_in, *readsetp)) { | ||
294 | last_client_time = now; | 305 | last_client_time = now; |
295 | } else if (last_client_time != 0 && last_client_time + | 306 | } else if (FD_ISSET(connection_in, *readsetp)) { |
296 | options.client_alive_interval <= now) { | ||
297 | client_alive_check(ssh); | ||
298 | last_client_time = now; | 307 | last_client_time = now; |
299 | } | 308 | } |
300 | } | 309 | } |
@@ -309,7 +318,7 @@ wait_until_can_do_something(struct ssh *ssh, | |||
309 | static int | 318 | static int |
310 | process_input(struct ssh *ssh, fd_set *readset, int connection_in) | 319 | process_input(struct ssh *ssh, fd_set *readset, int connection_in) |
311 | { | 320 | { |
312 | int len; | 321 | int r, len; |
313 | char buf[16384]; | 322 | char buf[16384]; |
314 | 323 | ||
315 | /* Read and buffer any input data from the client. */ | 324 | /* Read and buffer any input data from the client. */ |
@@ -330,7 +339,10 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in) | |||
330 | } | 339 | } |
331 | } else { | 340 | } else { |
332 | /* Buffer any received data. */ | 341 | /* Buffer any received data. */ |
333 | packet_process_incoming(buf, len); | 342 | if ((r = ssh_packet_process_incoming(ssh, buf, len)) |
343 | != 0) | ||
344 | fatal("%s: ssh_packet_process_incoming: %s", | ||
345 | __func__, ssh_err(r)); | ||
334 | } | 346 | } |
335 | } | 347 | } |
336 | return 0; | 348 | return 0; |
@@ -340,11 +352,16 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in) | |||
340 | * Sends data from internal buffers to client program stdin. | 352 | * Sends data from internal buffers to client program stdin. |
341 | */ | 353 | */ |
342 | static void | 354 | static void |
343 | process_output(fd_set *writeset, int connection_out) | 355 | process_output(struct ssh *ssh, fd_set *writeset, int connection_out) |
344 | { | 356 | { |
357 | int r; | ||
358 | |||
345 | /* Send any buffered packet data to the client. */ | 359 | /* Send any buffered packet data to the client. */ |
346 | if (FD_ISSET(connection_out, writeset)) | 360 | if (FD_ISSET(connection_out, writeset)) { |
347 | packet_write_poll(); | 361 | if ((r = ssh_packet_write_poll(ssh)) != 0) |
362 | fatal("%s: ssh_packet_write_poll: %s", | ||
363 | __func__, ssh_err(r)); | ||
364 | } | ||
348 | } | 365 | } |
349 | 366 | ||
350 | static void | 367 | static void |
@@ -387,8 +404,8 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) | |||
387 | 404 | ||
388 | signal(SIGCHLD, sigchld_handler); | 405 | signal(SIGCHLD, sigchld_handler); |
389 | child_terminated = 0; | 406 | child_terminated = 0; |
390 | connection_in = packet_get_connection_in(); | 407 | connection_in = ssh_packet_get_connection_in(ssh); |
391 | connection_out = packet_get_connection_out(); | 408 | connection_out = ssh_packet_get_connection_out(ssh); |
392 | 409 | ||
393 | if (!use_privsep) { | 410 | if (!use_privsep) { |
394 | signal(SIGTERM, sigterm_handler); | 411 | signal(SIGTERM, sigterm_handler); |
@@ -401,18 +418,21 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) | |||
401 | max_fd = MAXIMUM(connection_in, connection_out); | 418 | max_fd = MAXIMUM(connection_in, connection_out); |
402 | max_fd = MAXIMUM(max_fd, notify_pipe[0]); | 419 | max_fd = MAXIMUM(max_fd, notify_pipe[0]); |
403 | 420 | ||
404 | server_init_dispatch(); | 421 | server_init_dispatch(ssh); |
405 | 422 | ||
406 | for (;;) { | 423 | for (;;) { |
407 | process_buffered_input_packets(ssh); | 424 | process_buffered_input_packets(ssh); |
408 | 425 | ||
409 | if (!ssh_packet_is_rekeying(ssh) && | 426 | if (!ssh_packet_is_rekeying(ssh) && |
410 | packet_not_very_much_data_to_write()) | 427 | ssh_packet_not_very_much_data_to_write(ssh)) |
411 | channel_output_poll(ssh); | 428 | channel_output_poll(ssh); |
412 | if (options.rekey_interval > 0 && !ssh_packet_is_rekeying(ssh)) | 429 | if (options.rekey_interval > 0 && |
413 | rekey_timeout_ms = packet_get_rekey_timeout() * 1000; | 430 | !ssh_packet_is_rekeying(ssh)) { |
414 | else | 431 | rekey_timeout_ms = ssh_packet_get_rekey_timeout(ssh) * |
432 | 1000; | ||
433 | } else { | ||
415 | rekey_timeout_ms = 0; | 434 | rekey_timeout_ms = 0; |
435 | } | ||
416 | 436 | ||
417 | wait_until_can_do_something(ssh, connection_in, connection_out, | 437 | wait_until_can_do_something(ssh, connection_in, connection_out, |
418 | &readset, &writeset, &max_fd, &nalloc, rekey_timeout_ms); | 438 | &readset, &writeset, &max_fd, &nalloc, rekey_timeout_ms); |
@@ -428,7 +448,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) | |||
428 | channel_after_select(ssh, readset, writeset); | 448 | channel_after_select(ssh, readset, writeset); |
429 | if (process_input(ssh, readset, connection_in) < 0) | 449 | if (process_input(ssh, readset, connection_in) < 0) |
430 | break; | 450 | break; |
431 | process_output(writeset, connection_out); | 451 | process_output(ssh, writeset, connection_out); |
432 | } | 452 | } |
433 | collect_children(ssh); | 453 | collect_children(ssh); |
434 | 454 | ||
@@ -451,7 +471,7 @@ server_input_keep_alive(int type, u_int32_t seq, struct ssh *ssh) | |||
451 | * even if this was generated by something other than | 471 | * even if this was generated by something other than |
452 | * the bogus CHANNEL_REQUEST we send for keepalives. | 472 | * the bogus CHANNEL_REQUEST we send for keepalives. |
453 | */ | 473 | */ |
454 | packet_set_alive_timeouts(0); | 474 | ssh_packet_set_alive_timeouts(ssh, 0); |
455 | return 0; | 475 | return 0; |
456 | } | 476 | } |
457 | 477 | ||
@@ -459,16 +479,28 @@ static Channel * | |||
459 | server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg) | 479 | server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg) |
460 | { | 480 | { |
461 | Channel *c = NULL; | 481 | Channel *c = NULL; |
462 | char *target, *originator; | 482 | char *target = NULL, *originator = NULL; |
463 | u_short target_port, originator_port; | 483 | u_int target_port = 0, originator_port = 0; |
464 | 484 | int r; | |
465 | target = packet_get_string(NULL); | 485 | |
466 | target_port = packet_get_int(); | 486 | if ((r = sshpkt_get_cstring(ssh, &target, NULL)) != 0 || |
467 | originator = packet_get_string(NULL); | 487 | (r = sshpkt_get_u32(ssh, &target_port)) != 0 || |
468 | originator_port = packet_get_int(); | 488 | (r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 || |
469 | packet_check_eom(); | 489 | (r = sshpkt_get_u32(ssh, &originator_port)) != 0 || |
490 | (r = sshpkt_get_end(ssh)) != 0) | ||
491 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
492 | if (target_port > 0xFFFF) { | ||
493 | error("%s: invalid target port", __func__); | ||
494 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; | ||
495 | goto out; | ||
496 | } | ||
497 | if (originator_port > 0xFFFF) { | ||
498 | error("%s: invalid originator port", __func__); | ||
499 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; | ||
500 | goto out; | ||
501 | } | ||
470 | 502 | ||
471 | debug("%s: originator %s port %d, target %s port %d", __func__, | 503 | debug("%s: originator %s port %u, target %s port %u", __func__, |
472 | originator, originator_port, target, target_port); | 504 | originator, originator_port, target, target_port); |
473 | 505 | ||
474 | /* XXX fine grained permissions */ | 506 | /* XXX fine grained permissions */ |
@@ -485,9 +517,9 @@ server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg) | |||
485 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; | 517 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; |
486 | } | 518 | } |
487 | 519 | ||
520 | out: | ||
488 | free(originator); | 521 | free(originator); |
489 | free(target); | 522 | free(target); |
490 | |||
491 | return c; | 523 | return c; |
492 | } | 524 | } |
493 | 525 | ||
@@ -495,17 +527,23 @@ static Channel * | |||
495 | server_request_direct_streamlocal(struct ssh *ssh) | 527 | server_request_direct_streamlocal(struct ssh *ssh) |
496 | { | 528 | { |
497 | Channel *c = NULL; | 529 | Channel *c = NULL; |
498 | char *target, *originator; | 530 | char *target = NULL, *originator = NULL; |
499 | u_short originator_port; | 531 | u_int originator_port = 0; |
500 | struct passwd *pw = the_authctxt->pw; | 532 | struct passwd *pw = the_authctxt->pw; |
533 | int r; | ||
501 | 534 | ||
502 | if (pw == NULL || !the_authctxt->valid) | 535 | if (pw == NULL || !the_authctxt->valid) |
503 | fatal("%s: no/invalid user", __func__); | 536 | fatal("%s: no/invalid user", __func__); |
504 | 537 | ||
505 | target = packet_get_string(NULL); | 538 | if ((r = sshpkt_get_cstring(ssh, &target, NULL)) != 0 || |
506 | originator = packet_get_string(NULL); | 539 | (r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 || |
507 | originator_port = packet_get_int(); | 540 | (r = sshpkt_get_u32(ssh, &originator_port)) != 0 || |
508 | packet_check_eom(); | 541 | (r = sshpkt_get_end(ssh)) != 0) |
542 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
543 | if (originator_port > 0xFFFF) { | ||
544 | error("%s: invalid originator port", __func__); | ||
545 | goto out; | ||
546 | } | ||
509 | 547 | ||
510 | debug("%s: originator %s port %d, target %s", __func__, | 548 | debug("%s: originator %s port %d, target %s", __func__, |
511 | originator, originator_port, target); | 549 | originator, originator_port, target); |
@@ -522,9 +560,9 @@ server_request_direct_streamlocal(struct ssh *ssh) | |||
522 | originator, originator_port, target); | 560 | originator, originator_port, target); |
523 | } | 561 | } |
524 | 562 | ||
563 | out: | ||
525 | free(originator); | 564 | free(originator); |
526 | free(target); | 565 | free(target); |
527 | |||
528 | return c; | 566 | return c; |
529 | } | 567 | } |
530 | 568 | ||
@@ -532,27 +570,35 @@ static Channel * | |||
532 | server_request_tun(struct ssh *ssh) | 570 | server_request_tun(struct ssh *ssh) |
533 | { | 571 | { |
534 | Channel *c = NULL; | 572 | Channel *c = NULL; |
535 | int mode, tun, sock; | 573 | u_int mode, tun; |
574 | int r, sock; | ||
536 | char *tmp, *ifname = NULL; | 575 | char *tmp, *ifname = NULL; |
537 | 576 | ||
538 | mode = packet_get_int(); | 577 | if ((r = sshpkt_get_u32(ssh, &mode)) != 0) |
578 | sshpkt_fatal(ssh, r, "%s: parse mode", __func__); | ||
539 | switch (mode) { | 579 | switch (mode) { |
540 | case SSH_TUNMODE_POINTOPOINT: | 580 | case SSH_TUNMODE_POINTOPOINT: |
541 | case SSH_TUNMODE_ETHERNET: | 581 | case SSH_TUNMODE_ETHERNET: |
542 | break; | 582 | break; |
543 | default: | 583 | default: |
544 | packet_send_debug("Unsupported tunnel device mode."); | 584 | ssh_packet_send_debug(ssh, "Unsupported tunnel device mode."); |
545 | return NULL; | 585 | return NULL; |
546 | } | 586 | } |
547 | if ((options.permit_tun & mode) == 0) { | 587 | if ((options.permit_tun & mode) == 0) { |
548 | packet_send_debug("Server has rejected tunnel device " | 588 | ssh_packet_send_debug(ssh, "Server has rejected tunnel device " |
549 | "forwarding"); | 589 | "forwarding"); |
550 | return NULL; | 590 | return NULL; |
551 | } | 591 | } |
552 | 592 | ||
553 | tun = packet_get_int(); | 593 | if ((r = sshpkt_get_u32(ssh, &tun)) != 0) |
594 | sshpkt_fatal(ssh, r, "%s: parse device", __func__); | ||
595 | if (tun > INT_MAX) { | ||
596 | debug("%s: invalid tun", __func__); | ||
597 | goto done; | ||
598 | } | ||
554 | if (auth_opts->force_tun_device != -1) { | 599 | if (auth_opts->force_tun_device != -1) { |
555 | if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != tun) | 600 | if (tun != SSH_TUNID_ANY && |
601 | auth_opts->force_tun_device != (int)tun) | ||
556 | goto done; | 602 | goto done; |
557 | tun = auth_opts->force_tun_device; | 603 | tun = auth_opts->force_tun_device; |
558 | } | 604 | } |
@@ -585,7 +631,7 @@ server_request_tun(struct ssh *ssh) | |||
585 | 631 | ||
586 | done: | 632 | done: |
587 | if (c == NULL) | 633 | if (c == NULL) |
588 | packet_send_debug("Failed to open the tunnel device."); | 634 | ssh_packet_send_debug(ssh, "Failed to open the tunnel device."); |
589 | return c; | 635 | return c; |
590 | } | 636 | } |
591 | 637 | ||
@@ -593,13 +639,15 @@ static Channel * | |||
593 | server_request_session(struct ssh *ssh) | 639 | server_request_session(struct ssh *ssh) |
594 | { | 640 | { |
595 | Channel *c; | 641 | Channel *c; |
642 | int r; | ||
596 | 643 | ||
597 | debug("input_session_request"); | 644 | debug("input_session_request"); |
598 | packet_check_eom(); | 645 | if ((r = sshpkt_get_end(ssh)) != 0) |
646 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
599 | 647 | ||
600 | if (no_more_sessions) { | 648 | if (no_more_sessions) { |
601 | packet_disconnect("Possible attack: attempt to open a session " | 649 | ssh_packet_disconnect(ssh, "Possible attack: attempt to open a " |
602 | "after additional sessions disabled"); | 650 | "session after additional sessions disabled"); |
603 | } | 651 | } |
604 | 652 | ||
605 | /* | 653 | /* |
@@ -624,20 +672,22 @@ static int | |||
624 | server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) | 672 | server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) |
625 | { | 673 | { |
626 | Channel *c = NULL; | 674 | Channel *c = NULL; |
627 | char *ctype; | 675 | char *ctype = NULL; |
628 | const char *errmsg = NULL; | 676 | const char *errmsg = NULL; |
629 | int rchan, reason = SSH2_OPEN_CONNECT_FAILED; | 677 | int r, reason = SSH2_OPEN_CONNECT_FAILED; |
630 | u_int rmaxpack, rwindow, len; | 678 | u_int rchan = 0, rmaxpack = 0, rwindow = 0; |
631 | 679 | ||
632 | ctype = packet_get_string(&len); | 680 | if ((r = sshpkt_get_cstring(ssh, &ctype, NULL)) != 0 || |
633 | rchan = packet_get_int(); | 681 | (r = sshpkt_get_u32(ssh, &rchan)) != 0 || |
634 | rwindow = packet_get_int(); | 682 | (r = sshpkt_get_u32(ssh, &rwindow)) != 0 || |
635 | rmaxpack = packet_get_int(); | 683 | (r = sshpkt_get_u32(ssh, &rmaxpack)) != 0) |
636 | 684 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | |
637 | debug("%s: ctype %s rchan %d win %d max %d", __func__, | 685 | debug("%s: ctype %s rchan %u win %u max %u", __func__, |
638 | ctype, rchan, rwindow, rmaxpack); | 686 | ctype, rchan, rwindow, rmaxpack); |
639 | 687 | ||
640 | if (strcmp(ctype, "session") == 0) { | 688 | if (rchan > INT_MAX) { |
689 | error("%s: invalid remote channel ID", __func__); | ||
690 | } else if (strcmp(ctype, "session") == 0) { | ||
641 | c = server_request_session(ssh); | 691 | c = server_request_session(ssh); |
642 | } else if (strcmp(ctype, "direct-tcpip") == 0) { | 692 | } else if (strcmp(ctype, "direct-tcpip") == 0) { |
643 | c = server_request_direct_tcpip(ssh, &reason, &errmsg); | 693 | c = server_request_direct_tcpip(ssh, &reason, &errmsg); |
@@ -648,26 +698,32 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh) | |||
648 | } | 698 | } |
649 | if (c != NULL) { | 699 | if (c != NULL) { |
650 | debug("%s: confirm %s", __func__, ctype); | 700 | debug("%s: confirm %s", __func__, ctype); |
651 | c->remote_id = rchan; | 701 | c->remote_id = (int)rchan; |
652 | c->have_remote_id = 1; | 702 | c->have_remote_id = 1; |
653 | c->remote_window = rwindow; | 703 | c->remote_window = rwindow; |
654 | c->remote_maxpacket = rmaxpack; | 704 | c->remote_maxpacket = rmaxpack; |
655 | if (c->type != SSH_CHANNEL_CONNECTING) { | 705 | if (c->type != SSH_CHANNEL_CONNECTING) { |
656 | packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); | 706 | if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION)) != 0 || |
657 | packet_put_int(c->remote_id); | 707 | (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || |
658 | packet_put_int(c->self); | 708 | (r = sshpkt_put_u32(ssh, c->self)) != 0 || |
659 | packet_put_int(c->local_window); | 709 | (r = sshpkt_put_u32(ssh, c->local_window)) != 0 || |
660 | packet_put_int(c->local_maxpacket); | 710 | (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 || |
661 | packet_send(); | 711 | (r = sshpkt_send(ssh)) != 0) { |
712 | sshpkt_fatal(ssh, r, | ||
713 | "%s: send open confirm", __func__); | ||
714 | } | ||
662 | } | 715 | } |
663 | } else { | 716 | } else { |
664 | debug("%s: failure %s", __func__, ctype); | 717 | debug("%s: failure %s", __func__, ctype); |
665 | packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); | 718 | if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE)) != 0 || |
666 | packet_put_int(rchan); | 719 | (r = sshpkt_put_u32(ssh, rchan)) != 0 || |
667 | packet_put_int(reason); | 720 | (r = sshpkt_put_u32(ssh, reason)) != 0 || |
668 | packet_put_cstring(errmsg ? errmsg : "open failed"); | 721 | (r = sshpkt_put_cstring(ssh, errmsg ? errmsg : "open failed")) != 0 || |
669 | packet_put_cstring(""); | 722 | (r = sshpkt_put_cstring(ssh, "")) != 0 || |
670 | packet_send(); | 723 | (r = sshpkt_send(ssh)) != 0) { |
724 | sshpkt_fatal(ssh, r, | ||
725 | "%s: send open failure", __func__); | ||
726 | } | ||
671 | } | 727 | } |
672 | free(ctype); | 728 | free(ctype); |
673 | return 0; | 729 | return 0; |
@@ -730,9 +786,9 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) | |||
730 | (r = sshbuf_put_string(sigbuf, | 786 | (r = sshbuf_put_string(sigbuf, |
731 | ssh->kex->session_id, ssh->kex->session_id_len)) != 0 || | 787 | ssh->kex->session_id, ssh->kex->session_id_len)) != 0 || |
732 | (r = sshkey_puts(key, sigbuf)) != 0 || | 788 | (r = sshkey_puts(key, sigbuf)) != 0 || |
733 | (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen, | 789 | (r = ssh->kex->sign(ssh, key_prv, key_pub, &sig, &slen, |
734 | sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), | 790 | sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), |
735 | use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0)) != 0 || | 791 | use_kexsigtype ? ssh->kex->hostkey_alg : NULL)) != 0 || |
736 | (r = sshbuf_put_string(resp, sig, slen)) != 0) { | 792 | (r = sshbuf_put_string(resp, sig, slen)) != 0) { |
737 | error("%s: couldn't prepare signature: %s", | 793 | error("%s: couldn't prepare signature: %s", |
738 | __func__, ssh_err(r)); | 794 | __func__, ssh_err(r)); |
@@ -754,65 +810,66 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp) | |||
754 | static int | 810 | static int |
755 | server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) | 811 | server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) |
756 | { | 812 | { |
757 | char *rtype; | 813 | char *rtype = NULL; |
758 | int want_reply; | 814 | u_char want_reply = 0; |
759 | int r, success = 0, allocated_listen_port = 0; | 815 | int r, success = 0, allocated_listen_port = 0; |
816 | u_int port = 0; | ||
760 | struct sshbuf *resp = NULL; | 817 | struct sshbuf *resp = NULL; |
761 | struct passwd *pw = the_authctxt->pw; | 818 | struct passwd *pw = the_authctxt->pw; |
819 | struct Forward fwd; | ||
762 | 820 | ||
821 | memset(&fwd, 0, sizeof(fwd)); | ||
763 | if (pw == NULL || !the_authctxt->valid) | 822 | if (pw == NULL || !the_authctxt->valid) |
764 | fatal("%s: no/invalid user", __func__); | 823 | fatal("%s: no/invalid user", __func__); |
765 | 824 | ||
766 | rtype = packet_get_string(NULL); | 825 | if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 || |
767 | want_reply = packet_get_char(); | 826 | (r = sshpkt_get_u8(ssh, &want_reply)) != 0) |
827 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
768 | debug("%s: rtype %s want_reply %d", __func__, rtype, want_reply); | 828 | debug("%s: rtype %s want_reply %d", __func__, rtype, want_reply); |
769 | 829 | ||
770 | /* -R style forwarding */ | 830 | /* -R style forwarding */ |
771 | if (strcmp(rtype, "tcpip-forward") == 0) { | 831 | if (strcmp(rtype, "tcpip-forward") == 0) { |
772 | struct Forward fwd; | 832 | if ((r = sshpkt_get_cstring(ssh, &fwd.listen_host, NULL)) != 0 || |
773 | 833 | (r = sshpkt_get_u32(ssh, &port)) != 0) | |
774 | memset(&fwd, 0, sizeof(fwd)); | 834 | sshpkt_fatal(ssh, r, "%s: parse tcpip-forward", __func__); |
775 | fwd.listen_host = packet_get_string(NULL); | 835 | debug("%s: tcpip-forward listen %s port %u", __func__, |
776 | fwd.listen_port = (u_short)packet_get_int(); | 836 | fwd.listen_host, port); |
777 | debug("%s: tcpip-forward listen %s port %d", __func__, | 837 | if (port <= INT_MAX) |
778 | fwd.listen_host, fwd.listen_port); | 838 | fwd.listen_port = (int)port; |
779 | |||
780 | /* check permissions */ | 839 | /* check permissions */ |
781 | if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || | 840 | if (port > INT_MAX || |
841 | (options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || | ||
782 | !auth_opts->permit_port_forwarding_flag || | 842 | !auth_opts->permit_port_forwarding_flag || |
783 | options.disable_forwarding || | 843 | options.disable_forwarding || |
784 | (!want_reply && fwd.listen_port == 0) || | 844 | (!want_reply && fwd.listen_port == 0) || |
785 | (fwd.listen_port != 0 && | 845 | (fwd.listen_port != 0 && |
786 | !bind_permitted(fwd.listen_port, pw->pw_uid))) { | 846 | !bind_permitted(fwd.listen_port, pw->pw_uid))) { |
787 | success = 0; | 847 | success = 0; |
788 | packet_send_debug("Server has disabled port forwarding."); | 848 | ssh_packet_send_debug(ssh, "Server has disabled port forwarding."); |
789 | } else { | 849 | } else { |
790 | /* Start listening on the port */ | 850 | /* Start listening on the port */ |
791 | success = channel_setup_remote_fwd_listener(ssh, &fwd, | 851 | success = channel_setup_remote_fwd_listener(ssh, &fwd, |
792 | &allocated_listen_port, &options.fwd_opts); | 852 | &allocated_listen_port, &options.fwd_opts); |
793 | } | 853 | } |
794 | free(fwd.listen_host); | ||
795 | if ((resp = sshbuf_new()) == NULL) | 854 | if ((resp = sshbuf_new()) == NULL) |
796 | fatal("%s: sshbuf_new", __func__); | 855 | fatal("%s: sshbuf_new", __func__); |
797 | if (allocated_listen_port != 0 && | 856 | if (allocated_listen_port != 0 && |
798 | (r = sshbuf_put_u32(resp, allocated_listen_port)) != 0) | 857 | (r = sshbuf_put_u32(resp, allocated_listen_port)) != 0) |
799 | fatal("%s: sshbuf_put_u32: %s", __func__, ssh_err(r)); | 858 | fatal("%s: sshbuf_put_u32: %s", __func__, ssh_err(r)); |
800 | } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) { | 859 | } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) { |
801 | struct Forward fwd; | 860 | if ((r = sshpkt_get_cstring(ssh, &fwd.listen_host, NULL)) != 0 || |
861 | (r = sshpkt_get_u32(ssh, &port)) != 0) | ||
862 | sshpkt_fatal(ssh, r, "%s: parse cancel-tcpip-forward", __func__); | ||
802 | 863 | ||
803 | memset(&fwd, 0, sizeof(fwd)); | ||
804 | fwd.listen_host = packet_get_string(NULL); | ||
805 | fwd.listen_port = (u_short)packet_get_int(); | ||
806 | debug("%s: cancel-tcpip-forward addr %s port %d", __func__, | 864 | debug("%s: cancel-tcpip-forward addr %s port %d", __func__, |
807 | fwd.listen_host, fwd.listen_port); | 865 | fwd.listen_host, port); |
808 | 866 | if (port <= INT_MAX) { | |
809 | success = channel_cancel_rport_listener(ssh, &fwd); | 867 | fwd.listen_port = (int)port; |
810 | free(fwd.listen_host); | 868 | success = channel_cancel_rport_listener(ssh, &fwd); |
869 | } | ||
811 | } else if (strcmp(rtype, "streamlocal-forward@openssh.com") == 0) { | 870 | } else if (strcmp(rtype, "streamlocal-forward@openssh.com") == 0) { |
812 | struct Forward fwd; | 871 | if ((r = sshpkt_get_cstring(ssh, &fwd.listen_path, NULL)) != 0) |
813 | 872 | sshpkt_fatal(ssh, r, "%s: parse streamlocal-forward@openssh.com", __func__); | |
814 | memset(&fwd, 0, sizeof(fwd)); | ||
815 | fwd.listen_path = packet_get_string(NULL); | ||
816 | debug("%s: streamlocal-forward listen path %s", __func__, | 873 | debug("%s: streamlocal-forward listen path %s", __func__, |
817 | fwd.listen_path); | 874 | fwd.listen_path); |
818 | 875 | ||
@@ -822,39 +879,37 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh) | |||
822 | options.disable_forwarding || | 879 | options.disable_forwarding || |
823 | (pw->pw_uid != 0 && !use_privsep)) { | 880 | (pw->pw_uid != 0 && !use_privsep)) { |
824 | success = 0; | 881 | success = 0; |
825 | packet_send_debug("Server has disabled " | 882 | ssh_packet_send_debug(ssh, "Server has disabled " |
826 | "streamlocal forwarding."); | 883 | "streamlocal forwarding."); |
827 | } else { | 884 | } else { |
828 | /* Start listening on the socket */ | 885 | /* Start listening on the socket */ |
829 | success = channel_setup_remote_fwd_listener(ssh, | 886 | success = channel_setup_remote_fwd_listener(ssh, |
830 | &fwd, NULL, &options.fwd_opts); | 887 | &fwd, NULL, &options.fwd_opts); |
831 | } | 888 | } |
832 | free(fwd.listen_path); | ||
833 | } else if (strcmp(rtype, "cancel-streamlocal-forward@openssh.com") == 0) { | 889 | } else if (strcmp(rtype, "cancel-streamlocal-forward@openssh.com") == 0) { |
834 | struct Forward fwd; | 890 | if ((r = sshpkt_get_cstring(ssh, &fwd.listen_path, NULL)) != 0) |
835 | 891 | sshpkt_fatal(ssh, r, "%s: parse cancel-streamlocal-forward@openssh.com", __func__); | |
836 | memset(&fwd, 0, sizeof(fwd)); | ||
837 | fwd.listen_path = packet_get_string(NULL); | ||
838 | debug("%s: cancel-streamlocal-forward path %s", __func__, | 892 | debug("%s: cancel-streamlocal-forward path %s", __func__, |
839 | fwd.listen_path); | 893 | fwd.listen_path); |
840 | 894 | ||
841 | success = channel_cancel_rport_listener(ssh, &fwd); | 895 | success = channel_cancel_rport_listener(ssh, &fwd); |
842 | free(fwd.listen_path); | ||
843 | } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) { | 896 | } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) { |
844 | no_more_sessions = 1; | 897 | no_more_sessions = 1; |
845 | success = 1; | 898 | success = 1; |
846 | } else if (strcmp(rtype, "hostkeys-prove-00@openssh.com") == 0) { | 899 | } else if (strcmp(rtype, "hostkeys-prove-00@openssh.com") == 0) { |
847 | success = server_input_hostkeys_prove(ssh, &resp); | 900 | success = server_input_hostkeys_prove(ssh, &resp); |
848 | } | 901 | } |
902 | /* XXX sshpkt_get_end() */ | ||
849 | if (want_reply) { | 903 | if (want_reply) { |
850 | packet_start(success ? | 904 | if ((r = sshpkt_start(ssh, success ? |
851 | SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); | 905 | SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE)) != 0 || |
852 | if (success && resp != NULL) | 906 | (success && resp != NULL && (r = sshpkt_putb(ssh, resp)) != 0) || |
853 | ssh_packet_put_raw(ssh, sshbuf_ptr(resp), | 907 | (r = sshpkt_send(ssh)) != 0 || |
854 | sshbuf_len(resp)); | 908 | (r = ssh_packet_write_wait(ssh)) != 0) |
855 | packet_send(); | 909 | sshpkt_fatal(ssh, r, "%s: send reply", __func__); |
856 | packet_write_wait(); | ||
857 | } | 910 | } |
911 | free(fwd.listen_host); | ||
912 | free(fwd.listen_path); | ||
858 | free(rtype); | 913 | free(rtype); |
859 | sshbuf_free(resp); | 914 | sshbuf_free(resp); |
860 | return 0; | 915 | return 0; |
@@ -864,58 +919,64 @@ static int | |||
864 | server_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) | 919 | server_input_channel_req(int type, u_int32_t seq, struct ssh *ssh) |
865 | { | 920 | { |
866 | Channel *c; | 921 | Channel *c; |
867 | int id, reply, success = 0; | 922 | int r, success = 0; |
868 | char *rtype; | 923 | char *rtype = NULL; |
869 | 924 | u_char want_reply = 0; | |
870 | id = packet_get_int(); | 925 | u_int id = 0; |
871 | rtype = packet_get_string(NULL); | 926 | |
872 | reply = packet_get_char(); | 927 | if ((r = sshpkt_get_u32(ssh, &id)) != 0 || |
873 | 928 | (r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 || | |
874 | debug("server_input_channel_req: channel %d request %s reply %d", | 929 | (r = sshpkt_get_u8(ssh, &want_reply)) != 0) |
875 | id, rtype, reply); | 930 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); |
876 | 931 | ||
877 | if ((c = channel_lookup(ssh, id)) == NULL) | 932 | debug("server_input_channel_req: channel %u request %s reply %d", |
878 | packet_disconnect("server_input_channel_req: " | 933 | id, rtype, want_reply); |
879 | "unknown channel %d", id); | 934 | |
935 | if (id >= INT_MAX || (c = channel_lookup(ssh, (int)id)) == NULL) { | ||
936 | ssh_packet_disconnect(ssh, "%s: unknown channel %d", | ||
937 | __func__, id); | ||
938 | } | ||
880 | if (!strcmp(rtype, "eow@openssh.com")) { | 939 | if (!strcmp(rtype, "eow@openssh.com")) { |
881 | packet_check_eom(); | 940 | if ((r = sshpkt_get_end(ssh)) != 0) |
941 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
882 | chan_rcvd_eow(ssh, c); | 942 | chan_rcvd_eow(ssh, c); |
883 | } else if ((c->type == SSH_CHANNEL_LARVAL || | 943 | } else if ((c->type == SSH_CHANNEL_LARVAL || |
884 | c->type == SSH_CHANNEL_OPEN) && strcmp(c->ctype, "session") == 0) | 944 | c->type == SSH_CHANNEL_OPEN) && strcmp(c->ctype, "session") == 0) |
885 | success = session_input_channel_req(ssh, c, rtype); | 945 | success = session_input_channel_req(ssh, c, rtype); |
886 | if (reply && !(c->flags & CHAN_CLOSE_SENT)) { | 946 | if (want_reply && !(c->flags & CHAN_CLOSE_SENT)) { |
887 | if (!c->have_remote_id) | 947 | if (!c->have_remote_id) |
888 | fatal("%s: channel %d: no remote_id", | 948 | fatal("%s: channel %d: no remote_id", |
889 | __func__, c->self); | 949 | __func__, c->self); |
890 | packet_start(success ? | 950 | if ((r = sshpkt_start(ssh, success ? |
891 | SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); | 951 | SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE)) != 0 || |
892 | packet_put_int(c->remote_id); | 952 | (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || |
893 | packet_send(); | 953 | (r = sshpkt_send(ssh)) != 0) |
954 | sshpkt_fatal(ssh, r, "%s: send reply", __func__); | ||
894 | } | 955 | } |
895 | free(rtype); | 956 | free(rtype); |
896 | return 0; | 957 | return 0; |
897 | } | 958 | } |
898 | 959 | ||
899 | static void | 960 | static void |
900 | server_init_dispatch(void) | 961 | server_init_dispatch(struct ssh *ssh) |
901 | { | 962 | { |
902 | debug("server_init_dispatch"); | 963 | debug("server_init_dispatch"); |
903 | dispatch_init(&dispatch_protocol_error); | 964 | ssh_dispatch_init(ssh, &dispatch_protocol_error); |
904 | dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); | 965 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); |
905 | dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data); | 966 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_DATA, &channel_input_data); |
906 | dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); | 967 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); |
907 | dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data); | 968 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data); |
908 | dispatch_set(SSH2_MSG_CHANNEL_OPEN, &server_input_channel_open); | 969 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN, &server_input_channel_open); |
909 | dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); | 970 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); |
910 | dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); | 971 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); |
911 | dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &server_input_channel_req); | 972 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_REQUEST, &server_input_channel_req); |
912 | dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); | 973 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); |
913 | dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request); | 974 | ssh_dispatch_set(ssh, SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request); |
914 | /* client_alive */ | 975 | /* client_alive */ |
915 | dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &server_input_keep_alive); | 976 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_SUCCESS, &server_input_keep_alive); |
916 | dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive); | 977 | ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive); |
917 | dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive); | 978 | ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive); |
918 | dispatch_set(SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive); | 979 | ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive); |
919 | /* rekeying */ | 980 | /* rekeying */ |
920 | dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); | 981 | ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); |
921 | } | 982 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.307 2018/10/04 00:10:11 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -123,9 +123,6 @@ int do_exec_no_pty(struct ssh *, Session *, const char *); | |||
123 | int do_exec(struct ssh *, Session *, const char *); | 123 | int do_exec(struct ssh *, Session *, const char *); |
124 | void do_login(struct ssh *, Session *, const char *); | 124 | void do_login(struct ssh *, Session *, const char *); |
125 | void do_child(struct ssh *, Session *, const char *); | 125 | void do_child(struct ssh *, Session *, const char *); |
126 | #ifdef LOGIN_NEEDS_UTMPX | ||
127 | static void do_pre_login(Session *s); | ||
128 | #endif | ||
129 | void do_motd(void); | 126 | void do_motd(void); |
130 | int check_quietlogin(Session *, const char *); | 127 | int check_quietlogin(Session *, const char *); |
131 | 128 | ||
@@ -142,7 +139,7 @@ extern int startup_pipe; | |||
142 | extern void destroy_sensitive_data(void); | 139 | extern void destroy_sensitive_data(void); |
143 | extern struct sshbuf *loginmsg; | 140 | extern struct sshbuf *loginmsg; |
144 | extern struct sshauthopt *auth_opts; | 141 | extern struct sshauthopt *auth_opts; |
145 | char *tun_fwd_ifnames; /* serverloop.c */ | 142 | extern char *tun_fwd_ifnames; /* serverloop.c */ |
146 | 143 | ||
147 | /* original command from peer. */ | 144 | /* original command from peer. */ |
148 | const char *original_command = NULL; | 145 | const char *original_command = NULL; |
@@ -204,7 +201,7 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) | |||
204 | 201 | ||
205 | /* Create private directory for socket */ | 202 | /* Create private directory for socket */ |
206 | if (mkdtemp(auth_sock_dir) == NULL) { | 203 | if (mkdtemp(auth_sock_dir) == NULL) { |
207 | packet_send_debug("Agent forwarding disabled: " | 204 | ssh_packet_send_debug(ssh, "Agent forwarding disabled: " |
208 | "mkdtemp() failed: %.100s", strerror(errno)); | 205 | "mkdtemp() failed: %.100s", strerror(errno)); |
209 | restore_uid(); | 206 | restore_uid(); |
210 | free(auth_sock_dir); | 207 | free(auth_sock_dir); |
@@ -236,7 +233,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) | |||
236 | authsock_err: | 233 | authsock_err: |
237 | free(auth_sock_name); | 234 | free(auth_sock_name); |
238 | if (auth_sock_dir != NULL) { | 235 | if (auth_sock_dir != NULL) { |
236 | temporarily_use_uid(pw); | ||
239 | rmdir(auth_sock_dir); | 237 | rmdir(auth_sock_dir); |
238 | restore_uid(); | ||
240 | free(auth_sock_dir); | 239 | free(auth_sock_dir); |
241 | } | 240 | } |
242 | if (sock != -1) | 241 | if (sock != -1) |
@@ -359,7 +358,7 @@ do_authenticated(struct ssh *ssh, Authctxt *authctxt) | |||
359 | else | 358 | else |
360 | channel_permit_all(ssh, FORWARD_REMOTE); | 359 | channel_permit_all(ssh, FORWARD_REMOTE); |
361 | } | 360 | } |
362 | auth_debug_send(); | 361 | auth_debug_send(ssh); |
363 | 362 | ||
364 | prepare_auth_info_file(authctxt->pw, authctxt->session_info); | 363 | prepare_auth_info_file(authctxt->pw, authctxt->session_info); |
365 | 364 | ||
@@ -521,7 +520,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
521 | 520 | ||
522 | s->pid = pid; | 521 | s->pid = pid; |
523 | /* Set interactive/non-interactive mode. */ | 522 | /* Set interactive/non-interactive mode. */ |
524 | packet_set_interactive(s->display != NULL, | 523 | ssh_packet_set_interactive(ssh, s->display != NULL, |
525 | options.ip_qos_interactive, options.ip_qos_bulk); | 524 | options.ip_qos_interactive, options.ip_qos_bulk); |
526 | 525 | ||
527 | /* | 526 | /* |
@@ -548,7 +547,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
548 | * Enter the interactive session. Note: server_loop must be able to | 547 | * Enter the interactive session. Note: server_loop must be able to |
549 | * handle the case that fdin and fdout are the same. | 548 | * handle the case that fdin and fdout are the same. |
550 | */ | 549 | */ |
551 | session_set_fds(s, inout[1], inout[1], err[1], | 550 | session_set_fds(ssh, s, inout[1], inout[1], err[1], |
552 | s->is_subsystem, 0); | 551 | s->is_subsystem, 0); |
553 | #endif | 552 | #endif |
554 | return 0; | 553 | return 0; |
@@ -650,41 +649,12 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) | |||
650 | 649 | ||
651 | /* Enter interactive session. */ | 650 | /* Enter interactive session. */ |
652 | s->ptymaster = ptymaster; | 651 | s->ptymaster = ptymaster; |
653 | packet_set_interactive(1, | 652 | ssh_packet_set_interactive(ssh, 1, |
654 | options.ip_qos_interactive, options.ip_qos_bulk); | 653 | options.ip_qos_interactive, options.ip_qos_bulk); |
655 | session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); | 654 | session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); |
656 | return 0; | 655 | return 0; |
657 | } | 656 | } |
658 | 657 | ||
659 | #ifdef LOGIN_NEEDS_UTMPX | ||
660 | static void | ||
661 | do_pre_login(Session *s) | ||
662 | { | ||
663 | struct ssh *ssh = active_state; /* XXX */ | ||
664 | socklen_t fromlen; | ||
665 | struct sockaddr_storage from; | ||
666 | pid_t pid = getpid(); | ||
667 | |||
668 | /* | ||
669 | * Get IP address of client. If the connection is not a socket, let | ||
670 | * the address be 0.0.0.0. | ||
671 | */ | ||
672 | memset(&from, 0, sizeof(from)); | ||
673 | fromlen = sizeof(from); | ||
674 | if (packet_connection_is_on_socket()) { | ||
675 | if (getpeername(packet_get_connection_in(), | ||
676 | (struct sockaddr *)&from, &fromlen) < 0) { | ||
677 | debug("getpeername: %.100s", strerror(errno)); | ||
678 | cleanup_exit(255); | ||
679 | } | ||
680 | } | ||
681 | |||
682 | record_utmp_only(pid, s->tty, s->pw->pw_name, | ||
683 | session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns), | ||
684 | (struct sockaddr *)&from, fromlen); | ||
685 | } | ||
686 | #endif | ||
687 | |||
688 | /* | 658 | /* |
689 | * This is called to fork and execute a command. If another command is | 659 | * This is called to fork and execute a command. If another command is |
690 | * to be forced, execute that instead. | 660 | * to be forced, execute that instead. |
@@ -783,8 +753,8 @@ do_login(struct ssh *ssh, Session *s, const char *command) | |||
783 | */ | 753 | */ |
784 | memset(&from, 0, sizeof(from)); | 754 | memset(&from, 0, sizeof(from)); |
785 | fromlen = sizeof(from); | 755 | fromlen = sizeof(from); |
786 | if (packet_connection_is_on_socket()) { | 756 | if (ssh_packet_connection_is_on_socket(ssh)) { |
787 | if (getpeername(packet_get_connection_in(), | 757 | if (getpeername(ssh_packet_get_connection_in(ssh), |
788 | (struct sockaddr *)&from, &fromlen) < 0) { | 758 | (struct sockaddr *)&from, &fromlen) < 0) { |
789 | debug("getpeername: %.100s", strerror(errno)); | 759 | debug("getpeername: %.100s", strerror(errno)); |
790 | cleanup_exit(255); | 760 | cleanup_exit(255); |
@@ -1082,8 +1052,11 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) | |||
1082 | # endif /* HAVE_CYGWIN */ | 1052 | # endif /* HAVE_CYGWIN */ |
1083 | #endif /* HAVE_LOGIN_CAP */ | 1053 | #endif /* HAVE_LOGIN_CAP */ |
1084 | 1054 | ||
1085 | snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name); | 1055 | if (!options.use_pam) { |
1086 | child_set_env(&env, &envsize, "MAIL", buf); | 1056 | snprintf(buf, sizeof buf, "%.200s/%.50s", |
1057 | _PATH_MAILDIR, pw->pw_name); | ||
1058 | child_set_env(&env, &envsize, "MAIL", buf); | ||
1059 | } | ||
1087 | 1060 | ||
1088 | /* Normal systems set SHELL by default. */ | 1061 | /* Normal systems set SHELL by default. */ |
1089 | child_set_env(&env, &envsize, "SHELL", shell); | 1062 | child_set_env(&env, &envsize, "SHELL", shell); |
@@ -1162,15 +1135,18 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) | |||
1162 | char **p; | 1135 | char **p; |
1163 | 1136 | ||
1164 | /* | 1137 | /* |
1165 | * Don't allow SSH_AUTH_INFO variables posted to PAM to leak | 1138 | * Don't allow PAM-internal env vars to leak |
1166 | * back into the environment. | 1139 | * back into the session environment. |
1167 | */ | 1140 | */ |
1141 | #define PAM_ENV_BLACKLIST "SSH_AUTH_INFO*,SSH_CONNECTION*" | ||
1168 | p = fetch_pam_child_environment(); | 1142 | p = fetch_pam_child_environment(); |
1169 | copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*"); | 1143 | copy_environment_blacklist(p, &env, &envsize, |
1144 | PAM_ENV_BLACKLIST); | ||
1170 | free_pam_environment(p); | 1145 | free_pam_environment(p); |
1171 | 1146 | ||
1172 | p = fetch_pam_environment(); | 1147 | p = fetch_pam_environment(); |
1173 | copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*"); | 1148 | copy_environment_blacklist(p, &env, &envsize, |
1149 | PAM_ENV_BLACKLIST); | ||
1174 | free_pam_environment(p); | 1150 | free_pam_environment(p); |
1175 | } | 1151 | } |
1176 | #endif /* USE_PAM */ | 1152 | #endif /* USE_PAM */ |
@@ -1192,7 +1168,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) | |||
1192 | ssh_local_port(ssh)); | 1168 | ssh_local_port(ssh)); |
1193 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); | 1169 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); |
1194 | 1170 | ||
1195 | laddr = get_local_ipaddr(packet_get_connection_in()); | 1171 | laddr = get_local_ipaddr(ssh_packet_get_connection_in(ssh)); |
1196 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", | 1172 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", |
1197 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | 1173 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), |
1198 | laddr, ssh_local_port(ssh)); | 1174 | laddr, ssh_local_port(ssh)); |
@@ -1334,7 +1310,7 @@ safely_chroot(const char *path, uid_t uid) | |||
1334 | char component[PATH_MAX]; | 1310 | char component[PATH_MAX]; |
1335 | struct stat st; | 1311 | struct stat st; |
1336 | 1312 | ||
1337 | if (*path != '/') | 1313 | if (!path_absolute(path)) |
1338 | fatal("chroot path does not begin at root"); | 1314 | fatal("chroot path does not begin at root"); |
1339 | if (strlen(path) >= sizeof(component)) | 1315 | if (strlen(path) >= sizeof(component)) |
1340 | fatal("chroot path too long"); | 1316 | fatal("chroot path too long"); |
@@ -1359,7 +1335,7 @@ safely_chroot(const char *path, uid_t uid) | |||
1359 | component, strerror(errno)); | 1335 | component, strerror(errno)); |
1360 | if (st.st_uid != 0 || (st.st_mode & 022) != 0) | 1336 | if (st.st_uid != 0 || (st.st_mode & 022) != 0) |
1361 | fatal("bad ownership or modes for chroot " | 1337 | fatal("bad ownership or modes for chroot " |
1362 | "directory %s\"%s\"", | 1338 | "directory %s\"%s\"", |
1363 | cp == NULL ? "" : "component ", component); | 1339 | cp == NULL ? "" : "component ", component); |
1364 | if (!S_ISDIR(st.st_mode)) | 1340 | if (!S_ISDIR(st.st_mode)) |
1365 | fatal("chroot path %s\"%s\" is not a directory", | 1341 | fatal("chroot path %s\"%s\" is not a directory", |
@@ -1497,11 +1473,12 @@ child_close_fds(struct ssh *ssh) | |||
1497 | auth_sock = -1; | 1473 | auth_sock = -1; |
1498 | } | 1474 | } |
1499 | 1475 | ||
1500 | if (packet_get_connection_in() == packet_get_connection_out()) | 1476 | if (ssh_packet_get_connection_in(ssh) == |
1501 | close(packet_get_connection_in()); | 1477 | ssh_packet_get_connection_out(ssh)) |
1478 | close(ssh_packet_get_connection_in(ssh)); | ||
1502 | else { | 1479 | else { |
1503 | close(packet_get_connection_in()); | 1480 | close(ssh_packet_get_connection_in(ssh)); |
1504 | close(packet_get_connection_out()); | 1481 | close(ssh_packet_get_connection_out(ssh)); |
1505 | } | 1482 | } |
1506 | /* | 1483 | /* |
1507 | * Close all descriptors related to channels. They will still remain | 1484 | * Close all descriptors related to channels. They will still remain |
@@ -1535,15 +1512,16 @@ void | |||
1535 | do_child(struct ssh *ssh, Session *s, const char *command) | 1512 | do_child(struct ssh *ssh, Session *s, const char *command) |
1536 | { | 1513 | { |
1537 | extern char **environ; | 1514 | extern char **environ; |
1538 | char **env; | 1515 | char **env, *argv[ARGV_MAX], remote_id[512]; |
1539 | char *argv[ARGV_MAX]; | ||
1540 | const char *shell, *shell0; | 1516 | const char *shell, *shell0; |
1541 | struct passwd *pw = s->pw; | 1517 | struct passwd *pw = s->pw; |
1542 | int r = 0; | 1518 | int r = 0; |
1543 | 1519 | ||
1520 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); | ||
1521 | |||
1544 | /* remove hostkey from the child's memory */ | 1522 | /* remove hostkey from the child's memory */ |
1545 | destroy_sensitive_data(); | 1523 | destroy_sensitive_data(); |
1546 | packet_clear_keys(); | 1524 | ssh_packet_clear_keys(ssh); |
1547 | 1525 | ||
1548 | /* Force a password change */ | 1526 | /* Force a password change */ |
1549 | if (s->authctxt->force_pwchange) { | 1527 | if (s->authctxt->force_pwchange) { |
@@ -1663,6 +1641,8 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1663 | signal(SIGPIPE, SIG_DFL); | 1641 | signal(SIGPIPE, SIG_DFL); |
1664 | 1642 | ||
1665 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { | 1643 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { |
1644 | error("Connection from %s: refusing non-sftp session", | ||
1645 | remote_id); | ||
1666 | printf("This service allows sftp connections only.\n"); | 1646 | printf("This service allows sftp connections only.\n"); |
1667 | fflush(NULL); | 1647 | fflush(NULL); |
1668 | exit(1); | 1648 | exit(1); |
@@ -1905,11 +1885,14 @@ session_by_pid(pid_t pid) | |||
1905 | static int | 1885 | static int |
1906 | session_window_change_req(struct ssh *ssh, Session *s) | 1886 | session_window_change_req(struct ssh *ssh, Session *s) |
1907 | { | 1887 | { |
1908 | s->col = packet_get_int(); | 1888 | int r; |
1909 | s->row = packet_get_int(); | 1889 | |
1910 | s->xpixel = packet_get_int(); | 1890 | if ((r = sshpkt_get_u32(ssh, &s->col)) != 0 || |
1911 | s->ypixel = packet_get_int(); | 1891 | (r = sshpkt_get_u32(ssh, &s->row)) != 0 || |
1912 | packet_check_eom(); | 1892 | (r = sshpkt_get_u32(ssh, &s->xpixel)) != 0 || |
1893 | (r = sshpkt_get_u32(ssh, &s->ypixel)) != 0 || | ||
1894 | (r = sshpkt_get_end(ssh)) != 0) | ||
1895 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
1913 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1896 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
1914 | return 1; | 1897 | return 1; |
1915 | } | 1898 | } |
@@ -1917,22 +1900,23 @@ session_window_change_req(struct ssh *ssh, Session *s) | |||
1917 | static int | 1900 | static int |
1918 | session_pty_req(struct ssh *ssh, Session *s) | 1901 | session_pty_req(struct ssh *ssh, Session *s) |
1919 | { | 1902 | { |
1920 | u_int len; | 1903 | int r; |
1921 | 1904 | ||
1922 | if (!auth_opts->permit_pty_flag || !options.permit_tty) { | 1905 | if (!auth_opts->permit_pty_flag || !options.permit_tty) { |
1923 | debug("Allocating a pty not permitted for this connection."); | 1906 | debug("Allocating a pty not permitted for this connection."); |
1924 | return 0; | 1907 | return 0; |
1925 | } | 1908 | } |
1926 | if (s->ttyfd != -1) { | 1909 | if (s->ttyfd != -1) { |
1927 | packet_disconnect("Protocol error: you already have a pty."); | 1910 | ssh_packet_disconnect(ssh, "Protocol error: you already have a pty."); |
1928 | return 0; | 1911 | return 0; |
1929 | } | 1912 | } |
1930 | 1913 | ||
1931 | s->term = packet_get_string(&len); | 1914 | if ((r = sshpkt_get_cstring(ssh, &s->term, NULL)) != 0 || |
1932 | s->col = packet_get_int(); | 1915 | (r = sshpkt_get_u32(ssh, &s->col)) != 0 || |
1933 | s->row = packet_get_int(); | 1916 | (r = sshpkt_get_u32(ssh, &s->row)) != 0 || |
1934 | s->xpixel = packet_get_int(); | 1917 | (r = sshpkt_get_u32(ssh, &s->xpixel)) != 0 || |
1935 | s->ypixel = packet_get_int(); | 1918 | (r = sshpkt_get_u32(ssh, &s->ypixel)) != 0) |
1919 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
1936 | 1920 | ||
1937 | if (strcmp(s->term, "") == 0) { | 1921 | if (strcmp(s->term, "") == 0) { |
1938 | free(s->term); | 1922 | free(s->term); |
@@ -1954,13 +1938,15 @@ session_pty_req(struct ssh *ssh, Session *s) | |||
1954 | 1938 | ||
1955 | ssh_tty_parse_modes(ssh, s->ttyfd); | 1939 | ssh_tty_parse_modes(ssh, s->ttyfd); |
1956 | 1940 | ||
1941 | if ((r = sshpkt_get_end(ssh)) != 0) | ||
1942 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
1943 | |||
1957 | if (!use_privsep) | 1944 | if (!use_privsep) |
1958 | pty_setowner(s->pw, s->tty, s->authctxt->role); | 1945 | pty_setowner(s->pw, s->tty, s->authctxt->role); |
1959 | 1946 | ||
1960 | /* Set window size from the packet. */ | 1947 | /* Set window size from the packet. */ |
1961 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1948 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
1962 | 1949 | ||
1963 | packet_check_eom(); | ||
1964 | session_proctitle(s); | 1950 | session_proctitle(s); |
1965 | return 1; | 1951 | return 1; |
1966 | } | 1952 | } |
@@ -1969,13 +1955,13 @@ static int | |||
1969 | session_subsystem_req(struct ssh *ssh, Session *s) | 1955 | session_subsystem_req(struct ssh *ssh, Session *s) |
1970 | { | 1956 | { |
1971 | struct stat st; | 1957 | struct stat st; |
1972 | u_int len; | 1958 | int r, success = 0; |
1973 | int success = 0; | ||
1974 | char *prog, *cmd; | 1959 | char *prog, *cmd; |
1975 | u_int i; | 1960 | u_int i; |
1976 | 1961 | ||
1977 | s->subsys = packet_get_string(&len); | 1962 | if ((r = sshpkt_get_cstring(ssh, &s->subsys, NULL)) != 0 || |
1978 | packet_check_eom(); | 1963 | (r = sshpkt_get_end(ssh)) != 0) |
1964 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
1979 | debug2("subsystem request for %.100s by user %s", s->subsys, | 1965 | debug2("subsystem request for %.100s by user %s", s->subsys, |
1980 | s->pw->pw_name); | 1966 | s->pw->pw_name); |
1981 | 1967 | ||
@@ -2008,18 +1994,22 @@ session_subsystem_req(struct ssh *ssh, Session *s) | |||
2008 | static int | 1994 | static int |
2009 | session_x11_req(struct ssh *ssh, Session *s) | 1995 | session_x11_req(struct ssh *ssh, Session *s) |
2010 | { | 1996 | { |
2011 | int success; | 1997 | int r, success; |
1998 | u_char single_connection = 0; | ||
2012 | 1999 | ||
2013 | if (s->auth_proto != NULL || s->auth_data != NULL) { | 2000 | if (s->auth_proto != NULL || s->auth_data != NULL) { |
2014 | error("session_x11_req: session %d: " | 2001 | error("session_x11_req: session %d: " |
2015 | "x11 forwarding already active", s->self); | 2002 | "x11 forwarding already active", s->self); |
2016 | return 0; | 2003 | return 0; |
2017 | } | 2004 | } |
2018 | s->single_connection = packet_get_char(); | 2005 | if ((r = sshpkt_get_u8(ssh, &single_connection)) != 0 || |
2019 | s->auth_proto = packet_get_string(NULL); | 2006 | (r = sshpkt_get_cstring(ssh, &s->auth_proto, NULL)) != 0 || |
2020 | s->auth_data = packet_get_string(NULL); | 2007 | (r = sshpkt_get_cstring(ssh, &s->auth_data, NULL)) != 0 || |
2021 | s->screen = packet_get_int(); | 2008 | (r = sshpkt_get_u32(ssh, &s->screen)) != 0 || |
2022 | packet_check_eom(); | 2009 | (r = sshpkt_get_end(ssh)) != 0) |
2010 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2011 | |||
2012 | s->single_connection = single_connection; | ||
2023 | 2013 | ||
2024 | if (xauth_valid_string(s->auth_proto) && | 2014 | if (xauth_valid_string(s->auth_proto) && |
2025 | xauth_valid_string(s->auth_data)) | 2015 | xauth_valid_string(s->auth_data)) |
@@ -2040,17 +2030,24 @@ session_x11_req(struct ssh *ssh, Session *s) | |||
2040 | static int | 2030 | static int |
2041 | session_shell_req(struct ssh *ssh, Session *s) | 2031 | session_shell_req(struct ssh *ssh, Session *s) |
2042 | { | 2032 | { |
2043 | packet_check_eom(); | 2033 | int r; |
2034 | |||
2035 | if ((r = sshpkt_get_end(ssh)) != 0) | ||
2036 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2044 | return do_exec(ssh, s, NULL) == 0; | 2037 | return do_exec(ssh, s, NULL) == 0; |
2045 | } | 2038 | } |
2046 | 2039 | ||
2047 | static int | 2040 | static int |
2048 | session_exec_req(struct ssh *ssh, Session *s) | 2041 | session_exec_req(struct ssh *ssh, Session *s) |
2049 | { | 2042 | { |
2050 | u_int len, success; | 2043 | u_int success; |
2044 | int r; | ||
2045 | char *command = NULL; | ||
2046 | |||
2047 | if ((r = sshpkt_get_cstring(ssh, &command, NULL)) != 0 || | ||
2048 | (r = sshpkt_get_end(ssh)) != 0) | ||
2049 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2051 | 2050 | ||
2052 | char *command = packet_get_string(&len); | ||
2053 | packet_check_eom(); | ||
2054 | success = do_exec(ssh, s, command) == 0; | 2051 | success = do_exec(ssh, s, command) == 0; |
2055 | free(command); | 2052 | free(command); |
2056 | return success; | 2053 | return success; |
@@ -2059,9 +2056,11 @@ session_exec_req(struct ssh *ssh, Session *s) | |||
2059 | static int | 2056 | static int |
2060 | session_break_req(struct ssh *ssh, Session *s) | 2057 | session_break_req(struct ssh *ssh, Session *s) |
2061 | { | 2058 | { |
2059 | int r; | ||
2062 | 2060 | ||
2063 | packet_get_int(); /* ignored */ | 2061 | if ((r = sshpkt_get_u32(ssh, NULL)) != 0 || /* ignore */ |
2064 | packet_check_eom(); | 2062 | (r = sshpkt_get_end(ssh)) != 0) |
2063 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2065 | 2064 | ||
2066 | if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0) | 2065 | if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0) |
2067 | return 0; | 2066 | return 0; |
@@ -2072,11 +2071,13 @@ static int | |||
2072 | session_env_req(struct ssh *ssh, Session *s) | 2071 | session_env_req(struct ssh *ssh, Session *s) |
2073 | { | 2072 | { |
2074 | char *name, *val; | 2073 | char *name, *val; |
2075 | u_int name_len, val_len, i; | 2074 | u_int i; |
2075 | int r; | ||
2076 | 2076 | ||
2077 | name = packet_get_cstring(&name_len); | 2077 | if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 || |
2078 | val = packet_get_cstring(&val_len); | 2078 | (r = sshpkt_get_cstring(ssh, &val, NULL)) != 0 || |
2079 | packet_check_eom(); | 2079 | (r = sshpkt_get_end(ssh)) != 0) |
2080 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2080 | 2081 | ||
2081 | /* Don't set too many environment variables */ | 2082 | /* Don't set too many environment variables */ |
2082 | if (s->num_env > 128) { | 2083 | if (s->num_env > 128) { |
@@ -2179,8 +2180,10 @@ static int | |||
2179 | session_auth_agent_req(struct ssh *ssh, Session *s) | 2180 | session_auth_agent_req(struct ssh *ssh, Session *s) |
2180 | { | 2181 | { |
2181 | static int called = 0; | 2182 | static int called = 0; |
2183 | int r; | ||
2182 | 2184 | ||
2183 | packet_check_eom(); | 2185 | if ((r = sshpkt_get_end(ssh)) != 0) |
2186 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | ||
2184 | if (!auth_opts->permit_agent_forwarding_flag || | 2187 | if (!auth_opts->permit_agent_forwarding_flag || |
2185 | !options.allow_agent_forwarding) { | 2188 | !options.allow_agent_forwarding) { |
2186 | debug("%s: agent forwarding disabled", __func__); | 2189 | debug("%s: agent forwarding disabled", __func__); |
@@ -2370,6 +2373,7 @@ static void | |||
2370 | session_exit_message(struct ssh *ssh, Session *s, int status) | 2373 | session_exit_message(struct ssh *ssh, Session *s, int status) |
2371 | { | 2374 | { |
2372 | Channel *c; | 2375 | Channel *c; |
2376 | int r; | ||
2373 | 2377 | ||
2374 | if ((c = channel_lookup(ssh, s->chanid)) == NULL) | 2378 | if ((c = channel_lookup(ssh, s->chanid)) == NULL) |
2375 | fatal("%s: session %d: no channel %d", | 2379 | fatal("%s: session %d: no channel %d", |
@@ -2379,22 +2383,23 @@ session_exit_message(struct ssh *ssh, Session *s, int status) | |||
2379 | 2383 | ||
2380 | if (WIFEXITED(status)) { | 2384 | if (WIFEXITED(status)) { |
2381 | channel_request_start(ssh, s->chanid, "exit-status", 0); | 2385 | channel_request_start(ssh, s->chanid, "exit-status", 0); |
2382 | packet_put_int(WEXITSTATUS(status)); | 2386 | if ((r = sshpkt_put_u32(ssh, WEXITSTATUS(status))) != 0 || |
2383 | packet_send(); | 2387 | (r = sshpkt_send(ssh)) != 0) |
2388 | sshpkt_fatal(ssh, r, "%s: exit reply", __func__); | ||
2384 | } else if (WIFSIGNALED(status)) { | 2389 | } else if (WIFSIGNALED(status)) { |
2385 | channel_request_start(ssh, s->chanid, "exit-signal", 0); | 2390 | channel_request_start(ssh, s->chanid, "exit-signal", 0); |
2386 | packet_put_cstring(sig2name(WTERMSIG(status))); | 2391 | #ifndef WCOREDUMP |
2387 | #ifdef WCOREDUMP | 2392 | # define WCOREDUMP(x) (0) |
2388 | packet_put_char(WCOREDUMP(status)? 1 : 0); | 2393 | #endif |
2389 | #else /* WCOREDUMP */ | 2394 | if ((r = sshpkt_put_cstring(ssh, sig2name(WTERMSIG(status)))) != 0 || |
2390 | packet_put_char(0); | 2395 | (r = sshpkt_put_u8(ssh, WCOREDUMP(status)? 1 : 0)) != 0 || |
2391 | #endif /* WCOREDUMP */ | 2396 | (r = sshpkt_put_cstring(ssh, "")) != 0 || |
2392 | packet_put_cstring(""); | 2397 | (r = sshpkt_put_cstring(ssh, "")) != 0 || |
2393 | packet_put_cstring(""); | 2398 | (r = sshpkt_send(ssh)) != 0) |
2394 | packet_send(); | 2399 | sshpkt_fatal(ssh, r, "%s: exit reply", __func__); |
2395 | } else { | 2400 | } else { |
2396 | /* Some weird exit cause. Just exit. */ | 2401 | /* Some weird exit cause. Just exit. */ |
2397 | packet_disconnect("wait returned status %04x.", status); | 2402 | ssh_packet_disconnect(ssh, "wait returned status %04x.", status); |
2398 | } | 2403 | } |
2399 | 2404 | ||
2400 | /* disconnect channel */ | 2405 | /* disconnect channel */ |
@@ -2565,7 +2570,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) | |||
2565 | u_int i; | 2570 | u_int i; |
2566 | 2571 | ||
2567 | if (!auth_opts->permit_x11_forwarding_flag) { | 2572 | if (!auth_opts->permit_x11_forwarding_flag) { |
2568 | packet_send_debug("X11 forwarding disabled by key options."); | 2573 | ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options."); |
2569 | return 0; | 2574 | return 0; |
2570 | } | 2575 | } |
2571 | if (!options.x11_forwarding) { | 2576 | if (!options.x11_forwarding) { |
@@ -2574,7 +2579,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) | |||
2574 | } | 2579 | } |
2575 | if (options.xauth_location == NULL || | 2580 | if (options.xauth_location == NULL || |
2576 | (stat(options.xauth_location, &st) == -1)) { | 2581 | (stat(options.xauth_location, &st) == -1)) { |
2577 | packet_send_debug("No xauth program; cannot forward X11."); | 2582 | ssh_packet_send_debug(ssh, "No xauth program; cannot forward X11."); |
2578 | return 0; | 2583 | return 0; |
2579 | } | 2584 | } |
2580 | if (s->display != NULL) { | 2585 | if (s->display != NULL) { |
@@ -2615,7 +2620,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) | |||
2615 | he = gethostbyname(hostname); | 2620 | he = gethostbyname(hostname); |
2616 | if (he == NULL) { | 2621 | if (he == NULL) { |
2617 | error("Can't get IP address for X11 DISPLAY."); | 2622 | error("Can't get IP address for X11 DISPLAY."); |
2618 | packet_send_debug("Can't get IP address for X11 DISPLAY."); | 2623 | ssh_packet_send_debug(ssh, "Can't get IP address for X11 DISPLAY."); |
2619 | return 0; | 2624 | return 0; |
2620 | } | 2625 | } |
2621 | memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); | 2626 | memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); |
@@ -2669,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt) | |||
2669 | 2674 | ||
2670 | #ifdef KRB5 | 2675 | #ifdef KRB5 |
2671 | if (options.kerberos_ticket_cleanup && | 2676 | if (options.kerberos_ticket_cleanup && |
2672 | authctxt->krb5_ctx) | 2677 | authctxt->krb5_ctx) { |
2678 | temporarily_use_uid(authctxt->pw); | ||
2673 | krb5_cleanup_proc(authctxt); | 2679 | krb5_cleanup_proc(authctxt); |
2680 | restore_uid(); | ||
2681 | } | ||
2674 | #endif | 2682 | #endif |
2675 | 2683 | ||
2676 | #ifdef GSSAPI | 2684 | #ifdef GSSAPI |
2677 | if (options.gss_cleanup_creds) | 2685 | if (options.gss_cleanup_creds) { |
2686 | temporarily_use_uid(authctxt->pw); | ||
2678 | ssh_gssapi_cleanup_creds(); | 2687 | ssh_gssapi_cleanup_creds(); |
2688 | restore_uid(); | ||
2689 | } | ||
2679 | #endif | 2690 | #endif |
2680 | 2691 | ||
2681 | /* remove agent socket */ | 2692 | /* remove agent socket */ |
diff --git a/sftp-client.c b/sftp-client.c index cf2887a40..73e3c2f53 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-client.c,v 1.130 2018/07/31 03:07:24 djm Exp $ */ | 1 | /* $OpenBSD: sftp-client.c,v 1.133 2019/01/24 16:52:17 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -86,6 +86,7 @@ struct sftp_conn { | |||
86 | #define SFTP_EXT_FSTATVFS 0x00000004 | 86 | #define SFTP_EXT_FSTATVFS 0x00000004 |
87 | #define SFTP_EXT_HARDLINK 0x00000008 | 87 | #define SFTP_EXT_HARDLINK 0x00000008 |
88 | #define SFTP_EXT_FSYNC 0x00000010 | 88 | #define SFTP_EXT_FSYNC 0x00000010 |
89 | #define SFTP_EXT_LSETSTAT 0x00000020 | ||
89 | u_int exts; | 90 | u_int exts; |
90 | u_int64_t limit_kbps; | 91 | u_int64_t limit_kbps; |
91 | struct bwlimit bwlimit_in, bwlimit_out; | 92 | struct bwlimit bwlimit_in, bwlimit_out; |
@@ -465,6 +466,10 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, | |||
465 | strcmp((char *)value, "1") == 0) { | 466 | strcmp((char *)value, "1") == 0) { |
466 | ret->exts |= SFTP_EXT_FSYNC; | 467 | ret->exts |= SFTP_EXT_FSYNC; |
467 | known = 1; | 468 | known = 1; |
469 | } else if (strcmp(name, "lsetstat@openssh.com") == 0 && | ||
470 | strcmp((char *)value, "1") == 0) { | ||
471 | ret->exts |= SFTP_EXT_LSETSTAT; | ||
472 | known = 1; | ||
468 | } | 473 | } |
469 | if (known) { | 474 | if (known) { |
470 | debug2("Server supports extension \"%s\" revision %s", | 475 | debug2("Server supports extension \"%s\" revision %s", |
@@ -1098,7 +1103,6 @@ do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st, | |||
1098 | 1103 | ||
1099 | if ((msg = sshbuf_new()) == NULL) | 1104 | if ((msg = sshbuf_new()) == NULL) |
1100 | fatal("%s: sshbuf_new failed", __func__); | 1105 | fatal("%s: sshbuf_new failed", __func__); |
1101 | sshbuf_reset(msg); | ||
1102 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || | 1106 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || |
1103 | (r = sshbuf_put_u32(msg, id)) != 0 || | 1107 | (r = sshbuf_put_u32(msg, id)) != 0 || |
1104 | (r = sshbuf_put_cstring(msg, "statvfs@openssh.com")) != 0 || | 1108 | (r = sshbuf_put_cstring(msg, "statvfs@openssh.com")) != 0 || |
@@ -1127,7 +1131,6 @@ do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len, | |||
1127 | 1131 | ||
1128 | if ((msg = sshbuf_new()) == NULL) | 1132 | if ((msg = sshbuf_new()) == NULL) |
1129 | fatal("%s: sshbuf_new failed", __func__); | 1133 | fatal("%s: sshbuf_new failed", __func__); |
1130 | sshbuf_reset(msg); | ||
1131 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || | 1134 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || |
1132 | (r = sshbuf_put_u32(msg, id)) != 0 || | 1135 | (r = sshbuf_put_u32(msg, id)) != 0 || |
1133 | (r = sshbuf_put_cstring(msg, "fstatvfs@openssh.com")) != 0 || | 1136 | (r = sshbuf_put_cstring(msg, "fstatvfs@openssh.com")) != 0 || |
@@ -1140,6 +1143,38 @@ do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len, | |||
1140 | } | 1143 | } |
1141 | #endif | 1144 | #endif |
1142 | 1145 | ||
1146 | int | ||
1147 | do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a) | ||
1148 | { | ||
1149 | struct sshbuf *msg; | ||
1150 | u_int status, id; | ||
1151 | int r; | ||
1152 | |||
1153 | if ((conn->exts & SFTP_EXT_LSETSTAT) == 0) { | ||
1154 | error("Server does not support lsetstat@openssh.com extension"); | ||
1155 | return -1; | ||
1156 | } | ||
1157 | |||
1158 | id = conn->msg_id++; | ||
1159 | if ((msg = sshbuf_new()) == NULL) | ||
1160 | fatal("%s: sshbuf_new failed", __func__); | ||
1161 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || | ||
1162 | (r = sshbuf_put_u32(msg, id)) != 0 || | ||
1163 | (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 || | ||
1164 | (r = sshbuf_put_cstring(msg, path)) != 0 || | ||
1165 | (r = encode_attrib(msg, a)) != 0) | ||
1166 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1167 | send_msg(conn, msg); | ||
1168 | sshbuf_free(msg); | ||
1169 | |||
1170 | status = get_status(conn, id); | ||
1171 | if (status != SSH2_FX_OK) | ||
1172 | error("Couldn't setstat on \"%s\": %s", path, | ||
1173 | fx2txt(status)); | ||
1174 | |||
1175 | return status == SSH2_FX_OK ? 0 : -1; | ||
1176 | } | ||
1177 | |||
1143 | static void | 1178 | static void |
1144 | send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, | 1179 | send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, |
1145 | u_int len, const u_char *handle, u_int handle_len) | 1180 | u_int len, const u_char *handle, u_int handle_len) |
@@ -1149,7 +1184,6 @@ send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, | |||
1149 | 1184 | ||
1150 | if ((msg = sshbuf_new()) == NULL) | 1185 | if ((msg = sshbuf_new()) == NULL) |
1151 | fatal("%s: sshbuf_new failed", __func__); | 1186 | fatal("%s: sshbuf_new failed", __func__); |
1152 | sshbuf_reset(msg); | ||
1153 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_READ)) != 0 || | 1187 | if ((r = sshbuf_put_u8(msg, SSH2_FXP_READ)) != 0 || |
1154 | (r = sshbuf_put_u32(msg, id)) != 0 || | 1188 | (r = sshbuf_put_u32(msg, id)) != 0 || |
1155 | (r = sshbuf_put_string(msg, handle, handle_len)) != 0 || | 1189 | (r = sshbuf_put_string(msg, handle, handle_len)) != 0 || |
diff --git a/sftp-client.h b/sftp-client.h index 14a3b8182..63a9b8b13 100644 --- a/sftp-client.h +++ b/sftp-client.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-client.h,v 1.27 2015/05/08 06:45:13 djm Exp $ */ | 1 | /* $OpenBSD: sftp-client.h,v 1.28 2019/01/16 23:23:45 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 4 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
@@ -91,6 +91,9 @@ int do_setstat(struct sftp_conn *, const char *, Attrib *); | |||
91 | /* Set file attributes of open file 'handle' */ | 91 | /* Set file attributes of open file 'handle' */ |
92 | int do_fsetstat(struct sftp_conn *, const u_char *, u_int, Attrib *); | 92 | int do_fsetstat(struct sftp_conn *, const u_char *, u_int, Attrib *); |
93 | 93 | ||
94 | /* Set file attributes of 'path', not following symlinks */ | ||
95 | int do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a); | ||
96 | |||
94 | /* Canonicalise 'path' - caller must free result */ | 97 | /* Canonicalise 'path' - caller must free result */ |
95 | char *do_realpath(struct sftp_conn *, const char *); | 98 | char *do_realpath(struct sftp_conn *, const char *); |
96 | 99 | ||
diff --git a/sftp-common.c b/sftp-common.c index 5d743d3b2..677f27d63 100644 --- a/sftp-common.c +++ b/sftp-common.c | |||
@@ -36,6 +36,7 @@ | |||
36 | #include <string.h> | 36 | #include <string.h> |
37 | #include <time.h> | 37 | #include <time.h> |
38 | #include <stdarg.h> | 38 | #include <stdarg.h> |
39 | #include <unistd.h> | ||
39 | #ifdef HAVE_UTIL_H | 40 | #ifdef HAVE_UTIL_H |
40 | #include <util.h> | 41 | #include <util.h> |
41 | #endif | 42 | #endif |
diff --git a/sftp-server-main.c b/sftp-server-main.c index c6ccd623e..6230d897d 100644 --- a/sftp-server-main.c +++ b/sftp-server-main.c | |||
@@ -43,6 +43,8 @@ main(int argc, char **argv) | |||
43 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 43 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
44 | sanitise_stdfd(); | 44 | sanitise_stdfd(); |
45 | 45 | ||
46 | seed_rng(); | ||
47 | |||
46 | if ((user_pw = getpwuid(getuid())) == NULL) { | 48 | if ((user_pw = getpwuid(getuid())) == NULL) { |
47 | fprintf(stderr, "No user found for uid %lu\n", | 49 | fprintf(stderr, "No user found for uid %lu\n", |
48 | (u_long)getuid()); | 50 | (u_long)getuid()); |
diff --git a/sftp-server.0 b/sftp-server.0 index 4c42b26c9..fb84373d9 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
@@ -93,4 +93,4 @@ HISTORY | |||
93 | AUTHORS | 93 | AUTHORS |
94 | Markus Friedl <markus@openbsd.org> | 94 | Markus Friedl <markus@openbsd.org> |
95 | 95 | ||
96 | OpenBSD 6.4 December 11, 2014 OpenBSD 6.4 | 96 | OpenBSD 6.5 December 11, 2014 OpenBSD 6.5 |
diff --git a/sftp-server.c b/sftp-server.c index ab1b063f2..19a132bd9 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-server.c,v 1.112 2018/06/01 03:33:53 djm Exp $ */ | 1 | /* $OpenBSD: sftp-server.c,v 1.114 2019/01/16 23:22:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -107,6 +107,7 @@ static void process_extended_statvfs(u_int32_t id); | |||
107 | static void process_extended_fstatvfs(u_int32_t id); | 107 | static void process_extended_fstatvfs(u_int32_t id); |
108 | static void process_extended_hardlink(u_int32_t id); | 108 | static void process_extended_hardlink(u_int32_t id); |
109 | static void process_extended_fsync(u_int32_t id); | 109 | static void process_extended_fsync(u_int32_t id); |
110 | static void process_extended_lsetstat(u_int32_t id); | ||
110 | static void process_extended(u_int32_t id); | 111 | static void process_extended(u_int32_t id); |
111 | 112 | ||
112 | struct sftp_handler { | 113 | struct sftp_handler { |
@@ -117,7 +118,7 @@ struct sftp_handler { | |||
117 | int does_write; /* if nonzero, banned for readonly mode */ | 118 | int does_write; /* if nonzero, banned for readonly mode */ |
118 | }; | 119 | }; |
119 | 120 | ||
120 | struct sftp_handler handlers[] = { | 121 | static const struct sftp_handler handlers[] = { |
121 | /* NB. SSH2_FXP_OPEN does the readonly check in the handler itself */ | 122 | /* NB. SSH2_FXP_OPEN does the readonly check in the handler itself */ |
122 | { "open", NULL, SSH2_FXP_OPEN, process_open, 0 }, | 123 | { "open", NULL, SSH2_FXP_OPEN, process_open, 0 }, |
123 | { "close", NULL, SSH2_FXP_CLOSE, process_close, 0 }, | 124 | { "close", NULL, SSH2_FXP_CLOSE, process_close, 0 }, |
@@ -141,18 +142,19 @@ struct sftp_handler handlers[] = { | |||
141 | }; | 142 | }; |
142 | 143 | ||
143 | /* SSH2_FXP_EXTENDED submessages */ | 144 | /* SSH2_FXP_EXTENDED submessages */ |
144 | struct sftp_handler extended_handlers[] = { | 145 | static const struct sftp_handler extended_handlers[] = { |
145 | { "posix-rename", "posix-rename@openssh.com", 0, | 146 | { "posix-rename", "posix-rename@openssh.com", 0, |
146 | process_extended_posix_rename, 1 }, | 147 | process_extended_posix_rename, 1 }, |
147 | { "statvfs", "statvfs@openssh.com", 0, process_extended_statvfs, 0 }, | 148 | { "statvfs", "statvfs@openssh.com", 0, process_extended_statvfs, 0 }, |
148 | { "fstatvfs", "fstatvfs@openssh.com", 0, process_extended_fstatvfs, 0 }, | 149 | { "fstatvfs", "fstatvfs@openssh.com", 0, process_extended_fstatvfs, 0 }, |
149 | { "hardlink", "hardlink@openssh.com", 0, process_extended_hardlink, 1 }, | 150 | { "hardlink", "hardlink@openssh.com", 0, process_extended_hardlink, 1 }, |
150 | { "fsync", "fsync@openssh.com", 0, process_extended_fsync, 1 }, | 151 | { "fsync", "fsync@openssh.com", 0, process_extended_fsync, 1 }, |
152 | { "lsetstat", "lsetstat@openssh.com", 0, process_extended_lsetstat, 1 }, | ||
151 | { NULL, NULL, 0, NULL, 0 } | 153 | { NULL, NULL, 0, NULL, 0 } |
152 | }; | 154 | }; |
153 | 155 | ||
154 | static int | 156 | static int |
155 | request_permitted(struct sftp_handler *h) | 157 | request_permitted(const struct sftp_handler *h) |
156 | { | 158 | { |
157 | char *result; | 159 | char *result; |
158 | 160 | ||
@@ -285,9 +287,9 @@ enum { | |||
285 | HANDLE_FILE | 287 | HANDLE_FILE |
286 | }; | 288 | }; |
287 | 289 | ||
288 | Handle *handles = NULL; | 290 | static Handle *handles = NULL; |
289 | u_int num_handles = 0; | 291 | static u_int num_handles = 0; |
290 | int first_unused_handle = -1; | 292 | static int first_unused_handle = -1; |
291 | 293 | ||
292 | static void handle_unused(int i) | 294 | static void handle_unused(int i) |
293 | { | 295 | { |
@@ -666,6 +668,8 @@ process_init(void) | |||
666 | (r = sshbuf_put_cstring(msg, "1")) != 0 || /* version */ | 668 | (r = sshbuf_put_cstring(msg, "1")) != 0 || /* version */ |
667 | /* fsync extension */ | 669 | /* fsync extension */ |
668 | (r = sshbuf_put_cstring(msg, "fsync@openssh.com")) != 0 || | 670 | (r = sshbuf_put_cstring(msg, "fsync@openssh.com")) != 0 || |
671 | (r = sshbuf_put_cstring(msg, "1")) != 0 || /* version */ | ||
672 | (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 || | ||
669 | (r = sshbuf_put_cstring(msg, "1")) != 0) /* version */ | 673 | (r = sshbuf_put_cstring(msg, "1")) != 0) /* version */ |
670 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 674 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
671 | send_msg(msg); | 675 | send_msg(msg); |
@@ -889,6 +893,18 @@ attrib_to_tv(const Attrib *a) | |||
889 | return tv; | 893 | return tv; |
890 | } | 894 | } |
891 | 895 | ||
896 | static struct timespec * | ||
897 | attrib_to_ts(const Attrib *a) | ||
898 | { | ||
899 | static struct timespec ts[2]; | ||
900 | |||
901 | ts[0].tv_sec = a->atime; | ||
902 | ts[0].tv_nsec = 0; | ||
903 | ts[1].tv_sec = a->mtime; | ||
904 | ts[1].tv_nsec = 0; | ||
905 | return ts; | ||
906 | } | ||
907 | |||
892 | static void | 908 | static void |
893 | process_setstat(u_int32_t id) | 909 | process_setstat(u_int32_t id) |
894 | { | 910 | { |
@@ -1370,6 +1386,55 @@ process_extended_fsync(u_int32_t id) | |||
1370 | } | 1386 | } |
1371 | 1387 | ||
1372 | static void | 1388 | static void |
1389 | process_extended_lsetstat(u_int32_t id) | ||
1390 | { | ||
1391 | Attrib a; | ||
1392 | char *name; | ||
1393 | int r, status = SSH2_FX_OK; | ||
1394 | |||
1395 | if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 || | ||
1396 | (r = decode_attrib(iqueue, &a)) != 0) | ||
1397 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
1398 | |||
1399 | debug("request %u: lsetstat name \"%s\"", id, name); | ||
1400 | if (a.flags & SSH2_FILEXFER_ATTR_SIZE) { | ||
1401 | /* nonsensical for links */ | ||
1402 | status = SSH2_FX_BAD_MESSAGE; | ||
1403 | goto out; | ||
1404 | } | ||
1405 | if (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { | ||
1406 | logit("set \"%s\" mode %04o", name, a.perm); | ||
1407 | r = fchmodat(AT_FDCWD, name, | ||
1408 | a.perm & 07777, AT_SYMLINK_NOFOLLOW); | ||
1409 | if (r == -1) | ||
1410 | status = errno_to_portable(errno); | ||
1411 | } | ||
1412 | if (a.flags & SSH2_FILEXFER_ATTR_ACMODTIME) { | ||
1413 | char buf[64]; | ||
1414 | time_t t = a.mtime; | ||
1415 | |||
1416 | strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S", | ||
1417 | localtime(&t)); | ||
1418 | logit("set \"%s\" modtime %s", name, buf); | ||
1419 | r = utimensat(AT_FDCWD, name, | ||
1420 | attrib_to_ts(&a), AT_SYMLINK_NOFOLLOW); | ||
1421 | if (r == -1) | ||
1422 | status = errno_to_portable(errno); | ||
1423 | } | ||
1424 | if (a.flags & SSH2_FILEXFER_ATTR_UIDGID) { | ||
1425 | logit("set \"%s\" owner %lu group %lu", name, | ||
1426 | (u_long)a.uid, (u_long)a.gid); | ||
1427 | r = fchownat(AT_FDCWD, name, a.uid, a.gid, | ||
1428 | AT_SYMLINK_NOFOLLOW); | ||
1429 | if (r == -1) | ||
1430 | status = errno_to_portable(errno); | ||
1431 | } | ||
1432 | out: | ||
1433 | send_status(id, status); | ||
1434 | free(name); | ||
1435 | } | ||
1436 | |||
1437 | static void | ||
1373 | process_extended(u_int32_t id) | 1438 | process_extended(u_int32_t id) |
1374 | { | 1439 | { |
1375 | char *request; | 1440 | char *request; |
@@ -5,9 +5,10 @@ NAME | |||
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] | 7 | sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] |
8 | [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit] | 8 | [-D sftp_server_path] [-F ssh_config] [-i identity_file] |
9 | [-o ssh_option] [-P port] [-R num_requests] [-S program] | 9 | [-J destination] [-l limit] [-o ssh_option] [-P port] |
10 | [-s subsystem | sftp_server] destination | 10 | [-R num_requests] [-S program] [-s subsystem | sftp_server] |
11 | destination | ||
11 | 12 | ||
12 | DESCRIPTION | 13 | DESCRIPTION |
13 | sftp is a file transfer program, similar to ftp(1), which performs all | 14 | sftp is a file transfer program, similar to ftp(1), which performs all |
@@ -52,13 +53,18 @@ DESCRIPTION | |||
52 | instead of stdin. Since it lacks user interaction it should be | 53 | instead of stdin. Since it lacks user interaction it should be |
53 | used in conjunction with non-interactive authentication to | 54 | used in conjunction with non-interactive authentication to |
54 | obviate the need to enter a password at connection time (see | 55 | obviate the need to enter a password at connection time (see |
55 | sshd(8) and ssh-keygen(1) for details). A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may | 56 | sshd(8) and ssh-keygen(1) for details). |
56 | be used to indicate standard input. sftp will abort if any of | 57 | |
57 | the following commands fail: get, put, reget, reput, rename, ln, | 58 | A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input. sftp |
58 | rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, | 59 | will abort if any of the following commands fail: get, put, |
59 | symlink, and lmkdir. Termination on error can be suppressed on a | 60 | reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, |
60 | command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y | 61 | chown, chgrp, lpwd, df, symlink, and lmkdir. |
61 | character (for example, -rm /tmp/blah*). | 62 | |
63 | Termination on error can be suppressed on a command by command | ||
64 | basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, | ||
65 | -rm /tmp/blah*). Echo of the command may be suppressed by | ||
66 | prefixing the command with a M-bM-^@M-^X@M-bM-^@M-^Y character. These two prefixes | ||
67 | may be combined in any order, for example -@ls /bsd. | ||
62 | 68 | ||
63 | -C Enables compression (via ssh's -C flag). | 69 | -C Enables compression (via ssh's -C flag). |
64 | 70 | ||
@@ -83,6 +89,14 @@ DESCRIPTION | |||
83 | key authentication is read. This option is directly passed to | 89 | key authentication is read. This option is directly passed to |
84 | ssh(1). | 90 | ssh(1). |
85 | 91 | ||
92 | -J destination | ||
93 | Connect to the target host by first making an sftp connection to | ||
94 | the jump host described by destination and then establishing a | ||
95 | TCP forwarding to the ultimate destination from there. Multiple | ||
96 | jump hops may be specified separated by comma characters. This | ||
97 | is a shortcut to specify a ProxyJump configuration directive. | ||
98 | This option is directly passed to ssh(1). | ||
99 | |||
86 | -l limit | 100 | -l limit |
87 | Limits the used bandwidth, specified in Kbit/s. | 101 | Limits the used bandwidth, specified in Kbit/s. |
88 | 102 | ||
@@ -197,17 +211,20 @@ INTERACTIVE COMMANDS | |||
197 | Change remote directory to path. If path is not specified, then | 211 | Change remote directory to path. If path is not specified, then |
198 | change directory to the one the session started in. | 212 | change directory to the one the session started in. |
199 | 213 | ||
200 | chgrp grp path | 214 | chgrp [-h] grp path |
201 | Change group of file path to grp. path may contain glob(7) | 215 | Change group of file path to grp. If the -h flag is specified, |
216 | then symlinks will not be followed. path may contain glob(7) | ||
202 | characters and may match multiple files. grp must be a numeric | 217 | characters and may match multiple files. grp must be a numeric |
203 | GID. | 218 | GID. |
204 | 219 | ||
205 | chmod mode path | 220 | chmod [-h] mode path |
206 | Change permissions of file path to mode. path may contain | 221 | Change permissions of file path to mode. If the -h flag is |
222 | specified, then symlinks will not be followed. path may contain | ||
207 | glob(7) characters and may match multiple files. | 223 | glob(7) characters and may match multiple files. |
208 | 224 | ||
209 | chown own path | 225 | chown [-h] own path |
210 | Change owner of file path to own. path may contain glob(7) | 226 | Change owner of file path to own. If the -h flag is specified, |
227 | then symlinks will not be followed. path may contain glob(7) | ||
211 | characters and may match multiple files. own must be a numeric | 228 | characters and may match multiple files. own must be a numeric |
212 | UID. | 229 | UID. |
213 | 230 | ||
@@ -376,4 +393,4 @@ SEE ALSO | |||
376 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- | 393 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- |
377 | filexfer-00.txt, January 2001, work in progress material. | 394 | filexfer-00.txt, January 2001, work in progress material. |
378 | 395 | ||
379 | OpenBSD 6.4 September 20, 2018 OpenBSD 6.4 | 396 | OpenBSD 6.5 January 22, 2019 OpenBSD 6.5 |
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: sftp.1,v 1.120 2018/09/20 06:58:48 jmc Exp $ | 1 | .\" $OpenBSD: sftp.1,v 1.125 2019/01/22 06:58:31 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. | 3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -22,7 +22,7 @@ | |||
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | .\" | 24 | .\" |
25 | .Dd $Mdocdate: September 20 2018 $ | 25 | .Dd $Mdocdate: January 22 2019 $ |
26 | .Dt SFTP 1 | 26 | .Dt SFTP 1 |
27 | .Os | 27 | .Os |
28 | .Sh NAME | 28 | .Sh NAME |
@@ -37,6 +37,7 @@ | |||
37 | .Op Fl D Ar sftp_server_path | 37 | .Op Fl D Ar sftp_server_path |
38 | .Op Fl F Ar ssh_config | 38 | .Op Fl F Ar ssh_config |
39 | .Op Fl i Ar identity_file | 39 | .Op Fl i Ar identity_file |
40 | .Op Fl J Ar destination | ||
40 | .Op Fl l Ar limit | 41 | .Op Fl l Ar limit |
41 | .Op Fl o Ar ssh_option | 42 | .Op Fl o Ar ssh_option |
42 | .Op Fl P Ar port | 43 | .Op Fl P Ar port |
@@ -127,6 +128,7 @@ at connection time (see | |||
127 | and | 128 | and |
128 | .Xr ssh-keygen 1 | 129 | .Xr ssh-keygen 1 |
129 | for details). | 130 | for details). |
131 | .Pp | ||
130 | A | 132 | A |
131 | .Ar batchfile | 133 | .Ar batchfile |
132 | of | 134 | of |
@@ -135,17 +137,23 @@ may be used to indicate standard input. | |||
135 | .Nm | 137 | .Nm |
136 | will abort if any of the following | 138 | will abort if any of the following |
137 | commands fail: | 139 | commands fail: |
138 | .Ic get , put , reget , reput, rename , ln , | 140 | .Ic get , put , reget , reput , rename , ln , |
139 | .Ic rm , mkdir , chdir , ls , | 141 | .Ic rm , mkdir , chdir , ls , |
140 | .Ic lchdir , chmod , chown , | 142 | .Ic lchdir , chmod , chown , |
141 | .Ic chgrp , lpwd , df , symlink , | 143 | .Ic chgrp , lpwd , df , symlink , |
142 | and | 144 | and |
143 | .Ic lmkdir . | 145 | .Ic lmkdir . |
146 | .Pp | ||
144 | Termination on error can be suppressed on a command by command basis by | 147 | Termination on error can be suppressed on a command by command basis by |
145 | prefixing the command with a | 148 | prefixing the command with a |
146 | .Sq \- | 149 | .Sq \- |
147 | character (for example, | 150 | character (for example, |
148 | .Ic -rm /tmp/blah* ) . | 151 | .Ic -rm /tmp/blah* ) . |
152 | Echo of the command may be suppressed by prefixing the command with a | ||
153 | .Sq @ | ||
154 | character. | ||
155 | These two prefixes may be combined in any order, for example | ||
156 | .Ic -@ls /bsd . | ||
149 | .It Fl C | 157 | .It Fl C |
150 | Enables compression (via ssh's | 158 | Enables compression (via ssh's |
151 | .Fl C | 159 | .Fl C |
@@ -174,6 +182,19 @@ Selects the file from which the identity (private key) for public key | |||
174 | authentication is read. | 182 | authentication is read. |
175 | This option is directly passed to | 183 | This option is directly passed to |
176 | .Xr ssh 1 . | 184 | .Xr ssh 1 . |
185 | .It Fl J Ar destination | ||
186 | Connect to the target host by first making an | ||
187 | .Nm | ||
188 | connection to the jump host described by | ||
189 | .Ar destination | ||
190 | and then establishing a TCP forwarding to the ultimate destination from | ||
191 | there. | ||
192 | Multiple jump hops may be specified separated by comma characters. | ||
193 | This is a shortcut to specify a | ||
194 | .Cm ProxyJump | ||
195 | configuration directive. | ||
196 | This option is directly passed to | ||
197 | .Xr ssh 1 . | ||
177 | .It Fl l Ar limit | 198 | .It Fl l Ar limit |
178 | Limits the used bandwidth, specified in Kbit/s. | 199 | Limits the used bandwidth, specified in Kbit/s. |
179 | .It Fl o Ar ssh_option | 200 | .It Fl o Ar ssh_option |
@@ -309,31 +330,52 @@ Change remote directory to | |||
309 | If | 330 | If |
310 | .Ar path | 331 | .Ar path |
311 | is not specified, then change directory to the one the session started in. | 332 | is not specified, then change directory to the one the session started in. |
312 | .It Ic chgrp Ar grp Ar path | 333 | .It Xo Ic chgrp |
334 | .Op Fl h | ||
335 | .Ar grp | ||
336 | .Ar path | ||
337 | .Xc | ||
313 | Change group of file | 338 | Change group of file |
314 | .Ar path | 339 | .Ar path |
315 | to | 340 | to |
316 | .Ar grp . | 341 | .Ar grp . |
342 | If the | ||
343 | .Fl h | ||
344 | flag is specified, then symlinks will not be followed. | ||
317 | .Ar path | 345 | .Ar path |
318 | may contain | 346 | may contain |
319 | .Xr glob 7 | 347 | .Xr glob 7 |
320 | characters and may match multiple files. | 348 | characters and may match multiple files. |
321 | .Ar grp | 349 | .Ar grp |
322 | must be a numeric GID. | 350 | must be a numeric GID. |
323 | .It Ic chmod Ar mode Ar path | 351 | .It Xo Ic chmod |
352 | .Op Fl h | ||
353 | .Ar mode | ||
354 | .Ar path | ||
355 | .Xc | ||
324 | Change permissions of file | 356 | Change permissions of file |
325 | .Ar path | 357 | .Ar path |
326 | to | 358 | to |
327 | .Ar mode . | 359 | .Ar mode . |
360 | If the | ||
361 | .Fl h | ||
362 | flag is specified, then symlinks will not be followed. | ||
328 | .Ar path | 363 | .Ar path |
329 | may contain | 364 | may contain |
330 | .Xr glob 7 | 365 | .Xr glob 7 |
331 | characters and may match multiple files. | 366 | characters and may match multiple files. |
332 | .It Ic chown Ar own Ar path | 367 | .It Xo Ic chown |
368 | .Op Fl h | ||
369 | .Ar own | ||
370 | .Ar path | ||
371 | .Xc | ||
333 | Change owner of file | 372 | Change owner of file |
334 | .Ar path | 373 | .Ar path |
335 | to | 374 | to |
336 | .Ar own . | 375 | .Ar own . |
376 | If the | ||
377 | .Fl h | ||
378 | flag is specified, then symlinks will not be followed. | ||
337 | .Ar path | 379 | .Ar path |
338 | may contain | 380 | may contain |
339 | .Xr glob 7 | 381 | .Xr glob 7 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp.c,v 1.186 2018/09/07 04:26:56 dtucker Exp $ */ | 1 | /* $OpenBSD: sftp.c,v 1.190 2019/01/21 22:50:42 tb Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -278,9 +278,9 @@ help(void) | |||
278 | printf("Available commands:\n" | 278 | printf("Available commands:\n" |
279 | "bye Quit sftp\n" | 279 | "bye Quit sftp\n" |
280 | "cd path Change remote directory to 'path'\n" | 280 | "cd path Change remote directory to 'path'\n" |
281 | "chgrp grp path Change group of file 'path' to 'grp'\n" | 281 | "chgrp [-h] grp path Change group of file 'path' to 'grp'\n" |
282 | "chmod mode path Change permissions of file 'path' to 'mode'\n" | 282 | "chmod [-h] mode path Change permissions of file 'path' to 'mode'\n" |
283 | "chown own path Change owner of file 'path' to 'own'\n" | 283 | "chown [-h] own path Change owner of file 'path' to 'own'\n" |
284 | "df [-hi] [path] Display statistics for current directory or\n" | 284 | "df [-hi] [path] Display statistics for current directory or\n" |
285 | " filesystem containing 'path'\n" | 285 | " filesystem containing 'path'\n" |
286 | "exit Quit sftp\n" | 286 | "exit Quit sftp\n" |
@@ -389,7 +389,7 @@ make_absolute(char *p, const char *pwd) | |||
389 | char *abs_str; | 389 | char *abs_str; |
390 | 390 | ||
391 | /* Derelativise */ | 391 | /* Derelativise */ |
392 | if (p && p[0] != '/') { | 392 | if (p && !path_absolute(p)) { |
393 | abs_str = path_append(pwd, p); | 393 | abs_str = path_append(pwd, p); |
394 | free(p); | 394 | free(p); |
395 | return(abs_str); | 395 | return(abs_str); |
@@ -562,6 +562,30 @@ parse_df_flags(const char *cmd, char **argv, int argc, int *hflag, int *iflag) | |||
562 | } | 562 | } |
563 | 563 | ||
564 | static int | 564 | static int |
565 | parse_ch_flags(const char *cmd, char **argv, int argc, int *hflag) | ||
566 | { | ||
567 | extern int opterr, optind, optopt, optreset; | ||
568 | int ch; | ||
569 | |||
570 | optind = optreset = 1; | ||
571 | opterr = 0; | ||
572 | |||
573 | *hflag = 0; | ||
574 | while ((ch = getopt(argc, argv, "h")) != -1) { | ||
575 | switch (ch) { | ||
576 | case 'h': | ||
577 | *hflag = 1; | ||
578 | break; | ||
579 | default: | ||
580 | error("%s: Invalid flag -%c", cmd, optopt); | ||
581 | return -1; | ||
582 | } | ||
583 | } | ||
584 | |||
585 | return optind; | ||
586 | } | ||
587 | |||
588 | static int | ||
565 | parse_no_flags(const char *cmd, char **argv, int argc) | 589 | parse_no_flags(const char *cmd, char **argv, int argc) |
566 | { | 590 | { |
567 | extern int opterr, optind, optopt, optreset; | 591 | extern int opterr, optind, optopt, optreset; |
@@ -1296,7 +1320,7 @@ makeargv(const char *arg, int *argcp, int sloppy, char *lastquote, | |||
1296 | } | 1320 | } |
1297 | 1321 | ||
1298 | static int | 1322 | static int |
1299 | parse_args(const char **cpp, int *ignore_errors, int *aflag, | 1323 | parse_args(const char **cpp, int *ignore_errors, int *disable_echo, int *aflag, |
1300 | int *fflag, int *hflag, int *iflag, int *lflag, int *pflag, | 1324 | int *fflag, int *hflag, int *iflag, int *lflag, int *pflag, |
1301 | int *rflag, int *sflag, | 1325 | int *rflag, int *sflag, |
1302 | unsigned long *n_arg, char **path1, char **path2) | 1326 | unsigned long *n_arg, char **path1, char **path2) |
@@ -1310,13 +1334,23 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, | |||
1310 | /* Skip leading whitespace */ | 1334 | /* Skip leading whitespace */ |
1311 | cp = cp + strspn(cp, WHITESPACE); | 1335 | cp = cp + strspn(cp, WHITESPACE); |
1312 | 1336 | ||
1313 | /* Check for leading '-' (disable error processing) */ | 1337 | /* |
1338 | * Check for leading '-' (disable error processing) and '@' (suppress | ||
1339 | * command echo) | ||
1340 | */ | ||
1314 | *ignore_errors = 0; | 1341 | *ignore_errors = 0; |
1315 | if (*cp == '-') { | 1342 | *disable_echo = 0; |
1316 | *ignore_errors = 1; | 1343 | for (;*cp != '\0'; cp++) { |
1317 | cp++; | 1344 | if (*cp == '-') { |
1318 | cp = cp + strspn(cp, WHITESPACE); | 1345 | *ignore_errors = 1; |
1346 | } else if (*cp == '@') { | ||
1347 | *disable_echo = 1; | ||
1348 | } else { | ||
1349 | /* all other characters terminate prefix processing */ | ||
1350 | break; | ||
1351 | } | ||
1319 | } | 1352 | } |
1353 | cp = cp + strspn(cp, WHITESPACE); | ||
1320 | 1354 | ||
1321 | /* Ignore blank lines and lines which begin with comment '#' char */ | 1355 | /* Ignore blank lines and lines which begin with comment '#' char */ |
1322 | if (*cp == '\0' || *cp == '#') | 1356 | if (*cp == '\0' || *cp == '#') |
@@ -1446,7 +1480,7 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, | |||
1446 | /* FALLTHROUGH */ | 1480 | /* FALLTHROUGH */ |
1447 | case I_CHOWN: | 1481 | case I_CHOWN: |
1448 | case I_CHGRP: | 1482 | case I_CHGRP: |
1449 | if ((optidx = parse_no_flags(cmd, argv, argc)) == -1) | 1483 | if ((optidx = parse_ch_flags(cmd, argv, argc, hflag)) == -1) |
1450 | return -1; | 1484 | return -1; |
1451 | /* Get numeric arg (mandatory) */ | 1485 | /* Get numeric arg (mandatory) */ |
1452 | if (argc - optidx < 1) | 1486 | if (argc - optidx < 1) |
@@ -1491,11 +1525,12 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag, | |||
1491 | 1525 | ||
1492 | static int | 1526 | static int |
1493 | parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | 1527 | parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, |
1494 | const char *startdir, int err_abort) | 1528 | const char *startdir, int err_abort, int echo_command) |
1495 | { | 1529 | { |
1530 | const char *ocmd = cmd; | ||
1496 | char *path1, *path2, *tmp; | 1531 | char *path1, *path2, *tmp; |
1497 | int ignore_errors = 0, aflag = 0, fflag = 0, hflag = 0, | 1532 | int ignore_errors = 0, disable_echo = 1; |
1498 | iflag = 0; | 1533 | int aflag = 0, fflag = 0, hflag = 0, iflag = 0; |
1499 | int lflag = 0, pflag = 0, rflag = 0, sflag = 0; | 1534 | int lflag = 0, pflag = 0, rflag = 0, sflag = 0; |
1500 | int cmdnum, i; | 1535 | int cmdnum, i; |
1501 | unsigned long n_arg = 0; | 1536 | unsigned long n_arg = 0; |
@@ -1505,11 +1540,15 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1505 | glob_t g; | 1540 | glob_t g; |
1506 | 1541 | ||
1507 | path1 = path2 = NULL; | 1542 | path1 = path2 = NULL; |
1508 | cmdnum = parse_args(&cmd, &ignore_errors, &aflag, &fflag, &hflag, | 1543 | cmdnum = parse_args(&cmd, &ignore_errors, &disable_echo, &aflag, &fflag, |
1509 | &iflag, &lflag, &pflag, &rflag, &sflag, &n_arg, &path1, &path2); | 1544 | &hflag, &iflag, &lflag, &pflag, &rflag, &sflag, &n_arg, |
1545 | &path1, &path2); | ||
1510 | if (ignore_errors != 0) | 1546 | if (ignore_errors != 0) |
1511 | err_abort = 0; | 1547 | err_abort = 0; |
1512 | 1548 | ||
1549 | if (echo_command && !disable_echo) | ||
1550 | mprintf("sftp> %s\n", ocmd); | ||
1551 | |||
1513 | memset(&g, 0, sizeof(g)); | 1552 | memset(&g, 0, sizeof(g)); |
1514 | 1553 | ||
1515 | /* Perform command */ | 1554 | /* Perform command */ |
@@ -1608,7 +1647,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1608 | 1647 | ||
1609 | /* Strip pwd off beginning of non-absolute paths */ | 1648 | /* Strip pwd off beginning of non-absolute paths */ |
1610 | tmp = NULL; | 1649 | tmp = NULL; |
1611 | if (*path1 != '/') | 1650 | if (!path_absolute(path1)) |
1612 | tmp = *pwd; | 1651 | tmp = *pwd; |
1613 | 1652 | ||
1614 | path1 = make_absolute(path1, *pwd); | 1653 | path1 = make_absolute(path1, *pwd); |
@@ -1660,7 +1699,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1660 | if (!quiet) | 1699 | if (!quiet) |
1661 | mprintf("Changing mode on %s\n", | 1700 | mprintf("Changing mode on %s\n", |
1662 | g.gl_pathv[i]); | 1701 | g.gl_pathv[i]); |
1663 | err = do_setstat(conn, g.gl_pathv[i], &a); | 1702 | err = (hflag ? do_lsetstat : do_setstat)(conn, |
1703 | g.gl_pathv[i], &a); | ||
1664 | if (err != 0 && err_abort) | 1704 | if (err != 0 && err_abort) |
1665 | break; | 1705 | break; |
1666 | } | 1706 | } |
@@ -1670,7 +1710,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1670 | path1 = make_absolute(path1, *pwd); | 1710 | path1 = make_absolute(path1, *pwd); |
1671 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); | 1711 | remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); |
1672 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { | 1712 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { |
1673 | if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) { | 1713 | if (!(aa = (hflag ? do_lstat : do_stat)(conn, |
1714 | g.gl_pathv[i], 0))) { | ||
1674 | if (err_abort) { | 1715 | if (err_abort) { |
1675 | err = -1; | 1716 | err = -1; |
1676 | break; | 1717 | break; |
@@ -1698,7 +1739,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1698 | g.gl_pathv[i]); | 1739 | g.gl_pathv[i]); |
1699 | aa->gid = n_arg; | 1740 | aa->gid = n_arg; |
1700 | } | 1741 | } |
1701 | err = do_setstat(conn, g.gl_pathv[i], aa); | 1742 | err = (hflag ? do_lsetstat : do_setstat)(conn, |
1743 | g.gl_pathv[i], aa); | ||
1702 | if (err != 0 && err_abort) | 1744 | if (err != 0 && err_abort) |
1703 | break; | 1745 | break; |
1704 | } | 1746 | } |
@@ -1936,7 +1978,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, | |||
1936 | xasprintf(&tmp, "%s*", file); | 1978 | xasprintf(&tmp, "%s*", file); |
1937 | 1979 | ||
1938 | /* Check if the path is absolute. */ | 1980 | /* Check if the path is absolute. */ |
1939 | isabs = tmp[0] == '/'; | 1981 | isabs = path_absolute(tmp); |
1940 | 1982 | ||
1941 | memset(&g, 0, sizeof(g)); | 1983 | memset(&g, 0, sizeof(g)); |
1942 | if (remote != LOCAL) { | 1984 | if (remote != LOCAL) { |
@@ -2169,7 +2211,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2169 | mprintf("Changing to: %s\n", dir); | 2211 | mprintf("Changing to: %s\n", dir); |
2170 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); | 2212 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); |
2171 | if (parse_dispatch_command(conn, cmd, | 2213 | if (parse_dispatch_command(conn, cmd, |
2172 | &remote_path, startdir, 1) != 0) { | 2214 | &remote_path, startdir, 1, 0) != 0) { |
2173 | free(dir); | 2215 | free(dir); |
2174 | free(startdir); | 2216 | free(startdir); |
2175 | free(remote_path); | 2217 | free(remote_path); |
@@ -2183,7 +2225,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2183 | file2 == NULL ? "" : " ", | 2225 | file2 == NULL ? "" : " ", |
2184 | file2 == NULL ? "" : file2); | 2226 | file2 == NULL ? "" : file2); |
2185 | err = parse_dispatch_command(conn, cmd, | 2227 | err = parse_dispatch_command(conn, cmd, |
2186 | &remote_path, startdir, 1); | 2228 | &remote_path, startdir, 1, 0); |
2187 | free(dir); | 2229 | free(dir); |
2188 | free(startdir); | 2230 | free(startdir); |
2189 | free(remote_path); | 2231 | free(remote_path); |
@@ -2199,8 +2241,6 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2199 | interactive = !batchmode && isatty(STDIN_FILENO); | 2241 | interactive = !batchmode && isatty(STDIN_FILENO); |
2200 | err = 0; | 2242 | err = 0; |
2201 | for (;;) { | 2243 | for (;;) { |
2202 | char *cp; | ||
2203 | |||
2204 | signal(SIGINT, SIG_IGN); | 2244 | signal(SIGINT, SIG_IGN); |
2205 | 2245 | ||
2206 | if (el == NULL) { | 2246 | if (el == NULL) { |
@@ -2211,12 +2251,6 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2211 | printf("\n"); | 2251 | printf("\n"); |
2212 | break; | 2252 | break; |
2213 | } | 2253 | } |
2214 | if (!interactive) { /* Echo command */ | ||
2215 | mprintf("sftp> %s", cmd); | ||
2216 | if (strlen(cmd) > 0 && | ||
2217 | cmd[strlen(cmd) - 1] != '\n') | ||
2218 | printf("\n"); | ||
2219 | } | ||
2220 | } else { | 2254 | } else { |
2221 | #ifdef USE_LIBEDIT | 2255 | #ifdef USE_LIBEDIT |
2222 | const char *line; | 2256 | const char *line; |
@@ -2235,16 +2269,14 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2235 | #endif /* USE_LIBEDIT */ | 2269 | #endif /* USE_LIBEDIT */ |
2236 | } | 2270 | } |
2237 | 2271 | ||
2238 | cp = strrchr(cmd, '\n'); | 2272 | cmd[strcspn(cmd, "\n")] = '\0'; |
2239 | if (cp) | ||
2240 | *cp = '\0'; | ||
2241 | 2273 | ||
2242 | /* Handle user interrupts gracefully during commands */ | 2274 | /* Handle user interrupts gracefully during commands */ |
2243 | interrupted = 0; | 2275 | interrupted = 0; |
2244 | signal(SIGINT, cmd_interrupt); | 2276 | signal(SIGINT, cmd_interrupt); |
2245 | 2277 | ||
2246 | err = parse_dispatch_command(conn, cmd, &remote_path, | 2278 | err = parse_dispatch_command(conn, cmd, &remote_path, |
2247 | startdir, batchmode); | 2279 | startdir, batchmode, !interactive && el == NULL); |
2248 | if (err != 0) | 2280 | if (err != 0) |
2249 | break; | 2281 | break; |
2250 | } | 2282 | } |
@@ -2330,11 +2362,10 @@ usage(void) | |||
2330 | 2362 | ||
2331 | fprintf(stderr, | 2363 | fprintf(stderr, |
2332 | "usage: %s [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]\n" | 2364 | "usage: %s [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]\n" |
2333 | " [-D sftp_server_path] [-F ssh_config] " | 2365 | " [-D sftp_server_path] [-F ssh_config] [-i identity_file]\n" |
2334 | "[-i identity_file] [-l limit]\n" | 2366 | " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" |
2335 | " [-o ssh_option] [-P port] [-R num_requests] " | 2367 | " [-R num_requests] [-S program] [-s subsystem | sftp_server]\n" |
2336 | "[-S program]\n" | 2368 | " destination\n", |
2337 | " [-s subsystem | sftp_server] destination\n", | ||
2338 | __progname); | 2369 | __progname); |
2339 | exit(1); | 2370 | exit(1); |
2340 | } | 2371 | } |
@@ -2362,6 +2393,8 @@ main(int argc, char **argv) | |||
2362 | sanitise_stdfd(); | 2393 | sanitise_stdfd(); |
2363 | msetlocale(); | 2394 | msetlocale(); |
2364 | 2395 | ||
2396 | seed_rng(); | ||
2397 | |||
2365 | __progname = ssh_get_progname(argv[0]); | 2398 | __progname = ssh_get_progname(argv[0]); |
2366 | memset(&args, '\0', sizeof(args)); | 2399 | memset(&args, '\0', sizeof(args)); |
2367 | args.list = NULL; | 2400 | args.list = NULL; |
@@ -2375,7 +2408,7 @@ main(int argc, char **argv) | |||
2375 | infile = stdin; | 2408 | infile = stdin; |
2376 | 2409 | ||
2377 | while ((ch = getopt(argc, argv, | 2410 | while ((ch = getopt(argc, argv, |
2378 | "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) { | 2411 | "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { |
2379 | switch (ch) { | 2412 | switch (ch) { |
2380 | /* Passed through to ssh(1) */ | 2413 | /* Passed through to ssh(1) */ |
2381 | case '4': | 2414 | case '4': |
@@ -2385,6 +2418,7 @@ main(int argc, char **argv) | |||
2385 | break; | 2418 | break; |
2386 | /* Passed through to ssh(1) with argument */ | 2419 | /* Passed through to ssh(1) with argument */ |
2387 | case 'F': | 2420 | case 'F': |
2421 | case 'J': | ||
2388 | case 'c': | 2422 | case 'c': |
2389 | case 'i': | 2423 | case 'i': |
2390 | case 'o': | 2424 | case 'o': |
diff --git a/sntrup4591761.c b/sntrup4591761.c new file mode 100644 index 000000000..61fe2483f --- /dev/null +++ b/sntrup4591761.c | |||
@@ -0,0 +1,1083 @@ | |||
1 | /* $OpenBSD: sntrup4591761.c,v 1.3 2019/01/30 19:51:15 markus Exp $ */ | ||
2 | |||
3 | /* | ||
4 | * Public Domain, Authors: | ||
5 | * - Daniel J. Bernstein | ||
6 | * - Chitchanok Chuengsatiansup | ||
7 | * - Tanja Lange | ||
8 | * - Christine van Vredendaal | ||
9 | */ | ||
10 | |||
11 | #include "includes.h" | ||
12 | |||
13 | #include <string.h> | ||
14 | #include "crypto_api.h" | ||
15 | |||
16 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.h */ | ||
17 | #ifndef int32_sort_h | ||
18 | #define int32_sort_h | ||
19 | |||
20 | |||
21 | static void int32_sort(crypto_int32 *,int); | ||
22 | |||
23 | #endif | ||
24 | |||
25 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.c */ | ||
26 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
27 | |||
28 | |||
29 | static void minmax(crypto_int32 *x,crypto_int32 *y) | ||
30 | { | ||
31 | crypto_uint32 xi = *x; | ||
32 | crypto_uint32 yi = *y; | ||
33 | crypto_uint32 xy = xi ^ yi; | ||
34 | crypto_uint32 c = yi - xi; | ||
35 | c ^= xy & (c ^ yi); | ||
36 | c >>= 31; | ||
37 | c = -c; | ||
38 | c &= xy; | ||
39 | *x = xi ^ c; | ||
40 | *y = yi ^ c; | ||
41 | } | ||
42 | |||
43 | static void int32_sort(crypto_int32 *x,int n) | ||
44 | { | ||
45 | int top,p,q,i; | ||
46 | |||
47 | if (n < 2) return; | ||
48 | top = 1; | ||
49 | while (top < n - top) top += top; | ||
50 | |||
51 | for (p = top;p > 0;p >>= 1) { | ||
52 | for (i = 0;i < n - p;++i) | ||
53 | if (!(i & p)) | ||
54 | minmax(x + i,x + i + p); | ||
55 | for (q = top;q > p;q >>= 1) | ||
56 | for (i = 0;i < n - q;++i) | ||
57 | if (!(i & p)) | ||
58 | minmax(x + i + p,x + i + q); | ||
59 | } | ||
60 | } | ||
61 | |||
62 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.h */ | ||
63 | #ifndef small_h | ||
64 | #define small_h | ||
65 | |||
66 | |||
67 | typedef crypto_int8 small; | ||
68 | |||
69 | static void small_encode(unsigned char *,const small *); | ||
70 | |||
71 | static void small_decode(small *,const unsigned char *); | ||
72 | |||
73 | |||
74 | static void small_random(small *); | ||
75 | |||
76 | static void small_random_weightw(small *); | ||
77 | |||
78 | #endif | ||
79 | |||
80 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/mod3.h */ | ||
81 | #ifndef mod3_h | ||
82 | #define mod3_h | ||
83 | |||
84 | |||
85 | /* -1 if x is nonzero, 0 otherwise */ | ||
86 | static inline int mod3_nonzero_mask(small x) | ||
87 | { | ||
88 | return -x*x; | ||
89 | } | ||
90 | |||
91 | /* input between -100000 and 100000 */ | ||
92 | /* output between -1 and 1 */ | ||
93 | static inline small mod3_freeze(crypto_int32 a) | ||
94 | { | ||
95 | a -= 3 * ((10923 * a) >> 15); | ||
96 | a -= 3 * ((89478485 * a + 134217728) >> 28); | ||
97 | return a; | ||
98 | } | ||
99 | |||
100 | static inline small mod3_minusproduct(small a,small b,small c) | ||
101 | { | ||
102 | crypto_int32 A = a; | ||
103 | crypto_int32 B = b; | ||
104 | crypto_int32 C = c; | ||
105 | return mod3_freeze(A - B * C); | ||
106 | } | ||
107 | |||
108 | static inline small mod3_plusproduct(small a,small b,small c) | ||
109 | { | ||
110 | crypto_int32 A = a; | ||
111 | crypto_int32 B = b; | ||
112 | crypto_int32 C = c; | ||
113 | return mod3_freeze(A + B * C); | ||
114 | } | ||
115 | |||
116 | static inline small mod3_product(small a,small b) | ||
117 | { | ||
118 | return a * b; | ||
119 | } | ||
120 | |||
121 | static inline small mod3_sum(small a,small b) | ||
122 | { | ||
123 | crypto_int32 A = a; | ||
124 | crypto_int32 B = b; | ||
125 | return mod3_freeze(A + B); | ||
126 | } | ||
127 | |||
128 | static inline small mod3_reciprocal(small a1) | ||
129 | { | ||
130 | return a1; | ||
131 | } | ||
132 | |||
133 | static inline small mod3_quotient(small num,small den) | ||
134 | { | ||
135 | return mod3_product(num,mod3_reciprocal(den)); | ||
136 | } | ||
137 | |||
138 | #endif | ||
139 | |||
140 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/modq.h */ | ||
141 | #ifndef modq_h | ||
142 | #define modq_h | ||
143 | |||
144 | |||
145 | typedef crypto_int16 modq; | ||
146 | |||
147 | /* -1 if x is nonzero, 0 otherwise */ | ||
148 | static inline int modq_nonzero_mask(modq x) | ||
149 | { | ||
150 | crypto_int32 r = (crypto_uint16) x; | ||
151 | r = -r; | ||
152 | r >>= 30; | ||
153 | return r; | ||
154 | } | ||
155 | |||
156 | /* input between -9000000 and 9000000 */ | ||
157 | /* output between -2295 and 2295 */ | ||
158 | static inline modq modq_freeze(crypto_int32 a) | ||
159 | { | ||
160 | a -= 4591 * ((228 * a) >> 20); | ||
161 | a -= 4591 * ((58470 * a + 134217728) >> 28); | ||
162 | return a; | ||
163 | } | ||
164 | |||
165 | static inline modq modq_minusproduct(modq a,modq b,modq c) | ||
166 | { | ||
167 | crypto_int32 A = a; | ||
168 | crypto_int32 B = b; | ||
169 | crypto_int32 C = c; | ||
170 | return modq_freeze(A - B * C); | ||
171 | } | ||
172 | |||
173 | static inline modq modq_plusproduct(modq a,modq b,modq c) | ||
174 | { | ||
175 | crypto_int32 A = a; | ||
176 | crypto_int32 B = b; | ||
177 | crypto_int32 C = c; | ||
178 | return modq_freeze(A + B * C); | ||
179 | } | ||
180 | |||
181 | static inline modq modq_product(modq a,modq b) | ||
182 | { | ||
183 | crypto_int32 A = a; | ||
184 | crypto_int32 B = b; | ||
185 | return modq_freeze(A * B); | ||
186 | } | ||
187 | |||
188 | static inline modq modq_square(modq a) | ||
189 | { | ||
190 | crypto_int32 A = a; | ||
191 | return modq_freeze(A * A); | ||
192 | } | ||
193 | |||
194 | static inline modq modq_sum(modq a,modq b) | ||
195 | { | ||
196 | crypto_int32 A = a; | ||
197 | crypto_int32 B = b; | ||
198 | return modq_freeze(A + B); | ||
199 | } | ||
200 | |||
201 | static inline modq modq_reciprocal(modq a1) | ||
202 | { | ||
203 | modq a2 = modq_square(a1); | ||
204 | modq a3 = modq_product(a2,a1); | ||
205 | modq a4 = modq_square(a2); | ||
206 | modq a8 = modq_square(a4); | ||
207 | modq a16 = modq_square(a8); | ||
208 | modq a32 = modq_square(a16); | ||
209 | modq a35 = modq_product(a32,a3); | ||
210 | modq a70 = modq_square(a35); | ||
211 | modq a140 = modq_square(a70); | ||
212 | modq a143 = modq_product(a140,a3); | ||
213 | modq a286 = modq_square(a143); | ||
214 | modq a572 = modq_square(a286); | ||
215 | modq a1144 = modq_square(a572); | ||
216 | modq a1147 = modq_product(a1144,a3); | ||
217 | modq a2294 = modq_square(a1147); | ||
218 | modq a4588 = modq_square(a2294); | ||
219 | modq a4589 = modq_product(a4588,a1); | ||
220 | return a4589; | ||
221 | } | ||
222 | |||
223 | static inline modq modq_quotient(modq num,modq den) | ||
224 | { | ||
225 | return modq_product(num,modq_reciprocal(den)); | ||
226 | } | ||
227 | |||
228 | #endif | ||
229 | |||
230 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/params.h */ | ||
231 | #ifndef params_h | ||
232 | #define params_h | ||
233 | |||
234 | #define q 4591 | ||
235 | /* XXX: also built into modq in various ways */ | ||
236 | |||
237 | #define qshift 2295 | ||
238 | #define p 761 | ||
239 | #define w 286 | ||
240 | |||
241 | #define rq_encode_len 1218 | ||
242 | #define small_encode_len 191 | ||
243 | |||
244 | #endif | ||
245 | |||
246 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3.h */ | ||
247 | #ifndef r3_h | ||
248 | #define r3_h | ||
249 | |||
250 | |||
251 | static void r3_mult(small *,const small *,const small *); | ||
252 | |||
253 | extern int r3_recip(small *,const small *); | ||
254 | |||
255 | #endif | ||
256 | |||
257 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.h */ | ||
258 | #ifndef rq_h | ||
259 | #define rq_h | ||
260 | |||
261 | |||
262 | static void rq_encode(unsigned char *,const modq *); | ||
263 | |||
264 | static void rq_decode(modq *,const unsigned char *); | ||
265 | |||
266 | static void rq_encoderounded(unsigned char *,const modq *); | ||
267 | |||
268 | static void rq_decoderounded(modq *,const unsigned char *); | ||
269 | |||
270 | static void rq_round3(modq *,const modq *); | ||
271 | |||
272 | static void rq_mult(modq *,const modq *,const small *); | ||
273 | |||
274 | int rq_recip3(modq *,const small *); | ||
275 | |||
276 | #endif | ||
277 | |||
278 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.h */ | ||
279 | #ifndef swap_h | ||
280 | #define swap_h | ||
281 | |||
282 | static void swap(void *,void *,int,int); | ||
283 | |||
284 | #endif | ||
285 | |||
286 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/dec.c */ | ||
287 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
288 | |||
289 | #ifdef KAT | ||
290 | #endif | ||
291 | |||
292 | |||
293 | int crypto_kem_sntrup4591761_dec( | ||
294 | unsigned char *k, | ||
295 | const unsigned char *cstr, | ||
296 | const unsigned char *sk | ||
297 | ) | ||
298 | { | ||
299 | small f[p]; | ||
300 | modq h[p]; | ||
301 | small grecip[p]; | ||
302 | modq c[p]; | ||
303 | modq t[p]; | ||
304 | small t3[p]; | ||
305 | small r[p]; | ||
306 | modq hr[p]; | ||
307 | unsigned char rstr[small_encode_len]; | ||
308 | unsigned char hash[64]; | ||
309 | int i; | ||
310 | int result = 0; | ||
311 | int weight; | ||
312 | |||
313 | small_decode(f,sk); | ||
314 | small_decode(grecip,sk + small_encode_len); | ||
315 | rq_decode(h,sk + 2 * small_encode_len); | ||
316 | |||
317 | rq_decoderounded(c,cstr + 32); | ||
318 | |||
319 | rq_mult(t,c,f); | ||
320 | for (i = 0;i < p;++i) t3[i] = mod3_freeze(modq_freeze(3*t[i])); | ||
321 | |||
322 | r3_mult(r,t3,grecip); | ||
323 | |||
324 | #ifdef KAT | ||
325 | { | ||
326 | int j; | ||
327 | printf("decrypt r:"); | ||
328 | for (j = 0;j < p;++j) | ||
329 | if (r[j] == 1) printf(" +%d",j); | ||
330 | else if (r[j] == -1) printf(" -%d",j); | ||
331 | printf("\n"); | ||
332 | } | ||
333 | #endif | ||
334 | |||
335 | weight = 0; | ||
336 | for (i = 0;i < p;++i) weight += (1 & r[i]); | ||
337 | weight -= w; | ||
338 | result |= modq_nonzero_mask(weight); /* XXX: puts limit on p */ | ||
339 | |||
340 | rq_mult(hr,h,r); | ||
341 | rq_round3(hr,hr); | ||
342 | for (i = 0;i < p;++i) result |= modq_nonzero_mask(hr[i] - c[i]); | ||
343 | |||
344 | small_encode(rstr,r); | ||
345 | crypto_hash_sha512(hash,rstr,sizeof rstr); | ||
346 | result |= crypto_verify_32(hash,cstr); | ||
347 | |||
348 | for (i = 0;i < 32;++i) k[i] = (hash[32 + i] & ~result); | ||
349 | return result; | ||
350 | } | ||
351 | |||
352 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/enc.c */ | ||
353 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
354 | |||
355 | #ifdef KAT | ||
356 | #endif | ||
357 | |||
358 | |||
359 | int crypto_kem_sntrup4591761_enc( | ||
360 | unsigned char *cstr, | ||
361 | unsigned char *k, | ||
362 | const unsigned char *pk | ||
363 | ) | ||
364 | { | ||
365 | small r[p]; | ||
366 | modq h[p]; | ||
367 | modq c[p]; | ||
368 | unsigned char rstr[small_encode_len]; | ||
369 | unsigned char hash[64]; | ||
370 | |||
371 | small_random_weightw(r); | ||
372 | |||
373 | #ifdef KAT | ||
374 | { | ||
375 | int i; | ||
376 | printf("encrypt r:"); | ||
377 | for (i = 0;i < p;++i) | ||
378 | if (r[i] == 1) printf(" +%d",i); | ||
379 | else if (r[i] == -1) printf(" -%d",i); | ||
380 | printf("\n"); | ||
381 | } | ||
382 | #endif | ||
383 | |||
384 | small_encode(rstr,r); | ||
385 | crypto_hash_sha512(hash,rstr,sizeof rstr); | ||
386 | |||
387 | rq_decode(h,pk); | ||
388 | rq_mult(c,h,r); | ||
389 | rq_round3(c,c); | ||
390 | |||
391 | memcpy(k,hash + 32,32); | ||
392 | memcpy(cstr,hash,32); | ||
393 | rq_encoderounded(cstr + 32,c); | ||
394 | |||
395 | return 0; | ||
396 | } | ||
397 | |||
398 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/keypair.c */ | ||
399 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
400 | |||
401 | |||
402 | #if crypto_kem_sntrup4591761_PUBLICKEYBYTES != rq_encode_len | ||
403 | #error "crypto_kem_sntrup4591761_PUBLICKEYBYTES must match rq_encode_len" | ||
404 | #endif | ||
405 | #if crypto_kem_sntrup4591761_SECRETKEYBYTES != rq_encode_len + 2 * small_encode_len | ||
406 | #error "crypto_kem_sntrup4591761_SECRETKEYBYTES must match rq_encode_len + 2 * small_encode_len" | ||
407 | #endif | ||
408 | |||
409 | int crypto_kem_sntrup4591761_keypair(unsigned char *pk,unsigned char *sk) | ||
410 | { | ||
411 | small g[p]; | ||
412 | small grecip[p]; | ||
413 | small f[p]; | ||
414 | modq f3recip[p]; | ||
415 | modq h[p]; | ||
416 | |||
417 | do | ||
418 | small_random(g); | ||
419 | while (r3_recip(grecip,g) != 0); | ||
420 | |||
421 | small_random_weightw(f); | ||
422 | rq_recip3(f3recip,f); | ||
423 | |||
424 | rq_mult(h,f3recip,g); | ||
425 | |||
426 | rq_encode(pk,h); | ||
427 | small_encode(sk,f); | ||
428 | small_encode(sk + small_encode_len,grecip); | ||
429 | memcpy(sk + 2 * small_encode_len,pk,rq_encode_len); | ||
430 | |||
431 | return 0; | ||
432 | } | ||
433 | |||
434 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_mult.c */ | ||
435 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
436 | |||
437 | |||
438 | static void r3_mult(small *h,const small *f,const small *g) | ||
439 | { | ||
440 | small fg[p + p - 1]; | ||
441 | small result; | ||
442 | int i, j; | ||
443 | |||
444 | for (i = 0;i < p;++i) { | ||
445 | result = 0; | ||
446 | for (j = 0;j <= i;++j) | ||
447 | result = mod3_plusproduct(result,f[j],g[i - j]); | ||
448 | fg[i] = result; | ||
449 | } | ||
450 | for (i = p;i < p + p - 1;++i) { | ||
451 | result = 0; | ||
452 | for (j = i - p + 1;j < p;++j) | ||
453 | result = mod3_plusproduct(result,f[j],g[i - j]); | ||
454 | fg[i] = result; | ||
455 | } | ||
456 | |||
457 | for (i = p + p - 2;i >= p;--i) { | ||
458 | fg[i - p] = mod3_sum(fg[i - p],fg[i]); | ||
459 | fg[i - p + 1] = mod3_sum(fg[i - p + 1],fg[i]); | ||
460 | } | ||
461 | |||
462 | for (i = 0;i < p;++i) | ||
463 | h[i] = fg[i]; | ||
464 | } | ||
465 | |||
466 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_recip.c */ | ||
467 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
468 | |||
469 | |||
470 | /* caller must ensure that x-y does not overflow */ | ||
471 | static int smaller_mask_r3_recip(int x,int y) | ||
472 | { | ||
473 | return (x - y) >> 31; | ||
474 | } | ||
475 | |||
476 | static void vectormod3_product(small *z,int len,const small *x,const small c) | ||
477 | { | ||
478 | int i; | ||
479 | for (i = 0;i < len;++i) z[i] = mod3_product(x[i],c); | ||
480 | } | ||
481 | |||
482 | static void vectormod3_minusproduct(small *z,int len,const small *x,const small *y,const small c) | ||
483 | { | ||
484 | int i; | ||
485 | for (i = 0;i < len;++i) z[i] = mod3_minusproduct(x[i],y[i],c); | ||
486 | } | ||
487 | |||
488 | static void vectormod3_shift(small *z,int len) | ||
489 | { | ||
490 | int i; | ||
491 | for (i = len - 1;i > 0;--i) z[i] = z[i - 1]; | ||
492 | z[0] = 0; | ||
493 | } | ||
494 | |||
495 | /* | ||
496 | r = s^(-1) mod m, returning 0, if s is invertible mod m | ||
497 | or returning -1 if s is not invertible mod m | ||
498 | r,s are polys of degree <p | ||
499 | m is x^p-x-1 | ||
500 | */ | ||
501 | int r3_recip(small *r,const small *s) | ||
502 | { | ||
503 | const int loops = 2*p + 1; | ||
504 | int loop; | ||
505 | small f[p + 1]; | ||
506 | small g[p + 1]; | ||
507 | small u[2*p + 2]; | ||
508 | small v[2*p + 2]; | ||
509 | small c; | ||
510 | int i; | ||
511 | int d = p; | ||
512 | int e = p; | ||
513 | int swapmask; | ||
514 | |||
515 | for (i = 2;i < p;++i) f[i] = 0; | ||
516 | f[0] = -1; | ||
517 | f[1] = -1; | ||
518 | f[p] = 1; | ||
519 | /* generalization: can initialize f to any polynomial m */ | ||
520 | /* requirements: m has degree exactly p, nonzero constant coefficient */ | ||
521 | |||
522 | for (i = 0;i < p;++i) g[i] = s[i]; | ||
523 | g[p] = 0; | ||
524 | |||
525 | for (i = 0;i <= loops;++i) u[i] = 0; | ||
526 | |||
527 | v[0] = 1; | ||
528 | for (i = 1;i <= loops;++i) v[i] = 0; | ||
529 | |||
530 | loop = 0; | ||
531 | for (;;) { | ||
532 | /* e == -1 or d + e + loop <= 2*p */ | ||
533 | |||
534 | /* f has degree p: i.e., f[p]!=0 */ | ||
535 | /* f[i]==0 for i < p-d */ | ||
536 | |||
537 | /* g has degree <=p (so it fits in p+1 coefficients) */ | ||
538 | /* g[i]==0 for i < p-e */ | ||
539 | |||
540 | /* u has degree <=loop (so it fits in loop+1 coefficients) */ | ||
541 | /* u[i]==0 for i < p-d */ | ||
542 | /* if invertible: u[i]==0 for i < loop-p (so can look at just p+1 coefficients) */ | ||
543 | |||
544 | /* v has degree <=loop (so it fits in loop+1 coefficients) */ | ||
545 | /* v[i]==0 for i < p-e */ | ||
546 | /* v[i]==0 for i < loop-p (so can look at just p+1 coefficients) */ | ||
547 | |||
548 | if (loop >= loops) break; | ||
549 | |||
550 | c = mod3_quotient(g[p],f[p]); | ||
551 | |||
552 | vectormod3_minusproduct(g,p + 1,g,f,c); | ||
553 | vectormod3_shift(g,p + 1); | ||
554 | |||
555 | #ifdef SIMPLER | ||
556 | vectormod3_minusproduct(v,loops + 1,v,u,c); | ||
557 | vectormod3_shift(v,loops + 1); | ||
558 | #else | ||
559 | if (loop < p) { | ||
560 | vectormod3_minusproduct(v,loop + 1,v,u,c); | ||
561 | vectormod3_shift(v,loop + 2); | ||
562 | } else { | ||
563 | vectormod3_minusproduct(v + loop - p,p + 1,v + loop - p,u + loop - p,c); | ||
564 | vectormod3_shift(v + loop - p,p + 2); | ||
565 | } | ||
566 | #endif | ||
567 | |||
568 | e -= 1; | ||
569 | |||
570 | ++loop; | ||
571 | |||
572 | swapmask = smaller_mask_r3_recip(e,d) & mod3_nonzero_mask(g[p]); | ||
573 | swap(&e,&d,sizeof e,swapmask); | ||
574 | swap(f,g,(p + 1) * sizeof(small),swapmask); | ||
575 | |||
576 | #ifdef SIMPLER | ||
577 | swap(u,v,(loops + 1) * sizeof(small),swapmask); | ||
578 | #else | ||
579 | if (loop < p) { | ||
580 | swap(u,v,(loop + 1) * sizeof(small),swapmask); | ||
581 | } else { | ||
582 | swap(u + loop - p,v + loop - p,(p + 1) * sizeof(small),swapmask); | ||
583 | } | ||
584 | #endif | ||
585 | } | ||
586 | |||
587 | c = mod3_reciprocal(f[p]); | ||
588 | vectormod3_product(r,p,u + p,c); | ||
589 | return smaller_mask_r3_recip(0,d); | ||
590 | } | ||
591 | |||
592 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomsmall.c */ | ||
593 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
594 | |||
595 | |||
596 | static void small_random(small *g) | ||
597 | { | ||
598 | int i; | ||
599 | |||
600 | for (i = 0;i < p;++i) { | ||
601 | crypto_uint32 r = small_random32(); | ||
602 | g[i] = (small) (((1073741823 & r) * 3) >> 30) - 1; | ||
603 | } | ||
604 | } | ||
605 | |||
606 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomweightw.c */ | ||
607 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
608 | |||
609 | |||
610 | static void small_random_weightw(small *f) | ||
611 | { | ||
612 | crypto_int32 r[p]; | ||
613 | int i; | ||
614 | |||
615 | for (i = 0;i < p;++i) r[i] = small_random32(); | ||
616 | for (i = 0;i < w;++i) r[i] &= -2; | ||
617 | for (i = w;i < p;++i) r[i] = (r[i] & -3) | 1; | ||
618 | int32_sort(r,p); | ||
619 | for (i = 0;i < p;++i) f[i] = ((small) (r[i] & 3)) - 1; | ||
620 | } | ||
621 | |||
622 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.c */ | ||
623 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
624 | |||
625 | |||
626 | static void rq_encode(unsigned char *c,const modq *f) | ||
627 | { | ||
628 | crypto_int32 f0, f1, f2, f3, f4; | ||
629 | int i; | ||
630 | |||
631 | for (i = 0;i < p/5;++i) { | ||
632 | f0 = *f++ + qshift; | ||
633 | f1 = *f++ + qshift; | ||
634 | f2 = *f++ + qshift; | ||
635 | f3 = *f++ + qshift; | ||
636 | f4 = *f++ + qshift; | ||
637 | /* now want f0 + 6144*f1 + ... as a 64-bit integer */ | ||
638 | f1 *= 3; | ||
639 | f2 *= 9; | ||
640 | f3 *= 27; | ||
641 | f4 *= 81; | ||
642 | /* now want f0 + f1<<11 + f2<<22 + f3<<33 + f4<<44 */ | ||
643 | f0 += f1 << 11; | ||
644 | *c++ = f0; f0 >>= 8; | ||
645 | *c++ = f0; f0 >>= 8; | ||
646 | f0 += f2 << 6; | ||
647 | *c++ = f0; f0 >>= 8; | ||
648 | *c++ = f0; f0 >>= 8; | ||
649 | f0 += f3 << 1; | ||
650 | *c++ = f0; f0 >>= 8; | ||
651 | f0 += f4 << 4; | ||
652 | *c++ = f0; f0 >>= 8; | ||
653 | *c++ = f0; f0 >>= 8; | ||
654 | *c++ = f0; | ||
655 | } | ||
656 | /* XXX: using p mod 5 = 1 */ | ||
657 | f0 = *f++ + qshift; | ||
658 | *c++ = f0; f0 >>= 8; | ||
659 | *c++ = f0; | ||
660 | } | ||
661 | |||
662 | static void rq_decode(modq *f,const unsigned char *c) | ||
663 | { | ||
664 | crypto_uint32 c0, c1, c2, c3, c4, c5, c6, c7; | ||
665 | crypto_uint32 f0, f1, f2, f3, f4; | ||
666 | int i; | ||
667 | |||
668 | for (i = 0;i < p/5;++i) { | ||
669 | c0 = *c++; | ||
670 | c1 = *c++; | ||
671 | c2 = *c++; | ||
672 | c3 = *c++; | ||
673 | c4 = *c++; | ||
674 | c5 = *c++; | ||
675 | c6 = *c++; | ||
676 | c7 = *c++; | ||
677 | |||
678 | /* f0 + f1*6144 + f2*6144^2 + f3*6144^3 + f4*6144^4 */ | ||
679 | /* = c0 + c1*256 + ... + c6*256^6 + c7*256^7 */ | ||
680 | /* with each f between 0 and 4590 */ | ||
681 | |||
682 | c6 += c7 << 8; | ||
683 | /* c6 <= 23241 = floor(4591*6144^4/2^48) */ | ||
684 | /* f4 = (16/81)c6 + (1/1296)(c5+[0,1]) - [0,0.75] */ | ||
685 | /* claim: 2^19 f4 < x < 2^19(f4+1) */ | ||
686 | /* where x = 103564 c6 + 405(c5+1) */ | ||
687 | /* proof: x - 2^19 f4 = (76/81)c6 + (37/81)c5 + 405 - (32768/81)[0,1] + 2^19[0,0.75] */ | ||
688 | /* at least 405 - 32768/81 > 0 */ | ||
689 | /* at most (76/81)23241 + (37/81)255 + 405 + 2^19 0.75 < 2^19 */ | ||
690 | f4 = (103564*c6 + 405*(c5+1)) >> 19; | ||
691 | |||
692 | c5 += c6 << 8; | ||
693 | c5 -= (f4 * 81) << 4; | ||
694 | c4 += c5 << 8; | ||
695 | |||
696 | /* f0 + f1*6144 + f2*6144^2 + f3*6144^3 */ | ||
697 | /* = c0 + c1*256 + c2*256^2 + c3*256^3 + c4*256^4 */ | ||
698 | /* c4 <= 247914 = floor(4591*6144^3/2^32) */ | ||
699 | /* f3 = (1/54)(c4+[0,1]) - [0,0.75] */ | ||
700 | /* claim: 2^19 f3 < x < 2^19(f3+1) */ | ||
701 | /* where x = 9709(c4+2) */ | ||
702 | /* proof: x - 2^19 f3 = 19418 - (1/27)c4 - (262144/27)[0,1] + 2^19[0,0.75] */ | ||
703 | /* at least 19418 - 247914/27 - 262144/27 > 0 */ | ||
704 | /* at most 19418 + 2^19 0.75 < 2^19 */ | ||
705 | f3 = (9709*(c4+2)) >> 19; | ||
706 | |||
707 | c4 -= (f3 * 27) << 1; | ||
708 | c3 += c4 << 8; | ||
709 | /* f0 + f1*6144 + f2*6144^2 */ | ||
710 | /* = c0 + c1*256 + c2*256^2 + c3*256^3 */ | ||
711 | /* c3 <= 10329 = floor(4591*6144^2/2^24) */ | ||
712 | /* f2 = (4/9)c3 + (1/576)c2 + (1/147456)c1 + (1/37748736)c0 - [0,0.75] */ | ||
713 | /* claim: 2^19 f2 < x < 2^19(f2+1) */ | ||
714 | /* where x = 233017 c3 + 910(c2+2) */ | ||
715 | /* proof: x - 2^19 f2 = 1820 + (1/9)c3 - (2/9)c2 - (32/9)c1 - (1/72)c0 + 2^19[0,0.75] */ | ||
716 | /* at least 1820 - (2/9)255 - (32/9)255 - (1/72)255 > 0 */ | ||
717 | /* at most 1820 + (1/9)10329 + 2^19 0.75 < 2^19 */ | ||
718 | f2 = (233017*c3 + 910*(c2+2)) >> 19; | ||
719 | |||
720 | c2 += c3 << 8; | ||
721 | c2 -= (f2 * 9) << 6; | ||
722 | c1 += c2 << 8; | ||
723 | /* f0 + f1*6144 */ | ||
724 | /* = c0 + c1*256 */ | ||
725 | /* c1 <= 110184 = floor(4591*6144/2^8) */ | ||
726 | /* f1 = (1/24)c1 + (1/6144)c0 - (1/6144)f0 */ | ||
727 | /* claim: 2^19 f1 < x < 2^19(f1+1) */ | ||
728 | /* where x = 21845(c1+2) + 85 c0 */ | ||
729 | /* proof: x - 2^19 f1 = 43690 - (1/3)c1 - (1/3)c0 + 2^19 [0,0.75] */ | ||
730 | /* at least 43690 - (1/3)110184 - (1/3)255 > 0 */ | ||
731 | /* at most 43690 + 2^19 0.75 < 2^19 */ | ||
732 | f1 = (21845*(c1+2) + 85*c0) >> 19; | ||
733 | |||
734 | c1 -= (f1 * 3) << 3; | ||
735 | c0 += c1 << 8; | ||
736 | f0 = c0; | ||
737 | |||
738 | *f++ = modq_freeze(f0 + q - qshift); | ||
739 | *f++ = modq_freeze(f1 + q - qshift); | ||
740 | *f++ = modq_freeze(f2 + q - qshift); | ||
741 | *f++ = modq_freeze(f3 + q - qshift); | ||
742 | *f++ = modq_freeze(f4 + q - qshift); | ||
743 | } | ||
744 | |||
745 | c0 = *c++; | ||
746 | c1 = *c++; | ||
747 | c0 += c1 << 8; | ||
748 | *f++ = modq_freeze(c0 + q - qshift); | ||
749 | } | ||
750 | |||
751 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_mult.c */ | ||
752 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
753 | |||
754 | |||
755 | static void rq_mult(modq *h,const modq *f,const small *g) | ||
756 | { | ||
757 | modq fg[p + p - 1]; | ||
758 | modq result; | ||
759 | int i, j; | ||
760 | |||
761 | for (i = 0;i < p;++i) { | ||
762 | result = 0; | ||
763 | for (j = 0;j <= i;++j) | ||
764 | result = modq_plusproduct(result,f[j],g[i - j]); | ||
765 | fg[i] = result; | ||
766 | } | ||
767 | for (i = p;i < p + p - 1;++i) { | ||
768 | result = 0; | ||
769 | for (j = i - p + 1;j < p;++j) | ||
770 | result = modq_plusproduct(result,f[j],g[i - j]); | ||
771 | fg[i] = result; | ||
772 | } | ||
773 | |||
774 | for (i = p + p - 2;i >= p;--i) { | ||
775 | fg[i - p] = modq_sum(fg[i - p],fg[i]); | ||
776 | fg[i - p + 1] = modq_sum(fg[i - p + 1],fg[i]); | ||
777 | } | ||
778 | |||
779 | for (i = 0;i < p;++i) | ||
780 | h[i] = fg[i]; | ||
781 | } | ||
782 | |||
783 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_recip3.c */ | ||
784 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
785 | |||
786 | |||
787 | /* caller must ensure that x-y does not overflow */ | ||
788 | static int smaller_mask_rq_recip3(int x,int y) | ||
789 | { | ||
790 | return (x - y) >> 31; | ||
791 | } | ||
792 | |||
793 | static void vectormodq_product(modq *z,int len,const modq *x,const modq c) | ||
794 | { | ||
795 | int i; | ||
796 | for (i = 0;i < len;++i) z[i] = modq_product(x[i],c); | ||
797 | } | ||
798 | |||
799 | static void vectormodq_minusproduct(modq *z,int len,const modq *x,const modq *y,const modq c) | ||
800 | { | ||
801 | int i; | ||
802 | for (i = 0;i < len;++i) z[i] = modq_minusproduct(x[i],y[i],c); | ||
803 | } | ||
804 | |||
805 | static void vectormodq_shift(modq *z,int len) | ||
806 | { | ||
807 | int i; | ||
808 | for (i = len - 1;i > 0;--i) z[i] = z[i - 1]; | ||
809 | z[0] = 0; | ||
810 | } | ||
811 | |||
812 | /* | ||
813 | r = (3s)^(-1) mod m, returning 0, if s is invertible mod m | ||
814 | or returning -1 if s is not invertible mod m | ||
815 | r,s are polys of degree <p | ||
816 | m is x^p-x-1 | ||
817 | */ | ||
818 | int rq_recip3(modq *r,const small *s) | ||
819 | { | ||
820 | const int loops = 2*p + 1; | ||
821 | int loop; | ||
822 | modq f[p + 1]; | ||
823 | modq g[p + 1]; | ||
824 | modq u[2*p + 2]; | ||
825 | modq v[2*p + 2]; | ||
826 | modq c; | ||
827 | int i; | ||
828 | int d = p; | ||
829 | int e = p; | ||
830 | int swapmask; | ||
831 | |||
832 | for (i = 2;i < p;++i) f[i] = 0; | ||
833 | f[0] = -1; | ||
834 | f[1] = -1; | ||
835 | f[p] = 1; | ||
836 | /* generalization: can initialize f to any polynomial m */ | ||
837 | /* requirements: m has degree exactly p, nonzero constant coefficient */ | ||
838 | |||
839 | for (i = 0;i < p;++i) g[i] = 3 * s[i]; | ||
840 | g[p] = 0; | ||
841 | |||
842 | for (i = 0;i <= loops;++i) u[i] = 0; | ||
843 | |||
844 | v[0] = 1; | ||
845 | for (i = 1;i <= loops;++i) v[i] = 0; | ||
846 | |||
847 | loop = 0; | ||
848 | for (;;) { | ||
849 | /* e == -1 or d + e + loop <= 2*p */ | ||
850 | |||
851 | /* f has degree p: i.e., f[p]!=0 */ | ||
852 | /* f[i]==0 for i < p-d */ | ||
853 | |||
854 | /* g has degree <=p (so it fits in p+1 coefficients) */ | ||
855 | /* g[i]==0 for i < p-e */ | ||
856 | |||
857 | /* u has degree <=loop (so it fits in loop+1 coefficients) */ | ||
858 | /* u[i]==0 for i < p-d */ | ||
859 | /* if invertible: u[i]==0 for i < loop-p (so can look at just p+1 coefficients) */ | ||
860 | |||
861 | /* v has degree <=loop (so it fits in loop+1 coefficients) */ | ||
862 | /* v[i]==0 for i < p-e */ | ||
863 | /* v[i]==0 for i < loop-p (so can look at just p+1 coefficients) */ | ||
864 | |||
865 | if (loop >= loops) break; | ||
866 | |||
867 | c = modq_quotient(g[p],f[p]); | ||
868 | |||
869 | vectormodq_minusproduct(g,p + 1,g,f,c); | ||
870 | vectormodq_shift(g,p + 1); | ||
871 | |||
872 | #ifdef SIMPLER | ||
873 | vectormodq_minusproduct(v,loops + 1,v,u,c); | ||
874 | vectormodq_shift(v,loops + 1); | ||
875 | #else | ||
876 | if (loop < p) { | ||
877 | vectormodq_minusproduct(v,loop + 1,v,u,c); | ||
878 | vectormodq_shift(v,loop + 2); | ||
879 | } else { | ||
880 | vectormodq_minusproduct(v + loop - p,p + 1,v + loop - p,u + loop - p,c); | ||
881 | vectormodq_shift(v + loop - p,p + 2); | ||
882 | } | ||
883 | #endif | ||
884 | |||
885 | e -= 1; | ||
886 | |||
887 | ++loop; | ||
888 | |||
889 | swapmask = smaller_mask_rq_recip3(e,d) & modq_nonzero_mask(g[p]); | ||
890 | swap(&e,&d,sizeof e,swapmask); | ||
891 | swap(f,g,(p + 1) * sizeof(modq),swapmask); | ||
892 | |||
893 | #ifdef SIMPLER | ||
894 | swap(u,v,(loops + 1) * sizeof(modq),swapmask); | ||
895 | #else | ||
896 | if (loop < p) { | ||
897 | swap(u,v,(loop + 1) * sizeof(modq),swapmask); | ||
898 | } else { | ||
899 | swap(u + loop - p,v + loop - p,(p + 1) * sizeof(modq),swapmask); | ||
900 | } | ||
901 | #endif | ||
902 | } | ||
903 | |||
904 | c = modq_reciprocal(f[p]); | ||
905 | vectormodq_product(r,p,u + p,c); | ||
906 | return smaller_mask_rq_recip3(0,d); | ||
907 | } | ||
908 | |||
909 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_round3.c */ | ||
910 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
911 | |||
912 | |||
913 | static void rq_round3(modq *h,const modq *f) | ||
914 | { | ||
915 | int i; | ||
916 | |||
917 | for (i = 0;i < p;++i) | ||
918 | h[i] = ((21846 * (f[i] + 2295) + 32768) >> 16) * 3 - 2295; | ||
919 | } | ||
920 | |||
921 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_rounded.c */ | ||
922 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
923 | |||
924 | |||
925 | static void rq_encoderounded(unsigned char *c,const modq *f) | ||
926 | { | ||
927 | crypto_int32 f0, f1, f2; | ||
928 | int i; | ||
929 | |||
930 | for (i = 0;i < p/3;++i) { | ||
931 | f0 = *f++ + qshift; | ||
932 | f1 = *f++ + qshift; | ||
933 | f2 = *f++ + qshift; | ||
934 | f0 = (21846 * f0) >> 16; | ||
935 | f1 = (21846 * f1) >> 16; | ||
936 | f2 = (21846 * f2) >> 16; | ||
937 | /* now want f0 + f1*1536 + f2*1536^2 as a 32-bit integer */ | ||
938 | f2 *= 3; | ||
939 | f1 += f2 << 9; | ||
940 | f1 *= 3; | ||
941 | f0 += f1 << 9; | ||
942 | *c++ = f0; f0 >>= 8; | ||
943 | *c++ = f0; f0 >>= 8; | ||
944 | *c++ = f0; f0 >>= 8; | ||
945 | *c++ = f0; | ||
946 | } | ||
947 | /* XXX: using p mod 3 = 2 */ | ||
948 | f0 = *f++ + qshift; | ||
949 | f1 = *f++ + qshift; | ||
950 | f0 = (21846 * f0) >> 16; | ||
951 | f1 = (21846 * f1) >> 16; | ||
952 | f1 *= 3; | ||
953 | f0 += f1 << 9; | ||
954 | *c++ = f0; f0 >>= 8; | ||
955 | *c++ = f0; f0 >>= 8; | ||
956 | *c++ = f0; | ||
957 | } | ||
958 | |||
959 | static void rq_decoderounded(modq *f,const unsigned char *c) | ||
960 | { | ||
961 | crypto_uint32 c0, c1, c2, c3; | ||
962 | crypto_uint32 f0, f1, f2; | ||
963 | int i; | ||
964 | |||
965 | for (i = 0;i < p/3;++i) { | ||
966 | c0 = *c++; | ||
967 | c1 = *c++; | ||
968 | c2 = *c++; | ||
969 | c3 = *c++; | ||
970 | |||
971 | /* f0 + f1*1536 + f2*1536^2 */ | ||
972 | /* = c0 + c1*256 + c2*256^2 + c3*256^3 */ | ||
973 | /* with each f between 0 and 1530 */ | ||
974 | |||
975 | /* f2 = (64/9)c3 + (1/36)c2 + (1/9216)c1 + (1/2359296)c0 - [0,0.99675] */ | ||
976 | /* claim: 2^21 f2 < x < 2^21(f2+1) */ | ||
977 | /* where x = 14913081*c3 + 58254*c2 + 228*(c1+2) */ | ||
978 | /* proof: x - 2^21 f2 = 456 - (8/9)c0 + (4/9)c1 - (2/9)c2 + (1/9)c3 + 2^21 [0,0.99675] */ | ||
979 | /* at least 456 - (8/9)255 - (2/9)255 > 0 */ | ||
980 | /* at most 456 + (4/9)255 + (1/9)255 + 2^21 0.99675 < 2^21 */ | ||
981 | f2 = (14913081*c3 + 58254*c2 + 228*(c1+2)) >> 21; | ||
982 | |||
983 | c2 += c3 << 8; | ||
984 | c2 -= (f2 * 9) << 2; | ||
985 | /* f0 + f1*1536 */ | ||
986 | /* = c0 + c1*256 + c2*256^2 */ | ||
987 | /* c2 <= 35 = floor((1530+1530*1536)/256^2) */ | ||
988 | /* f1 = (128/3)c2 + (1/6)c1 + (1/1536)c0 - (1/1536)f0 */ | ||
989 | /* claim: 2^21 f1 < x < 2^21(f1+1) */ | ||
990 | /* where x = 89478485*c2 + 349525*c1 + 1365*(c0+1) */ | ||
991 | /* proof: x - 2^21 f1 = 1365 - (1/3)c2 - (1/3)c1 - (1/3)c0 + (4096/3)f0 */ | ||
992 | /* at least 1365 - (1/3)35 - (1/3)255 - (1/3)255 > 0 */ | ||
993 | /* at most 1365 + (4096/3)1530 < 2^21 */ | ||
994 | f1 = (89478485*c2 + 349525*c1 + 1365*(c0+1)) >> 21; | ||
995 | |||
996 | c1 += c2 << 8; | ||
997 | c1 -= (f1 * 3) << 1; | ||
998 | |||
999 | c0 += c1 << 8; | ||
1000 | f0 = c0; | ||
1001 | |||
1002 | *f++ = modq_freeze(f0 * 3 + q - qshift); | ||
1003 | *f++ = modq_freeze(f1 * 3 + q - qshift); | ||
1004 | *f++ = modq_freeze(f2 * 3 + q - qshift); | ||
1005 | } | ||
1006 | |||
1007 | c0 = *c++; | ||
1008 | c1 = *c++; | ||
1009 | c2 = *c++; | ||
1010 | |||
1011 | f1 = (89478485*c2 + 349525*c1 + 1365*(c0+1)) >> 21; | ||
1012 | |||
1013 | c1 += c2 << 8; | ||
1014 | c1 -= (f1 * 3) << 1; | ||
1015 | |||
1016 | c0 += c1 << 8; | ||
1017 | f0 = c0; | ||
1018 | |||
1019 | *f++ = modq_freeze(f0 * 3 + q - qshift); | ||
1020 | *f++ = modq_freeze(f1 * 3 + q - qshift); | ||
1021 | } | ||
1022 | |||
1023 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.c */ | ||
1024 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
1025 | |||
1026 | |||
1027 | /* XXX: these functions rely on p mod 4 = 1 */ | ||
1028 | |||
1029 | /* all coefficients in -1, 0, 1 */ | ||
1030 | static void small_encode(unsigned char *c,const small *f) | ||
1031 | { | ||
1032 | small c0; | ||
1033 | int i; | ||
1034 | |||
1035 | for (i = 0;i < p/4;++i) { | ||
1036 | c0 = *f++ + 1; | ||
1037 | c0 += (*f++ + 1) << 2; | ||
1038 | c0 += (*f++ + 1) << 4; | ||
1039 | c0 += (*f++ + 1) << 6; | ||
1040 | *c++ = c0; | ||
1041 | } | ||
1042 | c0 = *f++ + 1; | ||
1043 | *c++ = c0; | ||
1044 | } | ||
1045 | |||
1046 | static void small_decode(small *f,const unsigned char *c) | ||
1047 | { | ||
1048 | unsigned char c0; | ||
1049 | int i; | ||
1050 | |||
1051 | for (i = 0;i < p/4;++i) { | ||
1052 | c0 = *c++; | ||
1053 | *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2; | ||
1054 | *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2; | ||
1055 | *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2; | ||
1056 | *f++ = ((small) (c0 & 3)) - 1; | ||
1057 | } | ||
1058 | c0 = *c++; | ||
1059 | *f++ = ((small) (c0 & 3)) - 1; | ||
1060 | } | ||
1061 | |||
1062 | /* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.c */ | ||
1063 | /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ | ||
1064 | |||
1065 | |||
1066 | static void swap(void *x,void *y,int bytes,int mask) | ||
1067 | { | ||
1068 | int i; | ||
1069 | char xi, yi, c, t; | ||
1070 | |||
1071 | c = mask; | ||
1072 | |||
1073 | for (i = 0;i < bytes;++i) { | ||
1074 | xi = i[(char *) x]; | ||
1075 | yi = i[(char *) y]; | ||
1076 | t = c & (xi ^ yi); | ||
1077 | xi ^= t; | ||
1078 | yi ^= t; | ||
1079 | i[(char *) x] = xi; | ||
1080 | i[(char *) y] = yi; | ||
1081 | } | ||
1082 | } | ||
1083 | |||
diff --git a/sntrup4591761.sh b/sntrup4591761.sh new file mode 100644 index 000000000..e684c3329 --- /dev/null +++ b/sntrup4591761.sh | |||
@@ -0,0 +1,57 @@ | |||
1 | #!/bin/sh | ||
2 | # $OpenBSD: sntrup4591761.sh,v 1.3 2019/01/30 19:51:15 markus Exp $ | ||
3 | # Placed in the Public Domain. | ||
4 | # | ||
5 | AUTHOR="libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/implementors" | ||
6 | FILES=" | ||
7 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.h | ||
8 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.c | ||
9 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.h | ||
10 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/mod3.h | ||
11 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/modq.h | ||
12 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/params.h | ||
13 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3.h | ||
14 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.h | ||
15 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.h | ||
16 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/dec.c | ||
17 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/enc.c | ||
18 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/keypair.c | ||
19 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_mult.c | ||
20 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_recip.c | ||
21 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomsmall.c | ||
22 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomweightw.c | ||
23 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.c | ||
24 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_mult.c | ||
25 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_recip3.c | ||
26 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_round3.c | ||
27 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_rounded.c | ||
28 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.c | ||
29 | libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.c | ||
30 | " | ||
31 | ### | ||
32 | |||
33 | set -e | ||
34 | cd $1 | ||
35 | echo -n '/* $' | ||
36 | echo 'OpenBSD: $ */' | ||
37 | echo | ||
38 | echo '/*' | ||
39 | echo ' * Public Domain, Authors:' | ||
40 | sed -e '/Alphabetical order:/d' -e 's/^/ * - /' < $AUTHOR | ||
41 | echo ' */' | ||
42 | echo | ||
43 | echo '#include <string.h>' | ||
44 | echo '#include "crypto_api.h"' | ||
45 | echo | ||
46 | for i in $FILES; do | ||
47 | echo "/* from $i */" | ||
48 | b=$(basename $i .c) | ||
49 | grep \ | ||
50 | -v '#include' $i | \ | ||
51 | grep -v "extern crypto_int32 small_random32" | | ||
52 | sed -e "s/crypto_kem_/crypto_kem_sntrup4591761_/g" \ | ||
53 | -e "s/smaller_mask/smaller_mask_${b}/g" \ | ||
54 | -e "s/^extern void /static void /" \ | ||
55 | -e "s/^void /static void /" | ||
56 | echo | ||
57 | done | ||
@@ -4,9 +4,10 @@ NAME | |||
4 | ssh-add M-bM-^@M-^S adds private key identities to the authentication agent | 4 | ssh-add M-bM-^@M-^S adds private key identities to the authentication agent |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-add [-cDdkLlqXx] [-E fingerprint_hash] [-t life] [file ...] | 7 | ssh-add [-cDdkLlqvXx] [-E fingerprint_hash] [-t life] [file ...] |
8 | ssh-add -s pkcs11 | 8 | ssh-add -s pkcs11 |
9 | ssh-add -e pkcs11 | 9 | ssh-add -e pkcs11 |
10 | ssh-add -T pubkey ... | ||
10 | 11 | ||
11 | DESCRIPTION | 12 | DESCRIPTION |
12 | ssh-add adds private key identities to the authentication agent, | 13 | ssh-add adds private key identities to the authentication agent, |
@@ -65,11 +66,20 @@ DESCRIPTION | |||
65 | -s pkcs11 | 66 | -s pkcs11 |
66 | Add keys provided by the PKCS#11 shared library pkcs11. | 67 | Add keys provided by the PKCS#11 shared library pkcs11. |
67 | 68 | ||
69 | -T pubkey ... | ||
70 | Tests whether the private keys that correspond to the specified | ||
71 | pubkey files are usable by performing sign and verify operations | ||
72 | on each. | ||
73 | |||
68 | -t life | 74 | -t life |
69 | Set a maximum lifetime when adding identities to an agent. The | 75 | Set a maximum lifetime when adding identities to an agent. The |
70 | lifetime may be specified in seconds or in a time format | 76 | lifetime may be specified in seconds or in a time format |
71 | specified in sshd_config(5). | 77 | specified in sshd_config(5). |
72 | 78 | ||
79 | -v Verbose mode. Causes ssh-add to print debugging messages about | ||
80 | its progress. This is helpful in debugging problems. Multiple | ||
81 | -v options increase the verbosity. The maximum is 3. | ||
82 | |||
73 | -X Unlock the agent. | 83 | -X Unlock the agent. |
74 | 84 | ||
75 | -x Lock the agent with a password. | 85 | -x Lock the agent with a password. |
@@ -120,4 +130,4 @@ AUTHORS | |||
120 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 130 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
121 | versions 1.5 and 2.0. | 131 | versions 1.5 and 2.0. |
122 | 132 | ||
123 | OpenBSD 6.4 August 29, 2017 OpenBSD 6.4 | 133 | OpenBSD 6.5 January 21, 2019 OpenBSD 6.5 |
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-add.1,v 1.66 2017/08/29 13:05:58 jmc Exp $ | 1 | .\" $OpenBSD: ssh-add.1,v 1.69 2019/01/21 12:53:35 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: August 29 2017 $ | 38 | .Dd $Mdocdate: January 21 2019 $ |
39 | .Dt SSH-ADD 1 | 39 | .Dt SSH-ADD 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -43,7 +43,7 @@ | |||
43 | .Nd adds private key identities to the authentication agent | 43 | .Nd adds private key identities to the authentication agent |
44 | .Sh SYNOPSIS | 44 | .Sh SYNOPSIS |
45 | .Nm ssh-add | 45 | .Nm ssh-add |
46 | .Op Fl cDdkLlqXx | 46 | .Op Fl cDdkLlqvXx |
47 | .Op Fl E Ar fingerprint_hash | 47 | .Op Fl E Ar fingerprint_hash |
48 | .Op Fl t Ar life | 48 | .Op Fl t Ar life |
49 | .Op Ar | 49 | .Op Ar |
@@ -51,6 +51,9 @@ | |||
51 | .Fl s Ar pkcs11 | 51 | .Fl s Ar pkcs11 |
52 | .Nm ssh-add | 52 | .Nm ssh-add |
53 | .Fl e Ar pkcs11 | 53 | .Fl e Ar pkcs11 |
54 | .Nm ssh-add | ||
55 | .Fl T | ||
56 | .Ar pubkey ... | ||
54 | .Sh DESCRIPTION | 57 | .Sh DESCRIPTION |
55 | .Nm | 58 | .Nm |
56 | adds private key identities to the authentication agent, | 59 | adds private key identities to the authentication agent, |
@@ -131,11 +134,25 @@ Be quiet after a successful operation. | |||
131 | .It Fl s Ar pkcs11 | 134 | .It Fl s Ar pkcs11 |
132 | Add keys provided by the PKCS#11 shared library | 135 | Add keys provided by the PKCS#11 shared library |
133 | .Ar pkcs11 . | 136 | .Ar pkcs11 . |
137 | .It Fl T Ar pubkey ... | ||
138 | Tests whether the private keys that correspond to the specified | ||
139 | .Ar pubkey | ||
140 | files are usable by performing sign and verify operations on each. | ||
134 | .It Fl t Ar life | 141 | .It Fl t Ar life |
135 | Set a maximum lifetime when adding identities to an agent. | 142 | Set a maximum lifetime when adding identities to an agent. |
136 | The lifetime may be specified in seconds or in a time format | 143 | The lifetime may be specified in seconds or in a time format |
137 | specified in | 144 | specified in |
138 | .Xr sshd_config 5 . | 145 | .Xr sshd_config 5 . |
146 | .It Fl v | ||
147 | Verbose mode. | ||
148 | Causes | ||
149 | .Nm | ||
150 | to print debugging messages about its progress. | ||
151 | This is helpful in debugging problems. | ||
152 | Multiple | ||
153 | .Fl v | ||
154 | options increase the verbosity. | ||
155 | The maximum is 3. | ||
139 | .It Fl X | 156 | .It Fl X |
140 | Unlock the agent. | 157 | Unlock the agent. |
141 | .It Fl x | 158 | .It Fl x |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.136 2018/09/19 02:03:02 djm Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.138 2019/01/21 12:53:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -418,6 +418,40 @@ update_card(int agent_fd, int add, const char *id, int qflag) | |||
418 | } | 418 | } |
419 | 419 | ||
420 | static int | 420 | static int |
421 | test_key(int agent_fd, const char *filename) | ||
422 | { | ||
423 | struct sshkey *key = NULL; | ||
424 | u_char *sig = NULL; | ||
425 | size_t slen = 0; | ||
426 | int r, ret = -1; | ||
427 | char data[1024]; | ||
428 | |||
429 | if ((r = sshkey_load_public(filename, &key, NULL)) != 0) { | ||
430 | error("Couldn't read public key %s: %s", filename, ssh_err(r)); | ||
431 | return -1; | ||
432 | } | ||
433 | arc4random_buf(data, sizeof(data)); | ||
434 | if ((r = ssh_agent_sign(agent_fd, key, &sig, &slen, data, sizeof(data), | ||
435 | NULL, 0)) != 0) { | ||
436 | error("Agent signature failed for %s: %s", | ||
437 | filename, ssh_err(r)); | ||
438 | goto done; | ||
439 | } | ||
440 | if ((r = sshkey_verify(key, sig, slen, data, sizeof(data), | ||
441 | NULL, 0)) != 0) { | ||
442 | error("Signature verification failed for %s: %s", | ||
443 | filename, ssh_err(r)); | ||
444 | goto done; | ||
445 | } | ||
446 | /* success */ | ||
447 | ret = 0; | ||
448 | done: | ||
449 | free(sig); | ||
450 | sshkey_free(key); | ||
451 | return ret; | ||
452 | } | ||
453 | |||
454 | static int | ||
421 | list_identities(int agent_fd, int do_fp) | 455 | list_identities(int agent_fd, int do_fp) |
422 | { | 456 | { |
423 | char *fp; | 457 | char *fp; |
@@ -524,7 +558,9 @@ usage(void) | |||
524 | fprintf(stderr, " -X Unlock agent.\n"); | 558 | fprintf(stderr, " -X Unlock agent.\n"); |
525 | fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); | 559 | fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); |
526 | fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); | 560 | fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); |
561 | fprintf(stderr, " -T pubkey Test if ssh-agent can access matching private key.\n"); | ||
527 | fprintf(stderr, " -q Be quiet after a successful operation.\n"); | 562 | fprintf(stderr, " -q Be quiet after a successful operation.\n"); |
563 | fprintf(stderr, " -v Be more verbose.\n"); | ||
528 | } | 564 | } |
529 | 565 | ||
530 | int | 566 | int |
@@ -535,7 +571,9 @@ main(int argc, char **argv) | |||
535 | int agent_fd; | 571 | int agent_fd; |
536 | char *pkcs11provider = NULL; | 572 | char *pkcs11provider = NULL; |
537 | int r, i, ch, deleting = 0, ret = 0, key_only = 0; | 573 | int r, i, ch, deleting = 0, ret = 0, key_only = 0; |
538 | int xflag = 0, lflag = 0, Dflag = 0, qflag = 0; | 574 | int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0; |
575 | SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; | ||
576 | LogLevel log_level = SYSLOG_LEVEL_INFO; | ||
539 | 577 | ||
540 | ssh_malloc_init(); /* must be called before any mallocs */ | 578 | ssh_malloc_init(); /* must be called before any mallocs */ |
541 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 579 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
@@ -544,9 +582,7 @@ main(int argc, char **argv) | |||
544 | __progname = ssh_get_progname(argv[0]); | 582 | __progname = ssh_get_progname(argv[0]); |
545 | seed_rng(); | 583 | seed_rng(); |
546 | 584 | ||
547 | #ifdef WITH_OPENSSL | 585 | log_init(__progname, log_level, log_facility, 1); |
548 | OpenSSL_add_all_algorithms(); | ||
549 | #endif | ||
550 | 586 | ||
551 | setvbuf(stdout, NULL, _IOLBF, 0); | 587 | setvbuf(stdout, NULL, _IOLBF, 0); |
552 | 588 | ||
@@ -563,8 +599,14 @@ main(int argc, char **argv) | |||
563 | exit(2); | 599 | exit(2); |
564 | } | 600 | } |
565 | 601 | ||
566 | while ((ch = getopt(argc, argv, "klLcdDxXE:e:M:m:qs:t:")) != -1) { | 602 | while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:t:")) != -1) { |
567 | switch (ch) { | 603 | switch (ch) { |
604 | case 'v': | ||
605 | if (log_level == SYSLOG_LEVEL_INFO) | ||
606 | log_level = SYSLOG_LEVEL_DEBUG1; | ||
607 | else if (log_level < SYSLOG_LEVEL_DEBUG3) | ||
608 | log_level++; | ||
609 | break; | ||
568 | case 'E': | 610 | case 'E': |
569 | fingerprint_hash = ssh_digest_alg_by_name(optarg); | 611 | fingerprint_hash = ssh_digest_alg_by_name(optarg); |
570 | if (fingerprint_hash == -1) | 612 | if (fingerprint_hash == -1) |
@@ -627,12 +669,16 @@ main(int argc, char **argv) | |||
627 | case 'q': | 669 | case 'q': |
628 | qflag = 1; | 670 | qflag = 1; |
629 | break; | 671 | break; |
672 | case 'T': | ||
673 | Tflag = 1; | ||
674 | break; | ||
630 | default: | 675 | default: |
631 | usage(); | 676 | usage(); |
632 | ret = 1; | 677 | ret = 1; |
633 | goto done; | 678 | goto done; |
634 | } | 679 | } |
635 | } | 680 | } |
681 | log_init(__progname, log_level, log_facility, 1); | ||
636 | 682 | ||
637 | if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) | 683 | if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) |
638 | fatal("Invalid combination of actions"); | 684 | fatal("Invalid combination of actions"); |
@@ -652,6 +698,14 @@ main(int argc, char **argv) | |||
652 | 698 | ||
653 | argc -= optind; | 699 | argc -= optind; |
654 | argv += optind; | 700 | argv += optind; |
701 | if (Tflag) { | ||
702 | if (argc <= 0) | ||
703 | fatal("no keys to test"); | ||
704 | for (r = i = 0; i < argc; i++) | ||
705 | r |= test_key(agent_fd, argv[i]); | ||
706 | ret = r == 0 ? 0 : 1; | ||
707 | goto done; | ||
708 | } | ||
655 | if (pkcs11provider != NULL) { | 709 | if (pkcs11provider != NULL) { |
656 | if (update_card(agent_fd, !deleting, pkcs11provider, | 710 | if (update_card(agent_fd, !deleting, pkcs11provider, |
657 | qflag) == -1) | 711 | qflag) == -1) |
diff --git a/ssh-agent.0 b/ssh-agent.0 index f4575d01b..9f140afb5 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 | |||
@@ -117,4 +117,4 @@ AUTHORS | |||
117 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 117 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
118 | versions 1.5 and 2.0. | 118 | versions 1.5 and 2.0. |
119 | 119 | ||
120 | OpenBSD 6.4 November 30, 2016 OpenBSD 6.4 | 120 | OpenBSD 6.5 November 30, 2016 OpenBSD 6.5 |
diff --git a/ssh-agent.c b/ssh-agent.c index d8a8260f9..d06ecfd98 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.233 2019/01/22 22:58:50 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -96,6 +96,8 @@ | |||
96 | 96 | ||
97 | /* Maximum accepted message length */ | 97 | /* Maximum accepted message length */ |
98 | #define AGENT_MAX_LEN (256*1024) | 98 | #define AGENT_MAX_LEN (256*1024) |
99 | /* Maximum bytes to read from client socket */ | ||
100 | #define AGENT_RBUF_LEN (4096) | ||
99 | 101 | ||
100 | typedef enum { | 102 | typedef enum { |
101 | AUTH_UNUSED, | 103 | AUTH_UNUSED, |
@@ -839,7 +841,7 @@ handle_socket_read(u_int socknum) | |||
839 | static int | 841 | static int |
840 | handle_conn_read(u_int socknum) | 842 | handle_conn_read(u_int socknum) |
841 | { | 843 | { |
842 | char buf[1024]; | 844 | char buf[AGENT_RBUF_LEN]; |
843 | ssize_t len; | 845 | ssize_t len; |
844 | int r; | 846 | int r; |
845 | 847 | ||
@@ -946,6 +948,7 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds) | |||
946 | struct pollfd *pfd = *pfdp; | 948 | struct pollfd *pfd = *pfdp; |
947 | size_t i, j, npfd = 0; | 949 | size_t i, j, npfd = 0; |
948 | time_t deadline; | 950 | time_t deadline; |
951 | int r; | ||
949 | 952 | ||
950 | /* Count active sockets */ | 953 | /* Count active sockets */ |
951 | for (i = 0; i < sockets_alloc; i++) { | 954 | for (i = 0; i < sockets_alloc; i++) { |
@@ -983,8 +986,19 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds) | |||
983 | case AUTH_CONNECTION: | 986 | case AUTH_CONNECTION: |
984 | pfd[j].fd = sockets[i].fd; | 987 | pfd[j].fd = sockets[i].fd; |
985 | pfd[j].revents = 0; | 988 | pfd[j].revents = 0; |
986 | /* XXX backoff when input buffer full */ | 989 | /* |
987 | pfd[j].events = POLLIN; | 990 | * Only prepare to read if we can handle a full-size |
991 | * input read buffer and enqueue a max size reply.. | ||
992 | */ | ||
993 | if ((r = sshbuf_check_reserve(sockets[i].input, | ||
994 | AGENT_RBUF_LEN)) == 0 && | ||
995 | (r = sshbuf_check_reserve(sockets[i].output, | ||
996 | AGENT_MAX_LEN)) == 0) | ||
997 | pfd[j].events = POLLIN; | ||
998 | else if (r != SSH_ERR_NO_BUFFER_SPACE) { | ||
999 | fatal("%s: buffer error: %s", | ||
1000 | __func__, ssh_err(r)); | ||
1001 | } | ||
988 | if (sshbuf_len(sockets[i].output) > 0) | 1002 | if (sshbuf_len(sockets[i].output) > 0) |
989 | pfd[j].events |= POLLOUT; | 1003 | pfd[j].events |= POLLOUT; |
990 | j++; | 1004 | j++; |
@@ -1095,10 +1109,6 @@ main(int ac, char **av) | |||
1095 | if (getrlimit(RLIMIT_NOFILE, &rlim) == -1) | 1109 | if (getrlimit(RLIMIT_NOFILE, &rlim) == -1) |
1096 | fatal("%s: getrlimit: %s", __progname, strerror(errno)); | 1110 | fatal("%s: getrlimit: %s", __progname, strerror(errno)); |
1097 | 1111 | ||
1098 | #ifdef WITH_OPENSSL | ||
1099 | OpenSSL_add_all_algorithms(); | ||
1100 | #endif | ||
1101 | |||
1102 | __progname = ssh_get_progname(av[0]); | 1112 | __progname = ssh_get_progname(av[0]); |
1103 | seed_rng(); | 1113 | seed_rng(); |
1104 | 1114 | ||
@@ -1199,7 +1209,7 @@ main(int ac, char **av) | |||
1199 | */ | 1209 | */ |
1200 | #define SSH_AGENT_MIN_FDS (3+1+1+1+4) | 1210 | #define SSH_AGENT_MIN_FDS (3+1+1+1+4) |
1201 | if (rlim.rlim_cur < SSH_AGENT_MIN_FDS) | 1211 | if (rlim.rlim_cur < SSH_AGENT_MIN_FDS) |
1202 | fatal("%s: file descriptior rlimit %lld too low (minimum %u)", | 1212 | fatal("%s: file descriptor rlimit %lld too low (minimum %u)", |
1203 | __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS); | 1213 | __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS); |
1204 | maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS; | 1214 | maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS; |
1205 | 1215 | ||
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index 2f5531752..599c7199d 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ecdsa.c,v 1.14 2018/02/07 02:06:51 jsing Exp $ */ | 1 | /* $OpenBSD: ssh-ecdsa.c,v 1.16 2019/01/21 09:54:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -151,15 +151,13 @@ ssh_ecdsa_verify(const struct sshkey *key, | |||
151 | } | 151 | } |
152 | 152 | ||
153 | /* parse signature */ | 153 | /* parse signature */ |
154 | if ((sig = ECDSA_SIG_new()) == NULL || | 154 | if (sshbuf_get_bignum2(sigbuf, &sig_r) != 0 || |
155 | (sig_r = BN_new()) == NULL || | 155 | sshbuf_get_bignum2(sigbuf, &sig_s) != 0) { |
156 | (sig_s = BN_new()) == NULL) { | 156 | ret = SSH_ERR_INVALID_FORMAT; |
157 | ret = SSH_ERR_ALLOC_FAIL; | ||
158 | goto out; | 157 | goto out; |
159 | } | 158 | } |
160 | if (sshbuf_get_bignum2(sigbuf, sig_r) != 0 || | 159 | if ((sig = ECDSA_SIG_new()) == NULL) { |
161 | sshbuf_get_bignum2(sigbuf, sig_s) != 0) { | 160 | ret = SSH_ERR_ALLOC_FAIL; |
162 | ret = SSH_ERR_INVALID_FORMAT; | ||
163 | goto out; | 161 | goto out; |
164 | } | 162 | } |
165 | if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) { | 163 | if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) { |
@@ -70,7 +70,15 @@ | |||
70 | #define SSH2_MSG_KEXGSS_GROUP 41 | 70 | #define SSH2_MSG_KEXGSS_GROUP 41 |
71 | #define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" | 71 | #define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" |
72 | #define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" | 72 | #define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" |
73 | #define KEX_GSS_GRP14_SHA256_ID "gss-group14-sha256-" | ||
74 | #define KEX_GSS_GRP16_SHA512_ID "gss-group16-sha512-" | ||
73 | #define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" | 75 | #define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" |
76 | #define KEX_GSS_NISTP256_SHA256_ID "gss-nistp256-sha256-" | ||
77 | #define KEX_GSS_C25519_SHA256_ID "gss-curve25519-sha256-" | ||
78 | |||
79 | #define GSS_KEX_DEFAULT_KEX \ | ||
80 | KEX_GSS_GEX_SHA1_ID "," \ | ||
81 | KEX_GSS_GRP14_SHA1_ID | ||
74 | 82 | ||
75 | typedef struct { | 83 | typedef struct { |
76 | char *filename; | 84 | char *filename; |
@@ -126,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); | |||
126 | 134 | ||
127 | struct sshbuf; | 135 | struct sshbuf; |
128 | int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); | 136 | int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *); |
137 | int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *); | ||
129 | 138 | ||
130 | OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); | 139 | OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); |
131 | OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, | 140 | OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, |
@@ -145,16 +154,16 @@ OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); | |||
145 | int ssh_gssapi_credentials_updated(Gssctxt *); | 154 | int ssh_gssapi_credentials_updated(Gssctxt *); |
146 | 155 | ||
147 | /* In the server */ | 156 | /* In the server */ |
148 | typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, | 157 | typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, |
149 | const char *); | 158 | const char *); |
150 | char *ssh_gssapi_client_mechanisms(const char *, const char *); | 159 | char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *); |
151 | char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, | 160 | char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, |
152 | const char *); | 161 | const char *, const char *); |
153 | gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); | 162 | gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); |
154 | int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, | 163 | int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, |
155 | const char *); | 164 | const char *); |
156 | OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 165 | OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
157 | int ssh_gssapi_userok(char *name, struct passwd *); | 166 | int ssh_gssapi_userok(char *name, struct passwd *, int kex); |
158 | OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); | 167 | OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); |
159 | void ssh_gssapi_do_child(char ***, u_int *); | 168 | void ssh_gssapi_do_child(char ***, u_int *); |
160 | void ssh_gssapi_cleanup_creds(void); | 169 | void ssh_gssapi_cleanup_creds(void); |
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 906a338c4..1fe19f0b6 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -6,7 +6,9 @@ NAME | |||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] | 7 | ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] |
8 | [-N new_passphrase] [-C comment] [-f output_keyfile] | 8 | [-N new_passphrase] [-C comment] [-f output_keyfile] |
9 | [-m format] | ||
9 | ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] | 10 | ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] |
11 | [-m format] | ||
10 | ssh-keygen -i [-m key_format] [-f input_keyfile] | 12 | ssh-keygen -i [-m key_format] [-f input_keyfile] |
11 | ssh-keygen -e [-m key_format] [-f input_keyfile] | 13 | ssh-keygen -e [-m key_format] [-f input_keyfile] |
12 | ssh-keygen -y [-f input_keyfile] | 14 | ssh-keygen -y [-f input_keyfile] |
@@ -68,11 +70,17 @@ DESCRIPTION | |||
68 | or forgotten, a new key must be generated and the corresponding public | 70 | or forgotten, a new key must be generated and the corresponding public |
69 | key copied to other machines. | 71 | key copied to other machines. |
70 | 72 | ||
71 | For keys stored in the newer OpenSSH format, there is also a comment | 73 | ssh-keygen will by default write keys in an OpenSSH-specific format. |
72 | field in the key file that is only for convenience to the user to help | 74 | This format is preferred as it offers better protection for keys at rest |
73 | identify the key. The comment can tell what the key is for, or whatever | 75 | as well as allowing storage of key comments within the private key file |
74 | is useful. The comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is | 76 | itself. The key comment may be useful to help identify the key. The |
75 | created, but can be changed using the -c option. | 77 | comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be |
78 | changed using the -c option. | ||
79 | |||
80 | It is still possible for ssh-keygen to write the previously-used PEM | ||
81 | format private keys using the -m flag. This may be used when generating | ||
82 | new keys, and existing new-format keys may be converted using this option | ||
83 | in conjunction with the -p (change passphrase) flag. | ||
76 | 84 | ||
77 | After a key is generated, instructions below detail where the keys should | 85 | After a key is generated, instructions below detail where the keys should |
78 | be placed to be activated. | 86 | be placed to be activated. |
@@ -119,10 +127,10 @@ DESCRIPTION | |||
119 | new comment. | 127 | new comment. |
120 | 128 | ||
121 | -D pkcs11 | 129 | -D pkcs11 |
122 | Download the RSA public keys provided by the PKCS#11 shared | 130 | Download the public keys provided by the PKCS#11 shared library |
123 | library pkcs11. When used in combination with -s, this option | 131 | pkcs11. When used in combination with -s, this option indicates |
124 | indicates that a CA key resides in a PKCS#11 token (see the | 132 | that a CA key resides in a PKCS#11 token (see the CERTIFICATES |
125 | CERTIFICATES section for details). | 133 | section for details). |
126 | 134 | ||
127 | -E fingerprint_hash | 135 | -E fingerprint_hash |
128 | Specifies the hash algorithm used when displaying key | 136 | Specifies the hash algorithm used when displaying key |
@@ -130,16 +138,17 @@ DESCRIPTION | |||
130 | default is M-bM-^@M-^\sha256M-bM-^@M-^]. | 138 | default is M-bM-^@M-^\sha256M-bM-^@M-^]. |
131 | 139 | ||
132 | -e This option will read a private or public OpenSSH key file and | 140 | -e This option will read a private or public OpenSSH key file and |
133 | print to stdout the key in one of the formats specified by the -m | 141 | print to stdout a public key in one of the formats specified by |
134 | option. The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. This option | 142 | the -m option. The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. This |
135 | allows exporting OpenSSH keys for use by other programs, | 143 | option allows exporting OpenSSH keys for use by other programs, |
136 | including several commercial SSH implementations. | 144 | including several commercial SSH implementations. |
137 | 145 | ||
138 | -F hostname | 146 | -F hostname | [hostname]:port |
139 | Search for the specified hostname in a known_hosts file, listing | 147 | Search for the specified hostname (with optional port number) in |
140 | any occurrences found. This option is useful to find hashed host | 148 | a known_hosts file, listing any occurrences found. This option |
141 | names or addresses and may also be used in conjunction with the | 149 | is useful to find hashed host names or addresses and may also be |
142 | -H option to print found keys in a hashed format. | 150 | used in conjunction with the -H option to print found keys in a |
151 | hashed format. | ||
143 | 152 | ||
144 | -f filename | 153 | -f filename |
145 | Specifies the filename of the key file. | 154 | Specifies the filename of the key file. |
@@ -206,13 +215,16 @@ DESCRIPTION | |||
206 | generating candidate moduli for DH-GEX. | 215 | generating candidate moduli for DH-GEX. |
207 | 216 | ||
208 | -m key_format | 217 | -m key_format |
209 | Specify a key format for the -i (import) or -e (export) | 218 | Specify a key format for key generation, the -i (import), -e |
210 | conversion options. The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] | 219 | (export) conversion options, and the -p change passphrase |
211 | (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public | 220 | operation. The latter may be used to convert between OpenSSH |
212 | key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). The default conversion format is | 221 | private key and PEM private key formats. The supported key |
213 | M-bM-^@M-^\RFC4716M-bM-^@M-^]. Setting a format of M-bM-^@M-^\PEMM-bM-^@M-^] when generating or updating | 222 | formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] (RFC 4716/SSH2 public or private key), |
214 | a supported private key type will cause the key to be stored in | 223 | M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). The |
215 | the legacy PEM private key format. | 224 | default conversion format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. Setting a format of |
225 | M-bM-^@M-^\PEMM-bM-^@M-^] when generating or updating a supported private key type | ||
226 | will cause the key to be stored in the legacy PEM private key | ||
227 | format. | ||
216 | 228 | ||
217 | -N new_passphrase | 229 | -N new_passphrase |
218 | Provides the new passphrase. | 230 | Provides the new passphrase. |
@@ -301,10 +313,10 @@ DESCRIPTION | |||
301 | 313 | ||
302 | -q Silence ssh-keygen. | 314 | -q Silence ssh-keygen. |
303 | 315 | ||
304 | -R hostname | 316 | -R hostname | [hostname]:port |
305 | Removes all keys belonging to hostname from a known_hosts file. | 317 | Removes all keys belonging to the specified hostname (with |
306 | This option is useful to delete hashed hosts (see the -H option | 318 | optional port number) from a known_hosts file. This option is |
307 | above). | 319 | useful to delete hashed hosts (see the -H option above). |
308 | 320 | ||
309 | -r hostname | 321 | -r hostname |
310 | Print the SSHFP fingerprint resource record named hostname for | 322 | Print the SSHFP fingerprint resource record named hostname for |
@@ -378,8 +390,10 @@ DESCRIPTION | |||
378 | 390 | ||
379 | -z serial_number | 391 | -z serial_number |
380 | Specifies a serial number to be embedded in the certificate to | 392 | Specifies a serial number to be embedded in the certificate to |
381 | distinguish this certificate from others from the same CA. The | 393 | distinguish this certificate from others from the same CA. If |
382 | default serial number is zero. | 394 | the serial_number is prefixed with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the |
395 | serial number will be incremented for each certificate signed on | ||
396 | a single command-line. The default serial number is zero. | ||
383 | 397 | ||
384 | When generating a KRL, the -z flag is used to specify a KRL | 398 | When generating a KRL, the -z flag is used to specify a KRL |
385 | version number. | 399 | version number. |
@@ -582,4 +596,4 @@ AUTHORS | |||
582 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 596 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
583 | versions 1.5 and 2.0. | 597 | versions 1.5 and 2.0. |
584 | 598 | ||
585 | OpenBSD 6.4 September 12, 2018 OpenBSD 6.4 | 599 | OpenBSD 6.5 March 5, 2019 OpenBSD 6.5 |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index da6b5ed76..9b877b860 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.150 2018/09/12 06:18:59 djm Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.157 2019/03/05 16:17:12 naddy Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: September 12 2018 $ | 38 | .Dd $Mdocdate: March 5 2019 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -50,11 +50,13 @@ | |||
50 | .Op Fl N Ar new_passphrase | 50 | .Op Fl N Ar new_passphrase |
51 | .Op Fl C Ar comment | 51 | .Op Fl C Ar comment |
52 | .Op Fl f Ar output_keyfile | 52 | .Op Fl f Ar output_keyfile |
53 | .Op Fl m Ar format | ||
53 | .Nm ssh-keygen | 54 | .Nm ssh-keygen |
54 | .Fl p | 55 | .Fl p |
55 | .Op Fl P Ar old_passphrase | 56 | .Op Fl P Ar old_passphrase |
56 | .Op Fl N Ar new_passphrase | 57 | .Op Fl N Ar new_passphrase |
57 | .Op Fl f Ar keyfile | 58 | .Op Fl f Ar keyfile |
59 | .Op Fl m Ar format | ||
58 | .Nm ssh-keygen | 60 | .Nm ssh-keygen |
59 | .Fl i | 61 | .Fl i |
60 | .Op Fl m Ar key_format | 62 | .Op Fl m Ar key_format |
@@ -203,16 +205,28 @@ There is no way to recover a lost passphrase. | |||
203 | If the passphrase is lost or forgotten, a new key must be generated | 205 | If the passphrase is lost or forgotten, a new key must be generated |
204 | and the corresponding public key copied to other machines. | 206 | and the corresponding public key copied to other machines. |
205 | .Pp | 207 | .Pp |
206 | For keys stored in the newer OpenSSH format, | 208 | .Nm |
207 | there is also a comment field in the key file that is only for | 209 | will by default write keys in an OpenSSH-specific format. |
208 | convenience to the user to help identify the key. | 210 | This format is preferred as it offers better protection for |
209 | The comment can tell what the key is for, or whatever is useful. | 211 | keys at rest as well as allowing storage of key comments within |
212 | the private key file itself. | ||
213 | The key comment may be useful to help identify the key. | ||
210 | The comment is initialized to | 214 | The comment is initialized to |
211 | .Dq user@host | 215 | .Dq user@host |
212 | when the key is created, but can be changed using the | 216 | when the key is created, but can be changed using the |
213 | .Fl c | 217 | .Fl c |
214 | option. | 218 | option. |
215 | .Pp | 219 | .Pp |
220 | It is still possible for | ||
221 | .Nm | ||
222 | to write the previously-used PEM format private keys using the | ||
223 | .Fl m | ||
224 | flag. | ||
225 | This may be used when generating new keys, and existing new-format | ||
226 | keys may be converted using this option in conjunction with the | ||
227 | .Fl p | ||
228 | (change passphrase) flag. | ||
229 | .Pp | ||
216 | After a key is generated, instructions below detail where the keys | 230 | After a key is generated, instructions below detail where the keys |
217 | should be placed to be activated. | 231 | should be placed to be activated. |
218 | .Pp | 232 | .Pp |
@@ -261,7 +275,7 @@ Requests changing the comment in the private and public key files. | |||
261 | The program will prompt for the file containing the private keys, for | 275 | The program will prompt for the file containing the private keys, for |
262 | the passphrase if the key has one, and for the new comment. | 276 | the passphrase if the key has one, and for the new comment. |
263 | .It Fl D Ar pkcs11 | 277 | .It Fl D Ar pkcs11 |
264 | Download the RSA public keys provided by the PKCS#11 shared library | 278 | Download the public keys provided by the PKCS#11 shared library |
265 | .Ar pkcs11 . | 279 | .Ar pkcs11 . |
266 | When used in combination with | 280 | When used in combination with |
267 | .Fl s , | 281 | .Fl s , |
@@ -278,16 +292,17 @@ The default is | |||
278 | .Dq sha256 . | 292 | .Dq sha256 . |
279 | .It Fl e | 293 | .It Fl e |
280 | This option will read a private or public OpenSSH key file and | 294 | This option will read a private or public OpenSSH key file and |
281 | print to stdout the key in one of the formats specified by the | 295 | print to stdout a public key in one of the formats specified by the |
282 | .Fl m | 296 | .Fl m |
283 | option. | 297 | option. |
284 | The default export format is | 298 | The default export format is |
285 | .Dq RFC4716 . | 299 | .Dq RFC4716 . |
286 | This option allows exporting OpenSSH keys for use by other programs, including | 300 | This option allows exporting OpenSSH keys for use by other programs, including |
287 | several commercial SSH implementations. | 301 | several commercial SSH implementations. |
288 | .It Fl F Ar hostname | 302 | .It Fl F Ar hostname | [hostname]:port |
289 | Search for the specified | 303 | Search for the specified |
290 | .Ar hostname | 304 | .Ar hostname |
305 | (with optional port number) | ||
291 | in a | 306 | in a |
292 | .Pa known_hosts | 307 | .Pa known_hosts |
293 | file, listing any occurrences found. | 308 | file, listing any occurrences found. |
@@ -387,11 +402,15 @@ fingerprint. | |||
387 | Specify the amount of memory to use (in megabytes) when generating | 402 | Specify the amount of memory to use (in megabytes) when generating |
388 | candidate moduli for DH-GEX. | 403 | candidate moduli for DH-GEX. |
389 | .It Fl m Ar key_format | 404 | .It Fl m Ar key_format |
390 | Specify a key format for the | 405 | Specify a key format for key generation, the |
391 | .Fl i | 406 | .Fl i |
392 | (import) or | 407 | (import), |
393 | .Fl e | 408 | .Fl e |
394 | (export) conversion options. | 409 | (export) conversion options, and the |
410 | .Fl p | ||
411 | change passphrase operation. | ||
412 | The latter may be used to convert between OpenSSH private key and PEM | ||
413 | private key formats. | ||
395 | The supported key formats are: | 414 | The supported key formats are: |
396 | .Dq RFC4716 | 415 | .Dq RFC4716 |
397 | (RFC 4716/SSH2 public or private key), | 416 | (RFC 4716/SSH2 public or private key), |
@@ -513,9 +532,10 @@ Test whether keys have been revoked in a KRL. | |||
513 | .It Fl q | 532 | .It Fl q |
514 | Silence | 533 | Silence |
515 | .Nm ssh-keygen . | 534 | .Nm ssh-keygen . |
516 | .It Fl R Ar hostname | 535 | .It Fl R Ar hostname | [hostname]:port |
517 | Removes all keys belonging to | 536 | Removes all keys belonging to the specified |
518 | .Ar hostname | 537 | .Ar hostname |
538 | (with optional port number) | ||
519 | from a | 539 | from a |
520 | .Pa known_hosts | 540 | .Pa known_hosts |
521 | file. | 541 | file. |
@@ -616,6 +636,12 @@ OpenSSH format file and print an OpenSSH public key to stdout. | |||
616 | .It Fl z Ar serial_number | 636 | .It Fl z Ar serial_number |
617 | Specifies a serial number to be embedded in the certificate to distinguish | 637 | Specifies a serial number to be embedded in the certificate to distinguish |
618 | this certificate from others from the same CA. | 638 | this certificate from others from the same CA. |
639 | If the | ||
640 | .Ar serial_number | ||
641 | is prefixed with a | ||
642 | .Sq + | ||
643 | character, then the serial number will be incremented for each certificate | ||
644 | signed on a single command-line. | ||
619 | The default serial number is zero. | 645 | The default serial number is zero. |
620 | .Pp | 646 | .Pp |
621 | When generating a KRL, the | 647 | When generating a KRL, the |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 46b3af5a8..3898b281e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.322 2018/09/14 04:17:44 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.329 2019/03/25 16:19:44 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -67,79 +67,52 @@ | |||
67 | # define DEFAULT_KEY_TYPE_NAME "ed25519" | 67 | # define DEFAULT_KEY_TYPE_NAME "ed25519" |
68 | #endif | 68 | #endif |
69 | 69 | ||
70 | /* Number of bits in the RSA/DSA key. This value can be set on the command line. */ | ||
71 | #define DEFAULT_BITS 2048 | ||
72 | #define DEFAULT_BITS_DSA 1024 | ||
73 | #define DEFAULT_BITS_ECDSA 256 | ||
74 | u_int32_t bits = 0; | ||
75 | |||
76 | /* | 70 | /* |
77 | * Flag indicating that we just want to change the passphrase. This can be | 71 | * Default number of bits in the RSA, DSA and ECDSA keys. These value can be |
78 | * set on the command line. | 72 | * overridden on the command line. |
79 | */ | 73 | * |
80 | int change_passphrase = 0; | 74 | * These values, with the exception of DSA, provide security equivalent to at |
81 | 75 | * least 128 bits of security according to NIST Special Publication 800-57: | |
82 | /* | 76 | * Recommendation for Key Management Part 1 rev 4 section 5.6.1. |
83 | * Flag indicating that we just want to change the comment. This can be set | 77 | * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for |
84 | * on the command line. | 78 | * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only |
79 | * SHA1 we limit the DSA key size 1k bits. | ||
85 | */ | 80 | */ |
86 | int change_comment = 0; | 81 | #define DEFAULT_BITS 3072 |
87 | 82 | #define DEFAULT_BITS_DSA 1024 | |
88 | int quiet = 0; | 83 | #define DEFAULT_BITS_ECDSA 256 |
89 | |||
90 | int log_level = SYSLOG_LEVEL_INFO; | ||
91 | |||
92 | /* Flag indicating that we want to hash a known_hosts file */ | ||
93 | int hash_hosts = 0; | ||
94 | /* Flag indicating that we want lookup a host in known_hosts file */ | ||
95 | int find_host = 0; | ||
96 | /* Flag indicating that we want to delete a host from a known_hosts file */ | ||
97 | int delete_host = 0; | ||
98 | 84 | ||
99 | /* Flag indicating that we want to show the contents of a certificate */ | 85 | static int quiet = 0; |
100 | int show_cert = 0; | ||
101 | 86 | ||
102 | /* Flag indicating that we just want to see the key fingerprint */ | 87 | /* Flag indicating that we just want to see the key fingerprint */ |
103 | int print_fingerprint = 0; | 88 | static int print_fingerprint = 0; |
104 | int print_bubblebabble = 0; | 89 | static int print_bubblebabble = 0; |
105 | 90 | ||
106 | /* Hash algorithm to use for fingerprints. */ | 91 | /* Hash algorithm to use for fingerprints. */ |
107 | int fingerprint_hash = SSH_FP_HASH_DEFAULT; | 92 | static int fingerprint_hash = SSH_FP_HASH_DEFAULT; |
108 | 93 | ||
109 | /* The identity file name, given on the command line or entered by the user. */ | 94 | /* The identity file name, given on the command line or entered by the user. */ |
110 | char identity_file[1024]; | 95 | static char identity_file[1024]; |
111 | int have_identity = 0; | 96 | static int have_identity = 0; |
112 | 97 | ||
113 | /* This is set to the passphrase if given on the command line. */ | 98 | /* This is set to the passphrase if given on the command line. */ |
114 | char *identity_passphrase = NULL; | 99 | static char *identity_passphrase = NULL; |
115 | 100 | ||
116 | /* This is set to the new passphrase if given on the command line. */ | 101 | /* This is set to the new passphrase if given on the command line. */ |
117 | char *identity_new_passphrase = NULL; | 102 | static char *identity_new_passphrase = NULL; |
118 | |||
119 | /* This is set to the new comment if given on the command line. */ | ||
120 | char *identity_comment = NULL; | ||
121 | |||
122 | /* Path to CA key when certifying keys. */ | ||
123 | char *ca_key_path = NULL; | ||
124 | |||
125 | /* Prefer to use agent keys for CA signing */ | ||
126 | int prefer_agent = 0; | ||
127 | |||
128 | /* Certificate serial number */ | ||
129 | unsigned long long cert_serial = 0; | ||
130 | 103 | ||
131 | /* Key type when certifying */ | 104 | /* Key type when certifying */ |
132 | u_int cert_key_type = SSH2_CERT_TYPE_USER; | 105 | static u_int cert_key_type = SSH2_CERT_TYPE_USER; |
133 | 106 | ||
134 | /* "key ID" of signed key */ | 107 | /* "key ID" of signed key */ |
135 | char *cert_key_id = NULL; | 108 | static char *cert_key_id = NULL; |
136 | 109 | ||
137 | /* Comma-separated list of principal names for certifying keys */ | 110 | /* Comma-separated list of principal names for certifying keys */ |
138 | char *cert_principals = NULL; | 111 | static char *cert_principals = NULL; |
139 | 112 | ||
140 | /* Validity period for certificates */ | 113 | /* Validity period for certificates */ |
141 | u_int64_t cert_valid_from = 0; | 114 | static u_int64_t cert_valid_from = 0; |
142 | u_int64_t cert_valid_to = ~0ULL; | 115 | static u_int64_t cert_valid_to = ~0ULL; |
143 | 116 | ||
144 | /* Certificate options */ | 117 | /* Certificate options */ |
145 | #define CERTOPT_X_FWD (1) | 118 | #define CERTOPT_X_FWD (1) |
@@ -149,9 +122,9 @@ u_int64_t cert_valid_to = ~0ULL; | |||
149 | #define CERTOPT_USER_RC (1<<4) | 122 | #define CERTOPT_USER_RC (1<<4) |
150 | #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ | 123 | #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ |
151 | CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) | 124 | CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) |
152 | u_int32_t certflags_flags = CERTOPT_DEFAULT; | 125 | static u_int32_t certflags_flags = CERTOPT_DEFAULT; |
153 | char *certflags_command = NULL; | 126 | static char *certflags_command = NULL; |
154 | char *certflags_src_addr = NULL; | 127 | static char *certflags_src_addr = NULL; |
155 | 128 | ||
156 | /* Arbitrary extensions specified by user */ | 129 | /* Arbitrary extensions specified by user */ |
157 | struct cert_userext { | 130 | struct cert_userext { |
@@ -159,41 +132,37 @@ struct cert_userext { | |||
159 | char *val; | 132 | char *val; |
160 | int crit; | 133 | int crit; |
161 | }; | 134 | }; |
162 | struct cert_userext *cert_userext; | 135 | static struct cert_userext *cert_userext; |
163 | size_t ncert_userext; | 136 | static size_t ncert_userext; |
164 | 137 | ||
165 | /* Conversion to/from various formats */ | 138 | /* Conversion to/from various formats */ |
166 | int convert_to = 0; | ||
167 | int convert_from = 0; | ||
168 | enum { | 139 | enum { |
169 | FMT_RFC4716, | 140 | FMT_RFC4716, |
170 | FMT_PKCS8, | 141 | FMT_PKCS8, |
171 | FMT_PEM | 142 | FMT_PEM |
172 | } convert_format = FMT_RFC4716; | 143 | } convert_format = FMT_RFC4716; |
173 | int print_public = 0; | ||
174 | int print_generic = 0; | ||
175 | 144 | ||
176 | char *key_type_name = NULL; | 145 | static char *key_type_name = NULL; |
177 | 146 | ||
178 | /* Load key from this PKCS#11 provider */ | 147 | /* Load key from this PKCS#11 provider */ |
179 | char *pkcs11provider = NULL; | 148 | static char *pkcs11provider = NULL; |
180 | 149 | ||
181 | /* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */ | 150 | /* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */ |
182 | int use_new_format = 1; | 151 | static int use_new_format = 1; |
183 | 152 | ||
184 | /* Cipher for new-format private keys */ | 153 | /* Cipher for new-format private keys */ |
185 | char *new_format_cipher = NULL; | 154 | static char *new_format_cipher = NULL; |
186 | 155 | ||
187 | /* | 156 | /* |
188 | * Number of KDF rounds to derive new format keys / | 157 | * Number of KDF rounds to derive new format keys / |
189 | * number of primality trials when screening moduli. | 158 | * number of primality trials when screening moduli. |
190 | */ | 159 | */ |
191 | int rounds = 0; | 160 | static int rounds = 0; |
192 | 161 | ||
193 | /* argv0 */ | 162 | /* argv0 */ |
194 | extern char *__progname; | 163 | extern char *__progname; |
195 | 164 | ||
196 | char hostname[NI_MAXHOST]; | 165 | static char hostname[NI_MAXHOST]; |
197 | 166 | ||
198 | #ifdef WITH_OPENSSL | 167 | #ifdef WITH_OPENSSL |
199 | /* moduli.c */ | 168 | /* moduli.c */ |
@@ -243,7 +212,11 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) | |||
243 | case KEY_ECDSA: | 212 | case KEY_ECDSA: |
244 | if (sshkey_ecdsa_bits_to_nid(*bitsp) == -1) | 213 | if (sshkey_ecdsa_bits_to_nid(*bitsp) == -1) |
245 | fatal("Invalid ECDSA key length: valid lengths are " | 214 | fatal("Invalid ECDSA key length: valid lengths are " |
215 | #ifdef OPENSSL_HAS_NISTP521 | ||
246 | "256, 384 or 521 bits"); | 216 | "256, 384 or 521 bits"); |
217 | #else | ||
218 | "256 or 384 bits"); | ||
219 | #endif | ||
247 | } | 220 | } |
248 | #endif | 221 | #endif |
249 | } | 222 | } |
@@ -806,7 +779,7 @@ do_download(struct passwd *pw) | |||
806 | fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; | 779 | fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; |
807 | rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; | 780 | rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
808 | 781 | ||
809 | pkcs11_init(0); | 782 | pkcs11_init(1); |
810 | nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); | 783 | nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); |
811 | if (nkeys <= 0) | 784 | if (nkeys <= 0) |
812 | fatal("cannot read public key from pkcs11"); | 785 | fatal("cannot read public key from pkcs11"); |
@@ -819,7 +792,7 @@ do_download(struct passwd *pw) | |||
819 | fatal("%s: sshkey_fingerprint fail", __func__); | 792 | fatal("%s: sshkey_fingerprint fail", __func__); |
820 | printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]), | 793 | printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]), |
821 | fp, sshkey_type(keys[i])); | 794 | fp, sshkey_type(keys[i])); |
822 | if (log_level >= SYSLOG_LEVEL_VERBOSE) | 795 | if (log_level_get() >= SYSLOG_LEVEL_VERBOSE) |
823 | printf("%s\n", ra); | 796 | printf("%s\n", ra); |
824 | free(ra); | 797 | free(ra); |
825 | free(fp); | 798 | free(fp); |
@@ -867,7 +840,7 @@ fingerprint_one_key(const struct sshkey *public, const char *comment) | |||
867 | fatal("%s: sshkey_fingerprint failed", __func__); | 840 | fatal("%s: sshkey_fingerprint failed", __func__); |
868 | mprintf("%u %s %s (%s)\n", sshkey_size(public), fp, | 841 | mprintf("%u %s %s (%s)\n", sshkey_size(public), fp, |
869 | comment ? comment : "no comment", sshkey_type(public)); | 842 | comment ? comment : "no comment", sshkey_type(public)); |
870 | if (log_level >= SYSLOG_LEVEL_VERBOSE) | 843 | if (log_level_get() >= SYSLOG_LEVEL_VERBOSE) |
871 | printf("%s\n", ra); | 844 | printf("%s\n", ra); |
872 | free(ra); | 845 | free(ra); |
873 | free(fp); | 846 | free(fp); |
@@ -1015,6 +988,7 @@ do_gen_all_hostkeys(struct passwd *pw) | |||
1015 | { NULL, NULL, NULL } | 988 | { NULL, NULL, NULL } |
1016 | }; | 989 | }; |
1017 | 990 | ||
991 | u_int bits = 0; | ||
1018 | int first = 0; | 992 | int first = 0; |
1019 | struct stat st; | 993 | struct stat st; |
1020 | struct sshkey *private, *public; | 994 | struct sshkey *private, *public; |
@@ -1138,6 +1112,9 @@ struct known_hosts_ctx { | |||
1138 | int has_unhashed; /* When hashing, original had unhashed hosts */ | 1112 | int has_unhashed; /* When hashing, original had unhashed hosts */ |
1139 | int found_key; /* For find/delete, host was found */ | 1113 | int found_key; /* For find/delete, host was found */ |
1140 | int invalid; /* File contained invalid items; don't delete */ | 1114 | int invalid; /* File contained invalid items; don't delete */ |
1115 | int hash_hosts; /* Hash hostnames as we go */ | ||
1116 | int find_host; /* Search for specific hostname */ | ||
1117 | int delete_host; /* Delete host from known_hosts */ | ||
1141 | }; | 1118 | }; |
1142 | 1119 | ||
1143 | static int | 1120 | static int |
@@ -1157,7 +1134,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) | |||
1157 | */ | 1134 | */ |
1158 | if (was_hashed || has_wild || l->marker != MRK_NONE) { | 1135 | if (was_hashed || has_wild || l->marker != MRK_NONE) { |
1159 | fprintf(ctx->out, "%s\n", l->line); | 1136 | fprintf(ctx->out, "%s\n", l->line); |
1160 | if (has_wild && !find_host) { | 1137 | if (has_wild && !ctx->find_host) { |
1161 | logit("%s:%lu: ignoring host name " | 1138 | logit("%s:%lu: ignoring host name " |
1162 | "with wildcard: %.64s", l->path, | 1139 | "with wildcard: %.64s", l->path, |
1163 | l->linenum, l->hosts); | 1140 | l->linenum, l->hosts); |
@@ -1203,7 +1180,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
1203 | rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; | 1180 | rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
1204 | 1181 | ||
1205 | if (l->status == HKF_STATUS_MATCHED) { | 1182 | if (l->status == HKF_STATUS_MATCHED) { |
1206 | if (delete_host) { | 1183 | if (ctx->delete_host) { |
1207 | if (l->marker != MRK_NONE) { | 1184 | if (l->marker != MRK_NONE) { |
1208 | /* Don't remove CA and revocation lines */ | 1185 | /* Don't remove CA and revocation lines */ |
1209 | fprintf(ctx->out, "%s\n", l->line); | 1186 | fprintf(ctx->out, "%s\n", l->line); |
@@ -1219,7 +1196,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
1219 | ctx->host, l->linenum); | 1196 | ctx->host, l->linenum); |
1220 | } | 1197 | } |
1221 | return 0; | 1198 | return 0; |
1222 | } else if (find_host) { | 1199 | } else if (ctx->find_host) { |
1223 | ctx->found_key = 1; | 1200 | ctx->found_key = 1; |
1224 | if (!quiet) { | 1201 | if (!quiet) { |
1225 | printf("# Host %s found: line %lu %s\n", | 1202 | printf("# Host %s found: line %lu %s\n", |
@@ -1227,7 +1204,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
1227 | l->linenum, l->marker == MRK_CA ? "CA" : | 1204 | l->linenum, l->marker == MRK_CA ? "CA" : |
1228 | (l->marker == MRK_REVOKE ? "REVOKED" : "")); | 1205 | (l->marker == MRK_REVOKE ? "REVOKED" : "")); |
1229 | } | 1206 | } |
1230 | if (hash_hosts) | 1207 | if (ctx->hash_hosts) |
1231 | known_hosts_hash(l, ctx); | 1208 | known_hosts_hash(l, ctx); |
1232 | else if (print_fingerprint) { | 1209 | else if (print_fingerprint) { |
1233 | fp = sshkey_fingerprint(l->key, fptype, rep); | 1210 | fp = sshkey_fingerprint(l->key, fptype, rep); |
@@ -1238,7 +1215,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
1238 | fprintf(ctx->out, "%s\n", l->line); | 1215 | fprintf(ctx->out, "%s\n", l->line); |
1239 | return 0; | 1216 | return 0; |
1240 | } | 1217 | } |
1241 | } else if (delete_host) { | 1218 | } else if (ctx->delete_host) { |
1242 | /* Retain non-matching hosts when deleting */ | 1219 | /* Retain non-matching hosts when deleting */ |
1243 | if (l->status == HKF_STATUS_INVALID) { | 1220 | if (l->status == HKF_STATUS_INVALID) { |
1244 | ctx->invalid = 1; | 1221 | ctx->invalid = 1; |
@@ -1250,7 +1227,8 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
1250 | } | 1227 | } |
1251 | 1228 | ||
1252 | static void | 1229 | static void |
1253 | do_known_hosts(struct passwd *pw, const char *name) | 1230 | do_known_hosts(struct passwd *pw, const char *name, int find_host, |
1231 | int delete_host, int hash_hosts) | ||
1254 | { | 1232 | { |
1255 | char *cp, tmp[PATH_MAX], old[PATH_MAX]; | 1233 | char *cp, tmp[PATH_MAX], old[PATH_MAX]; |
1256 | int r, fd, oerrno, inplace = 0; | 1234 | int r, fd, oerrno, inplace = 0; |
@@ -1269,6 +1247,9 @@ do_known_hosts(struct passwd *pw, const char *name) | |||
1269 | memset(&ctx, 0, sizeof(ctx)); | 1247 | memset(&ctx, 0, sizeof(ctx)); |
1270 | ctx.out = stdout; | 1248 | ctx.out = stdout; |
1271 | ctx.host = name; | 1249 | ctx.host = name; |
1250 | ctx.hash_hosts = hash_hosts; | ||
1251 | ctx.find_host = find_host; | ||
1252 | ctx.delete_host = delete_host; | ||
1272 | 1253 | ||
1273 | /* | 1254 | /* |
1274 | * Find hosts goes to stdout, hash and deletions happen in-place | 1255 | * Find hosts goes to stdout, hash and deletions happen in-place |
@@ -1433,7 +1414,8 @@ do_change_passphrase(struct passwd *pw) | |||
1433 | * Print the SSHFP RR. | 1414 | * Print the SSHFP RR. |
1434 | */ | 1415 | */ |
1435 | static int | 1416 | static int |
1436 | do_print_resource_record(struct passwd *pw, char *fname, char *hname) | 1417 | do_print_resource_record(struct passwd *pw, char *fname, char *hname, |
1418 | int print_generic) | ||
1437 | { | 1419 | { |
1438 | struct sshkey *public; | 1420 | struct sshkey *public; |
1439 | char *comment = NULL; | 1421 | char *comment = NULL; |
@@ -1460,7 +1442,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname) | |||
1460 | * Change the comment of a private key file. | 1442 | * Change the comment of a private key file. |
1461 | */ | 1443 | */ |
1462 | static void | 1444 | static void |
1463 | do_change_comment(struct passwd *pw) | 1445 | do_change_comment(struct passwd *pw, const char *identity_comment) |
1464 | { | 1446 | { |
1465 | char new_comment[1024], *comment, *passphrase; | 1447 | char new_comment[1024], *comment, *passphrase; |
1466 | struct sshkey *private; | 1448 | struct sshkey *private; |
@@ -1672,7 +1654,9 @@ agent_signer(const struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1672 | } | 1654 | } |
1673 | 1655 | ||
1674 | static void | 1656 | static void |
1675 | do_ca_sign(struct passwd *pw, int argc, char **argv) | 1657 | do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, |
1658 | unsigned long long cert_serial, int cert_serial_autoinc, | ||
1659 | int argc, char **argv) | ||
1676 | { | 1660 | { |
1677 | int r, i, fd, found, agent_fd = -1; | 1661 | int r, i, fd, found, agent_fd = -1; |
1678 | u_int n; | 1662 | u_int n; |
@@ -1812,6 +1796,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) | |||
1812 | 1796 | ||
1813 | sshkey_free(public); | 1797 | sshkey_free(public); |
1814 | free(out); | 1798 | free(out); |
1799 | if (cert_serial_autoinc) | ||
1800 | cert_serial++; | ||
1815 | } | 1801 | } |
1816 | #ifdef ENABLE_PKCS11 | 1802 | #ifdef ENABLE_PKCS11 |
1817 | pkcs11_terminate(); | 1803 | pkcs11_terminate(); |
@@ -2003,8 +1989,9 @@ print_cert(struct sshkey *key) | |||
2003 | printf(" Type: %s %s certificate\n", sshkey_ssh_name(key), | 1989 | printf(" Type: %s %s certificate\n", sshkey_ssh_name(key), |
2004 | sshkey_cert_type(key)); | 1990 | sshkey_cert_type(key)); |
2005 | printf(" Public key: %s %s\n", sshkey_type(key), key_fp); | 1991 | printf(" Public key: %s %s\n", sshkey_type(key), key_fp); |
2006 | printf(" Signing CA: %s %s\n", | 1992 | printf(" Signing CA: %s %s (using %s)\n", |
2007 | sshkey_type(key->cert->signature_key), ca_fp); | 1993 | sshkey_type(key->cert->signature_key), ca_fp, |
1994 | key->cert->signature_type); | ||
2008 | printf(" Key ID: \"%s\"\n", key->cert->key_id); | 1995 | printf(" Key ID: \"%s\"\n", key->cert->key_id); |
2009 | printf(" Serial: %llu\n", (unsigned long long)key->cert->serial); | 1996 | printf(" Serial: %llu\n", (unsigned long long)key->cert->serial); |
2010 | printf(" Valid: %s\n", valid); | 1997 | printf(" Valid: %s\n", valid); |
@@ -2297,7 +2284,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, | |||
2297 | } | 2284 | } |
2298 | 2285 | ||
2299 | static void | 2286 | static void |
2300 | do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) | 2287 | do_gen_krl(struct passwd *pw, int updating, const char *ca_key_path, |
2288 | unsigned long long krl_version, const char *krl_comment, | ||
2289 | int argc, char **argv) | ||
2301 | { | 2290 | { |
2302 | struct ssh_krl *krl; | 2291 | struct ssh_krl *krl; |
2303 | struct stat sb; | 2292 | struct stat sb; |
@@ -2332,10 +2321,10 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) | |||
2332 | else if ((krl = ssh_krl_init()) == NULL) | 2321 | else if ((krl = ssh_krl_init()) == NULL) |
2333 | fatal("couldn't create KRL"); | 2322 | fatal("couldn't create KRL"); |
2334 | 2323 | ||
2335 | if (cert_serial != 0) | 2324 | if (krl_version != 0) |
2336 | ssh_krl_set_version(krl, cert_serial); | 2325 | ssh_krl_set_version(krl, krl_version); |
2337 | if (identity_comment != NULL) | 2326 | if (krl_comment != NULL) |
2338 | ssh_krl_set_comment(krl, identity_comment); | 2327 | ssh_krl_set_comment(krl, krl_comment); |
2339 | 2328 | ||
2340 | for (i = 0; i < argc; i++) | 2329 | for (i = 0; i < argc; i++) |
2341 | update_krl_from_file(pw, argv[i], wild_ca, ca, krl); | 2330 | update_krl_from_file(pw, argv[i], wild_ca, ca, krl); |
@@ -2387,9 +2376,10 @@ static void | |||
2387 | usage(void) | 2376 | usage(void) |
2388 | { | 2377 | { |
2389 | fprintf(stderr, | 2378 | fprintf(stderr, |
2390 | "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]\n" | 2379 | "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] [-m format]\n" |
2391 | " [-N new_passphrase] [-C comment] [-f output_keyfile]\n" | 2380 | " [-N new_passphrase] [-C comment] [-f output_keyfile]\n" |
2392 | " ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n" | 2381 | " ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-m format]\n" |
2382 | " [-f keyfile]\n" | ||
2393 | " ssh-keygen -i [-m key_format] [-f input_keyfile]\n" | 2383 | " ssh-keygen -i [-m key_format] [-f input_keyfile]\n" |
2394 | " ssh-keygen -e [-m key_format] [-f input_keyfile]\n" | 2384 | " ssh-keygen -e [-m key_format] [-f input_keyfile]\n" |
2395 | " ssh-keygen -y [-f input_keyfile]\n" | 2385 | " ssh-keygen -y [-f input_keyfile]\n" |
@@ -2433,9 +2423,17 @@ main(int argc, char **argv) | |||
2433 | struct passwd *pw; | 2423 | struct passwd *pw; |
2434 | struct stat st; | 2424 | struct stat st; |
2435 | int r, opt, type, fd; | 2425 | int r, opt, type, fd; |
2426 | int change_passphrase = 0, change_comment = 0, show_cert = 0; | ||
2427 | int find_host = 0, delete_host = 0, hash_hosts = 0; | ||
2436 | int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; | 2428 | int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; |
2429 | int prefer_agent = 0, convert_to = 0, convert_from = 0; | ||
2430 | int print_public = 0, print_generic = 0, cert_serial_autoinc = 0; | ||
2431 | unsigned long long cert_serial = 0; | ||
2432 | char *identity_comment = NULL, *ca_key_path = NULL; | ||
2433 | u_int bits = 0; | ||
2437 | FILE *f; | 2434 | FILE *f; |
2438 | const char *errstr; | 2435 | const char *errstr; |
2436 | int log_level = SYSLOG_LEVEL_INFO; | ||
2439 | #ifdef WITH_OPENSSL | 2437 | #ifdef WITH_OPENSSL |
2440 | /* Moduli generation/screening */ | 2438 | /* Moduli generation/screening */ |
2441 | char out_file[PATH_MAX], *checkpoint = NULL; | 2439 | char out_file[PATH_MAX], *checkpoint = NULL; |
@@ -2454,13 +2452,10 @@ main(int argc, char **argv) | |||
2454 | 2452 | ||
2455 | __progname = ssh_get_progname(argv[0]); | 2453 | __progname = ssh_get_progname(argv[0]); |
2456 | 2454 | ||
2457 | #ifdef WITH_OPENSSL | ||
2458 | OpenSSL_add_all_algorithms(); | ||
2459 | #endif | ||
2460 | log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); | ||
2461 | |||
2462 | seed_rng(); | 2455 | seed_rng(); |
2463 | 2456 | ||
2457 | log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); | ||
2458 | |||
2464 | msetlocale(); | 2459 | msetlocale(); |
2465 | 2460 | ||
2466 | /* we need this for the home * directory. */ | 2461 | /* we need this for the home * directory. */ |
@@ -2628,6 +2623,10 @@ main(int argc, char **argv) | |||
2628 | break; | 2623 | break; |
2629 | case 'z': | 2624 | case 'z': |
2630 | errno = 0; | 2625 | errno = 0; |
2626 | if (*optarg == '+') { | ||
2627 | cert_serial_autoinc = 1; | ||
2628 | optarg++; | ||
2629 | } | ||
2631 | cert_serial = strtoull(optarg, &ep, 10); | 2630 | cert_serial = strtoull(optarg, &ep, 10); |
2632 | if (*optarg < '0' || *optarg > '9' || *ep != '\0' || | 2631 | if (*optarg < '0' || *optarg > '9' || *ep != '\0' || |
2633 | (errno == ERANGE && cert_serial == ULLONG_MAX)) | 2632 | (errno == ERANGE && cert_serial == ULLONG_MAX)) |
@@ -2707,7 +2706,8 @@ main(int argc, char **argv) | |||
2707 | usage(); | 2706 | usage(); |
2708 | } | 2707 | } |
2709 | if (gen_krl) { | 2708 | if (gen_krl) { |
2710 | do_gen_krl(pw, update_krl, argc, argv); | 2709 | do_gen_krl(pw, update_krl, ca_key_path, |
2710 | cert_serial, identity_comment, argc, argv); | ||
2711 | return (0); | 2711 | return (0); |
2712 | } | 2712 | } |
2713 | if (check_krl) { | 2713 | if (check_krl) { |
@@ -2717,12 +2717,15 @@ main(int argc, char **argv) | |||
2717 | if (ca_key_path != NULL) { | 2717 | if (ca_key_path != NULL) { |
2718 | if (cert_key_id == NULL) | 2718 | if (cert_key_id == NULL) |
2719 | fatal("Must specify key id (-I) when certifying"); | 2719 | fatal("Must specify key id (-I) when certifying"); |
2720 | do_ca_sign(pw, argc, argv); | 2720 | do_ca_sign(pw, ca_key_path, prefer_agent, |
2721 | cert_serial, cert_serial_autoinc, argc, argv); | ||
2721 | } | 2722 | } |
2722 | if (show_cert) | 2723 | if (show_cert) |
2723 | do_show_cert(pw); | 2724 | do_show_cert(pw); |
2724 | if (delete_host || hash_hosts || find_host) | 2725 | if (delete_host || hash_hosts || find_host) { |
2725 | do_known_hosts(pw, rr_hostname); | 2726 | do_known_hosts(pw, rr_hostname, find_host, |
2727 | delete_host, hash_hosts); | ||
2728 | } | ||
2726 | if (pkcs11provider != NULL) | 2729 | if (pkcs11provider != NULL) |
2727 | do_download(pw); | 2730 | do_download(pw); |
2728 | if (print_fingerprint || print_bubblebabble) | 2731 | if (print_fingerprint || print_bubblebabble) |
@@ -2730,7 +2733,7 @@ main(int argc, char **argv) | |||
2730 | if (change_passphrase) | 2733 | if (change_passphrase) |
2731 | do_change_passphrase(pw); | 2734 | do_change_passphrase(pw); |
2732 | if (change_comment) | 2735 | if (change_comment) |
2733 | do_change_comment(pw); | 2736 | do_change_comment(pw, identity_comment); |
2734 | #ifdef WITH_OPENSSL | 2737 | #ifdef WITH_OPENSSL |
2735 | if (convert_to) | 2738 | if (convert_to) |
2736 | do_convert_to(pw); | 2739 | do_convert_to(pw); |
@@ -2743,23 +2746,28 @@ main(int argc, char **argv) | |||
2743 | unsigned int n = 0; | 2746 | unsigned int n = 0; |
2744 | 2747 | ||
2745 | if (have_identity) { | 2748 | if (have_identity) { |
2746 | n = do_print_resource_record(pw, | 2749 | n = do_print_resource_record(pw, identity_file, |
2747 | identity_file, rr_hostname); | 2750 | rr_hostname, print_generic); |
2748 | if (n == 0) | 2751 | if (n == 0) |
2749 | fatal("%s: %s", identity_file, strerror(errno)); | 2752 | fatal("%s: %s", identity_file, strerror(errno)); |
2750 | exit(0); | 2753 | exit(0); |
2751 | } else { | 2754 | } else { |
2752 | 2755 | ||
2753 | n += do_print_resource_record(pw, | 2756 | n += do_print_resource_record(pw, |
2754 | _PATH_HOST_RSA_KEY_FILE, rr_hostname); | 2757 | _PATH_HOST_RSA_KEY_FILE, rr_hostname, |
2758 | print_generic); | ||
2755 | n += do_print_resource_record(pw, | 2759 | n += do_print_resource_record(pw, |
2756 | _PATH_HOST_DSA_KEY_FILE, rr_hostname); | 2760 | _PATH_HOST_DSA_KEY_FILE, rr_hostname, |
2761 | print_generic); | ||
2757 | n += do_print_resource_record(pw, | 2762 | n += do_print_resource_record(pw, |
2758 | _PATH_HOST_ECDSA_KEY_FILE, rr_hostname); | 2763 | _PATH_HOST_ECDSA_KEY_FILE, rr_hostname, |
2764 | print_generic); | ||
2759 | n += do_print_resource_record(pw, | 2765 | n += do_print_resource_record(pw, |
2760 | _PATH_HOST_ED25519_KEY_FILE, rr_hostname); | 2766 | _PATH_HOST_ED25519_KEY_FILE, rr_hostname, |
2767 | print_generic); | ||
2761 | n += do_print_resource_record(pw, | 2768 | n += do_print_resource_record(pw, |
2762 | _PATH_HOST_XMSS_KEY_FILE, rr_hostname); | 2769 | _PATH_HOST_XMSS_KEY_FILE, rr_hostname, |
2770 | print_generic); | ||
2763 | if (n == 0) | 2771 | if (n == 0) |
2764 | fatal("no keys found."); | 2772 | fatal("no keys found."); |
2765 | exit(0); | 2773 | exit(0); |
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index 497ac0d9e..d372f7c7a 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 | |||
@@ -93,4 +93,4 @@ AUTHORS | |||
93 | Davison <wayned@users.sourceforge.net> added support for protocol version | 93 | Davison <wayned@users.sourceforge.net> added support for protocol version |
94 | 2. | 94 | 2. |
95 | 95 | ||
96 | OpenBSD 6.4 March 5, 2018 OpenBSD 6.4 | 96 | OpenBSD 6.5 March 5, 2018 OpenBSD 6.5 |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 38b1c548b..2ed041559 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.126 2019/01/26 22:35:01 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -70,6 +70,8 @@ int hash_hosts = 0; /* Hash hostname on output */ | |||
70 | 70 | ||
71 | int print_sshfp = 0; /* Print SSHFP records instead of known_hosts */ | 71 | int print_sshfp = 0; /* Print SSHFP records instead of known_hosts */ |
72 | 72 | ||
73 | int found_one = 0; /* Successfully found a key */ | ||
74 | |||
73 | #define MAXMAXFD 256 | 75 | #define MAXMAXFD 256 |
74 | 76 | ||
75 | /* The number of seconds after which to give up on a TCP connection */ | 77 | /* The number of seconds after which to give up on a TCP connection */ |
@@ -83,8 +85,6 @@ fd_set *read_wait; | |||
83 | size_t read_wait_nfdset; | 85 | size_t read_wait_nfdset; |
84 | int ncon; | 86 | int ncon; |
85 | 87 | ||
86 | struct ssh *active_state = NULL; /* XXX needed for linking */ | ||
87 | |||
88 | /* | 88 | /* |
89 | * Keep a connection structure for each file descriptor. The state | 89 | * Keep a connection structure for each file descriptor. The state |
90 | * associated with file descriptor n is held in fdcon[n]. | 90 | * associated with file descriptor n is held in fdcon[n]. |
@@ -262,18 +262,19 @@ keygrab_ssh2(con *c) | |||
262 | exit(1); | 262 | exit(1); |
263 | } | 263 | } |
264 | #ifdef WITH_OPENSSL | 264 | #ifdef WITH_OPENSSL |
265 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 265 | c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; |
266 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 266 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; |
267 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | 267 | c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; |
268 | c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | 268 | c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; |
269 | c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | 269 | c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; |
270 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 270 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
271 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 271 | c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
272 | # ifdef OPENSSL_HAS_ECC | 272 | # ifdef OPENSSL_HAS_ECC |
273 | c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 273 | c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; |
274 | # endif | 274 | # endif |
275 | #endif | 275 | #endif |
276 | c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 276 | c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; |
277 | c->c_ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client; | ||
277 | ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); | 278 | ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); |
278 | /* | 279 | /* |
279 | * do the key-exchange until an error occurs or until | 280 | * do the key-exchange until an error occurs or until |
@@ -288,6 +289,8 @@ keyprint_one(const char *host, struct sshkey *key) | |||
288 | char *hostport; | 289 | char *hostport; |
289 | const char *known_host, *hashed; | 290 | const char *known_host, *hashed; |
290 | 291 | ||
292 | found_one = 1; | ||
293 | |||
291 | if (print_sshfp) { | 294 | if (print_sshfp) { |
292 | export_dns_rr(host, key, stdout, 0); | 295 | export_dns_rr(host, key, stdout, 0); |
293 | return; | 296 | return; |
@@ -803,5 +806,5 @@ main(int argc, char **argv) | |||
803 | while (ncon > 0) | 806 | while (ncon > 0) |
804 | conloop(); | 807 | conloop(); |
805 | 808 | ||
806 | return (0); | 809 | return found_one ? 0 : 1; |
807 | } | 810 | } |
diff --git a/ssh-keysign.0 b/ssh-keysign.0 index db4355d29..172739ebd 100644 --- a/ssh-keysign.0 +++ b/ssh-keysign.0 | |||
@@ -49,4 +49,4 @@ HISTORY | |||
49 | AUTHORS | 49 | AUTHORS |
50 | Markus Friedl <markus@openbsd.org> | 50 | Markus Friedl <markus@openbsd.org> |
51 | 51 | ||
52 | OpenBSD 6.4 February 17, 2016 OpenBSD 6.4 | 52 | OpenBSD 6.5 February 17, 2016 OpenBSD 6.5 |
diff --git a/ssh-keysign.c b/ssh-keysign.c index 744ecb4f9..601f6ca72 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keysign.c,v 1.55 2018/07/27 05:34:42 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keysign.c,v 1.56 2018/11/23 05:08:07 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -40,6 +40,7 @@ | |||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/rand.h> | 41 | #include <openssl/rand.h> |
42 | #include <openssl/rsa.h> | 42 | #include <openssl/rsa.h> |
43 | #include "openbsd-compat/openssl-compat.h" | ||
43 | #endif | 44 | #endif |
44 | 45 | ||
45 | #include "xmalloc.h" | 46 | #include "xmalloc.h" |
@@ -58,8 +59,6 @@ | |||
58 | #include "sshkey.h" | 59 | #include "sshkey.h" |
59 | #include "ssherr.h" | 60 | #include "ssherr.h" |
60 | 61 | ||
61 | struct ssh *active_state = NULL; /* XXX needed for linking */ | ||
62 | |||
63 | extern char *__progname; | 62 | extern char *__progname; |
64 | 63 | ||
65 | static int | 64 | static int |
@@ -173,9 +172,6 @@ main(int argc, char **argv) | |||
173 | u_char *signature, *data, rver; | 172 | u_char *signature, *data, rver; |
174 | char *host, *fp; | 173 | char *host, *fp; |
175 | size_t slen, dlen; | 174 | size_t slen, dlen; |
176 | #ifdef WITH_OPENSSL | ||
177 | u_int32_t rnd[256]; | ||
178 | #endif | ||
179 | 175 | ||
180 | ssh_malloc_init(); /* must be called before any mallocs */ | 176 | ssh_malloc_init(); /* must be called before any mallocs */ |
181 | if (pledge("stdio rpath getpw dns id", NULL) != 0) | 177 | if (pledge("stdio rpath getpw dns id", NULL) != 0) |
@@ -210,7 +206,8 @@ main(int argc, char **argv) | |||
210 | 206 | ||
211 | /* verify that ssh-keysign is enabled by the admin */ | 207 | /* verify that ssh-keysign is enabled by the admin */ |
212 | initialize_options(&options); | 208 | initialize_options(&options); |
213 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", &options, 0); | 209 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", |
210 | &options, 0, NULL); | ||
214 | fill_default_options(&options); | 211 | fill_default_options(&options); |
215 | if (options.enable_ssh_keysign != 1) | 212 | if (options.enable_ssh_keysign != 1) |
216 | fatal("ssh-keysign not enabled in %s", | 213 | fatal("ssh-keysign not enabled in %s", |
@@ -223,12 +220,6 @@ main(int argc, char **argv) | |||
223 | if (found == 0) | 220 | if (found == 0) |
224 | fatal("could not open any host key"); | 221 | fatal("could not open any host key"); |
225 | 222 | ||
226 | #ifdef WITH_OPENSSL | ||
227 | OpenSSL_add_all_algorithms(); | ||
228 | arc4random_buf(rnd, sizeof(rnd)); | ||
229 | RAND_seed(rnd, sizeof(rnd)); | ||
230 | #endif | ||
231 | |||
232 | found = 0; | 223 | found = 0; |
233 | for (i = 0; i < NUM_KEYTYPES; i++) { | 224 | for (i = 0; i < NUM_KEYTYPES; i++) { |
234 | keys[i] = NULL; | 225 | keys[i] = NULL; |
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index d1241ce67..e7860de89 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c | |||
@@ -1,6 +1,7 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11-client.c,v 1.10 2018/07/09 21:59:10 markus Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11-client.c,v 1.15 2019/01/21 12:53:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2014 Pedro Martelletto. All rights reserved. | ||
4 | * | 5 | * |
5 | * Permission to use, copy, modify, and distribute this software for any | 6 | * Permission to use, copy, modify, and distribute this software for any |
6 | * purpose with or without fee is hereby granted, provided that the above | 7 | * purpose with or without fee is hereby granted, provided that the above |
@@ -30,6 +31,7 @@ | |||
30 | #include <unistd.h> | 31 | #include <unistd.h> |
31 | #include <errno.h> | 32 | #include <errno.h> |
32 | 33 | ||
34 | #include <openssl/ecdsa.h> | ||
33 | #include <openssl/rsa.h> | 35 | #include <openssl/rsa.h> |
34 | 36 | ||
35 | #include "openbsd-compat/openssl-compat.h" | 37 | #include "openbsd-compat/openssl-compat.h" |
@@ -47,8 +49,8 @@ | |||
47 | 49 | ||
48 | /* borrows code from sftp-server and ssh-agent */ | 50 | /* borrows code from sftp-server and ssh-agent */ |
49 | 51 | ||
50 | int fd = -1; | 52 | static int fd = -1; |
51 | pid_t pid = -1; | 53 | static pid_t pid = -1; |
52 | 54 | ||
53 | static void | 55 | static void |
54 | send_msg(struct sshbuf *m) | 56 | send_msg(struct sshbuf *m) |
@@ -113,22 +115,27 @@ pkcs11_terminate(void) | |||
113 | } | 115 | } |
114 | 116 | ||
115 | static int | 117 | static int |
116 | pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | 118 | rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding) |
117 | int padding) | ||
118 | { | 119 | { |
119 | struct sshkey key; /* XXX */ | 120 | struct sshkey *key = NULL; |
120 | u_char *blob, *signature = NULL; | 121 | struct sshbuf *msg = NULL; |
122 | u_char *blob = NULL, *signature = NULL; | ||
121 | size_t blen, slen = 0; | 123 | size_t blen, slen = 0; |
122 | int r, ret = -1; | 124 | int r, ret = -1; |
123 | struct sshbuf *msg; | ||
124 | 125 | ||
125 | if (padding != RSA_PKCS1_PADDING) | 126 | if (padding != RSA_PKCS1_PADDING) |
126 | return (-1); | 127 | goto fail; |
127 | key.type = KEY_RSA; | 128 | key = sshkey_new(KEY_UNSPEC); |
128 | key.rsa = rsa; | 129 | if (key == NULL) { |
129 | if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) { | 130 | error("%s: sshkey_new failed", __func__); |
131 | goto fail; | ||
132 | } | ||
133 | key->type = KEY_RSA; | ||
134 | RSA_up_ref(rsa); | ||
135 | key->rsa = rsa; | ||
136 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { | ||
130 | error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); | 137 | error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); |
131 | return -1; | 138 | goto fail; |
132 | } | 139 | } |
133 | if ((msg = sshbuf_new()) == NULL) | 140 | if ((msg = sshbuf_new()) == NULL) |
134 | fatal("%s: sshbuf_new failed", __func__); | 141 | fatal("%s: sshbuf_new failed", __func__); |
@@ -137,7 +144,6 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
137 | (r = sshbuf_put_string(msg, from, flen)) != 0 || | 144 | (r = sshbuf_put_string(msg, from, flen)) != 0 || |
138 | (r = sshbuf_put_u32(msg, 0)) != 0) | 145 | (r = sshbuf_put_u32(msg, 0)) != 0) |
139 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 146 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
140 | free(blob); | ||
141 | send_msg(msg); | 147 | send_msg(msg); |
142 | sshbuf_reset(msg); | 148 | sshbuf_reset(msg); |
143 | 149 | ||
@@ -150,22 +156,115 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
150 | } | 156 | } |
151 | free(signature); | 157 | free(signature); |
152 | } | 158 | } |
159 | fail: | ||
160 | free(blob); | ||
161 | sshkey_free(key); | ||
162 | sshbuf_free(msg); | ||
163 | return (ret); | ||
164 | } | ||
165 | |||
166 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
167 | static ECDSA_SIG * | ||
168 | ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, | ||
169 | const BIGNUM *rp, EC_KEY *ec) | ||
170 | { | ||
171 | struct sshkey *key = NULL; | ||
172 | struct sshbuf *msg = NULL; | ||
173 | ECDSA_SIG *ret = NULL; | ||
174 | const u_char *cp; | ||
175 | u_char *blob = NULL, *signature = NULL; | ||
176 | size_t blen, slen = 0; | ||
177 | int r, nid; | ||
178 | |||
179 | nid = sshkey_ecdsa_key_to_nid(ec); | ||
180 | if (nid < 0) { | ||
181 | error("%s: couldn't get curve nid", __func__); | ||
182 | goto fail; | ||
183 | } | ||
184 | |||
185 | key = sshkey_new(KEY_UNSPEC); | ||
186 | if (key == NULL) { | ||
187 | error("%s: sshkey_new failed", __func__); | ||
188 | goto fail; | ||
189 | } | ||
190 | key->ecdsa = ec; | ||
191 | key->ecdsa_nid = nid; | ||
192 | key->type = KEY_ECDSA; | ||
193 | EC_KEY_up_ref(ec); | ||
194 | |||
195 | if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) { | ||
196 | error("%s: sshkey_to_blob: %s", __func__, ssh_err(r)); | ||
197 | goto fail; | ||
198 | } | ||
199 | if ((msg = sshbuf_new()) == NULL) | ||
200 | fatal("%s: sshbuf_new failed", __func__); | ||
201 | if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || | ||
202 | (r = sshbuf_put_string(msg, blob, blen)) != 0 || | ||
203 | (r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 || | ||
204 | (r = sshbuf_put_u32(msg, 0)) != 0) | ||
205 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
206 | send_msg(msg); | ||
207 | sshbuf_reset(msg); | ||
208 | |||
209 | if (recv_msg(msg) == SSH2_AGENT_SIGN_RESPONSE) { | ||
210 | if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0) | ||
211 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
212 | cp = signature; | ||
213 | ret = d2i_ECDSA_SIG(NULL, &cp, slen); | ||
214 | free(signature); | ||
215 | } | ||
216 | |||
217 | fail: | ||
218 | free(blob); | ||
219 | sshkey_free(key); | ||
153 | sshbuf_free(msg); | 220 | sshbuf_free(msg); |
154 | return (ret); | 221 | return (ret); |
155 | } | 222 | } |
223 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
224 | |||
225 | static RSA_METHOD *helper_rsa; | ||
226 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
227 | static EC_KEY_METHOD *helper_ecdsa; | ||
228 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
229 | |||
230 | /* redirect private key crypto operations to the ssh-pkcs11-helper */ | ||
231 | static void | ||
232 | wrap_key(struct sshkey *k) | ||
233 | { | ||
234 | if (k->type == KEY_RSA) | ||
235 | RSA_set_method(k->rsa, helper_rsa); | ||
236 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
237 | else if (k->type == KEY_ECDSA) | ||
238 | EC_KEY_set_method(k->ecdsa, helper_ecdsa); | ||
239 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
240 | else | ||
241 | fatal("%s: unknown key type", __func__); | ||
242 | } | ||
156 | 243 | ||
157 | /* redirect the private key encrypt operation to the ssh-pkcs11-helper */ | ||
158 | static int | 244 | static int |
159 | wrap_key(RSA *rsa) | 245 | pkcs11_start_helper_methods(void) |
160 | { | 246 | { |
161 | static RSA_METHOD *helper_rsa; | 247 | if (helper_rsa != NULL) |
248 | return (0); | ||
249 | |||
250 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
251 | int (*orig_sign)(int, const unsigned char *, int, unsigned char *, | ||
252 | unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL; | ||
253 | if (helper_ecdsa != NULL) | ||
254 | return (0); | ||
255 | helper_ecdsa = EC_KEY_METHOD_new(EC_KEY_OpenSSL()); | ||
256 | if (helper_ecdsa == NULL) | ||
257 | return (-1); | ||
258 | EC_KEY_METHOD_get_sign(helper_ecdsa, &orig_sign, NULL, NULL); | ||
259 | EC_KEY_METHOD_set_sign(helper_ecdsa, orig_sign, NULL, ecdsa_do_sign); | ||
260 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
162 | 261 | ||
163 | if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL) | 262 | if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL) |
164 | fatal("%s: RSA_meth_dup failed", __func__); | 263 | fatal("%s: RSA_meth_dup failed", __func__); |
165 | if (!RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper") || | 264 | if (!RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper") || |
166 | !RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt)) | 265 | !RSA_meth_set_priv_enc(helper_rsa, rsa_encrypt)) |
167 | fatal("%s: failed to prepare method", __func__); | 266 | fatal("%s: failed to prepare method", __func__); |
168 | RSA_set_method(rsa, helper_rsa); | 267 | |
169 | return (0); | 268 | return (0); |
170 | } | 269 | } |
171 | 270 | ||
@@ -173,6 +272,15 @@ static int | |||
173 | pkcs11_start_helper(void) | 272 | pkcs11_start_helper(void) |
174 | { | 273 | { |
175 | int pair[2]; | 274 | int pair[2]; |
275 | char *helper, *verbosity = NULL; | ||
276 | |||
277 | if (log_level_get() >= SYSLOG_LEVEL_DEBUG1) | ||
278 | verbosity = "-vvv"; | ||
279 | |||
280 | if (pkcs11_start_helper_methods() == -1) { | ||
281 | error("pkcs11_start_helper_methods failed"); | ||
282 | return (-1); | ||
283 | } | ||
176 | 284 | ||
177 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) { | 285 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) { |
178 | error("socketpair: %s", strerror(errno)); | 286 | error("socketpair: %s", strerror(errno)); |
@@ -189,10 +297,13 @@ pkcs11_start_helper(void) | |||
189 | } | 297 | } |
190 | close(pair[0]); | 298 | close(pair[0]); |
191 | close(pair[1]); | 299 | close(pair[1]); |
192 | execlp(_PATH_SSH_PKCS11_HELPER, _PATH_SSH_PKCS11_HELPER, | 300 | helper = getenv("SSH_PKCS11_HELPER"); |
193 | (char *)NULL); | 301 | if (helper == NULL || strlen(helper) == 0) |
194 | fprintf(stderr, "exec: %s: %s\n", _PATH_SSH_PKCS11_HELPER, | 302 | helper = _PATH_SSH_PKCS11_HELPER; |
195 | strerror(errno)); | 303 | debug("%s: starting %s %s", __func__, helper, |
304 | verbosity == NULL ? "" : verbosity); | ||
305 | execlp(helper, helper, verbosity, (char *)NULL); | ||
306 | fprintf(stderr, "exec: %s: %s\n", helper, strerror(errno)); | ||
196 | _exit(1); | 307 | _exit(1); |
197 | } | 308 | } |
198 | close(pair[1]); | 309 | close(pair[1]); |
@@ -204,7 +315,7 @@ int | |||
204 | pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp) | 315 | pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp) |
205 | { | 316 | { |
206 | struct sshkey *k; | 317 | struct sshkey *k; |
207 | int r; | 318 | int r, type; |
208 | u_char *blob; | 319 | u_char *blob; |
209 | size_t blen; | 320 | size_t blen; |
210 | u_int nkeys, i; | 321 | u_int nkeys, i; |
@@ -222,7 +333,8 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp) | |||
222 | send_msg(msg); | 333 | send_msg(msg); |
223 | sshbuf_reset(msg); | 334 | sshbuf_reset(msg); |
224 | 335 | ||
225 | if (recv_msg(msg) == SSH2_AGENT_IDENTITIES_ANSWER) { | 336 | type = recv_msg(msg); |
337 | if (type == SSH2_AGENT_IDENTITIES_ANSWER) { | ||
226 | if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) | 338 | if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) |
227 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 339 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
228 | *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); | 340 | *keysp = xcalloc(nkeys, sizeof(struct sshkey *)); |
@@ -234,10 +346,13 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp) | |||
234 | __func__, ssh_err(r)); | 346 | __func__, ssh_err(r)); |
235 | if ((r = sshkey_from_blob(blob, blen, &k)) != 0) | 347 | if ((r = sshkey_from_blob(blob, blen, &k)) != 0) |
236 | fatal("%s: bad key: %s", __func__, ssh_err(r)); | 348 | fatal("%s: bad key: %s", __func__, ssh_err(r)); |
237 | wrap_key(k->rsa); | 349 | wrap_key(k); |
238 | (*keysp)[i] = k; | 350 | (*keysp)[i] = k; |
239 | free(blob); | 351 | free(blob); |
240 | } | 352 | } |
353 | } else if (type == SSH2_AGENT_FAILURE) { | ||
354 | if ((r = sshbuf_get_u32(msg, &nkeys)) != 0) | ||
355 | nkeys = -1; | ||
241 | } else { | 356 | } else { |
242 | nkeys = -1; | 357 | nkeys = -1; |
243 | } | 358 | } |
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 index 4d5c9843b..22f690717 100644 --- a/ssh-pkcs11-helper.0 +++ b/ssh-pkcs11-helper.0 | |||
@@ -4,7 +4,7 @@ NAME | |||
4 | ssh-pkcs11-helper M-bM-^@M-^S ssh-agent helper program for PKCS#11 support | 4 | ssh-pkcs11-helper M-bM-^@M-^S ssh-agent helper program for PKCS#11 support |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-pkcs11-helper | 7 | ssh-pkcs11-helper [-v] |
8 | 8 | ||
9 | DESCRIPTION | 9 | DESCRIPTION |
10 | ssh-pkcs11-helper is used by ssh-agent(1) to access keys provided by a | 10 | ssh-pkcs11-helper is used by ssh-agent(1) to access keys provided by a |
@@ -13,6 +13,16 @@ DESCRIPTION | |||
13 | ssh-pkcs11-helper is not intended to be invoked by the user, but from | 13 | ssh-pkcs11-helper is not intended to be invoked by the user, but from |
14 | ssh-agent(1). | 14 | ssh-agent(1). |
15 | 15 | ||
16 | A single option is supported: | ||
17 | |||
18 | -v Verbose mode. Causes ssh-pkcs11-helper to print debugging | ||
19 | messages about its progress. This is helpful in debugging | ||
20 | problems. Multiple -v options increase the verbosity. The | ||
21 | maximum is 3. | ||
22 | |||
23 | Note that ssh-agent(1) will automatically pass the -v flag to | ||
24 | ssh-pkcs11-helper when it has itself been placed in debug mode. | ||
25 | |||
16 | SEE ALSO | 26 | SEE ALSO |
17 | ssh(1), ssh-add(1), ssh-agent(1) | 27 | ssh(1), ssh-add(1), ssh-agent(1) |
18 | 28 | ||
@@ -22,4 +32,4 @@ HISTORY | |||
22 | AUTHORS | 32 | AUTHORS |
23 | Markus Friedl <markus@openbsd.org> | 33 | Markus Friedl <markus@openbsd.org> |
24 | 34 | ||
25 | OpenBSD 6.4 July 16, 2013 OpenBSD 6.4 | 35 | OpenBSD 6.5 January 21, 2019 OpenBSD 6.5 |
diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8 index 3728c4e4e..ba5c30fa0 100644 --- a/ssh-pkcs11-helper.8 +++ b/ssh-pkcs11-helper.8 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $ | 1 | .\" $OpenBSD: ssh-pkcs11-helper.8,v 1.5 2019/01/21 12:53:35 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | .\" Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -14,7 +14,7 @@ | |||
14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | .\" | 16 | .\" |
17 | .Dd $Mdocdate: July 16 2013 $ | 17 | .Dd $Mdocdate: January 21 2019 $ |
18 | .Dt SSH-PKCS11-HELPER 8 | 18 | .Dt SSH-PKCS11-HELPER 8 |
19 | .Os | 19 | .Os |
20 | .Sh NAME | 20 | .Sh NAME |
@@ -22,6 +22,7 @@ | |||
22 | .Nd ssh-agent helper program for PKCS#11 support | 22 | .Nd ssh-agent helper program for PKCS#11 support |
23 | .Sh SYNOPSIS | 23 | .Sh SYNOPSIS |
24 | .Nm | 24 | .Nm |
25 | .Op Fl v | ||
25 | .Sh DESCRIPTION | 26 | .Sh DESCRIPTION |
26 | .Nm | 27 | .Nm |
27 | is used by | 28 | is used by |
@@ -31,6 +32,28 @@ to access keys provided by a PKCS#11 token. | |||
31 | .Nm | 32 | .Nm |
32 | is not intended to be invoked by the user, but from | 33 | is not intended to be invoked by the user, but from |
33 | .Xr ssh-agent 1 . | 34 | .Xr ssh-agent 1 . |
35 | .Pp | ||
36 | A single option is supported: | ||
37 | .Bl -tag -width Ds | ||
38 | .It Fl v | ||
39 | Verbose mode. | ||
40 | Causes | ||
41 | .Nm | ||
42 | to print debugging messages about its progress. | ||
43 | This is helpful in debugging problems. | ||
44 | Multiple | ||
45 | .Fl v | ||
46 | options increase the verbosity. | ||
47 | The maximum is 3. | ||
48 | .Pp | ||
49 | Note that | ||
50 | .Xr ssh-agent 1 | ||
51 | will automatically pass the | ||
52 | .Fl v | ||
53 | flag to | ||
54 | .Nm | ||
55 | when it has itself been placed in debug mode. | ||
56 | .El | ||
34 | .Sh SEE ALSO | 57 | .Sh SEE ALSO |
35 | .Xr ssh 1 , | 58 | .Xr ssh 1 , |
36 | .Xr ssh-add 1 , | 59 | .Xr ssh-add 1 , |
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 6301033c5..97fb1212c 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.14 2018/01/08 15:18:46 markus Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.17 2019/01/23 02:01:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -24,10 +24,11 @@ | |||
24 | 24 | ||
25 | #include "openbsd-compat/sys-queue.h" | 25 | #include "openbsd-compat/sys-queue.h" |
26 | 26 | ||
27 | #include <errno.h> | ||
28 | #include <poll.h> | ||
27 | #include <stdarg.h> | 29 | #include <stdarg.h> |
28 | #include <string.h> | 30 | #include <string.h> |
29 | #include <unistd.h> | 31 | #include <unistd.h> |
30 | #include <errno.h> | ||
31 | 32 | ||
32 | #include "xmalloc.h" | 33 | #include "xmalloc.h" |
33 | #include "sshbuf.h" | 34 | #include "sshbuf.h" |
@@ -110,7 +111,7 @@ static void | |||
110 | process_add(void) | 111 | process_add(void) |
111 | { | 112 | { |
112 | char *name, *pin; | 113 | char *name, *pin; |
113 | struct sshkey **keys; | 114 | struct sshkey **keys = NULL; |
114 | int r, i, nkeys; | 115 | int r, i, nkeys; |
115 | u_char *blob; | 116 | u_char *blob; |
116 | size_t blen; | 117 | size_t blen; |
@@ -139,11 +140,13 @@ process_add(void) | |||
139 | free(blob); | 140 | free(blob); |
140 | add_key(keys[i], name); | 141 | add_key(keys[i], name); |
141 | } | 142 | } |
142 | free(keys); | ||
143 | } else { | 143 | } else { |
144 | if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) | 144 | if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0) |
145 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 145 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
146 | if ((r = sshbuf_put_u32(msg, -nkeys)) != 0) | ||
147 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | ||
146 | } | 148 | } |
149 | free(keys); | ||
147 | free(pin); | 150 | free(pin); |
148 | free(name); | 151 | free(name); |
149 | send_msg(msg); | 152 | send_msg(msg); |
@@ -192,15 +195,33 @@ process_sign(void) | |||
192 | else { | 195 | else { |
193 | if ((found = lookup_key(key)) != NULL) { | 196 | if ((found = lookup_key(key)) != NULL) { |
194 | #ifdef WITH_OPENSSL | 197 | #ifdef WITH_OPENSSL |
198 | u_int xslen; | ||
195 | int ret; | 199 | int ret; |
196 | 200 | ||
197 | slen = RSA_size(key->rsa); | 201 | if (key->type == KEY_RSA) { |
198 | signature = xmalloc(slen); | 202 | slen = RSA_size(key->rsa); |
199 | if ((ret = RSA_private_encrypt(dlen, data, signature, | 203 | signature = xmalloc(slen); |
200 | found->rsa, RSA_PKCS1_PADDING)) != -1) { | 204 | ret = RSA_private_encrypt(dlen, data, signature, |
201 | slen = ret; | 205 | found->rsa, RSA_PKCS1_PADDING); |
202 | ok = 0; | 206 | if (ret != -1) { |
203 | } | 207 | slen = ret; |
208 | ok = 0; | ||
209 | } | ||
210 | } else if (key->type == KEY_ECDSA) { | ||
211 | xslen = ECDSA_size(key->ecdsa); | ||
212 | signature = xmalloc(xslen); | ||
213 | /* "The parameter type is ignored." */ | ||
214 | ret = ECDSA_sign(-1, data, dlen, signature, | ||
215 | &xslen, found->ecdsa); | ||
216 | if (ret != 0) | ||
217 | ok = 0; | ||
218 | else | ||
219 | error("%s: ECDSA_sign" | ||
220 | " returns %d", __func__, ret); | ||
221 | slen = xslen; | ||
222 | } else | ||
223 | error("%s: don't know how to sign with key " | ||
224 | "type %d", __func__, (int)key->type); | ||
204 | #endif /* WITH_OPENSSL */ | 225 | #endif /* WITH_OPENSSL */ |
205 | } | 226 | } |
206 | sshkey_free(key); | 227 | sshkey_free(key); |
@@ -287,27 +308,44 @@ cleanup_exit(int i) | |||
287 | _exit(i); | 308 | _exit(i); |
288 | } | 309 | } |
289 | 310 | ||
311 | |||
290 | int | 312 | int |
291 | main(int argc, char **argv) | 313 | main(int argc, char **argv) |
292 | { | 314 | { |
293 | fd_set *rset, *wset; | 315 | int r, ch, in, out, max, log_stderr = 0; |
294 | int r, in, out, max, log_stderr = 0; | 316 | ssize_t len; |
295 | ssize_t len, olen, set_size; | ||
296 | SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; | 317 | SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; |
297 | LogLevel log_level = SYSLOG_LEVEL_ERROR; | 318 | LogLevel log_level = SYSLOG_LEVEL_ERROR; |
298 | char buf[4*4096]; | 319 | char buf[4*4096]; |
299 | |||
300 | extern char *__progname; | 320 | extern char *__progname; |
321 | struct pollfd pfd[2]; | ||
301 | 322 | ||
302 | ssh_malloc_init(); /* must be called before any mallocs */ | 323 | ssh_malloc_init(); /* must be called before any mallocs */ |
324 | __progname = ssh_get_progname(argv[0]); | ||
325 | seed_rng(); | ||
303 | TAILQ_INIT(&pkcs11_keylist); | 326 | TAILQ_INIT(&pkcs11_keylist); |
304 | pkcs11_init(0); | ||
305 | 327 | ||
306 | seed_rng(); | 328 | log_init(__progname, log_level, log_facility, log_stderr); |
307 | __progname = ssh_get_progname(argv[0]); | 329 | |
330 | while ((ch = getopt(argc, argv, "v")) != -1) { | ||
331 | switch (ch) { | ||
332 | case 'v': | ||
333 | log_stderr = 1; | ||
334 | if (log_level == SYSLOG_LEVEL_ERROR) | ||
335 | log_level = SYSLOG_LEVEL_DEBUG1; | ||
336 | else if (log_level < SYSLOG_LEVEL_DEBUG3) | ||
337 | log_level++; | ||
338 | break; | ||
339 | default: | ||
340 | fprintf(stderr, "usage: %s [-v]\n", __progname); | ||
341 | exit(1); | ||
342 | } | ||
343 | } | ||
308 | 344 | ||
309 | log_init(__progname, log_level, log_facility, log_stderr); | 345 | log_init(__progname, log_level, log_facility, log_stderr); |
310 | 346 | ||
347 | pkcs11_init(0); | ||
348 | |||
311 | in = STDIN_FILENO; | 349 | in = STDIN_FILENO; |
312 | out = STDOUT_FILENO; | 350 | out = STDOUT_FILENO; |
313 | 351 | ||
@@ -322,13 +360,10 @@ main(int argc, char **argv) | |||
322 | if ((oqueue = sshbuf_new()) == NULL) | 360 | if ((oqueue = sshbuf_new()) == NULL) |
323 | fatal("%s: sshbuf_new failed", __func__); | 361 | fatal("%s: sshbuf_new failed", __func__); |
324 | 362 | ||
325 | set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); | 363 | while (1) { |
326 | rset = xmalloc(set_size); | 364 | memset(pfd, 0, sizeof(pfd)); |
327 | wset = xmalloc(set_size); | 365 | pfd[0].fd = in; |
328 | 366 | pfd[1].fd = out; | |
329 | for (;;) { | ||
330 | memset(rset, 0, set_size); | ||
331 | memset(wset, 0, set_size); | ||
332 | 367 | ||
333 | /* | 368 | /* |
334 | * Ensure that we can read a full buffer and handle | 369 | * Ensure that we can read a full buffer and handle |
@@ -337,23 +372,21 @@ main(int argc, char **argv) | |||
337 | */ | 372 | */ |
338 | if ((r = sshbuf_check_reserve(iqueue, sizeof(buf))) == 0 && | 373 | if ((r = sshbuf_check_reserve(iqueue, sizeof(buf))) == 0 && |
339 | (r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0) | 374 | (r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0) |
340 | FD_SET(in, rset); | 375 | pfd[0].events = POLLIN; |
341 | else if (r != SSH_ERR_NO_BUFFER_SPACE) | 376 | else if (r != SSH_ERR_NO_BUFFER_SPACE) |
342 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 377 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
343 | 378 | ||
344 | olen = sshbuf_len(oqueue); | 379 | if (sshbuf_len(oqueue) > 0) |
345 | if (olen > 0) | 380 | pfd[1].events = POLLOUT; |
346 | FD_SET(out, wset); | ||
347 | 381 | ||
348 | if (select(max+1, rset, wset, NULL, NULL) < 0) { | 382 | if ((r = poll(pfd, 2, -1 /* INFTIM */)) <= 0) { |
349 | if (errno == EINTR) | 383 | if (r == 0 || errno == EINTR) |
350 | continue; | 384 | continue; |
351 | error("select: %s", strerror(errno)); | 385 | fatal("poll: %s", strerror(errno)); |
352 | cleanup_exit(2); | ||
353 | } | 386 | } |
354 | 387 | ||
355 | /* copy stdin to iqueue */ | 388 | /* copy stdin to iqueue */ |
356 | if (FD_ISSET(in, rset)) { | 389 | if ((pfd[0].revents & (POLLIN|POLLERR)) != 0) { |
357 | len = read(in, buf, sizeof buf); | 390 | len = read(in, buf, sizeof buf); |
358 | if (len == 0) { | 391 | if (len == 0) { |
359 | debug("read eof"); | 392 | debug("read eof"); |
@@ -367,8 +400,9 @@ main(int argc, char **argv) | |||
367 | } | 400 | } |
368 | } | 401 | } |
369 | /* send oqueue to stdout */ | 402 | /* send oqueue to stdout */ |
370 | if (FD_ISSET(out, wset)) { | 403 | if ((pfd[1].revents & (POLLOUT|POLLHUP)) != 0) { |
371 | len = write(out, sshbuf_ptr(oqueue), olen); | 404 | len = write(out, sshbuf_ptr(oqueue), |
405 | sshbuf_len(oqueue)); | ||
372 | if (len < 0) { | 406 | if (len < 0) { |
373 | error("write: %s", strerror(errno)); | 407 | error("write: %s", strerror(errno)); |
374 | cleanup_exit(1); | 408 | cleanup_exit(1); |
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 775de9642..70f06bffe 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
@@ -1,6 +1,7 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.43 2019/03/08 17:24:43 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2014 Pedro Martelletto. All rights reserved. | ||
4 | * | 5 | * |
5 | * Permission to use, copy, modify, and distribute this software for any | 6 | * Permission to use, copy, modify, and distribute this software for any |
6 | * purpose with or without fee is hereby granted, provided that the above | 7 | * purpose with or without fee is hereby granted, provided that the above |
@@ -19,20 +20,24 @@ | |||
19 | 20 | ||
20 | #ifdef ENABLE_PKCS11 | 21 | #ifdef ENABLE_PKCS11 |
21 | 22 | ||
22 | #include <sys/types.h> | ||
23 | #ifdef HAVE_SYS_TIME_H | 23 | #ifdef HAVE_SYS_TIME_H |
24 | # include <sys/time.h> | 24 | # include <sys/time.h> |
25 | #endif | 25 | #endif |
26 | |||
27 | #include <sys/types.h> | ||
26 | #include <stdarg.h> | 28 | #include <stdarg.h> |
27 | #include <stdio.h> | 29 | #include <stdio.h> |
28 | 30 | ||
31 | #include <ctype.h> | ||
29 | #include <string.h> | 32 | #include <string.h> |
30 | #include <dlfcn.h> | 33 | #include <dlfcn.h> |
31 | 34 | ||
32 | #include "openbsd-compat/sys-queue.h" | 35 | #include "openbsd-compat/sys-queue.h" |
33 | #include "openbsd-compat/openssl-compat.h" | 36 | #include "openbsd-compat/openssl-compat.h" |
34 | 37 | ||
38 | #include <openssl/ecdsa.h> | ||
35 | #include <openssl/x509.h> | 39 | #include <openssl/x509.h> |
40 | #include <openssl/err.h> | ||
36 | 41 | ||
37 | #define CRYPTOKI_COMPAT | 42 | #define CRYPTOKI_COMPAT |
38 | #include "pkcs11.h" | 43 | #include "pkcs11.h" |
@@ -67,14 +72,25 @@ TAILQ_HEAD(, pkcs11_provider) pkcs11_providers; | |||
67 | struct pkcs11_key { | 72 | struct pkcs11_key { |
68 | struct pkcs11_provider *provider; | 73 | struct pkcs11_provider *provider; |
69 | CK_ULONG slotidx; | 74 | CK_ULONG slotidx; |
70 | int (*orig_finish)(RSA *rsa); | ||
71 | RSA_METHOD *rsa_method; | ||
72 | char *keyid; | 75 | char *keyid; |
73 | int keyid_len; | 76 | int keyid_len; |
74 | }; | 77 | }; |
75 | 78 | ||
76 | int pkcs11_interactive = 0; | 79 | int pkcs11_interactive = 0; |
77 | 80 | ||
81 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
82 | static void | ||
83 | ossl_error(const char *msg) | ||
84 | { | ||
85 | unsigned long e; | ||
86 | |||
87 | error("%s: %s", __func__, msg); | ||
88 | while ((e = ERR_get_error()) != 0) | ||
89 | error("%s: libcrypto error: %.100s", __func__, | ||
90 | ERR_error_string(e, NULL)); | ||
91 | } | ||
92 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
93 | |||
78 | int | 94 | int |
79 | pkcs11_init(int interactive) | 95 | pkcs11_init(int interactive) |
80 | { | 96 | { |
@@ -84,9 +100,9 @@ pkcs11_init(int interactive) | |||
84 | } | 100 | } |
85 | 101 | ||
86 | /* | 102 | /* |
87 | * finalize a provider shared libarary, it's no longer usable. | 103 | * finalize a provider shared library, it's no longer usable. |
88 | * however, there might still be keys referencing this provider, | 104 | * however, there might still be keys referencing this provider, |
89 | * so the actuall freeing of memory is handled by pkcs11_provider_unref(). | 105 | * so the actual freeing of memory is handled by pkcs11_provider_unref(). |
90 | * this is called when a provider gets unregistered. | 106 | * this is called when a provider gets unregistered. |
91 | */ | 107 | */ |
92 | static void | 108 | static void |
@@ -123,6 +139,7 @@ pkcs11_provider_unref(struct pkcs11_provider *p) | |||
123 | if (--p->refcount <= 0) { | 139 | if (--p->refcount <= 0) { |
124 | if (p->valid) | 140 | if (p->valid) |
125 | error("pkcs11_provider_unref: %p still valid", p); | 141 | error("pkcs11_provider_unref: %p still valid", p); |
142 | free(p->name); | ||
126 | free(p->slotlist); | 143 | free(p->slotlist); |
127 | free(p->slotinfo); | 144 | free(p->slotinfo); |
128 | free(p); | 145 | free(p); |
@@ -171,23 +188,27 @@ pkcs11_del_provider(char *provider_id) | |||
171 | return (-1); | 188 | return (-1); |
172 | } | 189 | } |
173 | 190 | ||
174 | /* openssl callback for freeing an RSA key */ | 191 | static RSA_METHOD *rsa_method; |
175 | static int | 192 | static int rsa_idx = 0; |
176 | pkcs11_rsa_finish(RSA *rsa) | 193 | #ifdef HAVE_EC_KEY_METHOD_NEW |
194 | static EC_KEY_METHOD *ec_key_method; | ||
195 | static int ec_key_idx = 0; | ||
196 | #endif | ||
197 | |||
198 | /* release a wrapped object */ | ||
199 | static void | ||
200 | pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, | ||
201 | long argl, void *argp) | ||
177 | { | 202 | { |
178 | struct pkcs11_key *k11; | 203 | struct pkcs11_key *k11 = ptr; |
179 | int rv = -1; | ||
180 | 204 | ||
181 | if ((k11 = RSA_get_app_data(rsa)) != NULL) { | 205 | debug("%s: parent %p ptr %p idx %d", __func__, parent, ptr, idx); |
182 | if (k11->orig_finish) | 206 | if (k11 == NULL) |
183 | rv = k11->orig_finish(rsa); | 207 | return; |
184 | if (k11->provider) | 208 | if (k11->provider) |
185 | pkcs11_provider_unref(k11->provider); | 209 | pkcs11_provider_unref(k11->provider); |
186 | RSA_meth_free(k11->rsa_method); | 210 | free(k11->keyid); |
187 | free(k11->keyid); | 211 | free(k11); |
188 | free(k11); | ||
189 | } | ||
190 | return (rv); | ||
191 | } | 212 | } |
192 | 213 | ||
193 | /* find a single 'obj' for given attributes */ | 214 | /* find a single 'obj' for given attributes */ |
@@ -218,88 +239,193 @@ pkcs11_find(struct pkcs11_provider *p, CK_ULONG slotidx, CK_ATTRIBUTE *attr, | |||
218 | return (ret); | 239 | return (ret); |
219 | } | 240 | } |
220 | 241 | ||
221 | /* openssl callback doing the actual signing operation */ | ||
222 | static int | 242 | static int |
223 | pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | 243 | pkcs11_login(struct pkcs11_key *k11, CK_USER_TYPE type) |
224 | int padding) | ||
225 | { | 244 | { |
226 | struct pkcs11_key *k11; | ||
227 | struct pkcs11_slotinfo *si; | 245 | struct pkcs11_slotinfo *si; |
228 | CK_FUNCTION_LIST *f; | 246 | CK_FUNCTION_LIST *f; |
229 | CK_OBJECT_HANDLE obj; | ||
230 | CK_ULONG tlen = 0; | ||
231 | CK_RV rv; | ||
232 | CK_OBJECT_CLASS private_key_class = CKO_PRIVATE_KEY; | ||
233 | CK_BBOOL true_val = CK_TRUE; | ||
234 | CK_MECHANISM mech = { | ||
235 | CKM_RSA_PKCS, NULL_PTR, 0 | ||
236 | }; | ||
237 | CK_ATTRIBUTE key_filter[] = { | ||
238 | {CKA_CLASS, NULL, sizeof(private_key_class) }, | ||
239 | {CKA_ID, NULL, 0}, | ||
240 | {CKA_SIGN, NULL, sizeof(true_val) } | ||
241 | }; | ||
242 | char *pin = NULL, prompt[1024]; | 247 | char *pin = NULL, prompt[1024]; |
243 | int rval = -1; | 248 | CK_RV rv; |
244 | 249 | ||
245 | key_filter[0].pValue = &private_key_class; | 250 | if (!k11->provider || !k11->provider->valid) { |
246 | key_filter[2].pValue = &true_val; | 251 | error("no pkcs11 (valid) provider found"); |
252 | return (-1); | ||
253 | } | ||
254 | |||
255 | f = k11->provider->function_list; | ||
256 | si = &k11->provider->slotinfo[k11->slotidx]; | ||
257 | |||
258 | if (!pkcs11_interactive) { | ||
259 | error("need pin entry%s", | ||
260 | (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) ? | ||
261 | " on reader keypad" : ""); | ||
262 | return (-1); | ||
263 | } | ||
264 | if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) | ||
265 | verbose("Deferring PIN entry to reader keypad."); | ||
266 | else { | ||
267 | snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ", | ||
268 | si->token.label); | ||
269 | if ((pin = read_passphrase(prompt, RP_ALLOW_EOF)) == NULL) { | ||
270 | debug("%s: no pin specified", __func__); | ||
271 | return (-1); /* bail out */ | ||
272 | } | ||
273 | } | ||
274 | rv = f->C_Login(si->session, type, (u_char *)pin, | ||
275 | (pin != NULL) ? strlen(pin) : 0); | ||
276 | if (pin != NULL) | ||
277 | freezero(pin, strlen(pin)); | ||
278 | if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { | ||
279 | error("C_Login failed: %lu", rv); | ||
280 | return (-1); | ||
281 | } | ||
282 | si->logged_in = 1; | ||
283 | return (0); | ||
284 | } | ||
285 | |||
286 | static int | ||
287 | pkcs11_check_obj_bool_attrib(struct pkcs11_key *k11, CK_OBJECT_HANDLE obj, | ||
288 | CK_ATTRIBUTE_TYPE type, int *val) | ||
289 | { | ||
290 | struct pkcs11_slotinfo *si; | ||
291 | CK_FUNCTION_LIST *f; | ||
292 | CK_BBOOL flag = 0; | ||
293 | CK_ATTRIBUTE attr; | ||
294 | CK_RV rv; | ||
295 | |||
296 | *val = 0; | ||
247 | 297 | ||
248 | if ((k11 = RSA_get_app_data(rsa)) == NULL) { | 298 | if (!k11->provider || !k11->provider->valid) { |
249 | error("RSA_get_app_data failed for rsa %p", rsa); | 299 | error("no pkcs11 (valid) provider found"); |
250 | return (-1); | 300 | return (-1); |
251 | } | 301 | } |
302 | |||
303 | f = k11->provider->function_list; | ||
304 | si = &k11->provider->slotinfo[k11->slotidx]; | ||
305 | |||
306 | attr.type = type; | ||
307 | attr.pValue = &flag; | ||
308 | attr.ulValueLen = sizeof(flag); | ||
309 | |||
310 | rv = f->C_GetAttributeValue(si->session, obj, &attr, 1); | ||
311 | if (rv != CKR_OK) { | ||
312 | error("C_GetAttributeValue failed: %lu", rv); | ||
313 | return (-1); | ||
314 | } | ||
315 | *val = flag != 0; | ||
316 | debug("%s: provider %p slot %lu object %lu: attrib %lu = %d", | ||
317 | __func__, k11->provider, k11->slotidx, obj, type, *val); | ||
318 | return (0); | ||
319 | } | ||
320 | |||
321 | static int | ||
322 | pkcs11_get_key(struct pkcs11_key *k11, CK_MECHANISM_TYPE mech_type) | ||
323 | { | ||
324 | struct pkcs11_slotinfo *si; | ||
325 | CK_FUNCTION_LIST *f; | ||
326 | CK_OBJECT_HANDLE obj; | ||
327 | CK_RV rv; | ||
328 | CK_OBJECT_CLASS private_key_class; | ||
329 | CK_BBOOL true_val; | ||
330 | CK_MECHANISM mech; | ||
331 | CK_ATTRIBUTE key_filter[3]; | ||
332 | int always_auth = 0; | ||
333 | int did_login = 0; | ||
334 | |||
252 | if (!k11->provider || !k11->provider->valid) { | 335 | if (!k11->provider || !k11->provider->valid) { |
253 | error("no pkcs11 (valid) provider for rsa %p", rsa); | 336 | error("no pkcs11 (valid) provider found"); |
254 | return (-1); | 337 | return (-1); |
255 | } | 338 | } |
339 | |||
256 | f = k11->provider->function_list; | 340 | f = k11->provider->function_list; |
257 | si = &k11->provider->slotinfo[k11->slotidx]; | 341 | si = &k11->provider->slotinfo[k11->slotidx]; |
342 | |||
258 | if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { | 343 | if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { |
259 | if (!pkcs11_interactive) { | 344 | if (pkcs11_login(k11, CKU_USER) < 0) { |
260 | error("need pin entry%s", (si->token.flags & | 345 | error("login failed"); |
261 | CKF_PROTECTED_AUTHENTICATION_PATH) ? | ||
262 | " on reader keypad" : ""); | ||
263 | return (-1); | ||
264 | } | ||
265 | if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) | ||
266 | verbose("Deferring PIN entry to reader keypad."); | ||
267 | else { | ||
268 | snprintf(prompt, sizeof(prompt), | ||
269 | "Enter PIN for '%s': ", si->token.label); | ||
270 | pin = read_passphrase(prompt, RP_ALLOW_EOF); | ||
271 | if (pin == NULL) | ||
272 | return (-1); /* bail out */ | ||
273 | } | ||
274 | rv = f->C_Login(si->session, CKU_USER, (u_char *)pin, | ||
275 | (pin != NULL) ? strlen(pin) : 0); | ||
276 | if (pin != NULL) { | ||
277 | explicit_bzero(pin, strlen(pin)); | ||
278 | free(pin); | ||
279 | } | ||
280 | if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { | ||
281 | error("C_Login failed: %lu", rv); | ||
282 | return (-1); | 346 | return (-1); |
283 | } | 347 | } |
284 | si->logged_in = 1; | 348 | did_login = 1; |
285 | } | 349 | } |
350 | |||
351 | memset(&key_filter, 0, sizeof(key_filter)); | ||
352 | private_key_class = CKO_PRIVATE_KEY; | ||
353 | key_filter[0].type = CKA_CLASS; | ||
354 | key_filter[0].pValue = &private_key_class; | ||
355 | key_filter[0].ulValueLen = sizeof(private_key_class); | ||
356 | |||
357 | key_filter[1].type = CKA_ID; | ||
286 | key_filter[1].pValue = k11->keyid; | 358 | key_filter[1].pValue = k11->keyid; |
287 | key_filter[1].ulValueLen = k11->keyid_len; | 359 | key_filter[1].ulValueLen = k11->keyid_len; |
360 | |||
361 | true_val = CK_TRUE; | ||
362 | key_filter[2].type = CKA_SIGN; | ||
363 | key_filter[2].pValue = &true_val; | ||
364 | key_filter[2].ulValueLen = sizeof(true_val); | ||
365 | |||
288 | /* try to find object w/CKA_SIGN first, retry w/o */ | 366 | /* try to find object w/CKA_SIGN first, retry w/o */ |
289 | if (pkcs11_find(k11->provider, k11->slotidx, key_filter, 3, &obj) < 0 && | 367 | if (pkcs11_find(k11->provider, k11->slotidx, key_filter, 3, &obj) < 0 && |
290 | pkcs11_find(k11->provider, k11->slotidx, key_filter, 2, &obj) < 0) { | 368 | pkcs11_find(k11->provider, k11->slotidx, key_filter, 2, &obj) < 0) { |
291 | error("cannot find private key"); | 369 | error("cannot find private key"); |
292 | } else if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) { | 370 | return (-1); |
371 | } | ||
372 | |||
373 | memset(&mech, 0, sizeof(mech)); | ||
374 | mech.mechanism = mech_type; | ||
375 | mech.pParameter = NULL_PTR; | ||
376 | mech.ulParameterLen = 0; | ||
377 | |||
378 | if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) { | ||
293 | error("C_SignInit failed: %lu", rv); | 379 | error("C_SignInit failed: %lu", rv); |
294 | } else { | 380 | return (-1); |
295 | /* XXX handle CKR_BUFFER_TOO_SMALL */ | ||
296 | tlen = RSA_size(rsa); | ||
297 | rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen); | ||
298 | if (rv == CKR_OK) | ||
299 | rval = tlen; | ||
300 | else | ||
301 | error("C_Sign failed: %lu", rv); | ||
302 | } | 381 | } |
382 | |||
383 | pkcs11_check_obj_bool_attrib(k11, obj, CKA_ALWAYS_AUTHENTICATE, | ||
384 | &always_auth); /* ignore errors here */ | ||
385 | if (always_auth && !did_login) { | ||
386 | debug("%s: always-auth key", __func__); | ||
387 | if (pkcs11_login(k11, CKU_CONTEXT_SPECIFIC) < 0) { | ||
388 | error("login failed for always-auth key"); | ||
389 | return (-1); | ||
390 | } | ||
391 | } | ||
392 | |||
393 | return (0); | ||
394 | } | ||
395 | |||
396 | /* openssl callback doing the actual signing operation */ | ||
397 | static int | ||
398 | pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | ||
399 | int padding) | ||
400 | { | ||
401 | struct pkcs11_key *k11; | ||
402 | struct pkcs11_slotinfo *si; | ||
403 | CK_FUNCTION_LIST *f; | ||
404 | CK_ULONG tlen = 0; | ||
405 | CK_RV rv; | ||
406 | int rval = -1; | ||
407 | |||
408 | if ((k11 = RSA_get_ex_data(rsa, rsa_idx)) == NULL) { | ||
409 | error("RSA_get_ex_data failed for rsa %p", rsa); | ||
410 | return (-1); | ||
411 | } | ||
412 | |||
413 | if (pkcs11_get_key(k11, CKM_RSA_PKCS) == -1) { | ||
414 | error("pkcs11_get_key failed"); | ||
415 | return (-1); | ||
416 | } | ||
417 | |||
418 | f = k11->provider->function_list; | ||
419 | si = &k11->provider->slotinfo[k11->slotidx]; | ||
420 | tlen = RSA_size(rsa); | ||
421 | |||
422 | /* XXX handle CKR_BUFFER_TOO_SMALL */ | ||
423 | rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen); | ||
424 | if (rv == CKR_OK) | ||
425 | rval = tlen; | ||
426 | else | ||
427 | error("C_Sign failed: %lu", rv); | ||
428 | |||
303 | return (rval); | 429 | return (rval); |
304 | } | 430 | } |
305 | 431 | ||
@@ -310,13 +436,36 @@ pkcs11_rsa_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | |||
310 | return (-1); | 436 | return (-1); |
311 | } | 437 | } |
312 | 438 | ||
439 | static int | ||
440 | pkcs11_rsa_start_wrapper(void) | ||
441 | { | ||
442 | if (rsa_method != NULL) | ||
443 | return (0); | ||
444 | rsa_method = RSA_meth_dup(RSA_get_default_method()); | ||
445 | if (rsa_method == NULL) | ||
446 | return (-1); | ||
447 | rsa_idx = RSA_get_ex_new_index(0, "ssh-pkcs11-rsa", | ||
448 | NULL, NULL, pkcs11_k11_free); | ||
449 | if (rsa_idx == -1) | ||
450 | return (-1); | ||
451 | if (!RSA_meth_set1_name(rsa_method, "pkcs11") || | ||
452 | !RSA_meth_set_priv_enc(rsa_method, pkcs11_rsa_private_encrypt) || | ||
453 | !RSA_meth_set_priv_dec(rsa_method, pkcs11_rsa_private_decrypt)) { | ||
454 | error("%s: setup pkcs11 method failed", __func__); | ||
455 | return (-1); | ||
456 | } | ||
457 | return (0); | ||
458 | } | ||
459 | |||
313 | /* redirect private key operations for rsa key to pkcs11 token */ | 460 | /* redirect private key operations for rsa key to pkcs11 token */ |
314 | static int | 461 | static int |
315 | pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, | 462 | pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, |
316 | CK_ATTRIBUTE *keyid_attrib, RSA *rsa) | 463 | CK_ATTRIBUTE *keyid_attrib, RSA *rsa) |
317 | { | 464 | { |
318 | struct pkcs11_key *k11; | 465 | struct pkcs11_key *k11; |
319 | const RSA_METHOD *def = RSA_get_default_method(); | 466 | |
467 | if (pkcs11_rsa_start_wrapper() == -1) | ||
468 | return (-1); | ||
320 | 469 | ||
321 | k11 = xcalloc(1, sizeof(*k11)); | 470 | k11 = xcalloc(1, sizeof(*k11)); |
322 | k11->provider = provider; | 471 | k11->provider = provider; |
@@ -328,22 +477,126 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, | |||
328 | k11->keyid = xmalloc(k11->keyid_len); | 477 | k11->keyid = xmalloc(k11->keyid_len); |
329 | memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); | 478 | memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); |
330 | } | 479 | } |
331 | k11->rsa_method = RSA_meth_dup(def); | 480 | |
332 | if (k11->rsa_method == NULL) | 481 | RSA_set_method(rsa, rsa_method); |
333 | fatal("%s: RSA_meth_dup failed", __func__); | 482 | RSA_set_ex_data(rsa, rsa_idx, k11); |
334 | k11->orig_finish = RSA_meth_get_finish(def); | ||
335 | if (!RSA_meth_set1_name(k11->rsa_method, "pkcs11") || | ||
336 | !RSA_meth_set_priv_enc(k11->rsa_method, | ||
337 | pkcs11_rsa_private_encrypt) || | ||
338 | !RSA_meth_set_priv_dec(k11->rsa_method, | ||
339 | pkcs11_rsa_private_decrypt) || | ||
340 | !RSA_meth_set_finish(k11->rsa_method, pkcs11_rsa_finish)) | ||
341 | fatal("%s: setup pkcs11 method failed", __func__); | ||
342 | RSA_set_method(rsa, k11->rsa_method); | ||
343 | RSA_set_app_data(rsa, k11); | ||
344 | return (0); | 483 | return (0); |
345 | } | 484 | } |
346 | 485 | ||
486 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
487 | /* openssl callback doing the actual signing operation */ | ||
488 | static ECDSA_SIG * | ||
489 | ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, | ||
490 | const BIGNUM *rp, EC_KEY *ec) | ||
491 | { | ||
492 | struct pkcs11_key *k11; | ||
493 | struct pkcs11_slotinfo *si; | ||
494 | CK_FUNCTION_LIST *f; | ||
495 | CK_ULONG siglen = 0, bnlen; | ||
496 | CK_RV rv; | ||
497 | ECDSA_SIG *ret = NULL; | ||
498 | u_char *sig; | ||
499 | BIGNUM *r = NULL, *s = NULL; | ||
500 | |||
501 | if ((k11 = EC_KEY_get_ex_data(ec, ec_key_idx)) == NULL) { | ||
502 | ossl_error("EC_KEY_get_key_method_data failed for ec"); | ||
503 | return (NULL); | ||
504 | } | ||
505 | |||
506 | if (pkcs11_get_key(k11, CKM_ECDSA) == -1) { | ||
507 | error("pkcs11_get_key failed"); | ||
508 | return (NULL); | ||
509 | } | ||
510 | |||
511 | f = k11->provider->function_list; | ||
512 | si = &k11->provider->slotinfo[k11->slotidx]; | ||
513 | |||
514 | siglen = ECDSA_size(ec); | ||
515 | sig = xmalloc(siglen); | ||
516 | |||
517 | /* XXX handle CKR_BUFFER_TOO_SMALL */ | ||
518 | rv = f->C_Sign(si->session, (CK_BYTE *)dgst, dgst_len, sig, &siglen); | ||
519 | if (rv != CKR_OK) { | ||
520 | error("C_Sign failed: %lu", rv); | ||
521 | goto done; | ||
522 | } | ||
523 | if (siglen < 64 || siglen > 132 || siglen % 2) { | ||
524 | ossl_error("d2i_ECDSA_SIG failed"); | ||
525 | goto done; | ||
526 | } | ||
527 | bnlen = siglen/2; | ||
528 | if ((ret = ECDSA_SIG_new()) == NULL) { | ||
529 | error("ECDSA_SIG_new failed"); | ||
530 | goto done; | ||
531 | } | ||
532 | if ((r = BN_bin2bn(sig, bnlen, NULL)) == NULL || | ||
533 | (s = BN_bin2bn(sig+bnlen, bnlen, NULL)) == NULL) { | ||
534 | ossl_error("d2i_ECDSA_SIG failed"); | ||
535 | ECDSA_SIG_free(ret); | ||
536 | ret = NULL; | ||
537 | goto done; | ||
538 | } | ||
539 | if (!ECDSA_SIG_set0(ret, r, s)) { | ||
540 | error("%s: ECDSA_SIG_set0 failed", __func__); | ||
541 | ECDSA_SIG_free(ret); | ||
542 | ret = NULL; | ||
543 | goto done; | ||
544 | } | ||
545 | r = s = NULL; /* now owned by ret */ | ||
546 | /* success */ | ||
547 | done: | ||
548 | BN_free(r); | ||
549 | BN_free(s); | ||
550 | free(sig); | ||
551 | |||
552 | return (ret); | ||
553 | } | ||
554 | |||
555 | static int | ||
556 | pkcs11_ecdsa_start_wrapper(void) | ||
557 | { | ||
558 | int (*orig_sign)(int, const unsigned char *, int, unsigned char *, | ||
559 | unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL; | ||
560 | |||
561 | if (ec_key_method != NULL) | ||
562 | return (0); | ||
563 | ec_key_idx = EC_KEY_get_ex_new_index(0, "ssh-pkcs11-ecdsa", | ||
564 | NULL, NULL, pkcs11_k11_free); | ||
565 | if (ec_key_idx == -1) | ||
566 | return (-1); | ||
567 | ec_key_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL()); | ||
568 | if (ec_key_method == NULL) | ||
569 | return (-1); | ||
570 | EC_KEY_METHOD_get_sign(ec_key_method, &orig_sign, NULL, NULL); | ||
571 | EC_KEY_METHOD_set_sign(ec_key_method, orig_sign, NULL, ecdsa_do_sign); | ||
572 | return (0); | ||
573 | } | ||
574 | |||
575 | static int | ||
576 | pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, | ||
577 | CK_ATTRIBUTE *keyid_attrib, EC_KEY *ec) | ||
578 | { | ||
579 | struct pkcs11_key *k11; | ||
580 | |||
581 | if (pkcs11_ecdsa_start_wrapper() == -1) | ||
582 | return (-1); | ||
583 | |||
584 | k11 = xcalloc(1, sizeof(*k11)); | ||
585 | k11->provider = provider; | ||
586 | provider->refcount++; /* provider referenced by ECDSA key */ | ||
587 | k11->slotidx = slotidx; | ||
588 | /* identify key object on smartcard */ | ||
589 | k11->keyid_len = keyid_attrib->ulValueLen; | ||
590 | k11->keyid = xmalloc(k11->keyid_len); | ||
591 | memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); | ||
592 | |||
593 | EC_KEY_set_method(ec, ec_key_method); | ||
594 | EC_KEY_set_ex_data(ec, ec_key_idx, k11); | ||
595 | |||
596 | return (0); | ||
597 | } | ||
598 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
599 | |||
347 | /* remove trailing spaces */ | 600 | /* remove trailing spaces */ |
348 | static void | 601 | static void |
349 | rmspace(u_char *buf, size_t len) | 602 | rmspace(u_char *buf, size_t len) |
@@ -364,79 +617,66 @@ rmspace(u_char *buf, size_t len) | |||
364 | * if pin == NULL we delay login until key use | 617 | * if pin == NULL we delay login until key use |
365 | */ | 618 | */ |
366 | static int | 619 | static int |
367 | pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) | 620 | pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin, |
621 | CK_ULONG user) | ||
368 | { | 622 | { |
369 | CK_RV rv; | 623 | struct pkcs11_slotinfo *si; |
370 | CK_FUNCTION_LIST *f; | 624 | CK_FUNCTION_LIST *f; |
625 | CK_RV rv; | ||
371 | CK_SESSION_HANDLE session; | 626 | CK_SESSION_HANDLE session; |
372 | int login_required; | 627 | int login_required, have_pinpad, ret; |
628 | char prompt[1024], *xpin = NULL; | ||
373 | 629 | ||
374 | f = p->function_list; | 630 | f = p->function_list; |
375 | login_required = p->slotinfo[slotidx].token.flags & CKF_LOGIN_REQUIRED; | 631 | si = &p->slotinfo[slotidx]; |
376 | if (pin && login_required && !strlen(pin)) { | 632 | |
633 | have_pinpad = si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH; | ||
634 | login_required = si->token.flags & CKF_LOGIN_REQUIRED; | ||
635 | |||
636 | /* fail early before opening session */ | ||
637 | if (login_required && !have_pinpad && !pkcs11_interactive && | ||
638 | (pin == NULL || strlen(pin) == 0)) { | ||
377 | error("pin required"); | 639 | error("pin required"); |
378 | return (-1); | 640 | return (-SSH_PKCS11_ERR_PIN_REQUIRED); |
379 | } | 641 | } |
380 | if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| | 642 | if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| |
381 | CKF_SERIAL_SESSION, NULL, NULL, &session)) | 643 | CKF_SERIAL_SESSION, NULL, NULL, &session)) != CKR_OK) { |
382 | != CKR_OK) { | ||
383 | error("C_OpenSession failed: %lu", rv); | 644 | error("C_OpenSession failed: %lu", rv); |
384 | return (-1); | 645 | return (-1); |
385 | } | 646 | } |
386 | if (login_required && pin) { | 647 | if (login_required) { |
387 | rv = f->C_Login(session, CKU_USER, | 648 | if (have_pinpad && (pin == NULL || strlen(pin) == 0)) { |
388 | (u_char *)pin, strlen(pin)); | 649 | /* defer PIN entry to the reader keypad */ |
650 | rv = f->C_Login(session, CKU_USER, NULL_PTR, 0); | ||
651 | } else { | ||
652 | if (pkcs11_interactive) { | ||
653 | snprintf(prompt, sizeof(prompt), | ||
654 | "Enter PIN for '%s': ", si->token.label); | ||
655 | if ((xpin = read_passphrase(prompt, | ||
656 | RP_ALLOW_EOF)) == NULL) { | ||
657 | debug("%s: no pin specified", | ||
658 | __func__); | ||
659 | return (-SSH_PKCS11_ERR_PIN_REQUIRED); | ||
660 | } | ||
661 | pin = xpin; | ||
662 | } | ||
663 | rv = f->C_Login(session, CKU_USER, | ||
664 | (u_char *)pin, strlen(pin)); | ||
665 | if (xpin != NULL) | ||
666 | freezero(xpin, strlen(xpin)); | ||
667 | } | ||
389 | if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { | 668 | if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { |
390 | error("C_Login failed: %lu", rv); | 669 | error("C_Login failed: %lu", rv); |
670 | ret = (rv == CKR_PIN_LOCKED) ? | ||
671 | -SSH_PKCS11_ERR_PIN_LOCKED : | ||
672 | -SSH_PKCS11_ERR_LOGIN_FAIL; | ||
391 | if ((rv = f->C_CloseSession(session)) != CKR_OK) | 673 | if ((rv = f->C_CloseSession(session)) != CKR_OK) |
392 | error("C_CloseSession failed: %lu", rv); | 674 | error("C_CloseSession failed: %lu", rv); |
393 | return (-1); | 675 | return (ret); |
394 | } | 676 | } |
395 | p->slotinfo[slotidx].logged_in = 1; | 677 | si->logged_in = 1; |
396 | } | 678 | } |
397 | p->slotinfo[slotidx].session = session; | 679 | si->session = session; |
398 | return (0); | ||
399 | } | ||
400 | |||
401 | /* | ||
402 | * lookup public keys for token in slot identified by slotidx, | ||
403 | * add 'wrapped' public keys to the 'keysp' array and increment nkeys. | ||
404 | * keysp points to an (possibly empty) array with *nkeys keys. | ||
405 | */ | ||
406 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, | ||
407 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], struct sshkey ***, int *) | ||
408 | __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); | ||
409 | |||
410 | static int | ||
411 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
412 | struct sshkey ***keysp, int *nkeys) | ||
413 | { | ||
414 | CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; | ||
415 | CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; | ||
416 | CK_ATTRIBUTE pubkey_filter[] = { | ||
417 | { CKA_CLASS, NULL, sizeof(pubkey_class) } | ||
418 | }; | ||
419 | CK_ATTRIBUTE cert_filter[] = { | ||
420 | { CKA_CLASS, NULL, sizeof(cert_class) } | ||
421 | }; | ||
422 | CK_ATTRIBUTE pubkey_attribs[] = { | ||
423 | { CKA_ID, NULL, 0 }, | ||
424 | { CKA_MODULUS, NULL, 0 }, | ||
425 | { CKA_PUBLIC_EXPONENT, NULL, 0 } | ||
426 | }; | ||
427 | CK_ATTRIBUTE cert_attribs[] = { | ||
428 | { CKA_ID, NULL, 0 }, | ||
429 | { CKA_SUBJECT, NULL, 0 }, | ||
430 | { CKA_VALUE, NULL, 0 } | ||
431 | }; | ||
432 | pubkey_filter[0].pValue = &pubkey_class; | ||
433 | cert_filter[0].pValue = &cert_class; | ||
434 | |||
435 | if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs, | ||
436 | keysp, nkeys) < 0 || | ||
437 | pkcs11_fetch_keys_filter(p, slotidx, cert_filter, cert_attribs, | ||
438 | keysp, nkeys) < 0) | ||
439 | return (-1); | ||
440 | return (0); | 680 | return (0); |
441 | } | 681 | } |
442 | 682 | ||
@@ -451,6 +691,364 @@ pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key) | |||
451 | return (0); | 691 | return (0); |
452 | } | 692 | } |
453 | 693 | ||
694 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
695 | static struct sshkey * | ||
696 | pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
697 | CK_OBJECT_HANDLE *obj) | ||
698 | { | ||
699 | CK_ATTRIBUTE key_attr[3]; | ||
700 | CK_SESSION_HANDLE session; | ||
701 | CK_FUNCTION_LIST *f = NULL; | ||
702 | CK_RV rv; | ||
703 | ASN1_OCTET_STRING *octet = NULL; | ||
704 | EC_KEY *ec = NULL; | ||
705 | EC_GROUP *group = NULL; | ||
706 | struct sshkey *key = NULL; | ||
707 | const unsigned char *attrp = NULL; | ||
708 | int i; | ||
709 | int nid; | ||
710 | |||
711 | memset(&key_attr, 0, sizeof(key_attr)); | ||
712 | key_attr[0].type = CKA_ID; | ||
713 | key_attr[1].type = CKA_EC_POINT; | ||
714 | key_attr[2].type = CKA_EC_PARAMS; | ||
715 | |||
716 | session = p->slotinfo[slotidx].session; | ||
717 | f = p->function_list; | ||
718 | |||
719 | /* figure out size of the attributes */ | ||
720 | rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); | ||
721 | if (rv != CKR_OK) { | ||
722 | error("C_GetAttributeValue failed: %lu", rv); | ||
723 | return (NULL); | ||
724 | } | ||
725 | |||
726 | /* | ||
727 | * Allow CKA_ID (always first attribute) to be empty, but | ||
728 | * ensure that none of the others are zero length. | ||
729 | * XXX assumes CKA_ID is always first. | ||
730 | */ | ||
731 | if (key_attr[1].ulValueLen == 0 || | ||
732 | key_attr[2].ulValueLen == 0) { | ||
733 | error("invalid attribute length"); | ||
734 | return (NULL); | ||
735 | } | ||
736 | |||
737 | /* allocate buffers for attributes */ | ||
738 | for (i = 0; i < 3; i++) | ||
739 | if (key_attr[i].ulValueLen > 0) | ||
740 | key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); | ||
741 | |||
742 | /* retrieve ID, public point and curve parameters of EC key */ | ||
743 | rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); | ||
744 | if (rv != CKR_OK) { | ||
745 | error("C_GetAttributeValue failed: %lu", rv); | ||
746 | goto fail; | ||
747 | } | ||
748 | |||
749 | ec = EC_KEY_new(); | ||
750 | if (ec == NULL) { | ||
751 | error("EC_KEY_new failed"); | ||
752 | goto fail; | ||
753 | } | ||
754 | |||
755 | attrp = key_attr[2].pValue; | ||
756 | group = d2i_ECPKParameters(NULL, &attrp, key_attr[2].ulValueLen); | ||
757 | if (group == NULL) { | ||
758 | ossl_error("d2i_ECPKParameters failed"); | ||
759 | goto fail; | ||
760 | } | ||
761 | |||
762 | if (EC_KEY_set_group(ec, group) == 0) { | ||
763 | ossl_error("EC_KEY_set_group failed"); | ||
764 | goto fail; | ||
765 | } | ||
766 | |||
767 | if (key_attr[1].ulValueLen <= 2) { | ||
768 | error("CKA_EC_POINT too small"); | ||
769 | goto fail; | ||
770 | } | ||
771 | |||
772 | attrp = key_attr[1].pValue; | ||
773 | octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[1].ulValueLen); | ||
774 | if (octet == NULL) { | ||
775 | ossl_error("d2i_ASN1_OCTET_STRING failed"); | ||
776 | goto fail; | ||
777 | } | ||
778 | attrp = octet->data; | ||
779 | if (o2i_ECPublicKey(&ec, &attrp, octet->length) == NULL) { | ||
780 | ossl_error("o2i_ECPublicKey failed"); | ||
781 | goto fail; | ||
782 | } | ||
783 | |||
784 | nid = sshkey_ecdsa_key_to_nid(ec); | ||
785 | if (nid < 0) { | ||
786 | error("couldn't get curve nid"); | ||
787 | goto fail; | ||
788 | } | ||
789 | |||
790 | if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], ec)) | ||
791 | goto fail; | ||
792 | |||
793 | key = sshkey_new(KEY_UNSPEC); | ||
794 | if (key == NULL) { | ||
795 | error("sshkey_new failed"); | ||
796 | goto fail; | ||
797 | } | ||
798 | |||
799 | key->ecdsa = ec; | ||
800 | key->ecdsa_nid = nid; | ||
801 | key->type = KEY_ECDSA; | ||
802 | key->flags |= SSHKEY_FLAG_EXT; | ||
803 | ec = NULL; /* now owned by key */ | ||
804 | |||
805 | fail: | ||
806 | for (i = 0; i < 3; i++) | ||
807 | free(key_attr[i].pValue); | ||
808 | if (ec) | ||
809 | EC_KEY_free(ec); | ||
810 | if (group) | ||
811 | EC_GROUP_free(group); | ||
812 | if (octet) | ||
813 | ASN1_OCTET_STRING_free(octet); | ||
814 | |||
815 | return (key); | ||
816 | } | ||
817 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
818 | |||
819 | static struct sshkey * | ||
820 | pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
821 | CK_OBJECT_HANDLE *obj) | ||
822 | { | ||
823 | CK_ATTRIBUTE key_attr[3]; | ||
824 | CK_SESSION_HANDLE session; | ||
825 | CK_FUNCTION_LIST *f = NULL; | ||
826 | CK_RV rv; | ||
827 | RSA *rsa = NULL; | ||
828 | BIGNUM *rsa_n, *rsa_e; | ||
829 | struct sshkey *key = NULL; | ||
830 | int i; | ||
831 | |||
832 | memset(&key_attr, 0, sizeof(key_attr)); | ||
833 | key_attr[0].type = CKA_ID; | ||
834 | key_attr[1].type = CKA_MODULUS; | ||
835 | key_attr[2].type = CKA_PUBLIC_EXPONENT; | ||
836 | |||
837 | session = p->slotinfo[slotidx].session; | ||
838 | f = p->function_list; | ||
839 | |||
840 | /* figure out size of the attributes */ | ||
841 | rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); | ||
842 | if (rv != CKR_OK) { | ||
843 | error("C_GetAttributeValue failed: %lu", rv); | ||
844 | return (NULL); | ||
845 | } | ||
846 | |||
847 | /* | ||
848 | * Allow CKA_ID (always first attribute) to be empty, but | ||
849 | * ensure that none of the others are zero length. | ||
850 | * XXX assumes CKA_ID is always first. | ||
851 | */ | ||
852 | if (key_attr[1].ulValueLen == 0 || | ||
853 | key_attr[2].ulValueLen == 0) { | ||
854 | error("invalid attribute length"); | ||
855 | return (NULL); | ||
856 | } | ||
857 | |||
858 | /* allocate buffers for attributes */ | ||
859 | for (i = 0; i < 3; i++) | ||
860 | if (key_attr[i].ulValueLen > 0) | ||
861 | key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen); | ||
862 | |||
863 | /* retrieve ID, modulus and public exponent of RSA key */ | ||
864 | rv = f->C_GetAttributeValue(session, *obj, key_attr, 3); | ||
865 | if (rv != CKR_OK) { | ||
866 | error("C_GetAttributeValue failed: %lu", rv); | ||
867 | goto fail; | ||
868 | } | ||
869 | |||
870 | rsa = RSA_new(); | ||
871 | if (rsa == NULL) { | ||
872 | error("RSA_new failed"); | ||
873 | goto fail; | ||
874 | } | ||
875 | |||
876 | rsa_n = BN_bin2bn(key_attr[1].pValue, key_attr[1].ulValueLen, NULL); | ||
877 | rsa_e = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL); | ||
878 | if (rsa_n == NULL || rsa_e == NULL) { | ||
879 | error("BN_bin2bn failed"); | ||
880 | goto fail; | ||
881 | } | ||
882 | if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) | ||
883 | fatal("%s: set key", __func__); | ||
884 | rsa_n = rsa_e = NULL; /* transferred */ | ||
885 | |||
886 | if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], rsa)) | ||
887 | goto fail; | ||
888 | |||
889 | key = sshkey_new(KEY_UNSPEC); | ||
890 | if (key == NULL) { | ||
891 | error("sshkey_new failed"); | ||
892 | goto fail; | ||
893 | } | ||
894 | |||
895 | key->rsa = rsa; | ||
896 | key->type = KEY_RSA; | ||
897 | key->flags |= SSHKEY_FLAG_EXT; | ||
898 | rsa = NULL; /* now owned by key */ | ||
899 | |||
900 | fail: | ||
901 | for (i = 0; i < 3; i++) | ||
902 | free(key_attr[i].pValue); | ||
903 | RSA_free(rsa); | ||
904 | |||
905 | return (key); | ||
906 | } | ||
907 | |||
908 | static struct sshkey * | ||
909 | pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
910 | CK_OBJECT_HANDLE *obj) | ||
911 | { | ||
912 | CK_ATTRIBUTE cert_attr[3]; | ||
913 | CK_SESSION_HANDLE session; | ||
914 | CK_FUNCTION_LIST *f = NULL; | ||
915 | CK_RV rv; | ||
916 | X509 *x509 = NULL; | ||
917 | EVP_PKEY *evp; | ||
918 | RSA *rsa = NULL; | ||
919 | EC_KEY *ec = NULL; | ||
920 | struct sshkey *key = NULL; | ||
921 | int i; | ||
922 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
923 | int nid; | ||
924 | #endif | ||
925 | const u_char *cp; | ||
926 | |||
927 | memset(&cert_attr, 0, sizeof(cert_attr)); | ||
928 | cert_attr[0].type = CKA_ID; | ||
929 | cert_attr[1].type = CKA_SUBJECT; | ||
930 | cert_attr[2].type = CKA_VALUE; | ||
931 | |||
932 | session = p->slotinfo[slotidx].session; | ||
933 | f = p->function_list; | ||
934 | |||
935 | /* figure out size of the attributes */ | ||
936 | rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); | ||
937 | if (rv != CKR_OK) { | ||
938 | error("C_GetAttributeValue failed: %lu", rv); | ||
939 | return (NULL); | ||
940 | } | ||
941 | |||
942 | /* | ||
943 | * Allow CKA_ID (always first attribute) to be empty, but | ||
944 | * ensure that none of the others are zero length. | ||
945 | * XXX assumes CKA_ID is always first. | ||
946 | */ | ||
947 | if (cert_attr[1].ulValueLen == 0 || | ||
948 | cert_attr[2].ulValueLen == 0) { | ||
949 | error("invalid attribute length"); | ||
950 | return (NULL); | ||
951 | } | ||
952 | |||
953 | /* allocate buffers for attributes */ | ||
954 | for (i = 0; i < 3; i++) | ||
955 | if (cert_attr[i].ulValueLen > 0) | ||
956 | cert_attr[i].pValue = xcalloc(1, cert_attr[i].ulValueLen); | ||
957 | |||
958 | /* retrieve ID, subject and value of certificate */ | ||
959 | rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3); | ||
960 | if (rv != CKR_OK) { | ||
961 | error("C_GetAttributeValue failed: %lu", rv); | ||
962 | goto fail; | ||
963 | } | ||
964 | |||
965 | x509 = X509_new(); | ||
966 | if (x509 == NULL) { | ||
967 | error("x509_new failed"); | ||
968 | goto fail; | ||
969 | } | ||
970 | |||
971 | cp = cert_attr[2].pValue; | ||
972 | if (d2i_X509(&x509, &cp, cert_attr[2].ulValueLen) == NULL) { | ||
973 | error("d2i_x509 failed"); | ||
974 | goto fail; | ||
975 | } | ||
976 | |||
977 | evp = X509_get_pubkey(x509); | ||
978 | if (evp == NULL) { | ||
979 | error("X509_get_pubkey failed"); | ||
980 | goto fail; | ||
981 | } | ||
982 | |||
983 | if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) { | ||
984 | if (EVP_PKEY_get0_RSA(evp) == NULL) { | ||
985 | error("invalid x509; no rsa key"); | ||
986 | goto fail; | ||
987 | } | ||
988 | if ((rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(evp))) == NULL) { | ||
989 | error("RSAPublicKey_dup failed"); | ||
990 | goto fail; | ||
991 | } | ||
992 | |||
993 | if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], rsa)) | ||
994 | goto fail; | ||
995 | |||
996 | key = sshkey_new(KEY_UNSPEC); | ||
997 | if (key == NULL) { | ||
998 | error("sshkey_new failed"); | ||
999 | goto fail; | ||
1000 | } | ||
1001 | |||
1002 | key->rsa = rsa; | ||
1003 | key->type = KEY_RSA; | ||
1004 | key->flags |= SSHKEY_FLAG_EXT; | ||
1005 | rsa = NULL; /* now owned by key */ | ||
1006 | #ifdef HAVE_EC_KEY_METHOD_NEW | ||
1007 | } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) { | ||
1008 | if (EVP_PKEY_get0_EC_KEY(evp) == NULL) { | ||
1009 | error("invalid x509; no ec key"); | ||
1010 | goto fail; | ||
1011 | } | ||
1012 | if ((ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(evp))) == NULL) { | ||
1013 | error("EC_KEY_dup failed"); | ||
1014 | goto fail; | ||
1015 | } | ||
1016 | |||
1017 | nid = sshkey_ecdsa_key_to_nid(ec); | ||
1018 | if (nid < 0) { | ||
1019 | error("couldn't get curve nid"); | ||
1020 | goto fail; | ||
1021 | } | ||
1022 | |||
1023 | if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], ec)) | ||
1024 | goto fail; | ||
1025 | |||
1026 | key = sshkey_new(KEY_UNSPEC); | ||
1027 | if (key == NULL) { | ||
1028 | error("sshkey_new failed"); | ||
1029 | goto fail; | ||
1030 | } | ||
1031 | |||
1032 | key->ecdsa = ec; | ||
1033 | key->ecdsa_nid = nid; | ||
1034 | key->type = KEY_ECDSA; | ||
1035 | key->flags |= SSHKEY_FLAG_EXT; | ||
1036 | ec = NULL; /* now owned by key */ | ||
1037 | #endif /* HAVE_EC_KEY_METHOD_NEW */ | ||
1038 | } else | ||
1039 | error("unknown certificate key type"); | ||
1040 | |||
1041 | fail: | ||
1042 | for (i = 0; i < 3; i++) | ||
1043 | free(cert_attr[i].pValue); | ||
1044 | X509_free(x509); | ||
1045 | RSA_free(rsa); | ||
1046 | EC_KEY_free(ec); | ||
1047 | |||
1048 | return (key); | ||
1049 | } | ||
1050 | |||
1051 | #if 0 | ||
454 | static int | 1052 | static int |
455 | have_rsa_key(const RSA *rsa) | 1053 | have_rsa_key(const RSA *rsa) |
456 | { | 1054 | { |
@@ -459,140 +1057,402 @@ have_rsa_key(const RSA *rsa) | |||
459 | RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL); | 1057 | RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL); |
460 | return rsa_n != NULL && rsa_e != NULL; | 1058 | return rsa_n != NULL && rsa_e != NULL; |
461 | } | 1059 | } |
1060 | #endif | ||
462 | 1061 | ||
1062 | /* | ||
1063 | * lookup certificates for token in slot identified by slotidx, | ||
1064 | * add 'wrapped' public keys to the 'keysp' array and increment nkeys. | ||
1065 | * keysp points to an (possibly empty) array with *nkeys keys. | ||
1066 | */ | ||
463 | static int | 1067 | static int |
464 | pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, | 1068 | pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx, |
465 | CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3], | ||
466 | struct sshkey ***keysp, int *nkeys) | 1069 | struct sshkey ***keysp, int *nkeys) |
467 | { | 1070 | { |
468 | struct sshkey *key; | 1071 | struct sshkey *key = NULL; |
469 | RSA *rsa; | 1072 | CK_OBJECT_CLASS key_class; |
470 | X509 *x509; | 1073 | CK_ATTRIBUTE key_attr[1]; |
471 | EVP_PKEY *evp; | 1074 | CK_SESSION_HANDLE session; |
472 | int i; | 1075 | CK_FUNCTION_LIST *f = NULL; |
473 | const u_char *cp; | 1076 | CK_RV rv; |
474 | CK_RV rv; | 1077 | CK_OBJECT_HANDLE obj; |
475 | CK_OBJECT_HANDLE obj; | 1078 | CK_ULONG n = 0; |
476 | CK_ULONG nfound; | 1079 | int ret = -1; |
477 | CK_SESSION_HANDLE session; | 1080 | |
478 | CK_FUNCTION_LIST *f; | 1081 | memset(&key_attr, 0, sizeof(key_attr)); |
1082 | memset(&obj, 0, sizeof(obj)); | ||
1083 | |||
1084 | key_class = CKO_CERTIFICATE; | ||
1085 | key_attr[0].type = CKA_CLASS; | ||
1086 | key_attr[0].pValue = &key_class; | ||
1087 | key_attr[0].ulValueLen = sizeof(key_class); | ||
479 | 1088 | ||
480 | f = p->function_list; | ||
481 | session = p->slotinfo[slotidx].session; | 1089 | session = p->slotinfo[slotidx].session; |
482 | /* setup a filter the looks for public keys */ | 1090 | f = p->function_list; |
483 | if ((rv = f->C_FindObjectsInit(session, filter, 1)) != CKR_OK) { | 1091 | |
1092 | rv = f->C_FindObjectsInit(session, key_attr, 1); | ||
1093 | if (rv != CKR_OK) { | ||
484 | error("C_FindObjectsInit failed: %lu", rv); | 1094 | error("C_FindObjectsInit failed: %lu", rv); |
485 | return (-1); | 1095 | goto fail; |
486 | } | 1096 | } |
1097 | |||
487 | while (1) { | 1098 | while (1) { |
488 | /* XXX 3 attributes in attribs[] */ | 1099 | CK_CERTIFICATE_TYPE ck_cert_type; |
489 | for (i = 0; i < 3; i++) { | 1100 | |
490 | attribs[i].pValue = NULL; | 1101 | rv = f->C_FindObjects(session, &obj, 1, &n); |
491 | attribs[i].ulValueLen = 0; | 1102 | if (rv != CKR_OK) { |
1103 | error("C_FindObjects failed: %lu", rv); | ||
1104 | goto fail; | ||
492 | } | 1105 | } |
493 | if ((rv = f->C_FindObjects(session, &obj, 1, &nfound)) != CKR_OK | 1106 | if (n == 0) |
494 | || nfound == 0) | ||
495 | break; | 1107 | break; |
496 | /* found a key, so figure out size of the attributes */ | 1108 | |
497 | if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3)) | 1109 | memset(&ck_cert_type, 0, sizeof(ck_cert_type)); |
498 | != CKR_OK) { | 1110 | memset(&key_attr, 0, sizeof(key_attr)); |
1111 | key_attr[0].type = CKA_CERTIFICATE_TYPE; | ||
1112 | key_attr[0].pValue = &ck_cert_type; | ||
1113 | key_attr[0].ulValueLen = sizeof(ck_cert_type); | ||
1114 | |||
1115 | rv = f->C_GetAttributeValue(session, obj, key_attr, 1); | ||
1116 | if (rv != CKR_OK) { | ||
499 | error("C_GetAttributeValue failed: %lu", rv); | 1117 | error("C_GetAttributeValue failed: %lu", rv); |
500 | continue; | 1118 | goto fail; |
501 | } | 1119 | } |
502 | /* | 1120 | |
503 | * Allow CKA_ID (always first attribute) to be empty, but | 1121 | switch (ck_cert_type) { |
504 | * ensure that none of the others are zero length. | 1122 | case CKC_X_509: |
505 | * XXX assumes CKA_ID is always first. | 1123 | key = pkcs11_fetch_x509_pubkey(p, slotidx, &obj); |
506 | */ | 1124 | break; |
507 | if (attribs[1].ulValueLen == 0 || | 1125 | default: |
508 | attribs[2].ulValueLen == 0) { | 1126 | /* XXX print key type? */ |
1127 | key = NULL; | ||
1128 | error("skipping unsupported certificate type"); | ||
1129 | } | ||
1130 | |||
1131 | if (key == NULL) { | ||
1132 | error("failed to fetch key"); | ||
509 | continue; | 1133 | continue; |
510 | } | 1134 | } |
511 | /* allocate buffers for attributes */ | 1135 | |
512 | for (i = 0; i < 3; i++) { | 1136 | if (pkcs11_key_included(keysp, nkeys, key)) { |
513 | if (attribs[i].ulValueLen > 0) { | 1137 | sshkey_free(key); |
514 | attribs[i].pValue = xmalloc( | 1138 | } else { |
515 | attribs[i].ulValueLen); | 1139 | /* expand key array and add key */ |
516 | } | 1140 | *keysp = xrecallocarray(*keysp, *nkeys, |
1141 | *nkeys + 1, sizeof(struct sshkey *)); | ||
1142 | (*keysp)[*nkeys] = key; | ||
1143 | *nkeys = *nkeys + 1; | ||
1144 | debug("have %d keys", *nkeys); | ||
517 | } | 1145 | } |
1146 | } | ||
518 | 1147 | ||
519 | /* | 1148 | ret = 0; |
520 | * retrieve ID, modulus and public exponent of RSA key, | 1149 | fail: |
521 | * or ID, subject and value for certificates. | 1150 | rv = f->C_FindObjectsFinal(session); |
522 | */ | 1151 | if (rv != CKR_OK) { |
523 | rsa = NULL; | 1152 | error("C_FindObjectsFinal failed: %lu", rv); |
524 | if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3)) | 1153 | ret = -1; |
525 | != CKR_OK) { | 1154 | } |
1155 | |||
1156 | return (ret); | ||
1157 | } | ||
1158 | |||
1159 | /* | ||
1160 | * lookup public keys for token in slot identified by slotidx, | ||
1161 | * add 'wrapped' public keys to the 'keysp' array and increment nkeys. | ||
1162 | * keysp points to an (possibly empty) array with *nkeys keys. | ||
1163 | */ | ||
1164 | static int | ||
1165 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
1166 | struct sshkey ***keysp, int *nkeys) | ||
1167 | { | ||
1168 | struct sshkey *key = NULL; | ||
1169 | CK_OBJECT_CLASS key_class; | ||
1170 | CK_ATTRIBUTE key_attr[1]; | ||
1171 | CK_SESSION_HANDLE session; | ||
1172 | CK_FUNCTION_LIST *f = NULL; | ||
1173 | CK_RV rv; | ||
1174 | CK_OBJECT_HANDLE obj; | ||
1175 | CK_ULONG n = 0; | ||
1176 | int ret = -1; | ||
1177 | |||
1178 | memset(&key_attr, 0, sizeof(key_attr)); | ||
1179 | memset(&obj, 0, sizeof(obj)); | ||
1180 | |||
1181 | key_class = CKO_PUBLIC_KEY; | ||
1182 | key_attr[0].type = CKA_CLASS; | ||
1183 | key_attr[0].pValue = &key_class; | ||
1184 | key_attr[0].ulValueLen = sizeof(key_class); | ||
1185 | |||
1186 | session = p->slotinfo[slotidx].session; | ||
1187 | f = p->function_list; | ||
1188 | |||
1189 | rv = f->C_FindObjectsInit(session, key_attr, 1); | ||
1190 | if (rv != CKR_OK) { | ||
1191 | error("C_FindObjectsInit failed: %lu", rv); | ||
1192 | goto fail; | ||
1193 | } | ||
1194 | |||
1195 | while (1) { | ||
1196 | CK_KEY_TYPE ck_key_type; | ||
1197 | |||
1198 | rv = f->C_FindObjects(session, &obj, 1, &n); | ||
1199 | if (rv != CKR_OK) { | ||
1200 | error("C_FindObjects failed: %lu", rv); | ||
1201 | goto fail; | ||
1202 | } | ||
1203 | if (n == 0) | ||
1204 | break; | ||
1205 | |||
1206 | memset(&ck_key_type, 0, sizeof(ck_key_type)); | ||
1207 | memset(&key_attr, 0, sizeof(key_attr)); | ||
1208 | key_attr[0].type = CKA_KEY_TYPE; | ||
1209 | key_attr[0].pValue = &ck_key_type; | ||
1210 | key_attr[0].ulValueLen = sizeof(ck_key_type); | ||
1211 | |||
1212 | rv = f->C_GetAttributeValue(session, obj, key_attr, 1); | ||
1213 | if (rv != CKR_OK) { | ||
526 | error("C_GetAttributeValue failed: %lu", rv); | 1214 | error("C_GetAttributeValue failed: %lu", rv); |
527 | } else if (attribs[1].type == CKA_MODULUS ) { | 1215 | goto fail; |
528 | if ((rsa = RSA_new()) == NULL) { | ||
529 | error("RSA_new failed"); | ||
530 | } else { | ||
531 | BIGNUM *rsa_n, *rsa_e; | ||
532 | |||
533 | rsa_n = BN_bin2bn(attribs[1].pValue, | ||
534 | attribs[1].ulValueLen, NULL); | ||
535 | rsa_e = BN_bin2bn(attribs[2].pValue, | ||
536 | attribs[2].ulValueLen, NULL); | ||
537 | if (rsa_n != NULL && rsa_e != NULL) { | ||
538 | if (!RSA_set0_key(rsa, | ||
539 | rsa_n, rsa_e, NULL)) | ||
540 | fatal("%s: set key", __func__); | ||
541 | rsa_n = rsa_e = NULL; /* transferred */ | ||
542 | } | ||
543 | BN_free(rsa_n); | ||
544 | BN_free(rsa_e); | ||
545 | } | ||
546 | } else { | ||
547 | cp = attribs[2].pValue; | ||
548 | if ((x509 = X509_new()) == NULL) { | ||
549 | error("X509_new failed"); | ||
550 | } else if (d2i_X509(&x509, &cp, attribs[2].ulValueLen) | ||
551 | == NULL) { | ||
552 | error("d2i_X509 failed"); | ||
553 | } else if ((evp = X509_get_pubkey(x509)) == NULL || | ||
554 | EVP_PKEY_base_id(evp) != EVP_PKEY_RSA || | ||
555 | EVP_PKEY_get0_RSA(evp) == NULL) { | ||
556 | debug("X509_get_pubkey failed or no rsa"); | ||
557 | } else if ((rsa = RSAPublicKey_dup( | ||
558 | EVP_PKEY_get0_RSA(evp))) == NULL) { | ||
559 | error("RSAPublicKey_dup"); | ||
560 | } | ||
561 | X509_free(x509); | ||
562 | } | 1216 | } |
563 | if (rsa && have_rsa_key(rsa) && | 1217 | |
564 | pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { | 1218 | switch (ck_key_type) { |
565 | if ((key = sshkey_new(KEY_UNSPEC)) == NULL) | 1219 | case CKK_RSA: |
566 | fatal("sshkey_new failed"); | 1220 | key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); |
567 | key->rsa = rsa; | 1221 | break; |
568 | key->type = KEY_RSA; | 1222 | #ifdef HAVE_EC_KEY_METHOD_NEW |
569 | key->flags |= SSHKEY_FLAG_EXT; | 1223 | case CKK_ECDSA: |
570 | if (pkcs11_key_included(keysp, nkeys, key)) { | 1224 | key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); |
571 | sshkey_free(key); | 1225 | break; |
572 | } else { | 1226 | #endif /* HAVE_EC_KEY_METHOD_NEW */ |
573 | /* expand key array and add key */ | 1227 | default: |
574 | *keysp = xrecallocarray(*keysp, *nkeys, | 1228 | /* XXX print key type? */ |
575 | *nkeys + 1, sizeof(struct sshkey *)); | 1229 | key = NULL; |
576 | (*keysp)[*nkeys] = key; | 1230 | error("skipping unsupported key type"); |
577 | *nkeys = *nkeys + 1; | 1231 | } |
578 | debug("have %d keys", *nkeys); | 1232 | |
579 | } | 1233 | if (key == NULL) { |
580 | } else if (rsa) { | 1234 | error("failed to fetch key"); |
581 | RSA_free(rsa); | 1235 | continue; |
1236 | } | ||
1237 | |||
1238 | if (pkcs11_key_included(keysp, nkeys, key)) { | ||
1239 | sshkey_free(key); | ||
1240 | } else { | ||
1241 | /* expand key array and add key */ | ||
1242 | *keysp = xrecallocarray(*keysp, *nkeys, | ||
1243 | *nkeys + 1, sizeof(struct sshkey *)); | ||
1244 | (*keysp)[*nkeys] = key; | ||
1245 | *nkeys = *nkeys + 1; | ||
1246 | debug("have %d keys", *nkeys); | ||
582 | } | 1247 | } |
583 | for (i = 0; i < 3; i++) | ||
584 | free(attribs[i].pValue); | ||
585 | } | 1248 | } |
586 | if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK) | 1249 | |
1250 | ret = 0; | ||
1251 | fail: | ||
1252 | rv = f->C_FindObjectsFinal(session); | ||
1253 | if (rv != CKR_OK) { | ||
587 | error("C_FindObjectsFinal failed: %lu", rv); | 1254 | error("C_FindObjectsFinal failed: %lu", rv); |
588 | return (0); | 1255 | ret = -1; |
1256 | } | ||
1257 | |||
1258 | return (ret); | ||
589 | } | 1259 | } |
590 | 1260 | ||
591 | /* register a new provider, fails if provider already exists */ | 1261 | #ifdef WITH_PKCS11_KEYGEN |
592 | int | 1262 | #define FILL_ATTR(attr, idx, typ, val, len) \ |
593 | pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | 1263 | { (attr[idx]).type=(typ); (attr[idx]).pValue=(val); (attr[idx]).ulValueLen=len; idx++; } |
1264 | |||
1265 | static struct sshkey * | ||
1266 | pkcs11_rsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
1267 | char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err) | ||
1268 | { | ||
1269 | struct pkcs11_slotinfo *si; | ||
1270 | char *plabel = label ? label : ""; | ||
1271 | int npub = 0, npriv = 0; | ||
1272 | CK_RV rv; | ||
1273 | CK_FUNCTION_LIST *f; | ||
1274 | CK_SESSION_HANDLE session; | ||
1275 | CK_BBOOL true_val = CK_TRUE, false_val = CK_FALSE; | ||
1276 | CK_OBJECT_HANDLE pubKey, privKey; | ||
1277 | CK_ATTRIBUTE tpub[16], tpriv[16]; | ||
1278 | CK_MECHANISM mech = { | ||
1279 | CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0 | ||
1280 | }; | ||
1281 | CK_BYTE pubExponent[] = { | ||
1282 | 0x01, 0x00, 0x01 /* RSA_F4 in bytes */ | ||
1283 | }; | ||
1284 | pubkey_filter[0].pValue = &pubkey_class; | ||
1285 | cert_filter[0].pValue = &cert_class; | ||
1286 | |||
1287 | *err = 0; | ||
1288 | |||
1289 | FILL_ATTR(tpub, npub, CKA_TOKEN, &true_val, sizeof(true_val)); | ||
1290 | FILL_ATTR(tpub, npub, CKA_LABEL, plabel, strlen(plabel)); | ||
1291 | FILL_ATTR(tpub, npub, CKA_ENCRYPT, &false_val, sizeof(false_val)); | ||
1292 | FILL_ATTR(tpub, npub, CKA_VERIFY, &true_val, sizeof(true_val)); | ||
1293 | FILL_ATTR(tpub, npub, CKA_VERIFY_RECOVER, &false_val, | ||
1294 | sizeof(false_val)); | ||
1295 | FILL_ATTR(tpub, npub, CKA_WRAP, &false_val, sizeof(false_val)); | ||
1296 | FILL_ATTR(tpub, npub, CKA_DERIVE, &false_val, sizeof(false_val)); | ||
1297 | FILL_ATTR(tpub, npub, CKA_MODULUS_BITS, &bits, sizeof(bits)); | ||
1298 | FILL_ATTR(tpub, npub, CKA_PUBLIC_EXPONENT, pubExponent, | ||
1299 | sizeof(pubExponent)); | ||
1300 | FILL_ATTR(tpub, npub, CKA_ID, &keyid, sizeof(keyid)); | ||
1301 | |||
1302 | FILL_ATTR(tpriv, npriv, CKA_TOKEN, &true_val, sizeof(true_val)); | ||
1303 | FILL_ATTR(tpriv, npriv, CKA_LABEL, plabel, strlen(plabel)); | ||
1304 | FILL_ATTR(tpriv, npriv, CKA_PRIVATE, &true_val, sizeof(true_val)); | ||
1305 | FILL_ATTR(tpriv, npriv, CKA_SENSITIVE, &true_val, sizeof(true_val)); | ||
1306 | FILL_ATTR(tpriv, npriv, CKA_DECRYPT, &false_val, sizeof(false_val)); | ||
1307 | FILL_ATTR(tpriv, npriv, CKA_SIGN, &true_val, sizeof(true_val)); | ||
1308 | FILL_ATTR(tpriv, npriv, CKA_SIGN_RECOVER, &false_val, | ||
1309 | sizeof(false_val)); | ||
1310 | FILL_ATTR(tpriv, npriv, CKA_UNWRAP, &false_val, sizeof(false_val)); | ||
1311 | FILL_ATTR(tpriv, npriv, CKA_DERIVE, &false_val, sizeof(false_val)); | ||
1312 | FILL_ATTR(tpriv, npriv, CKA_ID, &keyid, sizeof(keyid)); | ||
1313 | |||
1314 | f = p->function_list; | ||
1315 | si = &p->slotinfo[slotidx]; | ||
1316 | session = si->session; | ||
1317 | |||
1318 | if ((rv = f->C_GenerateKeyPair(session, &mech, tpub, npub, tpriv, npriv, | ||
1319 | &pubKey, &privKey)) != CKR_OK) { | ||
1320 | error("%s: key generation failed: error 0x%lx", __func__, rv); | ||
1321 | *err = rv; | ||
1322 | return NULL; | ||
1323 | } | ||
1324 | |||
1325 | return pkcs11_fetch_rsa_pubkey(p, slotidx, &pubKey); | ||
1326 | } | ||
1327 | |||
1328 | static int | ||
1329 | pkcs11_decode_hex(const char *hex, unsigned char **dest, size_t *rlen) | ||
1330 | { | ||
1331 | size_t i, len; | ||
1332 | char ptr[3]; | ||
1333 | |||
1334 | if (dest) | ||
1335 | *dest = NULL; | ||
1336 | if (rlen) | ||
1337 | *rlen = 0; | ||
1338 | |||
1339 | if ((len = strlen(hex)) % 2) | ||
1340 | return -1; | ||
1341 | len /= 2; | ||
1342 | |||
1343 | *dest = xmalloc(len); | ||
1344 | |||
1345 | ptr[2] = '\0'; | ||
1346 | for (i = 0; i < len; i++) { | ||
1347 | ptr[0] = hex[2 * i]; | ||
1348 | ptr[1] = hex[(2 * i) + 1]; | ||
1349 | if (!isxdigit(ptr[0]) || !isxdigit(ptr[1])) | ||
1350 | return -1; | ||
1351 | (*dest)[i] = (unsigned char)strtoul(ptr, NULL, 16); | ||
1352 | } | ||
1353 | |||
1354 | if (rlen) | ||
1355 | *rlen = len; | ||
1356 | |||
1357 | return 0; | ||
1358 | } | ||
1359 | |||
1360 | static struct ec_curve_info { | ||
1361 | const char *name; | ||
1362 | const char *oid; | ||
1363 | const char *oid_encoded; | ||
1364 | size_t size; | ||
1365 | } ec_curve_infos[] = { | ||
1366 | {"prime256v1", "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256}, | ||
1367 | {"secp384r1", "1.3.132.0.34", "06052B81040022", 384}, | ||
1368 | {"secp521r1", "1.3.132.0.35", "06052B81040023", 521}, | ||
1369 | {NULL, NULL, NULL, 0}, | ||
1370 | }; | ||
1371 | |||
1372 | static struct sshkey * | ||
1373 | pkcs11_ecdsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx, | ||
1374 | char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err) | ||
1375 | { | ||
1376 | struct pkcs11_slotinfo *si; | ||
1377 | char *plabel = label ? label : ""; | ||
1378 | int i; | ||
1379 | size_t ecparams_size; | ||
1380 | unsigned char *ecparams = NULL; | ||
1381 | int npub = 0, npriv = 0; | ||
1382 | CK_RV rv; | ||
1383 | CK_FUNCTION_LIST *f; | ||
1384 | CK_SESSION_HANDLE session; | ||
1385 | CK_BBOOL true_val = CK_TRUE, false_val = CK_FALSE; | ||
1386 | CK_OBJECT_HANDLE pubKey, privKey; | ||
1387 | CK_MECHANISM mech = { | ||
1388 | CKM_EC_KEY_PAIR_GEN, NULL_PTR, 0 | ||
1389 | }; | ||
1390 | CK_ATTRIBUTE tpub[16], tpriv[16]; | ||
1391 | |||
1392 | *err = 0; | ||
1393 | |||
1394 | for (i = 0; ec_curve_infos[i].name; i++) { | ||
1395 | if (ec_curve_infos[i].size == bits) | ||
1396 | break; | ||
1397 | } | ||
1398 | if (!ec_curve_infos[i].name) { | ||
1399 | error("%s: invalid key size %lu", __func__, bits); | ||
1400 | return NULL; | ||
1401 | } | ||
1402 | if (pkcs11_decode_hex(ec_curve_infos[i].oid_encoded, &ecparams, | ||
1403 | &ecparams_size) == -1) { | ||
1404 | error("%s: invalid oid", __func__); | ||
1405 | return NULL; | ||
1406 | } | ||
1407 | |||
1408 | FILL_ATTR(tpub, npub, CKA_TOKEN, &true_val, sizeof(true_val)); | ||
1409 | FILL_ATTR(tpub, npub, CKA_LABEL, plabel, strlen(plabel)); | ||
1410 | FILL_ATTR(tpub, npub, CKA_ENCRYPT, &false_val, sizeof(false_val)); | ||
1411 | FILL_ATTR(tpub, npub, CKA_VERIFY, &true_val, sizeof(true_val)); | ||
1412 | FILL_ATTR(tpub, npub, CKA_VERIFY_RECOVER, &false_val, | ||
1413 | sizeof(false_val)); | ||
1414 | FILL_ATTR(tpub, npub, CKA_WRAP, &false_val, sizeof(false_val)); | ||
1415 | FILL_ATTR(tpub, npub, CKA_DERIVE, &false_val, sizeof(false_val)); | ||
1416 | FILL_ATTR(tpub, npub, CKA_EC_PARAMS, ecparams, ecparams_size); | ||
1417 | FILL_ATTR(tpub, npub, CKA_ID, &keyid, sizeof(keyid)); | ||
1418 | |||
1419 | FILL_ATTR(tpriv, npriv, CKA_TOKEN, &true_val, sizeof(true_val)); | ||
1420 | FILL_ATTR(tpriv, npriv, CKA_LABEL, plabel, strlen(plabel)); | ||
1421 | FILL_ATTR(tpriv, npriv, CKA_PRIVATE, &true_val, sizeof(true_val)); | ||
1422 | FILL_ATTR(tpriv, npriv, CKA_SENSITIVE, &true_val, sizeof(true_val)); | ||
1423 | FILL_ATTR(tpriv, npriv, CKA_DECRYPT, &false_val, sizeof(false_val)); | ||
1424 | FILL_ATTR(tpriv, npriv, CKA_SIGN, &true_val, sizeof(true_val)); | ||
1425 | FILL_ATTR(tpriv, npriv, CKA_SIGN_RECOVER, &false_val, | ||
1426 | sizeof(false_val)); | ||
1427 | FILL_ATTR(tpriv, npriv, CKA_UNWRAP, &false_val, sizeof(false_val)); | ||
1428 | FILL_ATTR(tpriv, npriv, CKA_DERIVE, &false_val, sizeof(false_val)); | ||
1429 | FILL_ATTR(tpriv, npriv, CKA_ID, &keyid, sizeof(keyid)); | ||
1430 | |||
1431 | f = p->function_list; | ||
1432 | si = &p->slotinfo[slotidx]; | ||
1433 | session = si->session; | ||
1434 | |||
1435 | if ((rv = f->C_GenerateKeyPair(session, &mech, tpub, npub, tpriv, npriv, | ||
1436 | &pubKey, &privKey)) != CKR_OK) { | ||
1437 | error("%s: key generation failed: error 0x%lx", __func__, rv); | ||
1438 | *err = rv; | ||
1439 | return NULL; | ||
1440 | } | ||
1441 | |||
1442 | return pkcs11_fetch_ecdsa_pubkey(p, slotidx, &pubKey); | ||
1443 | } | ||
1444 | #endif /* WITH_PKCS11_KEYGEN */ | ||
1445 | |||
1446 | /* | ||
1447 | * register a new provider, fails if provider already exists. if | ||
1448 | * keyp is provided, fetch keys. | ||
1449 | */ | ||
1450 | static int | ||
1451 | pkcs11_register_provider(char *provider_id, char *pin, struct sshkey ***keyp, | ||
1452 | struct pkcs11_provider **providerp, CK_ULONG user) | ||
594 | { | 1453 | { |
595 | int nkeys, need_finalize = 0; | 1454 | int nkeys, need_finalize = 0; |
1455 | int ret = -1; | ||
596 | struct pkcs11_provider *p = NULL; | 1456 | struct pkcs11_provider *p = NULL; |
597 | void *handle = NULL; | 1457 | void *handle = NULL; |
598 | CK_RV (*getfunctionlist)(CK_FUNCTION_LIST **); | 1458 | CK_RV (*getfunctionlist)(CK_FUNCTION_LIST **); |
@@ -601,13 +1461,19 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | |||
601 | CK_TOKEN_INFO *token; | 1461 | CK_TOKEN_INFO *token; |
602 | CK_ULONG i; | 1462 | CK_ULONG i; |
603 | 1463 | ||
604 | *keyp = NULL; | 1464 | if (providerp == NULL) |
1465 | goto fail; | ||
1466 | *providerp = NULL; | ||
1467 | |||
1468 | if (keyp != NULL) | ||
1469 | *keyp = NULL; | ||
1470 | |||
605 | if (pkcs11_provider_lookup(provider_id) != NULL) { | 1471 | if (pkcs11_provider_lookup(provider_id) != NULL) { |
606 | debug("%s: provider already registered: %s", | 1472 | debug("%s: provider already registered: %s", |
607 | __func__, provider_id); | 1473 | __func__, provider_id); |
608 | goto fail; | 1474 | goto fail; |
609 | } | 1475 | } |
610 | /* open shared pkcs11-libarary */ | 1476 | /* open shared pkcs11-library */ |
611 | if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) { | 1477 | if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) { |
612 | error("dlopen %s failed: %s", provider_id, dlerror()); | 1478 | error("dlopen %s failed: %s", provider_id, dlerror()); |
613 | goto fail; | 1479 | goto fail; |
@@ -653,8 +1519,9 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | |||
653 | goto fail; | 1519 | goto fail; |
654 | } | 1520 | } |
655 | if (p->nslots == 0) { | 1521 | if (p->nslots == 0) { |
656 | debug("%s: provider %s returned no slots", __func__, | 1522 | error("%s: provider %s returned no slots", __func__, |
657 | provider_id); | 1523 | provider_id); |
1524 | ret = -SSH_PKCS11_ERR_NO_SLOTS; | ||
658 | goto fail; | 1525 | goto fail; |
659 | } | 1526 | } |
660 | p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID)); | 1527 | p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID)); |
@@ -690,43 +1557,251 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | |||
690 | provider_id, (unsigned long)i, | 1557 | provider_id, (unsigned long)i, |
691 | token->label, token->manufacturerID, token->model, | 1558 | token->label, token->manufacturerID, token->model, |
692 | token->serialNumber, token->flags); | 1559 | token->serialNumber, token->flags); |
693 | /* open session, login with pin and retrieve public keys */ | 1560 | /* |
694 | if (pkcs11_open_session(p, i, pin) == 0) | 1561 | * open session, login with pin and retrieve public |
1562 | * keys (if keyp is provided) | ||
1563 | */ | ||
1564 | if ((ret = pkcs11_open_session(p, i, pin, user)) == 0) { | ||
1565 | if (keyp == NULL) | ||
1566 | continue; | ||
695 | pkcs11_fetch_keys(p, i, keyp, &nkeys); | 1567 | pkcs11_fetch_keys(p, i, keyp, &nkeys); |
1568 | pkcs11_fetch_certs(p, i, keyp, &nkeys); | ||
1569 | } | ||
696 | } | 1570 | } |
697 | if (nkeys > 0) { | 1571 | |
698 | TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); | 1572 | /* now owned by caller */ |
699 | p->refcount++; /* add to provider list */ | 1573 | *providerp = p; |
700 | return (nkeys); | 1574 | |
701 | } | 1575 | TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); |
702 | debug("%s: provider %s returned no keys", __func__, provider_id); | 1576 | p->refcount++; /* add to provider list */ |
703 | /* don't add the provider, since it does not have any keys */ | 1577 | |
1578 | return (nkeys); | ||
704 | fail: | 1579 | fail: |
705 | if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) | 1580 | if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) |
706 | error("C_Finalize for provider %s failed: %lu", | 1581 | error("C_Finalize for provider %s failed: %lu", |
707 | provider_id, rv); | 1582 | provider_id, rv); |
708 | if (p) { | 1583 | if (p) { |
1584 | free(p->name); | ||
709 | free(p->slotlist); | 1585 | free(p->slotlist); |
710 | free(p->slotinfo); | 1586 | free(p->slotinfo); |
711 | free(p); | 1587 | free(p); |
712 | } | 1588 | } |
713 | if (handle) | 1589 | if (handle) |
714 | dlclose(handle); | 1590 | dlclose(handle); |
715 | return (-1); | 1591 | return (ret); |
1592 | } | ||
1593 | |||
1594 | /* | ||
1595 | * register a new provider and get number of keys hold by the token, | ||
1596 | * fails if provider already exists | ||
1597 | */ | ||
1598 | int | ||
1599 | pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | ||
1600 | { | ||
1601 | struct pkcs11_provider *p = NULL; | ||
1602 | int nkeys; | ||
1603 | |||
1604 | nkeys = pkcs11_register_provider(provider_id, pin, keyp, &p, CKU_USER); | ||
1605 | |||
1606 | /* no keys found or some other error, de-register provider */ | ||
1607 | if (nkeys <= 0 && p != NULL) { | ||
1608 | TAILQ_REMOVE(&pkcs11_providers, p, next); | ||
1609 | pkcs11_provider_finalize(p); | ||
1610 | pkcs11_provider_unref(p); | ||
1611 | } | ||
1612 | if (nkeys == 0) | ||
1613 | debug("%s: provider %s returned no keys", __func__, | ||
1614 | provider_id); | ||
1615 | |||
1616 | return (nkeys); | ||
716 | } | 1617 | } |
717 | 1618 | ||
718 | #else | 1619 | #ifdef WITH_PKCS11_KEYGEN |
1620 | struct sshkey * | ||
1621 | pkcs11_gakp(char *provider_id, char *pin, unsigned int slotidx, char *label, | ||
1622 | unsigned int type, unsigned int bits, unsigned char keyid, u_int32_t *err) | ||
1623 | { | ||
1624 | struct pkcs11_provider *p = NULL; | ||
1625 | struct pkcs11_slotinfo *si; | ||
1626 | CK_FUNCTION_LIST *f; | ||
1627 | CK_SESSION_HANDLE session; | ||
1628 | struct sshkey *k = NULL; | ||
1629 | int ret = -1, reset_pin = 0, reset_provider = 0; | ||
1630 | CK_RV rv; | ||
1631 | |||
1632 | *err = 0; | ||
719 | 1633 | ||
1634 | if ((p = pkcs11_provider_lookup(provider_id)) != NULL) | ||
1635 | debug("%s: provider \"%s\" available", __func__, provider_id); | ||
1636 | else if ((ret = pkcs11_register_provider(provider_id, pin, NULL, &p, | ||
1637 | CKU_SO)) < 0) { | ||
1638 | debug("%s: could not register provider %s", __func__, | ||
1639 | provider_id); | ||
1640 | goto out; | ||
1641 | } else | ||
1642 | reset_provider = 1; | ||
1643 | |||
1644 | f = p->function_list; | ||
1645 | si = &p->slotinfo[slotidx]; | ||
1646 | session = si->session; | ||
1647 | |||
1648 | if ((rv = f->C_SetOperationState(session , pin, strlen(pin), | ||
1649 | CK_INVALID_HANDLE, CK_INVALID_HANDLE)) != CKR_OK) { | ||
1650 | debug("%s: could not supply SO pin: %lu", __func__, rv); | ||
1651 | reset_pin = 0; | ||
1652 | } else | ||
1653 | reset_pin = 1; | ||
1654 | |||
1655 | switch (type) { | ||
1656 | case KEY_RSA: | ||
1657 | if ((k = pkcs11_rsa_generate_private_key(p, slotidx, label, | ||
1658 | bits, keyid, err)) == NULL) { | ||
1659 | debug("%s: failed to generate RSA key", __func__); | ||
1660 | goto out; | ||
1661 | } | ||
1662 | break; | ||
1663 | case KEY_ECDSA: | ||
1664 | if ((k = pkcs11_ecdsa_generate_private_key(p, slotidx, label, | ||
1665 | bits, keyid, err)) == NULL) { | ||
1666 | debug("%s: failed to generate ECDSA key", __func__); | ||
1667 | goto out; | ||
1668 | } | ||
1669 | break; | ||
1670 | default: | ||
1671 | *err = SSH_PKCS11_ERR_GENERIC; | ||
1672 | debug("%s: unknown type %d", __func__, type); | ||
1673 | goto out; | ||
1674 | } | ||
1675 | |||
1676 | out: | ||
1677 | if (reset_pin) | ||
1678 | f->C_SetOperationState(session , NULL, 0, CK_INVALID_HANDLE, | ||
1679 | CK_INVALID_HANDLE); | ||
1680 | |||
1681 | if (reset_provider) | ||
1682 | pkcs11_del_provider(provider_id); | ||
1683 | |||
1684 | return (k); | ||
1685 | } | ||
1686 | |||
1687 | struct sshkey * | ||
1688 | pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx, | ||
1689 | unsigned char keyid, u_int32_t *err) | ||
1690 | { | ||
1691 | struct pkcs11_provider *p = NULL; | ||
1692 | struct pkcs11_slotinfo *si; | ||
1693 | struct sshkey *k = NULL; | ||
1694 | int reset_pin = 0, reset_provider = 0; | ||
1695 | CK_ULONG nattrs; | ||
1696 | CK_FUNCTION_LIST *f; | ||
1697 | CK_SESSION_HANDLE session; | ||
1698 | CK_ATTRIBUTE attrs[16]; | ||
1699 | CK_OBJECT_CLASS key_class; | ||
1700 | CK_KEY_TYPE key_type; | ||
1701 | CK_OBJECT_HANDLE obj = CK_INVALID_HANDLE; | ||
1702 | CK_RV rv; | ||
1703 | |||
1704 | *err = 0; | ||
1705 | |||
1706 | if ((p = pkcs11_provider_lookup(provider_id)) != NULL) { | ||
1707 | debug("%s: using provider \"%s\"", __func__, provider_id); | ||
1708 | } else if (pkcs11_register_provider(provider_id, pin, NULL, &p, | ||
1709 | CKU_SO) < 0) { | ||
1710 | debug("%s: could not register provider %s", __func__, | ||
1711 | provider_id); | ||
1712 | goto out; | ||
1713 | } else | ||
1714 | reset_provider = 1; | ||
1715 | |||
1716 | f = p->function_list; | ||
1717 | si = &p->slotinfo[slotidx]; | ||
1718 | session = si->session; | ||
1719 | |||
1720 | if ((rv = f->C_SetOperationState(session , pin, strlen(pin), | ||
1721 | CK_INVALID_HANDLE, CK_INVALID_HANDLE)) != CKR_OK) { | ||
1722 | debug("%s: could not supply SO pin: %lu", __func__, rv); | ||
1723 | reset_pin = 0; | ||
1724 | } else | ||
1725 | reset_pin = 1; | ||
1726 | |||
1727 | /* private key */ | ||
1728 | nattrs = 0; | ||
1729 | key_class = CKO_PRIVATE_KEY; | ||
1730 | FILL_ATTR(attrs, nattrs, CKA_CLASS, &key_class, sizeof(key_class)); | ||
1731 | FILL_ATTR(attrs, nattrs, CKA_ID, &keyid, sizeof(keyid)); | ||
1732 | |||
1733 | if (pkcs11_find(p, slotidx, attrs, nattrs, &obj) == 0 && | ||
1734 | obj != CK_INVALID_HANDLE) { | ||
1735 | if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) { | ||
1736 | debug("%s: could not destroy private key 0x%hhx", | ||
1737 | __func__, keyid); | ||
1738 | *err = rv; | ||
1739 | goto out; | ||
1740 | } | ||
1741 | } | ||
1742 | |||
1743 | /* public key */ | ||
1744 | nattrs = 0; | ||
1745 | key_class = CKO_PUBLIC_KEY; | ||
1746 | FILL_ATTR(attrs, nattrs, CKA_CLASS, &key_class, sizeof(key_class)); | ||
1747 | FILL_ATTR(attrs, nattrs, CKA_ID, &keyid, sizeof(keyid)); | ||
1748 | |||
1749 | if (pkcs11_find(p, slotidx, attrs, nattrs, &obj) == 0 && | ||
1750 | obj != CK_INVALID_HANDLE) { | ||
1751 | |||
1752 | /* get key type */ | ||
1753 | nattrs = 0; | ||
1754 | FILL_ATTR(attrs, nattrs, CKA_KEY_TYPE, &key_type, | ||
1755 | sizeof(key_type)); | ||
1756 | rv = f->C_GetAttributeValue(session, obj, attrs, nattrs); | ||
1757 | if (rv != CKR_OK) { | ||
1758 | debug("%s: could not get key type of public key 0x%hhx", | ||
1759 | __func__, keyid); | ||
1760 | *err = rv; | ||
1761 | key_type = -1; | ||
1762 | } | ||
1763 | if (key_type == CKK_RSA) | ||
1764 | k = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj); | ||
1765 | else if (key_type == CKK_ECDSA) | ||
1766 | k = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj); | ||
1767 | |||
1768 | if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) { | ||
1769 | debug("%s: could not destroy public key 0x%hhx", | ||
1770 | __func__, keyid); | ||
1771 | *err = rv; | ||
1772 | goto out; | ||
1773 | } | ||
1774 | } | ||
1775 | |||
1776 | out: | ||
1777 | if (reset_pin) | ||
1778 | f->C_SetOperationState(session , NULL, 0, CK_INVALID_HANDLE, | ||
1779 | CK_INVALID_HANDLE); | ||
1780 | |||
1781 | if (reset_provider) | ||
1782 | pkcs11_del_provider(provider_id); | ||
1783 | |||
1784 | return (k); | ||
1785 | } | ||
1786 | #endif /* WITH_PKCS11_KEYGEN */ | ||
1787 | #else /* ENABLE_PKCS11 */ | ||
720 | int | 1788 | int |
721 | pkcs11_init(int interactive) | 1789 | pkcs11_init(int interactive) |
722 | { | 1790 | { |
723 | return (0); | 1791 | error("%s: dlopen() not supported", __func__); |
1792 | return (-1); | ||
1793 | } | ||
1794 | |||
1795 | int | ||
1796 | pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) | ||
1797 | { | ||
1798 | error("%s: dlopen() not supported", __func__); | ||
1799 | return (-1); | ||
724 | } | 1800 | } |
725 | 1801 | ||
726 | void | 1802 | void |
727 | pkcs11_terminate(void) | 1803 | pkcs11_terminate(void) |
728 | { | 1804 | { |
729 | return; | 1805 | error("%s: dlopen() not supported", __func__); |
730 | } | 1806 | } |
731 | |||
732 | #endif /* ENABLE_PKCS11 */ | 1807 | #endif /* ENABLE_PKCS11 */ |
diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h index 0ced74f29..b9038450d 100644 --- a/ssh-pkcs11.h +++ b/ssh-pkcs11.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11.h,v 1.4 2015/01/15 09:40:00 djm Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.h,v 1.5 2019/01/20 22:51:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -14,10 +14,26 @@ | |||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | */ | 16 | */ |
17 | |||
18 | /* Errors for pkcs11_add_provider() */ | ||
19 | #define SSH_PKCS11_ERR_GENERIC 1 | ||
20 | #define SSH_PKCS11_ERR_LOGIN_FAIL 2 | ||
21 | #define SSH_PKCS11_ERR_NO_SLOTS 3 | ||
22 | #define SSH_PKCS11_ERR_PIN_REQUIRED 4 | ||
23 | #define SSH_PKCS11_ERR_PIN_LOCKED 5 | ||
24 | |||
17 | int pkcs11_init(int); | 25 | int pkcs11_init(int); |
18 | void pkcs11_terminate(void); | 26 | void pkcs11_terminate(void); |
19 | int pkcs11_add_provider(char *, char *, struct sshkey ***); | 27 | int pkcs11_add_provider(char *, char *, struct sshkey ***); |
20 | int pkcs11_del_provider(char *); | 28 | int pkcs11_del_provider(char *); |
29 | #ifdef WITH_PKCS11_KEYGEN | ||
30 | struct sshkey * | ||
31 | pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int, | ||
32 | unsigned int, unsigned char, u_int32_t *); | ||
33 | struct sshkey * | ||
34 | pkcs11_destroy_keypair(char *, char *, unsigned long, unsigned char, | ||
35 | u_int32_t *); | ||
36 | #endif | ||
21 | 37 | ||
22 | #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) | 38 | #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11) |
23 | #undef ENABLE_PKCS11 | 39 | #undef ENABLE_PKCS11 |
@@ -130,7 +130,7 @@ DESCRIPTION | |||
130 | 130 | ||
131 | -I pkcs11 | 131 | -I pkcs11 |
132 | Specify the PKCS#11 shared library ssh should use to communicate | 132 | Specify the PKCS#11 shared library ssh should use to communicate |
133 | with a PKCS#11 token providing the user's private RSA key. | 133 | with a PKCS#11 token providing keys for user authentication. |
134 | 134 | ||
135 | -i identity_file | 135 | -i identity_file |
136 | Selects a file from which the identity (private key) for public | 136 | Selects a file from which the identity (private key) for public |
@@ -150,6 +150,10 @@ DESCRIPTION | |||
150 | TCP forwarding to the ultimate destination from there. Multiple | 150 | TCP forwarding to the ultimate destination from there. Multiple |
151 | jump hops may be specified separated by comma characters. This | 151 | jump hops may be specified separated by comma characters. This |
152 | is a shortcut to specify a ProxyJump configuration directive. | 152 | is a shortcut to specify a ProxyJump configuration directive. |
153 | Note that configuration directives supplied on the command-line | ||
154 | generally apply to the destination host and not any specified | ||
155 | jump hosts. Use ~/.ssh/config to specify configuration for jump | ||
156 | hosts. | ||
153 | 157 | ||
154 | -K Enables GSSAPI-based authentication and forwarding (delegation) | 158 | -K Enables GSSAPI-based authentication and forwarding (delegation) |
155 | of GSSAPI credentials to the server. | 159 | of GSSAPI credentials to the server. |
@@ -594,36 +598,30 @@ ESCAPE CHARACTERS | |||
594 | to stderr. | 598 | to stderr. |
595 | 599 | ||
596 | TCP FORWARDING | 600 | TCP FORWARDING |
597 | Forwarding of arbitrary TCP connections over the secure channel can be | 601 | Forwarding of arbitrary TCP connections over a secure channel can be |
598 | specified either on the command line or in a configuration file. One | 602 | specified either on the command line or in a configuration file. One |
599 | possible application of TCP forwarding is a secure connection to a mail | 603 | possible application of TCP forwarding is a secure connection to a mail |
600 | server; another is going through firewalls. | 604 | server; another is going through firewalls. |
601 | 605 | ||
602 | In the example below, we look at encrypting communication between an IRC | 606 | In the example below, we look at encrypting communication for an IRC |
603 | client and server, even though the IRC server does not directly support | 607 | client, even though the IRC server it connects to does not directly |
604 | encrypted communications. This works as follows: the user connects to | 608 | support encrypted communication. This works as follows: the user |
605 | the remote host using ssh, specifying a port to be used to forward | 609 | connects to the remote host using ssh, specifying the ports to be used to |
606 | connections to the remote server. After that it is possible to start the | 610 | forward the connection. After that it is possible to start the program |
607 | service which is to be encrypted on the client machine, connecting to the | 611 | locally, and ssh will encrypt and forward the connection to the remote |
608 | same local port, and ssh will encrypt and forward the connection. | 612 | server. |
609 | 613 | ||
610 | The following example tunnels an IRC session from client machine | 614 | The following example tunnels an IRC session from the client to an IRC |
611 | M-bM-^@M-^\127.0.0.1M-bM-^@M-^] (localhost) to remote server M-bM-^@M-^\server.example.comM-bM-^@M-^]: | 615 | server at M-bM-^@M-^\server.example.comM-bM-^@M-^], joining channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname |
616 | M-bM-^@M-^\pinkyM-bM-^@M-^], using the standard IRC port, 6667: | ||
612 | 617 | ||
613 | $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10 | 618 | $ ssh -f -L 6667:localhost:6667 server.example.com sleep 10 |
614 | $ irc -c '#users' -p 1234 pinky 127.0.0.1 | 619 | $ irc -c '#users' pinky IRC/127.0.0.1 |
615 | |||
616 | This tunnels a connection to IRC server M-bM-^@M-^\server.example.comM-bM-^@M-^], joining | ||
617 | channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname M-bM-^@M-^\pinkyM-bM-^@M-^], using port 1234. It doesn't matter | ||
618 | which port is used, as long as it's greater than 1023 (remember, only | ||
619 | root can open sockets on privileged ports) and doesn't conflict with any | ||
620 | ports already in use. The connection is forwarded to port 6667 on the | ||
621 | remote server, since that's the standard port for IRC services. | ||
622 | 620 | ||
623 | The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is | 621 | The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is |
624 | specified to allow an amount of time (10 seconds, in the example) to | 622 | specified to allow an amount of time (10 seconds, in the example) to |
625 | start the service which is to be tunnelled. If no connections are made | 623 | start the program which is going to use the tunnel. If no connections |
626 | within the time specified, ssh will exit. | 624 | are made within the time specified, ssh will exit. |
627 | 625 | ||
628 | X11 FORWARDING | 626 | X11 FORWARDING |
629 | If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the | 627 | If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the |
@@ -979,4 +977,4 @@ AUTHORS | |||
979 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 977 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
980 | versions 1.5 and 2.0. | 978 | versions 1.5 and 2.0. |
981 | 979 | ||
982 | OpenBSD 6.4 September 20, 2018 OpenBSD 6.4 | 980 | OpenBSD 6.5 March 16, 2019 OpenBSD 6.5 |
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh.1,v 1.399 2018/09/20 06:58:48 jmc Exp $ | 36 | .\" $OpenBSD: ssh.1,v 1.402 2019/03/16 19:14:21 jmc Exp $ |
37 | .Dd $Mdocdate: September 20 2018 $ | 37 | .Dd $Mdocdate: March 16 2019 $ |
38 | .Dt SSH 1 | 38 | .Dt SSH 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -270,8 +270,8 @@ on the master process. | |||
270 | .It Fl I Ar pkcs11 | 270 | .It Fl I Ar pkcs11 |
271 | Specify the PKCS#11 shared library | 271 | Specify the PKCS#11 shared library |
272 | .Nm | 272 | .Nm |
273 | should use to communicate with a PKCS#11 token providing the user's | 273 | should use to communicate with a PKCS#11 token providing keys for user |
274 | private RSA key. | 274 | authentication. |
275 | .Pp | 275 | .Pp |
276 | .It Fl i Ar identity_file | 276 | .It Fl i Ar identity_file |
277 | Selects a file from which the identity (private key) for | 277 | Selects a file from which the identity (private key) for |
@@ -308,6 +308,11 @@ Multiple jump hops may be specified separated by comma characters. | |||
308 | This is a shortcut to specify a | 308 | This is a shortcut to specify a |
309 | .Cm ProxyJump | 309 | .Cm ProxyJump |
310 | configuration directive. | 310 | configuration directive. |
311 | Note that configuration directives supplied on the command-line generally | ||
312 | apply to the destination host and not any specified jump hosts. | ||
313 | Use | ||
314 | .Pa ~/.ssh/config | ||
315 | to specify configuration for jump hosts. | ||
311 | .Pp | 316 | .Pp |
312 | .It Fl K | 317 | .It Fl K |
313 | Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI | 318 | Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI |
@@ -492,7 +497,13 @@ For full details of the options listed below, and their possible values, see | |||
492 | .It GatewayPorts | 497 | .It GatewayPorts |
493 | .It GlobalKnownHostsFile | 498 | .It GlobalKnownHostsFile |
494 | .It GSSAPIAuthentication | 499 | .It GSSAPIAuthentication |
500 | .It GSSAPIKeyExchange | ||
501 | .It GSSAPIClientIdentity | ||
495 | .It GSSAPIDelegateCredentials | 502 | .It GSSAPIDelegateCredentials |
503 | .It GSSAPIKexAlgorithms | ||
504 | .It GSSAPIRenewalForcesRekey | ||
505 | .It GSSAPIServerIdentity | ||
506 | .It GSSAPITrustDns | ||
496 | .It HashKnownHosts | 507 | .It HashKnownHosts |
497 | .It Host | 508 | .It Host |
498 | .It HostbasedAuthentication | 509 | .It HostbasedAuthentication |
@@ -568,6 +579,8 @@ flag), | |||
568 | (supported message integrity codes), | 579 | (supported message integrity codes), |
569 | .Ar kex | 580 | .Ar kex |
570 | (key exchange algorithms), | 581 | (key exchange algorithms), |
582 | .Ar kex-gss | ||
583 | (GSSAPI key exchange algorithms), | ||
571 | .Ar key | 584 | .Ar key |
572 | (key types), | 585 | (key types), |
573 | .Ar key-cert | 586 | .Ar key-cert |
@@ -1110,49 +1123,35 @@ Increase the verbosity | |||
1110 | when errors are being written to stderr. | 1123 | when errors are being written to stderr. |
1111 | .El | 1124 | .El |
1112 | .Sh TCP FORWARDING | 1125 | .Sh TCP FORWARDING |
1113 | Forwarding of arbitrary TCP connections over the secure channel can | 1126 | Forwarding of arbitrary TCP connections over a secure channel |
1114 | be specified either on the command line or in a configuration file. | 1127 | can be specified either on the command line or in a configuration file. |
1115 | One possible application of TCP forwarding is a secure connection to a | 1128 | One possible application of TCP forwarding is a secure connection to a |
1116 | mail server; another is going through firewalls. | 1129 | mail server; another is going through firewalls. |
1117 | .Pp | 1130 | .Pp |
1118 | In the example below, we look at encrypting communication between | 1131 | In the example below, we look at encrypting communication for an IRC client, |
1119 | an IRC client and server, even though the IRC server does not directly | 1132 | even though the IRC server it connects to does not directly |
1120 | support encrypted communications. | 1133 | support encrypted communication. |
1121 | This works as follows: | 1134 | This works as follows: |
1122 | the user connects to the remote host using | 1135 | the user connects to the remote host using |
1123 | .Nm , | 1136 | .Nm , |
1124 | specifying a port to be used to forward connections | 1137 | specifying the ports to be used to forward the connection. |
1125 | to the remote server. | 1138 | After that it is possible to start the program locally, |
1126 | After that it is possible to start the service which is to be encrypted | ||
1127 | on the client machine, | ||
1128 | connecting to the same local port, | ||
1129 | and | 1139 | and |
1130 | .Nm | 1140 | .Nm |
1131 | will encrypt and forward the connection. | 1141 | will encrypt and forward the connection to the remote server. |
1132 | .Pp | 1142 | .Pp |
1133 | The following example tunnels an IRC session from client machine | 1143 | The following example tunnels an IRC session from the client |
1134 | .Dq 127.0.0.1 | 1144 | to an IRC server at |
1135 | (localhost) | ||
1136 | to remote server | ||
1137 | .Dq server.example.com : | ||
1138 | .Bd -literal -offset 4n | ||
1139 | $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10 | ||
1140 | $ irc -c '#users' -p 1234 pinky 127.0.0.1 | ||
1141 | .Ed | ||
1142 | .Pp | ||
1143 | This tunnels a connection to IRC server | ||
1144 | .Dq server.example.com , | 1145 | .Dq server.example.com , |
1145 | joining channel | 1146 | joining channel |
1146 | .Dq #users , | 1147 | .Dq #users , |
1147 | nickname | 1148 | nickname |
1148 | .Dq pinky , | 1149 | .Dq pinky , |
1149 | using port 1234. | 1150 | using the standard IRC port, 6667: |
1150 | It doesn't matter which port is used, | 1151 | .Bd -literal -offset 4n |
1151 | as long as it's greater than 1023 | 1152 | $ ssh -f -L 6667:localhost:6667 server.example.com sleep 10 |
1152 | (remember, only root can open sockets on privileged ports) | 1153 | $ irc -c '#users' pinky IRC/127.0.0.1 |
1153 | and doesn't conflict with any ports already in use. | 1154 | .Ed |
1154 | The connection is forwarded to port 6667 on the remote server, | ||
1155 | since that's the standard port for IRC services. | ||
1156 | .Pp | 1155 | .Pp |
1157 | The | 1156 | The |
1158 | .Fl f | 1157 | .Fl f |
@@ -1162,7 +1161,7 @@ and the remote command | |||
1162 | .Dq sleep 10 | 1161 | .Dq sleep 10 |
1163 | is specified to allow an amount of time | 1162 | is specified to allow an amount of time |
1164 | (10 seconds, in the example) | 1163 | (10 seconds, in the example) |
1165 | to start the service which is to be tunnelled. | 1164 | to start the program which is going to use the tunnel. |
1166 | If no connections are made within the time specified, | 1165 | If no connections are made within the time specified, |
1167 | .Nm | 1166 | .Nm |
1168 | will exit. | 1167 | will exit. |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.494 2018/10/03 06:38:35 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.500 2019/01/19 21:43:56 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -527,7 +527,8 @@ check_load(int r, const char *path, const char *message) | |||
527 | * file if the user specifies a config file on the command line. | 527 | * file if the user specifies a config file on the command line. |
528 | */ | 528 | */ |
529 | static void | 529 | static void |
530 | process_config_files(const char *host_name, struct passwd *pw, int post_canon) | 530 | process_config_files(const char *host_name, struct passwd *pw, int final_pass, |
531 | int *want_final_pass) | ||
531 | { | 532 | { |
532 | char buf[PATH_MAX]; | 533 | char buf[PATH_MAX]; |
533 | int r; | 534 | int r; |
@@ -535,7 +536,8 @@ process_config_files(const char *host_name, struct passwd *pw, int post_canon) | |||
535 | if (config != NULL) { | 536 | if (config != NULL) { |
536 | if (strcasecmp(config, "none") != 0 && | 537 | if (strcasecmp(config, "none") != 0 && |
537 | !read_config_file(config, pw, host, host_name, &options, | 538 | !read_config_file(config, pw, host, host_name, &options, |
538 | SSHCONF_USERCONF | (post_canon ? SSHCONF_POSTCANON : 0))) | 539 | SSHCONF_USERCONF | (final_pass ? SSHCONF_FINAL : 0), |
540 | want_final_pass)) | ||
539 | fatal("Can't open user config file %.100s: " | 541 | fatal("Can't open user config file %.100s: " |
540 | "%.100s", config, strerror(errno)); | 542 | "%.100s", config, strerror(errno)); |
541 | } else { | 543 | } else { |
@@ -544,12 +546,12 @@ process_config_files(const char *host_name, struct passwd *pw, int post_canon) | |||
544 | if (r > 0 && (size_t)r < sizeof(buf)) | 546 | if (r > 0 && (size_t)r < sizeof(buf)) |
545 | (void)read_config_file(buf, pw, host, host_name, | 547 | (void)read_config_file(buf, pw, host, host_name, |
546 | &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | | 548 | &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF | |
547 | (post_canon ? SSHCONF_POSTCANON : 0)); | 549 | (final_pass ? SSHCONF_FINAL : 0), want_final_pass); |
548 | 550 | ||
549 | /* Read systemwide configuration file after user config. */ | 551 | /* Read systemwide configuration file after user config. */ |
550 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, | 552 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, |
551 | host, host_name, &options, | 553 | host, host_name, &options, |
552 | post_canon ? SSHCONF_POSTCANON : 0); | 554 | final_pass ? SSHCONF_FINAL : 0, want_final_pass); |
553 | } | 555 | } |
554 | } | 556 | } |
555 | 557 | ||
@@ -581,7 +583,7 @@ main(int ac, char **av) | |||
581 | { | 583 | { |
582 | struct ssh *ssh = NULL; | 584 | struct ssh *ssh = NULL; |
583 | int i, r, opt, exit_status, use_syslog, direct, timeout_ms; | 585 | int i, r, opt, exit_status, use_syslog, direct, timeout_ms; |
584 | int was_addr, config_test = 0, opt_terminated = 0; | 586 | int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0; |
585 | char *p, *cp, *line, *argv0, buf[PATH_MAX], *logfile; | 587 | char *p, *cp, *line, *argv0, buf[PATH_MAX], *logfile; |
586 | char cname[NI_MAXHOST]; | 588 | char cname[NI_MAXHOST]; |
587 | struct stat st; | 589 | struct stat st; |
@@ -610,6 +612,8 @@ main(int ac, char **av) | |||
610 | av = saved_av; | 612 | av = saved_av; |
611 | #endif | 613 | #endif |
612 | 614 | ||
615 | seed_rng(); | ||
616 | |||
613 | /* | 617 | /* |
614 | * Discard other fds that are hanging around. These can cause problem | 618 | * Discard other fds that are hanging around. These can cause problem |
615 | * with backgrounded ssh processes started by ControlPersist. | 619 | * with backgrounded ssh processes started by ControlPersist. |
@@ -647,7 +651,6 @@ main(int ac, char **av) | |||
647 | if ((ssh = ssh_alloc_session_state()) == NULL) | 651 | if ((ssh = ssh_alloc_session_state()) == NULL) |
648 | fatal("Couldn't allocate session state"); | 652 | fatal("Couldn't allocate session state"); |
649 | channel_init_channels(ssh); | 653 | channel_init_channels(ssh); |
650 | active_state = ssh; /* XXX legacy API compat */ | ||
651 | 654 | ||
652 | /* Parse command-line arguments. */ | 655 | /* Parse command-line arguments. */ |
653 | host = NULL; | 656 | host = NULL; |
@@ -733,6 +736,8 @@ main(int ac, char **av) | |||
733 | cp = mac_alg_list('\n'); | 736 | cp = mac_alg_list('\n'); |
734 | else if (strcmp(optarg, "kex") == 0) | 737 | else if (strcmp(optarg, "kex") == 0) |
735 | cp = kex_alg_list('\n'); | 738 | cp = kex_alg_list('\n'); |
739 | else if (strcmp(optarg, "kex-gss") == 0) | ||
740 | cp = kex_gss_alg_list('\n'); | ||
736 | else if (strcmp(optarg, "key") == 0) | 741 | else if (strcmp(optarg, "key") == 0) |
737 | cp = sshkey_alg_list(0, 0, 0, '\n'); | 742 | cp = sshkey_alg_list(0, 0, 0, '\n'); |
738 | else if (strcmp(optarg, "key-cert") == 0) | 743 | else if (strcmp(optarg, "key-cert") == 0) |
@@ -745,7 +750,7 @@ main(int ac, char **av) | |||
745 | cp = xstrdup("2"); | 750 | cp = xstrdup("2"); |
746 | else if (strcmp(optarg, "help") == 0) { | 751 | else if (strcmp(optarg, "help") == 0) { |
747 | cp = xstrdup( | 752 | cp = xstrdup( |
748 | "cipher\ncipher-auth\nkex\nkey\n" | 753 | "cipher\ncipher-auth\nkex\nkex-gss\nkey\n" |
749 | "key-cert\nkey-plain\nmac\n" | 754 | "key-cert\nkey-plain\nmac\n" |
750 | "protocol-version\nsig"); | 755 | "protocol-version\nsig"); |
751 | } | 756 | } |
@@ -816,7 +821,7 @@ main(int ac, char **av) | |||
816 | fprintf(stderr, "%s, %s\n", | 821 | fprintf(stderr, "%s, %s\n", |
817 | SSH_RELEASE, | 822 | SSH_RELEASE, |
818 | #ifdef WITH_OPENSSL | 823 | #ifdef WITH_OPENSSL |
819 | SSLeay_version(SSLEAY_VERSION) | 824 | OpenSSL_version(OPENSSL_VERSION) |
820 | #else | 825 | #else |
821 | "without OpenSSL" | 826 | "without OpenSSL" |
822 | #endif | 827 | #endif |
@@ -1036,11 +1041,6 @@ main(int ac, char **av) | |||
1036 | 1041 | ||
1037 | host_arg = xstrdup(host); | 1042 | host_arg = xstrdup(host); |
1038 | 1043 | ||
1039 | #ifdef WITH_OPENSSL | ||
1040 | OpenSSL_add_all_algorithms(); | ||
1041 | ERR_load_crypto_strings(); | ||
1042 | #endif | ||
1043 | |||
1044 | /* Initialize the command to execute on remote host. */ | 1044 | /* Initialize the command to execute on remote host. */ |
1045 | if ((command = sshbuf_new()) == NULL) | 1045 | if ((command = sshbuf_new()) == NULL) |
1046 | fatal("sshbuf_new failed"); | 1046 | fatal("sshbuf_new failed"); |
@@ -1085,14 +1085,16 @@ main(int ac, char **av) | |||
1085 | if (debug_flag) | 1085 | if (debug_flag) |
1086 | logit("%s, %s", SSH_RELEASE, | 1086 | logit("%s, %s", SSH_RELEASE, |
1087 | #ifdef WITH_OPENSSL | 1087 | #ifdef WITH_OPENSSL |
1088 | SSLeay_version(SSLEAY_VERSION) | 1088 | OpenSSL_version(OPENSSL_VERSION) |
1089 | #else | 1089 | #else |
1090 | "without OpenSSL" | 1090 | "without OpenSSL" |
1091 | #endif | 1091 | #endif |
1092 | ); | 1092 | ); |
1093 | 1093 | ||
1094 | /* Parse the configuration files */ | 1094 | /* Parse the configuration files */ |
1095 | process_config_files(host_arg, pw, 0); | 1095 | process_config_files(host_arg, pw, 0, &want_final_pass); |
1096 | if (want_final_pass) | ||
1097 | debug("configuration requests final Match pass"); | ||
1096 | 1098 | ||
1097 | /* Hostname canonicalisation needs a few options filled. */ | 1099 | /* Hostname canonicalisation needs a few options filled. */ |
1098 | fill_default_options_for_canonicalization(&options); | 1100 | fill_default_options_for_canonicalization(&options); |
@@ -1149,12 +1151,17 @@ main(int ac, char **av) | |||
1149 | * If canonicalisation is enabled then re-parse the configuration | 1151 | * If canonicalisation is enabled then re-parse the configuration |
1150 | * files as new stanzas may match. | 1152 | * files as new stanzas may match. |
1151 | */ | 1153 | */ |
1152 | if (options.canonicalize_hostname != 0) { | 1154 | if (options.canonicalize_hostname != 0 && !want_final_pass) { |
1153 | debug("Re-reading configuration after hostname " | 1155 | debug("hostname canonicalisation enabled, " |
1154 | "canonicalisation"); | 1156 | "will re-parse configuration"); |
1157 | want_final_pass = 1; | ||
1158 | } | ||
1159 | |||
1160 | if (want_final_pass) { | ||
1161 | debug("re-parsing configuration"); | ||
1155 | free(options.hostname); | 1162 | free(options.hostname); |
1156 | options.hostname = xstrdup(host); | 1163 | options.hostname = xstrdup(host); |
1157 | process_config_files(host_arg, pw, 1); | 1164 | process_config_files(host_arg, pw, 1, NULL); |
1158 | /* | 1165 | /* |
1159 | * Address resolution happens early with canonicalisation | 1166 | * Address resolution happens early with canonicalisation |
1160 | * enabled and the port number may have changed since, so | 1167 | * enabled and the port number may have changed since, so |
@@ -1264,8 +1271,6 @@ main(int ac, char **av) | |||
1264 | tty_flag = 0; | 1271 | tty_flag = 0; |
1265 | } | 1272 | } |
1266 | 1273 | ||
1267 | seed_rng(); | ||
1268 | |||
1269 | if (options.user == NULL) | 1274 | if (options.user == NULL) |
1270 | options.user = xstrdup(pw->pw_name); | 1275 | options.user = xstrdup(pw->pw_name); |
1271 | 1276 | ||
@@ -1344,7 +1349,7 @@ main(int ac, char **av) | |||
1344 | int sock; | 1349 | int sock; |
1345 | if ((sock = muxclient(options.control_path)) >= 0) { | 1350 | if ((sock = muxclient(options.control_path)) >= 0) { |
1346 | ssh_packet_set_connection(ssh, sock, sock); | 1351 | ssh_packet_set_connection(ssh, sock, sock); |
1347 | packet_set_mux(); | 1352 | ssh_packet_set_mux(ssh); |
1348 | goto skip_connect; | 1353 | goto skip_connect; |
1349 | } | 1354 | } |
1350 | } | 1355 | } |
@@ -1371,11 +1376,9 @@ main(int ac, char **av) | |||
1371 | if (addrs != NULL) | 1376 | if (addrs != NULL) |
1372 | freeaddrinfo(addrs); | 1377 | freeaddrinfo(addrs); |
1373 | 1378 | ||
1374 | packet_set_timeout(options.server_alive_interval, | 1379 | ssh_packet_set_timeout(ssh, options.server_alive_interval, |
1375 | options.server_alive_count_max); | 1380 | options.server_alive_count_max); |
1376 | 1381 | ||
1377 | ssh = active_state; /* XXX */ | ||
1378 | |||
1379 | if (timeout_ms > 0) | 1382 | if (timeout_ms > 0) |
1380 | debug3("timeout: %d ms remain after connect", timeout_ms); | 1383 | debug3("timeout: %d ms remain after connect", timeout_ms); |
1381 | 1384 | ||
@@ -1486,10 +1489,10 @@ main(int ac, char **av) | |||
1486 | signal(SIGCHLD, main_sigchld_handler); | 1489 | signal(SIGCHLD, main_sigchld_handler); |
1487 | 1490 | ||
1488 | /* Log into the remote system. Never returns if the login fails. */ | 1491 | /* Log into the remote system. Never returns if the login fails. */ |
1489 | ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, | 1492 | ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr, |
1490 | options.port, pw, timeout_ms); | 1493 | options.port, pw, timeout_ms); |
1491 | 1494 | ||
1492 | if (packet_connection_is_on_socket()) { | 1495 | if (ssh_packet_connection_is_on_socket(ssh)) { |
1493 | verbose("Authenticated to %s ([%s]:%d).", host, | 1496 | verbose("Authenticated to %s ([%s]:%d).", host, |
1494 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 1497 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
1495 | } else { | 1498 | } else { |
@@ -1523,7 +1526,7 @@ main(int ac, char **av) | |||
1523 | 1526 | ||
1524 | skip_connect: | 1527 | skip_connect: |
1525 | exit_status = ssh_session2(ssh, pw); | 1528 | exit_status = ssh_session2(ssh, pw); |
1526 | packet_close(); | 1529 | ssh_packet_close(ssh); |
1527 | 1530 | ||
1528 | if (options.control_path != NULL && muxserver_sock != -1) | 1531 | if (options.control_path != NULL && muxserver_sock != -1) |
1529 | unlink(options.control_path); | 1532 | unlink(options.control_path); |
@@ -1598,6 +1601,8 @@ static void | |||
1598 | ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | 1601 | ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) |
1599 | { | 1602 | { |
1600 | struct Forward *rfwd = (struct Forward *)ctxt; | 1603 | struct Forward *rfwd = (struct Forward *)ctxt; |
1604 | u_int port; | ||
1605 | int r; | ||
1601 | 1606 | ||
1602 | /* XXX verbose() on failure? */ | 1607 | /* XXX verbose() on failure? */ |
1603 | debug("remote forward %s for: listen %s%s%d, connect %s:%d", | 1608 | debug("remote forward %s for: listen %s%s%d, connect %s:%d", |
@@ -1609,12 +1614,25 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | |||
1609 | rfwd->connect_host, rfwd->connect_port); | 1614 | rfwd->connect_host, rfwd->connect_port); |
1610 | if (rfwd->listen_path == NULL && rfwd->listen_port == 0) { | 1615 | if (rfwd->listen_path == NULL && rfwd->listen_port == 0) { |
1611 | if (type == SSH2_MSG_REQUEST_SUCCESS) { | 1616 | if (type == SSH2_MSG_REQUEST_SUCCESS) { |
1612 | rfwd->allocated_port = packet_get_int(); | 1617 | if ((r = sshpkt_get_u32(ssh, &port)) != 0) |
1613 | logit("Allocated port %u for remote forward to %s:%d", | 1618 | fatal("%s: %s", __func__, ssh_err(r)); |
1614 | rfwd->allocated_port, | 1619 | if (port > 65535) { |
1615 | rfwd->connect_host, rfwd->connect_port); | 1620 | error("Invalid allocated port %u for remote " |
1616 | channel_update_permission(ssh, | 1621 | "forward to %s:%d", port, |
1617 | rfwd->handle, rfwd->allocated_port); | 1622 | rfwd->connect_host, rfwd->connect_port); |
1623 | /* Ensure failure processing runs below */ | ||
1624 | type = SSH2_MSG_REQUEST_FAILURE; | ||
1625 | channel_update_permission(ssh, | ||
1626 | rfwd->handle, -1); | ||
1627 | } else { | ||
1628 | rfwd->allocated_port = (int)port; | ||
1629 | logit("Allocated port %u for remote " | ||
1630 | "forward to %s:%d", | ||
1631 | rfwd->allocated_port, rfwd->connect_host, | ||
1632 | rfwd->connect_port); | ||
1633 | channel_update_permission(ssh, | ||
1634 | rfwd->handle, rfwd->allocated_port); | ||
1635 | } | ||
1618 | } else { | 1636 | } else { |
1619 | channel_update_permission(ssh, rfwd->handle, -1); | 1637 | channel_update_permission(ssh, rfwd->handle, -1); |
1620 | } | 1638 | } |
@@ -1771,7 +1789,7 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) | |||
1771 | { | 1789 | { |
1772 | extern char **environ; | 1790 | extern char **environ; |
1773 | const char *display; | 1791 | const char *display; |
1774 | int interactive = tty_flag; | 1792 | int r, interactive = tty_flag; |
1775 | char *proto = NULL, *data = NULL; | 1793 | char *proto = NULL, *data = NULL; |
1776 | 1794 | ||
1777 | if (!success) | 1795 | if (!success) |
@@ -1797,11 +1815,12 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg) | |||
1797 | if (options.forward_agent) { | 1815 | if (options.forward_agent) { |
1798 | debug("Requesting authentication agent forwarding."); | 1816 | debug("Requesting authentication agent forwarding."); |
1799 | channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); | 1817 | channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0); |
1800 | packet_send(); | 1818 | if ((r = sshpkt_send(ssh)) != 0) |
1819 | fatal("%s: %s", __func__, ssh_err(r)); | ||
1801 | } | 1820 | } |
1802 | 1821 | ||
1803 | /* Tell the packet module whether this is an interactive session. */ | 1822 | /* Tell the packet module whether this is an interactive session. */ |
1804 | packet_set_interactive(interactive, | 1823 | ssh_packet_set_interactive(ssh, interactive, |
1805 | options.ip_qos_interactive, options.ip_qos_bulk); | 1824 | options.ip_qos_interactive, options.ip_qos_bulk); |
1806 | 1825 | ||
1807 | client_session2_setup(ssh, id, tty_flag, subsystem_flag, getenv("TERM"), | 1826 | client_session2_setup(ssh, id, tty_flag, subsystem_flag, getenv("TERM"), |
@@ -1858,7 +1877,7 @@ ssh_session2_open(struct ssh *ssh) | |||
1858 | static int | 1877 | static int |
1859 | ssh_session2(struct ssh *ssh, struct passwd *pw) | 1878 | ssh_session2(struct ssh *ssh, struct passwd *pw) |
1860 | { | 1879 | { |
1861 | int devnull, id = -1; | 1880 | int r, devnull, id = -1; |
1862 | char *cp, *tun_fwd_ifname = NULL; | 1881 | char *cp, *tun_fwd_ifname = NULL; |
1863 | 1882 | ||
1864 | /* XXX should be pre-session */ | 1883 | /* XXX should be pre-session */ |
@@ -1888,7 +1907,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) | |||
1888 | } | 1907 | } |
1889 | 1908 | ||
1890 | /* Start listening for multiplex clients */ | 1909 | /* Start listening for multiplex clients */ |
1891 | if (!packet_get_mux()) | 1910 | if (!ssh_packet_get_mux(ssh)) |
1892 | muxserver_listen(ssh); | 1911 | muxserver_listen(ssh); |
1893 | 1912 | ||
1894 | /* | 1913 | /* |
@@ -1922,7 +1941,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) | |||
1922 | if (!no_shell_flag) | 1941 | if (!no_shell_flag) |
1923 | id = ssh_session2_open(ssh); | 1942 | id = ssh_session2_open(ssh); |
1924 | else { | 1943 | else { |
1925 | packet_set_interactive( | 1944 | ssh_packet_set_interactive(ssh, |
1926 | options.control_master == SSHCTL_MASTER_NO, | 1945 | options.control_master == SSHCTL_MASTER_NO, |
1927 | options.ip_qos_interactive, options.ip_qos_bulk); | 1946 | options.ip_qos_interactive, options.ip_qos_bulk); |
1928 | } | 1947 | } |
@@ -1931,10 +1950,12 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) | |||
1931 | if (options.control_master == SSHCTL_MASTER_NO && | 1950 | if (options.control_master == SSHCTL_MASTER_NO && |
1932 | (datafellows & SSH_NEW_OPENSSH)) { | 1951 | (datafellows & SSH_NEW_OPENSSH)) { |
1933 | debug("Requesting no-more-sessions@openssh.com"); | 1952 | debug("Requesting no-more-sessions@openssh.com"); |
1934 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 1953 | if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || |
1935 | packet_put_cstring("no-more-sessions@openssh.com"); | 1954 | (r = sshpkt_put_cstring(ssh, |
1936 | packet_put_char(0); | 1955 | "no-more-sessions@openssh.com")) != 0 || |
1937 | packet_send(); | 1956 | (r = sshpkt_put_u8(ssh, 0)) != 0 || |
1957 | (r = sshpkt_send(ssh)) != 0) | ||
1958 | fatal("%s: %s", __func__, ssh_err(r)); | ||
1938 | } | 1959 | } |
1939 | 1960 | ||
1940 | /* Execute a local command */ | 1961 | /* Execute a local command */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.h,v 1.88 2018/06/06 18:29:18 markus Exp $ */ | 1 | /* $OpenBSD: ssh.h,v 1.89 2018/12/27 03:25:25 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -93,3 +93,7 @@ | |||
93 | 93 | ||
94 | /* Listen backlog for sshd, ssh-agent and forwarding sockets */ | 94 | /* Listen backlog for sshd, ssh-agent and forwarding sockets */ |
95 | #define SSH_LISTEN_BACKLOG 128 | 95 | #define SSH_LISTEN_BACKLOG 128 |
96 | |||
97 | /* Limits for banner exchange */ | ||
98 | #define SSH_MAX_BANNER_LEN 8192 | ||
99 | #define SSH_MAX_PRE_BANNER_LINES 1024 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh_api.c,v 1.8 2017/04/30 23:13:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh_api.c,v 1.15 2019/01/21 10:38:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2012 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -29,17 +29,19 @@ | |||
29 | #include "ssherr.h" | 29 | #include "ssherr.h" |
30 | #include "sshbuf.h" | 30 | #include "sshbuf.h" |
31 | 31 | ||
32 | #include "openbsd-compat/openssl-compat.h" | ||
33 | |||
32 | #include <string.h> | 34 | #include <string.h> |
33 | 35 | ||
34 | int _ssh_exchange_banner(struct ssh *); | 36 | int _ssh_exchange_banner(struct ssh *); |
35 | int _ssh_send_banner(struct ssh *, char **); | 37 | int _ssh_send_banner(struct ssh *, struct sshbuf *); |
36 | int _ssh_read_banner(struct ssh *, char **); | 38 | int _ssh_read_banner(struct ssh *, struct sshbuf *); |
37 | int _ssh_order_hostkeyalgs(struct ssh *); | 39 | int _ssh_order_hostkeyalgs(struct ssh *); |
38 | int _ssh_verify_host_key(struct sshkey *, struct ssh *); | 40 | int _ssh_verify_host_key(struct sshkey *, struct ssh *); |
39 | struct sshkey *_ssh_host_public_key(int, int, struct ssh *); | 41 | struct sshkey *_ssh_host_public_key(int, int, struct ssh *); |
40 | struct sshkey *_ssh_host_private_key(int, int, struct ssh *); | 42 | struct sshkey *_ssh_host_private_key(int, int, struct ssh *); |
41 | int _ssh_host_key_sign(struct sshkey *, struct sshkey *, | 43 | int _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *, |
42 | u_char **, size_t *, const u_char *, size_t, const char *, u_int); | 44 | u_char **, size_t *, const u_char *, size_t, const char *); |
43 | 45 | ||
44 | /* | 46 | /* |
45 | * stubs for the server side implementation of kex. | 47 | * stubs for the server side implementation of kex. |
@@ -79,9 +81,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
79 | int r; | 81 | int r; |
80 | 82 | ||
81 | if (!called) { | 83 | if (!called) { |
82 | #ifdef WITH_OPENSSL | 84 | seed_rng(); |
83 | OpenSSL_add_all_algorithms(); | ||
84 | #endif /* WITH_OPENSSL */ | ||
85 | called = 1; | 85 | called = 1; |
86 | } | 86 | } |
87 | 87 | ||
@@ -92,42 +92,44 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) | |||
92 | 92 | ||
93 | /* Initialize key exchange */ | 93 | /* Initialize key exchange */ |
94 | proposal = kex_params ? kex_params->proposal : myproposal; | 94 | proposal = kex_params ? kex_params->proposal : myproposal; |
95 | if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0) { | 95 | if ((r = kex_ready(ssh, proposal)) != 0) { |
96 | ssh_free(ssh); | 96 | ssh_free(ssh); |
97 | return r; | 97 | return r; |
98 | } | 98 | } |
99 | ssh->kex->server = is_server; | 99 | ssh->kex->server = is_server; |
100 | if (is_server) { | 100 | if (is_server) { |
101 | #ifdef WITH_OPENSSL | 101 | #ifdef WITH_OPENSSL |
102 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 102 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
103 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 103 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
104 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | 104 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
105 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | 105 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
106 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | 106 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
107 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 107 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
108 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 108 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
109 | # ifdef OPENSSL_HAS_ECC | 109 | # ifdef OPENSSL_HAS_ECC |
110 | ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 110 | ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
111 | # endif | 111 | # endif |
112 | #endif /* WITH_OPENSSL */ | 112 | #endif /* WITH_OPENSSL */ |
113 | ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server; | 113 | ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
114 | ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; | ||
114 | ssh->kex->load_host_public_key=&_ssh_host_public_key; | 115 | ssh->kex->load_host_public_key=&_ssh_host_public_key; |
115 | ssh->kex->load_host_private_key=&_ssh_host_private_key; | 116 | ssh->kex->load_host_private_key=&_ssh_host_private_key; |
116 | ssh->kex->sign=&_ssh_host_key_sign; | 117 | ssh->kex->sign=&_ssh_host_key_sign; |
117 | } else { | 118 | } else { |
118 | #ifdef WITH_OPENSSL | 119 | #ifdef WITH_OPENSSL |
119 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 120 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; |
120 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 121 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; |
121 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | 122 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; |
122 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | 123 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; |
123 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | 124 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; |
124 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 125 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
125 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 126 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
126 | # ifdef OPENSSL_HAS_ECC | 127 | # ifdef OPENSSL_HAS_ECC |
127 | ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 128 | ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; |
128 | # endif | 129 | # endif |
129 | #endif /* WITH_OPENSSL */ | 130 | #endif /* WITH_OPENSSL */ |
130 | ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; | 131 | ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; |
132 | ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client; | ||
131 | ssh->kex->verify_host_key =&_ssh_verify_host_key; | 133 | ssh->kex->verify_host_key =&_ssh_verify_host_key; |
132 | } | 134 | } |
133 | *sshp = ssh; | 135 | *sshp = ssh; |
@@ -236,8 +238,8 @@ ssh_packet_next(struct ssh *ssh, u_char *typep) | |||
236 | * enough data. | 238 | * enough data. |
237 | */ | 239 | */ |
238 | *typep = SSH_MSG_NONE; | 240 | *typep = SSH_MSG_NONE; |
239 | if (ssh->kex->client_version_string == NULL || | 241 | if (sshbuf_len(ssh->kex->client_version) == 0 || |
240 | ssh->kex->server_version_string == NULL) | 242 | sshbuf_len(ssh->kex->server_version) == 0) |
241 | return _ssh_exchange_banner(ssh); | 243 | return _ssh_exchange_banner(ssh); |
242 | /* | 244 | /* |
243 | * If we enough data and a dispatch function then | 245 | * If we enough data and a dispatch function then |
@@ -312,39 +314,46 @@ ssh_input_space(struct ssh *ssh, size_t len) | |||
312 | 314 | ||
313 | /* Read other side's version identification. */ | 315 | /* Read other side's version identification. */ |
314 | int | 316 | int |
315 | _ssh_read_banner(struct ssh *ssh, char **bannerp) | 317 | _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner) |
316 | { | 318 | { |
317 | struct sshbuf *input; | 319 | struct sshbuf *input = ssh_packet_get_input(ssh); |
318 | const char *s; | ||
319 | char buf[256], remote_version[256]; /* must be same size! */ | ||
320 | const char *mismatch = "Protocol mismatch.\r\n"; | 320 | const char *mismatch = "Protocol mismatch.\r\n"; |
321 | int r, remote_major, remote_minor; | 321 | const u_char *s = sshbuf_ptr(input); |
322 | size_t i, n, j, len; | 322 | u_char c; |
323 | char *cp, *remote_version; | ||
324 | int r, remote_major, remote_minor, expect_nl; | ||
325 | size_t n, j; | ||
323 | 326 | ||
324 | *bannerp = NULL; | ||
325 | input = ssh_packet_get_input(ssh); | ||
326 | len = sshbuf_len(input); | ||
327 | s = (const char *)sshbuf_ptr(input); | ||
328 | for (j = n = 0;;) { | 327 | for (j = n = 0;;) { |
329 | for (i = 0; i < sizeof(buf) - 1; i++) { | 328 | sshbuf_reset(banner); |
330 | if (j >= len) | 329 | expect_nl = 0; |
331 | return (0); | 330 | for (;;) { |
332 | buf[i] = s[j++]; | 331 | if (j >= sshbuf_len(input)) |
333 | if (buf[i] == '\r') { | 332 | return 0; /* insufficient data in input buf */ |
334 | buf[i] = '\n'; | 333 | c = s[j++]; |
335 | buf[i + 1] = 0; | 334 | if (c == '\r') { |
336 | continue; /**XXX wait for \n */ | 335 | expect_nl = 1; |
336 | continue; | ||
337 | } | 337 | } |
338 | if (buf[i] == '\n') { | 338 | if (c == '\n') |
339 | buf[i + 1] = 0; | ||
340 | break; | 339 | break; |
341 | } | 340 | if (expect_nl) |
341 | goto bad; | ||
342 | if ((r = sshbuf_put_u8(banner, c)) != 0) | ||
343 | return r; | ||
344 | if (sshbuf_len(banner) > SSH_MAX_BANNER_LEN) | ||
345 | goto bad; | ||
342 | } | 346 | } |
343 | buf[sizeof(buf) - 1] = 0; | 347 | if (sshbuf_len(banner) >= 4 && |
344 | if (strncmp(buf, "SSH-", 4) == 0) | 348 | memcmp(sshbuf_ptr(banner), "SSH-", 4) == 0) |
345 | break; | 349 | break; |
346 | debug("ssh_exchange_identification: %s", buf); | 350 | if ((cp = sshbuf_dup_string(banner)) == NULL) |
347 | if (ssh->kex->server || ++n > 65536) { | 351 | return SSH_ERR_ALLOC_FAIL; |
352 | debug("%s: %s", __func__, cp); | ||
353 | free(cp); | ||
354 | /* Accept lines before banner only on client */ | ||
355 | if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) { | ||
356 | bad: | ||
348 | if ((r = sshbuf_put(ssh_packet_get_output(ssh), | 357 | if ((r = sshbuf_put(ssh_packet_get_output(ssh), |
349 | mismatch, strlen(mismatch))) != 0) | 358 | mismatch, strlen(mismatch))) != 0) |
350 | return r; | 359 | return r; |
@@ -354,11 +363,17 @@ _ssh_read_banner(struct ssh *ssh, char **bannerp) | |||
354 | if ((r = sshbuf_consume(input, j)) != 0) | 363 | if ((r = sshbuf_consume(input, j)) != 0) |
355 | return r; | 364 | return r; |
356 | 365 | ||
366 | if ((cp = sshbuf_dup_string(banner)) == NULL) | ||
367 | return SSH_ERR_ALLOC_FAIL; | ||
368 | /* XXX remote version must be the same size as banner for sscanf */ | ||
369 | if ((remote_version = calloc(1, sshbuf_len(banner))) == NULL) | ||
370 | return SSH_ERR_ALLOC_FAIL; | ||
371 | |||
357 | /* | 372 | /* |
358 | * Check that the versions match. In future this might accept | 373 | * Check that the versions match. In future this might accept |
359 | * several versions and set appropriate flags to handle them. | 374 | * several versions and set appropriate flags to handle them. |
360 | */ | 375 | */ |
361 | if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", | 376 | if (sscanf(cp, "SSH-%d.%d-%[^\n]\n", |
362 | &remote_major, &remote_minor, remote_version) != 3) | 377 | &remote_major, &remote_minor, remote_version) != 3) |
363 | return SSH_ERR_INVALID_FORMAT; | 378 | return SSH_ERR_INVALID_FORMAT; |
364 | debug("Remote protocol version %d.%d, remote software version %.100s", | 379 | debug("Remote protocol version %d.%d, remote software version %.100s", |
@@ -371,27 +386,29 @@ _ssh_read_banner(struct ssh *ssh, char **bannerp) | |||
371 | } | 386 | } |
372 | if (remote_major != 2) | 387 | if (remote_major != 2) |
373 | return SSH_ERR_PROTOCOL_MISMATCH; | 388 | return SSH_ERR_PROTOCOL_MISMATCH; |
374 | chop(buf); | 389 | debug("Remote version string %.100s", cp); |
375 | debug("Remote version string %.100s", buf); | 390 | free(cp); |
376 | if ((*bannerp = strdup(buf)) == NULL) | ||
377 | return SSH_ERR_ALLOC_FAIL; | ||
378 | return 0; | 391 | return 0; |
379 | } | 392 | } |
380 | 393 | ||
381 | /* Send our own protocol version identification. */ | 394 | /* Send our own protocol version identification. */ |
382 | int | 395 | int |
383 | _ssh_send_banner(struct ssh *ssh, char **bannerp) | 396 | _ssh_send_banner(struct ssh *ssh, struct sshbuf *banner) |
384 | { | 397 | { |
385 | char buf[256]; | 398 | char *cp; |
386 | int r; | 399 | int r; |
387 | 400 | ||
388 | snprintf(buf, sizeof buf, "SSH-2.0-%.100s\r\n", SSH_VERSION); | 401 | if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_VERSION)) != 0) |
389 | if ((r = sshbuf_put(ssh_packet_get_output(ssh), buf, strlen(buf))) != 0) | 402 | return r; |
403 | if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0) | ||
404 | return r; | ||
405 | /* Remove trailing \r\n */ | ||
406 | if ((r = sshbuf_consume_end(banner, 2)) != 0) | ||
390 | return r; | 407 | return r; |
391 | chop(buf); | 408 | if ((cp = sshbuf_dup_string(banner)) == NULL) |
392 | debug("Local version string %.100s", buf); | ||
393 | if ((*bannerp = strdup(buf)) == NULL) | ||
394 | return SSH_ERR_ALLOC_FAIL; | 409 | return SSH_ERR_ALLOC_FAIL; |
410 | debug("Local version string %.100s", cp); | ||
411 | free(cp); | ||
395 | return 0; | 412 | return 0; |
396 | } | 413 | } |
397 | 414 | ||
@@ -408,25 +425,25 @@ _ssh_exchange_banner(struct ssh *ssh) | |||
408 | 425 | ||
409 | r = 0; | 426 | r = 0; |
410 | if (kex->server) { | 427 | if (kex->server) { |
411 | if (kex->server_version_string == NULL) | 428 | if (sshbuf_len(ssh->kex->server_version) == 0) |
412 | r = _ssh_send_banner(ssh, &kex->server_version_string); | 429 | r = _ssh_send_banner(ssh, ssh->kex->server_version); |
413 | if (r == 0 && | 430 | if (r == 0 && |
414 | kex->server_version_string != NULL && | 431 | sshbuf_len(ssh->kex->server_version) != 0 && |
415 | kex->client_version_string == NULL) | 432 | sshbuf_len(ssh->kex->client_version) == 0) |
416 | r = _ssh_read_banner(ssh, &kex->client_version_string); | 433 | r = _ssh_read_banner(ssh, ssh->kex->client_version); |
417 | } else { | 434 | } else { |
418 | if (kex->server_version_string == NULL) | 435 | if (sshbuf_len(ssh->kex->server_version) == 0) |
419 | r = _ssh_read_banner(ssh, &kex->server_version_string); | 436 | r = _ssh_read_banner(ssh, ssh->kex->server_version); |
420 | if (r == 0 && | 437 | if (r == 0 && |
421 | kex->server_version_string != NULL && | 438 | sshbuf_len(ssh->kex->server_version) != 0 && |
422 | kex->client_version_string == NULL) | 439 | sshbuf_len(ssh->kex->client_version) == 0) |
423 | r = _ssh_send_banner(ssh, &kex->client_version_string); | 440 | r = _ssh_send_banner(ssh, ssh->kex->client_version); |
424 | } | 441 | } |
425 | if (r != 0) | 442 | if (r != 0) |
426 | return r; | 443 | return r; |
427 | /* start initial kex as soon as we have exchanged the banners */ | 444 | /* start initial kex as soon as we have exchanged the banners */ |
428 | if (kex->server_version_string != NULL && | 445 | if (sshbuf_len(ssh->kex->server_version) != 0 && |
429 | kex->client_version_string != NULL) { | 446 | sshbuf_len(ssh->kex->client_version) != 0) { |
430 | if ((r = _ssh_order_hostkeyalgs(ssh)) != 0 || | 447 | if ((r = _ssh_order_hostkeyalgs(ssh)) != 0 || |
431 | (r = kex_send_kexinit(ssh)) != 0) | 448 | (r = kex_send_kexinit(ssh)) != 0) |
432 | return r; | 449 | return r; |
@@ -532,9 +549,10 @@ _ssh_order_hostkeyalgs(struct ssh *ssh) | |||
532 | } | 549 | } |
533 | 550 | ||
534 | int | 551 | int |
535 | _ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey, | 552 | _ssh_host_key_sign(struct ssh *ssh, struct sshkey *privkey, |
536 | u_char **signature, size_t *slen, const u_char *data, size_t dlen, | 553 | struct sshkey *pubkey, u_char **signature, size_t *slen, |
537 | const char *alg, u_int compat) | 554 | const u_char *data, size_t dlen, const char *alg) |
538 | { | 555 | { |
539 | return sshkey_sign(privkey, signature, slen, data, dlen, alg, compat); | 556 | return sshkey_sign(privkey, signature, slen, data, dlen, |
557 | alg, ssh->compat); | ||
540 | } | 558 | } |
diff --git a/ssh_config b/ssh_config index 1b676fb2c..6dd6ecf87 100644 --- a/ssh_config +++ b/ssh_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $ | 1 | # $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $ |
2 | 2 | ||
3 | # This is the ssh client system-wide configuration file. See | 3 | # This is the ssh client system-wide configuration file. See |
4 | # ssh_config(5) for more information. This file provides defaults for | 4 | # ssh_config(5) for more information. This file provides defaults for |
@@ -37,7 +37,6 @@ Host * | |||
37 | # IdentityFile ~/.ssh/id_ecdsa | 37 | # IdentityFile ~/.ssh/id_ecdsa |
38 | # IdentityFile ~/.ssh/id_ed25519 | 38 | # IdentityFile ~/.ssh/id_ed25519 |
39 | # Port 22 | 39 | # Port 22 |
40 | # Protocol 2 | ||
41 | # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc | 40 | # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc |
42 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com | 41 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com |
43 | # EscapeChar ~ | 42 | # EscapeChar ~ |
diff --git a/ssh_config.0 b/ssh_config.0 index eb7f929e6..10f1c2e9d 100644 --- a/ssh_config.0 +++ b/ssh_config.0 | |||
@@ -54,22 +54,28 @@ DESCRIPTION | |||
54 | Match keyword) to be used only when the conditions following the | 54 | Match keyword) to be used only when the conditions following the |
55 | Match keyword are satisfied. Match conditions are specified | 55 | Match keyword are satisfied. Match conditions are specified |
56 | using one or more criteria or the single token all which always | 56 | using one or more criteria or the single token all which always |
57 | matches. The available criteria keywords are: canonical, exec, | 57 | matches. The available criteria keywords are: canonical, final, |
58 | host, originalhost, user, and localuser. The all criteria must | 58 | exec, host, originalhost, user, and localuser. The all criteria |
59 | appear alone or immediately after canonical. Other criteria may | 59 | must appear alone or immediately after canonical or final. Other |
60 | be combined arbitrarily. All criteria but all and canonical | 60 | criteria may be combined arbitrarily. All criteria but all, |
61 | require an argument. Criteria may be negated by prepending an | 61 | canonical, and final require an argument. Criteria may be |
62 | exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). | 62 | negated by prepending an exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y). |
63 | 63 | ||
64 | The canonical keyword matches only when the configuration file is | 64 | The canonical keyword matches only when the configuration file is |
65 | being re-parsed after hostname canonicalization (see the | 65 | being re-parsed after hostname canonicalization (see the |
66 | CanonicalizeHostname option.) This may be useful to specify | 66 | CanonicalizeHostname option). This may be useful to specify |
67 | conditions that work with canonical host names only. The exec | 67 | conditions that work with canonical host names only. |
68 | keyword executes the specified command under the user's shell. | 68 | |
69 | If the command returns a zero exit status then the condition is | 69 | The final keyword requests that the configuration be re-parsed |
70 | considered true. Commands containing whitespace characters must | 70 | (regardless of whether CanonicalizeHostname is enabled), and |
71 | be quoted. Arguments to exec accept the tokens described in the | 71 | matches only during this final pass. If CanonicalizeHostname is |
72 | TOKENS section. | 72 | enabled, then canonical and final match during the same pass. |
73 | |||
74 | The exec keyword executes the specified command under the user's | ||
75 | shell. If the command returns a zero exit status then the | ||
76 | condition is considered true. Commands containing whitespace | ||
77 | characters must be quoted. Arguments to exec accept the tokens | ||
78 | described in the TOKENS section. | ||
73 | 79 | ||
74 | The other keywords' criteria must be single entries or comma- | 80 | The other keywords' criteria must be single entries or comma- |
75 | separated lists and may use the wildcard and negation operators | 81 | separated lists and may use the wildcard and negation operators |
@@ -603,7 +609,6 @@ DESCRIPTION | |||
603 | diffie-hellman-group-exchange-sha256, | 609 | diffie-hellman-group-exchange-sha256, |
604 | diffie-hellman-group16-sha512, | 610 | diffie-hellman-group16-sha512, |
605 | diffie-hellman-group18-sha512, | 611 | diffie-hellman-group18-sha512, |
606 | diffie-hellman-group-exchange-sha1, | ||
607 | diffie-hellman-group14-sha256, | 612 | diffie-hellman-group14-sha256, |
608 | diffie-hellman-group14-sha1 | 613 | diffie-hellman-group14-sha1 |
609 | 614 | ||
@@ -690,10 +695,11 @@ DESCRIPTION | |||
690 | be yes or no (the default). | 695 | be yes or no (the default). |
691 | 696 | ||
692 | PKCS11Provider | 697 | PKCS11Provider |
693 | Specifies which PKCS#11 provider to use. The argument to this | 698 | Specifies which PKCS#11 provider to use or none to indicate that |
694 | keyword is the PKCS#11 shared library ssh(1) should use to | 699 | no provider should be used (the default). The argument to this |
695 | communicate with a PKCS#11 token providing the user's private RSA | 700 | keyword is a path to the PKCS#11 shared library ssh(1) should use |
696 | key. | 701 | to communicate with a PKCS#11 token providing keys for user |
702 | authentication. | ||
697 | 703 | ||
698 | Port Specifies the port number to connect on the remote host. The | 704 | Port Specifies the port number to connect on the remote host. The |
699 | default is 22. | 705 | default is 22. |
@@ -741,6 +747,11 @@ DESCRIPTION | |||
741 | whichever is specified first will prevent later instances of the | 747 | whichever is specified first will prevent later instances of the |
742 | other from taking effect. | 748 | other from taking effect. |
743 | 749 | ||
750 | Note also that the configuration for the destination host (either | ||
751 | supplied via the command-line or the configuration file) is not | ||
752 | generally applied to jump hosts. ~/.ssh/config should be used if | ||
753 | specific configuration is required for jump hosts. | ||
754 | |||
744 | ProxyUseFdpass | 755 | ProxyUseFdpass |
745 | Specifies that ProxyCommand will pass a connected file descriptor | 756 | Specifies that ProxyCommand will pass a connected file descriptor |
746 | back to ssh(1) instead of continuing to execute and pass data. | 757 | back to ssh(1) instead of continuing to execute and pass data. |
@@ -1087,8 +1098,7 @@ FILES | |||
1087 | This is the per-user configuration file. The format of this file | 1098 | This is the per-user configuration file. The format of this file |
1088 | is described above. This file is used by the SSH client. | 1099 | is described above. This file is used by the SSH client. |
1089 | Because of the potential for abuse, this file must have strict | 1100 | Because of the potential for abuse, this file must have strict |
1090 | permissions: read/write for the user, and not accessible by | 1101 | permissions: read/write for the user, and not writable by others. |
1091 | others. | ||
1092 | 1102 | ||
1093 | /etc/ssh/ssh_config | 1103 | /etc/ssh/ssh_config |
1094 | Systemwide configuration file. This file provides defaults for | 1104 | Systemwide configuration file. This file provides defaults for |
@@ -1106,4 +1116,4 @@ AUTHORS | |||
1106 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 1116 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
1107 | versions 1.5 and 2.0. | 1117 | versions 1.5 and 2.0. |
1108 | 1118 | ||
1109 | OpenBSD 6.4 October 3, 2018 OpenBSD 6.4 | 1119 | OpenBSD 6.5 March 1, 2019 OpenBSD 6.5 |
diff --git a/ssh_config.5 b/ssh_config.5 index f6c1b3b33..a9f6d906f 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.286 2018/10/03 06:38:35 djm Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.292 2019/03/01 02:16:47 djm Exp $ |
37 | .Dd $Mdocdate: October 3 2018 $ | 37 | .Dd $Mdocdate: March 1 2019 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -155,6 +155,7 @@ or the single token | |||
155 | which always matches. | 155 | which always matches. |
156 | The available criteria keywords are: | 156 | The available criteria keywords are: |
157 | .Cm canonical , | 157 | .Cm canonical , |
158 | .Cm final , | ||
158 | .Cm exec , | 159 | .Cm exec , |
159 | .Cm host , | 160 | .Cm host , |
160 | .Cm originalhost , | 161 | .Cm originalhost , |
@@ -164,12 +165,15 @@ and | |||
164 | The | 165 | The |
165 | .Cm all | 166 | .Cm all |
166 | criteria must appear alone or immediately after | 167 | criteria must appear alone or immediately after |
167 | .Cm canonical . | 168 | .Cm canonical |
169 | or | ||
170 | .Cm final . | ||
168 | Other criteria may be combined arbitrarily. | 171 | Other criteria may be combined arbitrarily. |
169 | All criteria but | 172 | All criteria but |
170 | .Cm all | 173 | .Cm all , |
174 | .Cm canonical , | ||
171 | and | 175 | and |
172 | .Cm canonical | 176 | .Cm final |
173 | require an argument. | 177 | require an argument. |
174 | Criteria may be negated by prepending an exclamation mark | 178 | Criteria may be negated by prepending an exclamation mark |
175 | .Pq Sq !\& . | 179 | .Pq Sq !\& . |
@@ -179,9 +183,23 @@ The | |||
179 | keyword matches only when the configuration file is being re-parsed | 183 | keyword matches only when the configuration file is being re-parsed |
180 | after hostname canonicalization (see the | 184 | after hostname canonicalization (see the |
181 | .Cm CanonicalizeHostname | 185 | .Cm CanonicalizeHostname |
182 | option.) | 186 | option). |
183 | This may be useful to specify conditions that work with canonical host | 187 | This may be useful to specify conditions that work with canonical host |
184 | names only. | 188 | names only. |
189 | .Pp | ||
190 | The | ||
191 | .Cm final | ||
192 | keyword requests that the configuration be re-parsed (regardless of whether | ||
193 | .Cm CanonicalizeHostname | ||
194 | is enabled), and matches only during this final pass. | ||
195 | If | ||
196 | .Cm CanonicalizeHostname | ||
197 | is enabled, then | ||
198 | .Cm canonical | ||
199 | and | ||
200 | .Cm final | ||
201 | match during the same pass. | ||
202 | .Pp | ||
185 | The | 203 | The |
186 | .Cm exec | 204 | .Cm exec |
187 | keyword executes the specified command under the user's shell. | 205 | keyword executes the specified command under the user's shell. |
@@ -757,42 +775,67 @@ The default is | |||
757 | Specifies whether user authentication based on GSSAPI is allowed. | 775 | Specifies whether user authentication based on GSSAPI is allowed. |
758 | The default is | 776 | The default is |
759 | .Cm no . | 777 | .Cm no . |
760 | .It Cm GSSAPIKeyExchange | ||
761 | Specifies whether key exchange based on GSSAPI may be used. When using | ||
762 | GSSAPI key exchange the server need not have a host key. | ||
763 | The default is | ||
764 | .Cm no . | ||
765 | .It Cm GSSAPIClientIdentity | 778 | .It Cm GSSAPIClientIdentity |
766 | If set, specifies the GSSAPI client identity that ssh should use when | 779 | If set, specifies the GSSAPI client identity that ssh should use when |
767 | connecting to the server. The default is unset, which means that the default | 780 | connecting to the server. The default is unset, which means that the default |
768 | identity will be used. | 781 | identity will be used. |
769 | .It Cm GSSAPIServerIdentity | ||
770 | If set, specifies the GSSAPI server identity that ssh should expect when | ||
771 | connecting to the server. The default is unset, which means that the | ||
772 | expected GSSAPI server identity will be determined from the target | ||
773 | hostname. | ||
774 | .It Cm GSSAPIDelegateCredentials | 782 | .It Cm GSSAPIDelegateCredentials |
775 | Forward (delegate) credentials to the server. | 783 | Forward (delegate) credentials to the server. |
776 | The default is | 784 | The default is |
777 | .Cm no . | 785 | .Cm no . |
786 | .It Cm GSSAPIKeyExchange | ||
787 | Specifies whether key exchange based on GSSAPI may be used. When using | ||
788 | GSSAPI key exchange the server need not have a host key. | ||
789 | The default is | ||
790 | .Dq no . | ||
778 | .It Cm GSSAPIRenewalForcesRekey | 791 | .It Cm GSSAPIRenewalForcesRekey |
779 | If set to | 792 | If set to |
780 | .Cm yes | 793 | .Dq yes |
781 | then renewal of the client's GSSAPI credentials will force the rekeying of the | 794 | then renewal of the client's GSSAPI credentials will force the rekeying of the |
782 | ssh connection. With a compatible server, this can delegate the renewed | 795 | ssh connection. With a compatible server, this will delegate the renewed |
783 | credentials to a session on the server. | 796 | credentials to a session on the server. |
797 | .Pp | ||
798 | Checks are made to ensure that credentials are only propagated when the new | ||
799 | credentials match the old ones on the originating client and where the | ||
800 | receiving server still has the old set in its cache. | ||
801 | .Pp | ||
784 | The default is | 802 | The default is |
785 | .Cm no . | 803 | .Dq no . |
804 | .Pp | ||
805 | For this to work | ||
806 | .Cm GSSAPIKeyExchange | ||
807 | needs to be enabled in the server and also used by the client. | ||
808 | .It Cm GSSAPIServerIdentity | ||
809 | If set, specifies the GSSAPI server identity that ssh should expect when | ||
810 | connecting to the server. The default is unset, which means that the | ||
811 | expected GSSAPI server identity will be determined from the target | ||
812 | hostname. | ||
786 | .It Cm GSSAPITrustDns | 813 | .It Cm GSSAPITrustDns |
787 | Set to | 814 | Set to |
788 | .Cm yes | 815 | .Dq yes |
789 | to indicate that the DNS is trusted to securely canonicalize | 816 | to indicate that the DNS is trusted to securely canonicalize |
790 | the name of the host being connected to. If | 817 | the name of the host being connected to. If |
791 | .Cm no , | 818 | .Dq no , |
792 | the hostname entered on the | 819 | the hostname entered on the |
793 | command line will be passed untouched to the GSSAPI library. | 820 | command line will be passed untouched to the GSSAPI library. |
794 | The default is | 821 | The default is |
795 | .Cm no . | 822 | .Dq no . |
823 | .It Cm GSSAPIKexAlgorithms | ||
824 | The list of key exchange algorithms that are offered for GSSAPI | ||
825 | key exchange. Possible values are | ||
826 | .Bd -literal -offset 3n | ||
827 | gss-gex-sha1-, | ||
828 | gss-group1-sha1-, | ||
829 | gss-group14-sha1-, | ||
830 | gss-group14-sha256-, | ||
831 | gss-group16-sha512-, | ||
832 | gss-nistp256-sha256-, | ||
833 | gss-curve25519-sha256- | ||
834 | .Ed | ||
835 | .Pp | ||
836 | The default is | ||
837 | .Dq gss-gex-sha1-,gss-group14-sha1- . | ||
838 | This option only applies to protocol version 2 connections using GSSAPI. | ||
796 | .It Cm HashKnownHosts | 839 | .It Cm HashKnownHosts |
797 | Indicates that | 840 | Indicates that |
798 | .Xr ssh 1 | 841 | .Xr ssh 1 |
@@ -1094,7 +1137,6 @@ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, | |||
1094 | diffie-hellman-group-exchange-sha256, | 1137 | diffie-hellman-group-exchange-sha256, |
1095 | diffie-hellman-group16-sha512, | 1138 | diffie-hellman-group16-sha512, |
1096 | diffie-hellman-group18-sha512, | 1139 | diffie-hellman-group18-sha512, |
1097 | diffie-hellman-group-exchange-sha1, | ||
1098 | diffie-hellman-group14-sha256, | 1140 | diffie-hellman-group14-sha256, |
1099 | diffie-hellman-group14-sha1 | 1141 | diffie-hellman-group14-sha1 |
1100 | .Ed | 1142 | .Ed |
@@ -1217,11 +1259,13 @@ or | |||
1217 | .Cm no | 1259 | .Cm no |
1218 | (the default). | 1260 | (the default). |
1219 | .It Cm PKCS11Provider | 1261 | .It Cm PKCS11Provider |
1220 | Specifies which PKCS#11 provider to use. | 1262 | Specifies which PKCS#11 provider to use or |
1221 | The argument to this keyword is the PKCS#11 shared library | 1263 | .Cm none |
1264 | to indicate that no provider should be used (the default). | ||
1265 | The argument to this keyword is a path to the PKCS#11 shared library | ||
1222 | .Xr ssh 1 | 1266 | .Xr ssh 1 |
1223 | should use to communicate with a PKCS#11 token providing the user's | 1267 | should use to communicate with a PKCS#11 token providing keys for user |
1224 | private RSA key. | 1268 | authentication. |
1225 | .It Cm Port | 1269 | .It Cm Port |
1226 | Specifies the port number to connect on the remote host. | 1270 | Specifies the port number to connect on the remote host. |
1227 | The default is 22. | 1271 | The default is 22. |
@@ -1299,6 +1343,12 @@ Note that this option will compete with the | |||
1299 | .Cm ProxyCommand | 1343 | .Cm ProxyCommand |
1300 | option - whichever is specified first will prevent later instances of the | 1344 | option - whichever is specified first will prevent later instances of the |
1301 | other from taking effect. | 1345 | other from taking effect. |
1346 | .Pp | ||
1347 | Note also that the configuration for the destination host (either supplied | ||
1348 | via the command-line or the configuration file) is not generally applied | ||
1349 | to jump hosts. | ||
1350 | .Pa ~/.ssh/config | ||
1351 | should be used if specific configuration is required for jump hosts. | ||
1302 | .It Cm ProxyUseFdpass | 1352 | .It Cm ProxyUseFdpass |
1303 | Specifies that | 1353 | Specifies that |
1304 | .Cm ProxyCommand | 1354 | .Cm ProxyCommand |
@@ -1852,7 +1902,7 @@ This is the per-user configuration file. | |||
1852 | The format of this file is described above. | 1902 | The format of this file is described above. |
1853 | This file is used by the SSH client. | 1903 | This file is used by the SSH client. |
1854 | Because of the potential for abuse, this file must have strict permissions: | 1904 | Because of the potential for abuse, this file must have strict permissions: |
1855 | read/write for the user, and not accessible by others. | 1905 | read/write for the user, and not writable by others. |
1856 | It may be group-writable provided that the group in question contains only | 1906 | It may be group-writable provided that the group in question contains only |
1857 | the user. | 1907 | the user. |
1858 | .It Pa /etc/ssh/ssh_config | 1908 | .It Pa /etc/ssh/ssh_config |
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index d0d791b50..3dd1e1446 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.7 2019/01/21 09:54:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -32,41 +32,24 @@ | |||
32 | #include "sshbuf.h" | 32 | #include "sshbuf.h" |
33 | 33 | ||
34 | int | 34 | int |
35 | sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v) | 35 | sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp) |
36 | { | 36 | { |
37 | BIGNUM *v; | ||
37 | const u_char *d; | 38 | const u_char *d; |
38 | size_t len; | 39 | size_t len; |
39 | int r; | 40 | int r; |
40 | 41 | ||
42 | if (valp != NULL) | ||
43 | *valp = NULL; | ||
41 | if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0) | 44 | if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0) |
42 | return r; | 45 | return r; |
43 | if (v != NULL && BN_bin2bn(d, len, v) == NULL) | 46 | if (valp != NULL) { |
44 | return SSH_ERR_ALLOC_FAIL; | 47 | if ((v = BN_new()) == NULL || |
45 | return 0; | 48 | BN_bin2bn(d, len, v) == NULL) { |
46 | } | 49 | BN_clear_free(v); |
47 | 50 | return SSH_ERR_ALLOC_FAIL; | |
48 | int | 51 | } |
49 | sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v) | 52 | *valp = v; |
50 | { | ||
51 | const u_char *d = sshbuf_ptr(buf); | ||
52 | u_int16_t len_bits; | ||
53 | size_t len_bytes; | ||
54 | |||
55 | /* Length in bits */ | ||
56 | if (sshbuf_len(buf) < 2) | ||
57 | return SSH_ERR_MESSAGE_INCOMPLETE; | ||
58 | len_bits = PEEK_U16(d); | ||
59 | len_bytes = (len_bits + 7) >> 3; | ||
60 | if (len_bytes > SSHBUF_MAX_BIGNUM) | ||
61 | return SSH_ERR_BIGNUM_TOO_LARGE; | ||
62 | if (sshbuf_len(buf) < 2 + len_bytes) | ||
63 | return SSH_ERR_MESSAGE_INCOMPLETE; | ||
64 | if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL) | ||
65 | return SSH_ERR_ALLOC_FAIL; | ||
66 | if (sshbuf_consume(buf, 2 + len_bytes) != 0) { | ||
67 | SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); | ||
68 | SSHBUF_ABORT(); | ||
69 | return SSH_ERR_INTERNAL_ERROR; | ||
70 | } | 53 | } |
71 | return 0; | 54 | return 0; |
72 | } | 55 | } |
@@ -165,28 +148,6 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v) | |||
165 | return 0; | 148 | return 0; |
166 | } | 149 | } |
167 | 150 | ||
168 | int | ||
169 | sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v) | ||
170 | { | ||
171 | int r, len_bits = BN_num_bits(v); | ||
172 | size_t len_bytes = (len_bits + 7) / 8; | ||
173 | u_char d[SSHBUF_MAX_BIGNUM], *dp; | ||
174 | |||
175 | if (len_bits < 0 || len_bytes > SSHBUF_MAX_BIGNUM) | ||
176 | return SSH_ERR_INVALID_ARGUMENT; | ||
177 | if (BN_bn2bin(v, d) != (int)len_bytes) | ||
178 | return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ | ||
179 | if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) { | ||
180 | explicit_bzero(d, sizeof(d)); | ||
181 | return r; | ||
182 | } | ||
183 | POKE_U16(dp, len_bits); | ||
184 | if (len_bytes != 0) | ||
185 | memcpy(dp + 2, d, len_bytes); | ||
186 | explicit_bzero(d, sizeof(d)); | ||
187 | return 0; | ||
188 | } | ||
189 | |||
190 | #ifdef OPENSSL_HAS_ECC | 151 | #ifdef OPENSSL_HAS_ECC |
191 | int | 152 | int |
192 | sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) | 153 | sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf.c,v 1.12 2018/07/09 21:56:06 markus Exp $ */ | 1 | /* $OpenBSD: sshbuf.c,v 1.13 2018/11/16 06:10:29 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -143,12 +143,7 @@ sshbuf_free(struct sshbuf *buf) | |||
143 | */ | 143 | */ |
144 | if (sshbuf_check_sanity(buf) != 0) | 144 | if (sshbuf_check_sanity(buf) != 0) |
145 | return; | 145 | return; |
146 | /* | 146 | |
147 | * If we are a child, the free our parent to decrement its reference | ||
148 | * count and possibly free it. | ||
149 | */ | ||
150 | sshbuf_free(buf->parent); | ||
151 | buf->parent = NULL; | ||
152 | /* | 147 | /* |
153 | * If we are a parent with still-extant children, then don't free just | 148 | * If we are a parent with still-extant children, then don't free just |
154 | * yet. The last child's call to sshbuf_free should decrement our | 149 | * yet. The last child's call to sshbuf_free should decrement our |
@@ -157,6 +152,14 @@ sshbuf_free(struct sshbuf *buf) | |||
157 | buf->refcount--; | 152 | buf->refcount--; |
158 | if (buf->refcount > 0) | 153 | if (buf->refcount > 0) |
159 | return; | 154 | return; |
155 | |||
156 | /* | ||
157 | * If we are a child, the free our parent to decrement its reference | ||
158 | * count and possibly free it. | ||
159 | */ | ||
160 | sshbuf_free(buf->parent); | ||
161 | buf->parent = NULL; | ||
162 | |||
160 | if (!buf->readonly) { | 163 | if (!buf->readonly) { |
161 | explicit_bzero(buf->d, buf->alloc); | 164 | explicit_bzero(buf->d, buf->alloc); |
162 | free(buf->d); | 165 | free(buf->d); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf.h,v 1.11 2018/07/09 21:56:06 markus Exp $ */ | 1 | /* $OpenBSD: sshbuf.h,v 1.13 2019/01/21 09:54:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -212,10 +212,8 @@ int sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len); | |||
212 | int sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, | 212 | int sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, |
213 | const u_char **valp, size_t *lenp); | 213 | const u_char **valp, size_t *lenp); |
214 | #ifdef WITH_OPENSSL | 214 | #ifdef WITH_OPENSSL |
215 | int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v); | 215 | int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp); |
216 | int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v); | ||
217 | int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); | 216 | int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v); |
218 | int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v); | ||
219 | # ifdef OPENSSL_HAS_ECC | 217 | # ifdef OPENSSL_HAS_ECC |
220 | int sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g); | 218 | int sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g); |
221 | int sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v); | 219 | int sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v); |
diff --git a/sshconnect.c b/sshconnect.c index b9418e277..1183ffe0e 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.305 2018/09/20 03:30:44 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.314 2019/02/27 19:37:01 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -68,9 +68,8 @@ | |||
68 | #include "authfile.h" | 68 | #include "authfile.h" |
69 | #include "ssherr.h" | 69 | #include "ssherr.h" |
70 | #include "authfd.h" | 70 | #include "authfd.h" |
71 | #include "kex.h" | ||
71 | 72 | ||
72 | char *client_version_string = NULL; | ||
73 | char *server_version_string = NULL; | ||
74 | struct sshkey *previous_host_key = NULL; | 73 | struct sshkey *previous_host_key = NULL; |
75 | 74 | ||
76 | static int matching_host_key_dns = 0; | 75 | static int matching_host_key_dns = 0; |
@@ -78,6 +77,7 @@ static int matching_host_key_dns = 0; | |||
78 | static pid_t proxy_command_pid = 0; | 77 | static pid_t proxy_command_pid = 0; |
79 | 78 | ||
80 | /* import */ | 79 | /* import */ |
80 | extern int debug_flag; | ||
81 | extern Options options; | 81 | extern Options options; |
82 | extern char *__progname; | 82 | extern char *__progname; |
83 | 83 | ||
@@ -99,6 +99,24 @@ expand_proxy_command(const char *proxy_command, const char *user, | |||
99 | return ret; | 99 | return ret; |
100 | } | 100 | } |
101 | 101 | ||
102 | static void | ||
103 | stderr_null(void) | ||
104 | { | ||
105 | int devnull; | ||
106 | |||
107 | if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) { | ||
108 | error("Can't open %s for stderr redirection: %s", | ||
109 | _PATH_DEVNULL, strerror(errno)); | ||
110 | return; | ||
111 | } | ||
112 | if (devnull == STDERR_FILENO) | ||
113 | return; | ||
114 | if (dup2(devnull, STDERR_FILENO) == -1) | ||
115 | error("Cannot redirect stderr to %s", _PATH_DEVNULL); | ||
116 | if (devnull > STDERR_FILENO) | ||
117 | close(devnull); | ||
118 | } | ||
119 | |||
102 | /* | 120 | /* |
103 | * Connect to the given ssh server using a proxy command that passes a | 121 | * Connect to the given ssh server using a proxy command that passes a |
104 | * a connected fd back to us. | 122 | * a connected fd back to us. |
@@ -141,9 +159,13 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, | |||
141 | close(sp[0]); | 159 | close(sp[0]); |
142 | 160 | ||
143 | /* | 161 | /* |
144 | * Stderr is left as it is so that error messages get | 162 | * Stderr is left for non-ControlPersist connections is so |
145 | * printed on the user's terminal. | 163 | * error messages may be printed on the user's terminal. |
146 | */ | 164 | */ |
165 | if (!debug_flag && options.control_path != NULL && | ||
166 | options.control_persist) | ||
167 | stderr_null(); | ||
168 | |||
147 | argv[0] = shell; | 169 | argv[0] = shell; |
148 | argv[1] = "-c"; | 170 | argv[1] = "-c"; |
149 | argv[2] = command_string; | 171 | argv[2] = command_string; |
@@ -219,8 +241,14 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, | |||
219 | /* Cannot be 1 because pin allocated two descriptors. */ | 241 | /* Cannot be 1 because pin allocated two descriptors. */ |
220 | close(pout[1]); | 242 | close(pout[1]); |
221 | 243 | ||
222 | /* Stderr is left as it is so that error messages get | 244 | /* |
223 | printed on the user's terminal. */ | 245 | * Stderr is left for non-ControlPersist connections is so |
246 | * error messages may be printed on the user's terminal. | ||
247 | */ | ||
248 | if (!debug_flag && options.control_path != NULL && | ||
249 | options.control_persist) | ||
250 | stderr_null(); | ||
251 | |||
224 | argv[0] = shell; | 252 | argv[0] = shell; |
225 | argv[1] = "-c"; | 253 | argv[1] = "-c"; |
226 | argv[2] = command_string; | 254 | argv[2] = command_string; |
@@ -369,10 +397,6 @@ ssh_create_socket(struct addrinfo *ai) | |||
369 | error("getaddrinfo: no addrs"); | 397 | error("getaddrinfo: no addrs"); |
370 | goto fail; | 398 | goto fail; |
371 | } | 399 | } |
372 | if (res->ai_addrlen > sizeof(bindaddr)) { | ||
373 | error("%s: addr doesn't fit", __func__); | ||
374 | goto fail; | ||
375 | } | ||
376 | memcpy(&bindaddr, res->ai_addr, res->ai_addrlen); | 400 | memcpy(&bindaddr, res->ai_addr, res->ai_addrlen); |
377 | bindaddrlen = res->ai_addrlen; | 401 | bindaddrlen = res->ai_addrlen; |
378 | } else if (options.bind_interface != NULL) { | 402 | } else if (options.bind_interface != NULL) { |
@@ -420,73 +444,6 @@ fail: | |||
420 | } | 444 | } |
421 | 445 | ||
422 | /* | 446 | /* |
423 | * Wait up to *timeoutp milliseconds for fd to be readable. Updates | ||
424 | * *timeoutp with time remaining. | ||
425 | * Returns 0 if fd ready or -1 on timeout or error (see errno). | ||
426 | */ | ||
427 | static int | ||
428 | waitrfd(int fd, int *timeoutp) | ||
429 | { | ||
430 | struct pollfd pfd; | ||
431 | struct timeval t_start; | ||
432 | int oerrno, r; | ||
433 | |||
434 | monotime_tv(&t_start); | ||
435 | pfd.fd = fd; | ||
436 | pfd.events = POLLIN; | ||
437 | for (; *timeoutp >= 0;) { | ||
438 | r = poll(&pfd, 1, *timeoutp); | ||
439 | oerrno = errno; | ||
440 | ms_subtract_diff(&t_start, timeoutp); | ||
441 | errno = oerrno; | ||
442 | if (r > 0) | ||
443 | return 0; | ||
444 | else if (r == -1 && errno != EAGAIN) | ||
445 | return -1; | ||
446 | else if (r == 0) | ||
447 | break; | ||
448 | } | ||
449 | /* timeout */ | ||
450 | errno = ETIMEDOUT; | ||
451 | return -1; | ||
452 | } | ||
453 | |||
454 | static int | ||
455 | timeout_connect(int sockfd, const struct sockaddr *serv_addr, | ||
456 | socklen_t addrlen, int *timeoutp) | ||
457 | { | ||
458 | int optval = 0; | ||
459 | socklen_t optlen = sizeof(optval); | ||
460 | |||
461 | /* No timeout: just do a blocking connect() */ | ||
462 | if (*timeoutp <= 0) | ||
463 | return connect(sockfd, serv_addr, addrlen); | ||
464 | |||
465 | set_nonblock(sockfd); | ||
466 | if (connect(sockfd, serv_addr, addrlen) == 0) { | ||
467 | /* Succeeded already? */ | ||
468 | unset_nonblock(sockfd); | ||
469 | return 0; | ||
470 | } else if (errno != EINPROGRESS) | ||
471 | return -1; | ||
472 | |||
473 | if (waitrfd(sockfd, timeoutp) == -1) | ||
474 | return -1; | ||
475 | |||
476 | /* Completed or failed */ | ||
477 | if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) { | ||
478 | debug("getsockopt: %s", strerror(errno)); | ||
479 | return -1; | ||
480 | } | ||
481 | if (optval != 0) { | ||
482 | errno = optval; | ||
483 | return -1; | ||
484 | } | ||
485 | unset_nonblock(sockfd); | ||
486 | return 0; | ||
487 | } | ||
488 | |||
489 | /* | ||
490 | * Opens a TCP/IP connection to the remote server on the given host. | 447 | * Opens a TCP/IP connection to the remote server on the given host. |
491 | * The address of the remote host will be returned in hostaddr. | 448 | * The address of the remote host will be returned in hostaddr. |
492 | * If port is 0, the default port will be used. | 449 | * If port is 0, the default port will be used. |
@@ -500,7 +457,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, | |||
500 | struct sockaddr_storage *hostaddr, u_short port, int family, | 457 | struct sockaddr_storage *hostaddr, u_short port, int family, |
501 | int connection_attempts, int *timeout_ms, int want_keepalive) | 458 | int connection_attempts, int *timeout_ms, int want_keepalive) |
502 | { | 459 | { |
503 | int on = 1; | 460 | int on = 1, saved_timeout_ms = *timeout_ms; |
504 | int oerrno, sock = -1, attempt; | 461 | int oerrno, sock = -1, attempt; |
505 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; | 462 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
506 | struct addrinfo *ai; | 463 | struct addrinfo *ai; |
@@ -544,6 +501,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, | |||
544 | continue; | 501 | continue; |
545 | } | 502 | } |
546 | 503 | ||
504 | *timeout_ms = saved_timeout_ms; | ||
547 | if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, | 505 | if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, |
548 | timeout_ms) >= 0) { | 506 | timeout_ms) >= 0) { |
549 | /* Successful connection. */ | 507 | /* Successful connection. */ |
@@ -589,12 +547,20 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, | |||
589 | struct sockaddr_storage *hostaddr, u_short port, int family, | 547 | struct sockaddr_storage *hostaddr, u_short port, int family, |
590 | int connection_attempts, int *timeout_ms, int want_keepalive) | 548 | int connection_attempts, int *timeout_ms, int want_keepalive) |
591 | { | 549 | { |
550 | int in, out; | ||
551 | |||
592 | if (options.proxy_command == NULL) { | 552 | if (options.proxy_command == NULL) { |
593 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, | 553 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, |
594 | family, connection_attempts, timeout_ms, want_keepalive); | 554 | family, connection_attempts, timeout_ms, want_keepalive); |
595 | } else if (strcmp(options.proxy_command, "-") == 0) { | 555 | } else if (strcmp(options.proxy_command, "-") == 0) { |
596 | if ((ssh_packet_set_connection(ssh, | 556 | if ((in = dup(STDIN_FILENO)) < 0 || |
597 | STDIN_FILENO, STDOUT_FILENO)) == NULL) | 557 | (out = dup(STDOUT_FILENO)) < 0) { |
558 | if (in >= 0) | ||
559 | close(in); | ||
560 | error("%s: dup() in/out failed", __func__); | ||
561 | return -1; /* ssh_packet_set_connection logs error */ | ||
562 | } | ||
563 | if ((ssh_packet_set_connection(ssh, in, out)) == NULL) | ||
598 | return -1; /* ssh_packet_set_connection logs error */ | 564 | return -1; /* ssh_packet_set_connection logs error */ |
599 | return 0; | 565 | return 0; |
600 | } else if (options.proxy_use_fdpass) { | 566 | } else if (options.proxy_use_fdpass) { |
@@ -604,128 +570,26 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, | |||
604 | return ssh_proxy_connect(ssh, host, port, options.proxy_command); | 570 | return ssh_proxy_connect(ssh, host, port, options.proxy_command); |
605 | } | 571 | } |
606 | 572 | ||
607 | static void | ||
608 | send_client_banner(int connection_out, int minor1) | ||
609 | { | ||
610 | /* Send our own protocol version identification. */ | ||
611 | xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", | ||
612 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE); | ||
613 | if (atomicio(vwrite, connection_out, client_version_string, | ||
614 | strlen(client_version_string)) != strlen(client_version_string)) | ||
615 | fatal("write: %.100s", strerror(errno)); | ||
616 | chop(client_version_string); | ||
617 | debug("Local version string %.100s", client_version_string); | ||
618 | } | ||
619 | |||
620 | /* | ||
621 | * Waits for the server identification string, and sends our own | ||
622 | * identification string. | ||
623 | */ | ||
624 | void | ||
625 | ssh_exchange_identification(int timeout_ms) | ||
626 | { | ||
627 | char buf[256], remote_version[256]; /* must be same size! */ | ||
628 | int remote_major, remote_minor, mismatch; | ||
629 | int connection_in = packet_get_connection_in(); | ||
630 | int connection_out = packet_get_connection_out(); | ||
631 | u_int i, n; | ||
632 | size_t len; | ||
633 | int rc; | ||
634 | |||
635 | send_client_banner(connection_out, 0); | ||
636 | |||
637 | /* Read other side's version identification. */ | ||
638 | for (n = 0;;) { | ||
639 | for (i = 0; i < sizeof(buf) - 1; i++) { | ||
640 | if (timeout_ms > 0) { | ||
641 | rc = waitrfd(connection_in, &timeout_ms); | ||
642 | if (rc == -1 && errno == ETIMEDOUT) { | ||
643 | fatal("Connection timed out during " | ||
644 | "banner exchange"); | ||
645 | } else if (rc == -1) { | ||
646 | fatal("%s: %s", | ||
647 | __func__, strerror(errno)); | ||
648 | } | ||
649 | } | ||
650 | |||
651 | len = atomicio(read, connection_in, &buf[i], 1); | ||
652 | if (len != 1 && errno == EPIPE) | ||
653 | fatal("ssh_exchange_identification: " | ||
654 | "Connection closed by remote host"); | ||
655 | else if (len != 1) | ||
656 | fatal("ssh_exchange_identification: " | ||
657 | "read: %.100s", strerror(errno)); | ||
658 | if (buf[i] == '\r') { | ||
659 | buf[i] = '\n'; | ||
660 | buf[i + 1] = 0; | ||
661 | continue; /**XXX wait for \n */ | ||
662 | } | ||
663 | if (buf[i] == '\n') { | ||
664 | buf[i + 1] = 0; | ||
665 | break; | ||
666 | } | ||
667 | if (++n > 65536) | ||
668 | fatal("ssh_exchange_identification: " | ||
669 | "No banner received"); | ||
670 | } | ||
671 | buf[sizeof(buf) - 1] = 0; | ||
672 | if (strncmp(buf, "SSH-", 4) == 0) | ||
673 | break; | ||
674 | debug("ssh_exchange_identification: %s", buf); | ||
675 | } | ||
676 | server_version_string = xstrdup(buf); | ||
677 | |||
678 | /* | ||
679 | * Check that the versions match. In future this might accept | ||
680 | * several versions and set appropriate flags to handle them. | ||
681 | */ | ||
682 | if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n", | ||
683 | &remote_major, &remote_minor, remote_version) != 3) | ||
684 | fatal("Bad remote protocol version identification: '%.100s'", buf); | ||
685 | debug("Remote protocol version %d.%d, remote software version %.100s", | ||
686 | remote_major, remote_minor, remote_version); | ||
687 | |||
688 | active_state->compat = compat_datafellows(remote_version); | ||
689 | mismatch = 0; | ||
690 | |||
691 | switch (remote_major) { | ||
692 | case 2: | ||
693 | break; | ||
694 | case 1: | ||
695 | if (remote_minor != 99) | ||
696 | mismatch = 1; | ||
697 | break; | ||
698 | default: | ||
699 | mismatch = 1; | ||
700 | break; | ||
701 | } | ||
702 | if (mismatch) | ||
703 | fatal("Protocol major versions differ: %d vs. %d", | ||
704 | PROTOCOL_MAJOR_2, remote_major); | ||
705 | if ((datafellows & SSH_BUG_RSASIGMD5) != 0) | ||
706 | logit("Server version \"%.100s\" uses unsafe RSA signature " | ||
707 | "scheme; disabling use of RSA keys", remote_version); | ||
708 | chop(server_version_string); | ||
709 | } | ||
710 | |||
711 | /* defaults to 'no' */ | 573 | /* defaults to 'no' */ |
712 | static int | 574 | static int |
713 | confirm(const char *prompt) | 575 | confirm(const char *prompt, const char *fingerprint) |
714 | { | 576 | { |
715 | const char *msg, *again = "Please type 'yes' or 'no': "; | 577 | const char *msg, *again = "Please type 'yes' or 'no': "; |
578 | const char *again_fp = "Please type 'yes', 'no' or the fingerprint: "; | ||
716 | char *p; | 579 | char *p; |
717 | int ret = -1; | 580 | int ret = -1; |
718 | 581 | ||
719 | if (options.batch_mode) | 582 | if (options.batch_mode) |
720 | return 0; | 583 | return 0; |
721 | for (msg = prompt;;msg = again) { | 584 | for (msg = prompt;;msg = fingerprint ? again_fp : again) { |
722 | p = read_passphrase(msg, RP_ECHO); | 585 | p = read_passphrase(msg, RP_ECHO); |
723 | if (p == NULL) | 586 | if (p == NULL) |
724 | return 0; | 587 | return 0; |
725 | p[strcspn(p, "\n")] = '\0'; | 588 | p[strcspn(p, "\n")] = '\0'; |
726 | if (p[0] == '\0' || strcasecmp(p, "no") == 0) | 589 | if (p[0] == '\0' || strcasecmp(p, "no") == 0) |
727 | ret = 0; | 590 | ret = 0; |
728 | else if (strcasecmp(p, "yes") == 0) | 591 | else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL && |
592 | strcasecmp(p, fingerprint) == 0)) | ||
729 | ret = 1; | 593 | ret = 1; |
730 | free(p); | 594 | free(p); |
731 | if (ret != -1) | 595 | if (ret != -1) |
@@ -853,7 +717,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
853 | char msg[1024]; | 717 | char msg[1024]; |
854 | const char *type; | 718 | const char *type; |
855 | const struct hostkey_entry *host_found, *ip_found; | 719 | const struct hostkey_entry *host_found, *ip_found; |
856 | int len, cancelled_forwarding = 0; | 720 | int len, cancelled_forwarding = 0, confirmed; |
857 | int local = sockaddr_is_local(hostaddr); | 721 | int local = sockaddr_is_local(hostaddr); |
858 | int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; | 722 | int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
859 | int hostkey_trusted = 0; /* Known or explicitly accepted by user */ | 723 | int hostkey_trusted = 0; /* Known or explicitly accepted by user */ |
@@ -1028,14 +892,15 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
1028 | "established%s\n" | 892 | "established%s\n" |
1029 | "%s key fingerprint is %s.%s%s\n%s" | 893 | "%s key fingerprint is %s.%s%s\n%s" |
1030 | "Are you sure you want to continue connecting " | 894 | "Are you sure you want to continue connecting " |
1031 | "(yes/no)? ", | 895 | "(yes/no/[fingerprint])? ", |
1032 | host, ip, msg1, type, fp, | 896 | host, ip, msg1, type, fp, |
1033 | options.visual_host_key ? "\n" : "", | 897 | options.visual_host_key ? "\n" : "", |
1034 | options.visual_host_key ? ra : "", | 898 | options.visual_host_key ? ra : "", |
1035 | msg2); | 899 | msg2); |
1036 | free(ra); | 900 | free(ra); |
901 | confirmed = confirm(msg, fp); | ||
1037 | free(fp); | 902 | free(fp); |
1038 | if (!confirm(msg)) | 903 | if (!confirmed) |
1039 | goto fail; | 904 | goto fail; |
1040 | hostkey_trusted = 1; /* user explicitly confirmed */ | 905 | hostkey_trusted = 1; /* user explicitly confirmed */ |
1041 | } | 906 | } |
@@ -1236,7 +1101,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
1236 | SSH_STRICT_HOSTKEY_ASK) { | 1101 | SSH_STRICT_HOSTKEY_ASK) { |
1237 | strlcat(msg, "\nAre you sure you want " | 1102 | strlcat(msg, "\nAre you sure you want " |
1238 | "to continue connecting (yes/no)? ", sizeof(msg)); | 1103 | "to continue connecting (yes/no)? ", sizeof(msg)); |
1239 | if (!confirm(msg)) | 1104 | if (!confirm(msg, NULL)) |
1240 | goto fail; | 1105 | goto fail; |
1241 | } else if (options.strict_host_key_checking != | 1106 | } else if (options.strict_host_key_checking != |
1242 | SSH_STRICT_HOSTKEY_OFF) { | 1107 | SSH_STRICT_HOSTKEY_OFF) { |
@@ -1408,7 +1273,7 @@ out: | |||
1408 | * This function does not require super-user privileges. | 1273 | * This function does not require super-user privileges. |
1409 | */ | 1274 | */ |
1410 | void | 1275 | void |
1411 | ssh_login(Sensitive *sensitive, const char *orighost, | 1276 | ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, |
1412 | struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms) | 1277 | struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms) |
1413 | { | 1278 | { |
1414 | char *host; | 1279 | char *host; |
@@ -1422,37 +1287,20 @@ ssh_login(Sensitive *sensitive, const char *orighost, | |||
1422 | lowercase(host); | 1287 | lowercase(host); |
1423 | 1288 | ||
1424 | /* Exchange protocol version identification strings with the server. */ | 1289 | /* Exchange protocol version identification strings with the server. */ |
1425 | ssh_exchange_identification(timeout_ms); | 1290 | if (kex_exchange_identification(ssh, timeout_ms, 1, NULL) != 0) |
1291 | cleanup_exit(255); /* error already logged */ | ||
1426 | 1292 | ||
1427 | /* Put the connection into non-blocking mode. */ | 1293 | /* Put the connection into non-blocking mode. */ |
1428 | packet_set_nonblocking(); | 1294 | ssh_packet_set_nonblocking(ssh); |
1429 | 1295 | ||
1430 | /* key exchange */ | 1296 | /* key exchange */ |
1431 | /* authenticate user */ | 1297 | /* authenticate user */ |
1432 | debug("Authenticating to %s:%d as '%s'", host, port, server_user); | 1298 | debug("Authenticating to %s:%d as '%s'", host, port, server_user); |
1433 | ssh_kex2(host, hostaddr, port); | 1299 | ssh_kex2(ssh, host, hostaddr, port); |
1434 | ssh_userauth2(local_user, server_user, host, sensitive); | 1300 | ssh_userauth2(ssh, local_user, server_user, host, sensitive); |
1435 | free(local_user); | 1301 | free(local_user); |
1436 | } | 1302 | } |
1437 | 1303 | ||
1438 | void | ||
1439 | ssh_put_password(char *password) | ||
1440 | { | ||
1441 | int size; | ||
1442 | char *padded; | ||
1443 | |||
1444 | if (datafellows & SSH_BUG_PASSWORDPAD) { | ||
1445 | packet_put_cstring(password); | ||
1446 | return; | ||
1447 | } | ||
1448 | size = ROUNDUP(strlen(password) + 1, 32); | ||
1449 | padded = xcalloc(1, size); | ||
1450 | strlcpy(padded, password, size); | ||
1451 | packet_put_string(padded, size); | ||
1452 | explicit_bzero(padded, size); | ||
1453 | free(padded); | ||
1454 | } | ||
1455 | |||
1456 | /* print all known host keys for a given host, but skip keys of given type */ | 1304 | /* print all known host keys for a given host, but skip keys of given type */ |
1457 | static int | 1305 | static int |
1458 | show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) | 1306 | show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) |
diff --git a/sshconnect.h b/sshconnect.h index 890d85733..6e8989b27 100644 --- a/sshconnect.h +++ b/sshconnect.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.h,v 1.35 2018/07/19 10:28:47 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect.h,v 1.37 2019/01/19 21:36:38 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -37,23 +37,19 @@ int ssh_connect(struct ssh *, const char *, struct addrinfo *, | |||
37 | struct sockaddr_storage *, u_short, int, int, int *, int); | 37 | struct sockaddr_storage *, u_short, int, int, int *, int); |
38 | void ssh_kill_proxy_command(void); | 38 | void ssh_kill_proxy_command(void); |
39 | 39 | ||
40 | void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short, | 40 | void ssh_login(struct ssh *, Sensitive *, const char *, |
41 | struct passwd *, int); | 41 | struct sockaddr *, u_short, struct passwd *, int); |
42 | |||
43 | void ssh_exchange_identification(int); | ||
44 | 42 | ||
45 | int verify_host_key(char *, struct sockaddr *, struct sshkey *); | 43 | int verify_host_key(char *, struct sockaddr *, struct sshkey *); |
46 | 44 | ||
47 | void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short, | 45 | void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short, |
48 | char **, char **); | 46 | char **, char **); |
49 | 47 | ||
50 | void ssh_kex(char *, struct sockaddr *); | 48 | void ssh_kex2(struct ssh *ssh, char *, struct sockaddr *, u_short); |
51 | void ssh_kex2(char *, struct sockaddr *, u_short); | ||
52 | 49 | ||
53 | void ssh_userauth1(const char *, const char *, char *, Sensitive *); | 50 | void ssh_userauth2(struct ssh *ssh, const char *, const char *, |
54 | void ssh_userauth2(const char *, const char *, char *, Sensitive *); | 51 | char *, Sensitive *); |
55 | 52 | ||
56 | void ssh_put_password(char *); | ||
57 | int ssh_local_cmd(const char *); | 53 | int ssh_local_cmd(const char *); |
58 | 54 | ||
59 | void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *); | 55 | void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *); |
diff --git a/sshconnect2.c b/sshconnect2.c index 8c872a4fb..4020371ae 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.288 2018/10/11 03:48:04 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.303 2019/02/12 23:53:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -78,8 +78,6 @@ | |||
78 | #endif | 78 | #endif |
79 | 79 | ||
80 | /* import */ | 80 | /* import */ |
81 | extern char *client_version_string; | ||
82 | extern char *server_version_string; | ||
83 | extern Options options; | 81 | extern Options options; |
84 | 82 | ||
85 | /* | 83 | /* |
@@ -155,14 +153,13 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) | |||
155 | } | 153 | } |
156 | 154 | ||
157 | void | 155 | void |
158 | ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | 156 | ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port) |
159 | { | 157 | { |
160 | char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; | 158 | char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; |
161 | char *s, *all_key; | 159 | char *s, *all_key; |
162 | struct kex *kex; | ||
163 | int r; | 160 | int r; |
164 | 161 | ||
165 | #ifdef GSSAPI | 162 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
166 | char *orig = NULL, *gss = NULL; | 163 | char *orig = NULL, *gss = NULL; |
167 | char *gss_host = NULL; | 164 | char *gss_host = NULL; |
168 | #endif | 165 | #endif |
@@ -199,7 +196,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
199 | order_hostkeyalgs(host, hostaddr, port)); | 196 | order_hostkeyalgs(host, hostaddr, port)); |
200 | } | 197 | } |
201 | 198 | ||
202 | #ifdef GSSAPI | 199 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
203 | if (options.gss_keyex) { | 200 | if (options.gss_keyex) { |
204 | /* Add the GSSAPI mechanisms currently supported on this | 201 | /* Add the GSSAPI mechanisms currently supported on this |
205 | * client to the key exchange algorithm proposal */ | 202 | * client to the key exchange algorithm proposal */ |
@@ -208,19 +205,19 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
208 | if (options.gss_server_identity) | 205 | if (options.gss_server_identity) |
209 | gss_host = xstrdup(options.gss_server_identity); | 206 | gss_host = xstrdup(options.gss_server_identity); |
210 | else if (options.gss_trust_dns) | 207 | else if (options.gss_trust_dns) |
211 | gss_host = remote_hostname(active_state); | 208 | gss_host = remote_hostname(ssh); |
212 | else | 209 | else |
213 | gss_host = xstrdup(host); | 210 | gss_host = xstrdup(host); |
214 | 211 | ||
215 | gss = ssh_gssapi_client_mechanisms(gss_host, | 212 | gss = ssh_gssapi_client_mechanisms(gss_host, |
216 | options.gss_client_identity); | 213 | options.gss_client_identity, options.gss_kex_algorithms); |
217 | if (gss) { | 214 | if (gss) { |
218 | debug("Offering GSSAPI proposal: %s", gss); | 215 | debug("Offering GSSAPI proposal: %s", gss); |
219 | xasprintf(&myproposal[PROPOSAL_KEX_ALGS], | 216 | xasprintf(&myproposal[PROPOSAL_KEX_ALGS], |
220 | "%s,%s", gss, orig); | 217 | "%s,%s", gss, orig); |
221 | 218 | ||
222 | /* If we've got GSSAPI algorithms, then we also | 219 | /* If we've got GSSAPI algorithms, then we also support the |
223 | * support the 'null' hostkey, as a last resort */ | 220 | * 'null' hostkey, as a last resort */ |
224 | orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; | 221 | orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; |
225 | xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], | 222 | xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], |
226 | "%s,null", orig); | 223 | "%s,null", orig); |
@@ -229,52 +226,54 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
229 | #endif | 226 | #endif |
230 | 227 | ||
231 | if (options.rekey_limit || options.rekey_interval) | 228 | if (options.rekey_limit || options.rekey_interval) |
232 | packet_set_rekey_limits(options.rekey_limit, | 229 | ssh_packet_set_rekey_limits(ssh, options.rekey_limit, |
233 | options.rekey_interval); | 230 | options.rekey_interval); |
234 | 231 | ||
235 | /* start key exchange */ | 232 | /* start key exchange */ |
236 | if ((r = kex_setup(active_state, myproposal)) != 0) | 233 | if ((r = kex_setup(ssh, myproposal)) != 0) |
237 | fatal("kex_setup: %s", ssh_err(r)); | 234 | fatal("kex_setup: %s", ssh_err(r)); |
238 | kex = active_state->kex; | ||
239 | #ifdef WITH_OPENSSL | 235 | #ifdef WITH_OPENSSL |
240 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; | 236 | ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; |
241 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; | 237 | ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; |
242 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; | 238 | ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; |
243 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; | 239 | ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; |
244 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; | 240 | ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; |
245 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; | 241 | ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; |
246 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; | 242 | ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; |
247 | # ifdef OPENSSL_HAS_ECC | 243 | # ifdef OPENSSL_HAS_ECC |
248 | kex->kex[KEX_ECDH_SHA2] = kexecdh_client; | 244 | ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; |
249 | # endif | 245 | # endif |
250 | #endif | 246 | # ifdef GSSAPI |
251 | kex->kex[KEX_C25519_SHA256] = kexc25519_client; | ||
252 | #ifdef GSSAPI | ||
253 | if (options.gss_keyex) { | 247 | if (options.gss_keyex) { |
254 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; | 248 | ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; |
255 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; | 249 | ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; |
256 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client; | 250 | ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client; |
251 | ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client; | ||
252 | ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client; | ||
253 | ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client; | ||
254 | ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client; | ||
257 | } | 255 | } |
256 | # endif | ||
258 | #endif | 257 | #endif |
259 | kex->client_version_string=client_version_string; | 258 | ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; |
260 | kex->server_version_string=server_version_string; | 259 | ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client; |
261 | kex->verify_host_key=&verify_host_key_callback; | 260 | ssh->kex->verify_host_key=&verify_host_key_callback; |
262 | 261 | ||
263 | #ifdef GSSAPI | 262 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
264 | if (options.gss_keyex) { | 263 | if (options.gss_keyex) { |
265 | kex->gss_deleg_creds = options.gss_deleg_creds; | 264 | ssh->kex->gss_deleg_creds = options.gss_deleg_creds; |
266 | kex->gss_trust_dns = options.gss_trust_dns; | 265 | ssh->kex->gss_trust_dns = options.gss_trust_dns; |
267 | kex->gss_client = options.gss_client_identity; | 266 | ssh->kex->gss_client = options.gss_client_identity; |
268 | kex->gss_host = gss_host; | 267 | ssh->kex->gss_host = gss_host; |
269 | } | 268 | } |
270 | #endif | 269 | #endif |
271 | 270 | ||
272 | ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done); | 271 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done); |
273 | 272 | ||
274 | /* remove ext-info from the KEX proposals for rekeying */ | 273 | /* remove ext-info from the KEX proposals for rekeying */ |
275 | myproposal[PROPOSAL_KEX_ALGS] = | 274 | myproposal[PROPOSAL_KEX_ALGS] = |
276 | compat_kex_proposal(options.kex_algorithms); | 275 | compat_kex_proposal(options.kex_algorithms); |
277 | #ifdef GSSAPI | 276 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
278 | /* repair myproposal after it was crumpled by the */ | 277 | /* repair myproposal after it was crumpled by the */ |
279 | /* ext-info removal above */ | 278 | /* ext-info removal above */ |
280 | if (gss) { | 279 | if (gss) { |
@@ -284,11 +283,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) | |||
284 | free(gss); | 283 | free(gss); |
285 | } | 284 | } |
286 | #endif | 285 | #endif |
287 | if ((r = kex_prop2buf(kex->my, myproposal)) != 0) | 286 | if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0) |
288 | fatal("kex_prop2buf: %s", ssh_err(r)); | 287 | fatal("kex_prop2buf: %s", ssh_err(r)); |
289 | 288 | ||
290 | session_id2 = kex->session_id; | 289 | session_id2 = ssh->kex->session_id; |
291 | session_id2_len = kex->session_id_len; | 290 | session_id2_len = ssh->kex->session_id_len; |
292 | 291 | ||
293 | #ifdef DEBUG_KEXDH | 292 | #ifdef DEBUG_KEXDH |
294 | /* send 1st encrypted/maced/compressed message */ | 293 | /* send 1st encrypted/maced/compressed message */ |
@@ -328,7 +327,11 @@ struct cauthctxt { | |||
328 | struct cauthmethod *method; | 327 | struct cauthmethod *method; |
329 | sig_atomic_t success; | 328 | sig_atomic_t success; |
330 | char *authlist; | 329 | char *authlist; |
331 | int attempt; | 330 | #ifdef GSSAPI |
331 | /* gssapi */ | ||
332 | gss_OID_set gss_supported_mechs; | ||
333 | u_int mech_tried; | ||
334 | #endif | ||
332 | /* pubkey */ | 335 | /* pubkey */ |
333 | struct idlist keys; | 336 | struct idlist keys; |
334 | int agent_fd; | 337 | int agent_fd; |
@@ -338,50 +341,52 @@ struct cauthctxt { | |||
338 | const char *active_ktype; | 341 | const char *active_ktype; |
339 | /* kbd-interactive */ | 342 | /* kbd-interactive */ |
340 | int info_req_seen; | 343 | int info_req_seen; |
344 | int attempt_kbdint; | ||
345 | /* password */ | ||
346 | int attempt_passwd; | ||
341 | /* generic */ | 347 | /* generic */ |
342 | void *methoddata; | 348 | void *methoddata; |
343 | }; | 349 | }; |
344 | 350 | ||
345 | struct cauthmethod { | 351 | struct cauthmethod { |
346 | char *name; /* string to compare against server's list */ | 352 | char *name; /* string to compare against server's list */ |
347 | int (*userauth)(Authctxt *authctxt); | 353 | int (*userauth)(struct ssh *ssh); |
348 | void (*cleanup)(Authctxt *authctxt); | 354 | void (*cleanup)(struct ssh *ssh); |
349 | int *enabled; /* flag in option struct that enables method */ | 355 | int *enabled; /* flag in option struct that enables method */ |
350 | int *batch_flag; /* flag in option struct that disables method */ | 356 | int *batch_flag; /* flag in option struct that disables method */ |
351 | }; | 357 | }; |
352 | 358 | ||
353 | int input_userauth_service_accept(int, u_int32_t, struct ssh *); | 359 | static int input_userauth_service_accept(int, u_int32_t, struct ssh *); |
354 | int input_userauth_ext_info(int, u_int32_t, struct ssh *); | 360 | static int input_userauth_ext_info(int, u_int32_t, struct ssh *); |
355 | int input_userauth_success(int, u_int32_t, struct ssh *); | 361 | static int input_userauth_success(int, u_int32_t, struct ssh *); |
356 | int input_userauth_success_unexpected(int, u_int32_t, struct ssh *); | 362 | static int input_userauth_failure(int, u_int32_t, struct ssh *); |
357 | int input_userauth_failure(int, u_int32_t, struct ssh *); | 363 | static int input_userauth_banner(int, u_int32_t, struct ssh *); |
358 | int input_userauth_banner(int, u_int32_t, struct ssh *); | 364 | static int input_userauth_error(int, u_int32_t, struct ssh *); |
359 | int input_userauth_error(int, u_int32_t, struct ssh *); | 365 | static int input_userauth_info_req(int, u_int32_t, struct ssh *); |
360 | int input_userauth_info_req(int, u_int32_t, struct ssh *); | 366 | static int input_userauth_pk_ok(int, u_int32_t, struct ssh *); |
361 | int input_userauth_pk_ok(int, u_int32_t, struct ssh *); | 367 | static int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); |
362 | int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); | 368 | |
363 | 369 | static int userauth_none(struct ssh *); | |
364 | int userauth_none(Authctxt *); | 370 | static int userauth_pubkey(struct ssh *); |
365 | int userauth_pubkey(Authctxt *); | 371 | static int userauth_passwd(struct ssh *); |
366 | int userauth_passwd(Authctxt *); | 372 | static int userauth_kbdint(struct ssh *); |
367 | int userauth_kbdint(Authctxt *); | 373 | static int userauth_hostbased(struct ssh *); |
368 | int userauth_hostbased(Authctxt *); | ||
369 | 374 | ||
370 | #ifdef GSSAPI | 375 | #ifdef GSSAPI |
371 | int userauth_gssapi(Authctxt *authctxt); | 376 | static int userauth_gssapi(struct ssh *); |
372 | int input_gssapi_response(int type, u_int32_t, struct ssh *); | 377 | static void userauth_gssapi_cleanup(struct ssh *); |
373 | int input_gssapi_token(int type, u_int32_t, struct ssh *); | 378 | static int input_gssapi_response(int type, u_int32_t, struct ssh *); |
374 | int input_gssapi_hash(int type, u_int32_t, struct ssh *); | 379 | static int input_gssapi_token(int type, u_int32_t, struct ssh *); |
375 | int input_gssapi_error(int, u_int32_t, struct ssh *); | 380 | static int input_gssapi_error(int, u_int32_t, struct ssh *); |
376 | int input_gssapi_errtok(int, u_int32_t, struct ssh *); | 381 | static int input_gssapi_errtok(int, u_int32_t, struct ssh *); |
377 | int userauth_gsskeyex(Authctxt *authctxt); | 382 | static int userauth_gsskeyex(struct ssh *); |
378 | #endif | 383 | #endif |
379 | 384 | ||
380 | void userauth(Authctxt *, char *); | 385 | void userauth(struct ssh *, char *); |
381 | 386 | ||
382 | static int sign_and_send_pubkey(struct ssh *ssh, Authctxt *, Identity *); | 387 | static void pubkey_cleanup(struct ssh *); |
388 | static int sign_and_send_pubkey(struct ssh *ssh, Identity *); | ||
383 | static void pubkey_prepare(Authctxt *); | 389 | static void pubkey_prepare(Authctxt *); |
384 | static void pubkey_cleanup(Authctxt *); | ||
385 | static void pubkey_reset(Authctxt *); | 390 | static void pubkey_reset(Authctxt *); |
386 | static struct sshkey *load_identity_file(Identity *); | 391 | static struct sshkey *load_identity_file(Identity *); |
387 | 392 | ||
@@ -394,11 +399,11 @@ Authmethod authmethods[] = { | |||
394 | {"gssapi-keyex", | 399 | {"gssapi-keyex", |
395 | userauth_gsskeyex, | 400 | userauth_gsskeyex, |
396 | NULL, | 401 | NULL, |
397 | &options.gss_authentication, | 402 | &options.gss_keyex, |
398 | NULL}, | 403 | NULL}, |
399 | {"gssapi-with-mic", | 404 | {"gssapi-with-mic", |
400 | userauth_gssapi, | 405 | userauth_gssapi, |
401 | NULL, | 406 | userauth_gssapi_cleanup, |
402 | &options.gss_authentication, | 407 | &options.gss_authentication, |
403 | NULL}, | 408 | NULL}, |
404 | #endif | 409 | #endif |
@@ -431,10 +436,9 @@ Authmethod authmethods[] = { | |||
431 | }; | 436 | }; |
432 | 437 | ||
433 | void | 438 | void |
434 | ssh_userauth2(const char *local_user, const char *server_user, char *host, | 439 | ssh_userauth2(struct ssh *ssh, const char *local_user, |
435 | Sensitive *sensitive) | 440 | const char *server_user, char *host, Sensitive *sensitive) |
436 | { | 441 | { |
437 | struct ssh *ssh = active_state; | ||
438 | Authctxt authctxt; | 442 | Authctxt authctxt; |
439 | int r; | 443 | int r; |
440 | 444 | ||
@@ -445,7 +449,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
445 | 449 | ||
446 | /* setup authentication context */ | 450 | /* setup authentication context */ |
447 | memset(&authctxt, 0, sizeof(authctxt)); | 451 | memset(&authctxt, 0, sizeof(authctxt)); |
448 | pubkey_prepare(&authctxt); | ||
449 | authctxt.server_user = server_user; | 452 | authctxt.server_user = server_user; |
450 | authctxt.local_user = local_user; | 453 | authctxt.local_user = local_user; |
451 | authctxt.host = host; | 454 | authctxt.host = host; |
@@ -457,9 +460,18 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
457 | authctxt.sensitive = sensitive; | 460 | authctxt.sensitive = sensitive; |
458 | authctxt.active_ktype = authctxt.oktypes = authctxt.ktypes = NULL; | 461 | authctxt.active_ktype = authctxt.oktypes = authctxt.ktypes = NULL; |
459 | authctxt.info_req_seen = 0; | 462 | authctxt.info_req_seen = 0; |
463 | authctxt.attempt_kbdint = 0; | ||
464 | authctxt.attempt_passwd = 0; | ||
465 | #if GSSAPI | ||
466 | authctxt.gss_supported_mechs = NULL; | ||
467 | authctxt.mech_tried = 0; | ||
468 | #endif | ||
460 | authctxt.agent_fd = -1; | 469 | authctxt.agent_fd = -1; |
461 | if (authctxt.method == NULL) | 470 | pubkey_prepare(&authctxt); |
462 | fatal("ssh_userauth2: internal error: cannot send userauth none request"); | 471 | if (authctxt.method == NULL) { |
472 | fatal("%s: internal error: cannot send userauth none request", | ||
473 | __func__); | ||
474 | } | ||
463 | 475 | ||
464 | if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 || | 476 | if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 || |
465 | (r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 || | 477 | (r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 || |
@@ -471,9 +483,9 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
471 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); | 483 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); |
472 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); | 484 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); |
473 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */ | 485 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */ |
486 | pubkey_cleanup(ssh); | ||
474 | ssh->authctxt = NULL; | 487 | ssh->authctxt = NULL; |
475 | 488 | ||
476 | pubkey_cleanup(&authctxt); | ||
477 | ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); | 489 | ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); |
478 | 490 | ||
479 | if (!authctxt.success) | 491 | if (!authctxt.success) |
@@ -482,10 +494,9 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
482 | } | 494 | } |
483 | 495 | ||
484 | /* ARGSUSED */ | 496 | /* ARGSUSED */ |
485 | int | 497 | static int |
486 | input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) | 498 | input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) |
487 | { | 499 | { |
488 | Authctxt *authctxt = ssh->authctxt; | ||
489 | int r; | 500 | int r; |
490 | 501 | ||
491 | if (ssh_packet_remaining(ssh) > 0) { | 502 | if (ssh_packet_remaining(ssh) > 0) { |
@@ -503,7 +514,7 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) | |||
503 | debug("SSH2_MSG_SERVICE_ACCEPT received"); | 514 | debug("SSH2_MSG_SERVICE_ACCEPT received"); |
504 | 515 | ||
505 | /* initial userauth request */ | 516 | /* initial userauth request */ |
506 | userauth_none(authctxt); | 517 | userauth_none(ssh); |
507 | 518 | ||
508 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error); | 519 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error); |
509 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); | 520 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); |
@@ -515,19 +526,19 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh) | |||
515 | } | 526 | } |
516 | 527 | ||
517 | /* ARGSUSED */ | 528 | /* ARGSUSED */ |
518 | int | 529 | static int |
519 | input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh) | 530 | input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh) |
520 | { | 531 | { |
521 | return kex_input_ext_info(type, seqnr, ssh); | 532 | return kex_input_ext_info(type, seqnr, ssh); |
522 | } | 533 | } |
523 | 534 | ||
524 | void | 535 | void |
525 | userauth(Authctxt *authctxt, char *authlist) | 536 | userauth(struct ssh *ssh, char *authlist) |
526 | { | 537 | { |
527 | struct ssh *ssh = active_state; /* XXX */ | 538 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
528 | 539 | ||
529 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) | 540 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) |
530 | authctxt->method->cleanup(authctxt); | 541 | authctxt->method->cleanup(ssh); |
531 | 542 | ||
532 | free(authctxt->methoddata); | 543 | free(authctxt->methoddata); |
533 | authctxt->methoddata = NULL; | 544 | authctxt->methoddata = NULL; |
@@ -549,7 +560,7 @@ userauth(Authctxt *authctxt, char *authlist) | |||
549 | SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL); | 560 | SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL); |
550 | 561 | ||
551 | /* and try new method */ | 562 | /* and try new method */ |
552 | if (method->userauth(authctxt) != 0) { | 563 | if (method->userauth(ssh) != 0) { |
553 | debug2("we sent a %s packet, wait for reply", method->name); | 564 | debug2("we sent a %s packet, wait for reply", method->name); |
554 | break; | 565 | break; |
555 | } else { | 566 | } else { |
@@ -560,50 +571,53 @@ userauth(Authctxt *authctxt, char *authlist) | |||
560 | } | 571 | } |
561 | 572 | ||
562 | /* ARGSUSED */ | 573 | /* ARGSUSED */ |
563 | int | 574 | static int |
564 | input_userauth_error(int type, u_int32_t seq, struct ssh *ssh) | 575 | input_userauth_error(int type, u_int32_t seq, struct ssh *ssh) |
565 | { | 576 | { |
566 | fatal("input_userauth_error: bad message during authentication: " | 577 | fatal("%s: bad message during authentication: type %d", __func__, type); |
567 | "type %d", type); | ||
568 | return 0; | 578 | return 0; |
569 | } | 579 | } |
570 | 580 | ||
571 | /* ARGSUSED */ | 581 | /* ARGSUSED */ |
572 | int | 582 | static int |
573 | input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) | 583 | input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh) |
574 | { | 584 | { |
575 | char *msg, *lang; | 585 | char *msg = NULL; |
576 | u_int len; | 586 | size_t len; |
587 | int r; | ||
577 | 588 | ||
578 | debug3("%s", __func__); | 589 | debug3("%s", __func__); |
579 | msg = packet_get_string(&len); | 590 | if ((r = sshpkt_get_cstring(ssh, &msg, &len)) != 0 || |
580 | lang = packet_get_string(NULL); | 591 | (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) |
592 | goto out; | ||
581 | if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) | 593 | if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) |
582 | fmprintf(stderr, "%s", msg); | 594 | fmprintf(stderr, "%s", msg); |
595 | r = 0; | ||
596 | out: | ||
583 | free(msg); | 597 | free(msg); |
584 | free(lang); | 598 | return r; |
585 | return 0; | ||
586 | } | 599 | } |
587 | 600 | ||
588 | /* ARGSUSED */ | 601 | /* ARGSUSED */ |
589 | int | 602 | static int |
590 | input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) | 603 | input_userauth_success(int type, u_int32_t seq, struct ssh *ssh) |
591 | { | 604 | { |
592 | Authctxt *authctxt = ssh->authctxt; | 605 | Authctxt *authctxt = ssh->authctxt; |
593 | 606 | ||
594 | if (authctxt == NULL) | 607 | if (authctxt == NULL) |
595 | fatal("input_userauth_success: no authentication context"); | 608 | fatal("%s: no authentication context", __func__); |
596 | free(authctxt->authlist); | 609 | free(authctxt->authlist); |
597 | authctxt->authlist = NULL; | 610 | authctxt->authlist = NULL; |
598 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) | 611 | if (authctxt->method != NULL && authctxt->method->cleanup != NULL) |
599 | authctxt->method->cleanup(authctxt); | 612 | authctxt->method->cleanup(ssh); |
600 | free(authctxt->methoddata); | 613 | free(authctxt->methoddata); |
601 | authctxt->methoddata = NULL; | 614 | authctxt->methoddata = NULL; |
602 | authctxt->success = 1; /* break out */ | 615 | authctxt->success = 1; /* break out */ |
603 | return 0; | 616 | return 0; |
604 | } | 617 | } |
605 | 618 | ||
606 | int | 619 | #if 0 |
620 | static int | ||
607 | input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) | 621 | input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) |
608 | { | 622 | { |
609 | Authctxt *authctxt = ssh->authctxt; | 623 | Authctxt *authctxt = ssh->authctxt; |
@@ -615,9 +629,10 @@ input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh) | |||
615 | authctxt->method->name); | 629 | authctxt->method->name); |
616 | return 0; | 630 | return 0; |
617 | } | 631 | } |
632 | #endif | ||
618 | 633 | ||
619 | /* ARGSUSED */ | 634 | /* ARGSUSED */ |
620 | int | 635 | static int |
621 | input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) | 636 | input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) |
622 | { | 637 | { |
623 | Authctxt *authctxt = ssh->authctxt; | 638 | Authctxt *authctxt = ssh->authctxt; |
@@ -640,7 +655,7 @@ input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh) | |||
640 | } | 655 | } |
641 | debug("Authentications that can continue: %s", authlist); | 656 | debug("Authentications that can continue: %s", authlist); |
642 | 657 | ||
643 | userauth(authctxt, authlist); | 658 | userauth(ssh, authlist); |
644 | authlist = NULL; | 659 | authlist = NULL; |
645 | out: | 660 | out: |
646 | free(authlist); | 661 | free(authlist); |
@@ -672,7 +687,7 @@ format_identity(Identity *id) | |||
672 | } | 687 | } |
673 | 688 | ||
674 | /* ARGSUSED */ | 689 | /* ARGSUSED */ |
675 | int | 690 | static int |
676 | input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) | 691 | input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) |
677 | { | 692 | { |
678 | Authctxt *authctxt = ssh->authctxt; | 693 | Authctxt *authctxt = ssh->authctxt; |
@@ -727,7 +742,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) | |||
727 | } | 742 | } |
728 | ident = format_identity(id); | 743 | ident = format_identity(id); |
729 | debug("Server accepts key: %s", ident); | 744 | debug("Server accepts key: %s", ident); |
730 | sent = sign_and_send_pubkey(ssh, authctxt, id); | 745 | sent = sign_and_send_pubkey(ssh, id); |
731 | r = 0; | 746 | r = 0; |
732 | done: | 747 | done: |
733 | sshkey_free(key); | 748 | sshkey_free(key); |
@@ -738,55 +753,56 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) | |||
738 | 753 | ||
739 | /* try another method if we did not send a packet */ | 754 | /* try another method if we did not send a packet */ |
740 | if (r == 0 && sent == 0) | 755 | if (r == 0 && sent == 0) |
741 | userauth(authctxt, NULL); | 756 | userauth(ssh, NULL); |
742 | return r; | 757 | return r; |
743 | } | 758 | } |
744 | 759 | ||
745 | #ifdef GSSAPI | 760 | #ifdef GSSAPI |
746 | int | 761 | static int |
747 | userauth_gssapi(Authctxt *authctxt) | 762 | userauth_gssapi(struct ssh *ssh) |
748 | { | 763 | { |
749 | struct ssh *ssh = active_state; /* XXX */ | 764 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
750 | Gssctxt *gssctxt = NULL; | 765 | Gssctxt *gssctxt = NULL; |
751 | static gss_OID_set gss_supported = NULL; | ||
752 | static u_int mech = 0; | ||
753 | OM_uint32 min; | 766 | OM_uint32 min; |
754 | int r, ok = 0; | 767 | int r, ok = 0; |
768 | gss_OID mech = NULL; | ||
755 | char *gss_host; | 769 | char *gss_host; |
756 | 770 | ||
757 | if (options.gss_server_identity) | 771 | if (options.gss_server_identity) |
758 | gss_host = xstrdup(options.gss_server_identity); | 772 | gss_host = xstrdup(options.gss_server_identity); |
759 | else if (options.gss_trust_dns) | 773 | else if (options.gss_trust_dns) |
760 | gss_host = remote_hostname(active_state); | 774 | gss_host = remote_hostname(ssh); |
761 | else | 775 | else |
762 | gss_host = xstrdup(authctxt->host); | 776 | gss_host = xstrdup(authctxt->host); |
763 | 777 | ||
764 | /* Try one GSSAPI method at a time, rather than sending them all at | 778 | /* Try one GSSAPI method at a time, rather than sending them all at |
765 | * once. */ | 779 | * once. */ |
766 | 780 | ||
767 | if (gss_supported == NULL) | 781 | if (authctxt->gss_supported_mechs == NULL) |
768 | if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { | 782 | if (GSS_ERROR(gss_indicate_mechs(&min, |
769 | gss_supported = NULL; | 783 | &authctxt->gss_supported_mechs))) { |
784 | authctxt->gss_supported_mechs = NULL; | ||
770 | free(gss_host); | 785 | free(gss_host); |
771 | return 0; | 786 | return 0; |
772 | } | 787 | } |
773 | 788 | ||
774 | /* Check to see if the mechanism is usable before we offer it */ | 789 | /* Check to see whether the mechanism is usable before we offer it */ |
775 | while (mech < gss_supported->count && !ok) { | 790 | while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && |
791 | !ok) { | ||
792 | mech = &authctxt->gss_supported_mechs-> | ||
793 | elements[authctxt->mech_tried]; | ||
776 | /* My DER encoding requires length<128 */ | 794 | /* My DER encoding requires length<128 */ |
777 | if (gss_supported->elements[mech].length < 128 && | 795 | if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, |
778 | ssh_gssapi_check_mechanism(&gssctxt, | 796 | mech, gss_host, options.gss_client_identity)) { |
779 | &gss_supported->elements[mech], gss_host, | ||
780 | options.gss_client_identity)) { | ||
781 | ok = 1; /* Mechanism works */ | 797 | ok = 1; /* Mechanism works */ |
782 | } else { | 798 | } else { |
783 | mech++; | 799 | authctxt->mech_tried++; |
784 | } | 800 | } |
785 | } | 801 | } |
786 | 802 | ||
787 | free(gss_host); | 803 | free(gss_host); |
788 | 804 | ||
789 | if (!ok) | 805 | if (!ok || mech == NULL) |
790 | return 0; | 806 | return 0; |
791 | 807 | ||
792 | authctxt->methoddata=(void *)gssctxt; | 808 | authctxt->methoddata=(void *)gssctxt; |
@@ -796,14 +812,10 @@ userauth_gssapi(Authctxt *authctxt) | |||
796 | (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || | 812 | (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || |
797 | (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || | 813 | (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || |
798 | (r = sshpkt_put_u32(ssh, 1)) != 0 || | 814 | (r = sshpkt_put_u32(ssh, 1)) != 0 || |
799 | (r = sshpkt_put_u32(ssh, | 815 | (r = sshpkt_put_u32(ssh, (mech->length) + 2)) != 0 || |
800 | (gss_supported->elements[mech].length) + 2)) != 0 || | ||
801 | (r = sshpkt_put_u8(ssh, SSH_GSS_OIDTYPE)) != 0 || | 816 | (r = sshpkt_put_u8(ssh, SSH_GSS_OIDTYPE)) != 0 || |
802 | (r = sshpkt_put_u8(ssh, | 817 | (r = sshpkt_put_u8(ssh, mech->length)) != 0 || |
803 | gss_supported->elements[mech].length)) != 0 || | 818 | (r = sshpkt_put(ssh, mech->elements, mech->length)) != 0 || |
804 | (r = sshpkt_put(ssh, | ||
805 | gss_supported->elements[mech].elements, | ||
806 | gss_supported->elements[mech].length)) != 0 || | ||
807 | (r = sshpkt_send(ssh)) != 0) | 819 | (r = sshpkt_send(ssh)) != 0) |
808 | fatal("%s: %s", __func__, ssh_err(r)); | 820 | fatal("%s: %s", __func__, ssh_err(r)); |
809 | 821 | ||
@@ -812,11 +824,24 @@ userauth_gssapi(Authctxt *authctxt) | |||
812 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error); | 824 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error); |
813 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); | 825 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); |
814 | 826 | ||
815 | mech++; /* Move along to next candidate */ | 827 | authctxt->mech_tried++; /* Move along to next candidate */ |
816 | 828 | ||
817 | return 1; | 829 | return 1; |
818 | } | 830 | } |
819 | 831 | ||
832 | static void | ||
833 | userauth_gssapi_cleanup(struct ssh *ssh) | ||
834 | { | ||
835 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | ||
836 | Gssctxt *gssctxt = (Gssctxt *)authctxt->methoddata; | ||
837 | |||
838 | ssh_gssapi_delete_ctx(&gssctxt); | ||
839 | authctxt->methoddata = NULL; | ||
840 | |||
841 | free(authctxt->gss_supported_mechs); | ||
842 | authctxt->gss_supported_mechs = NULL; | ||
843 | } | ||
844 | |||
820 | static OM_uint32 | 845 | static OM_uint32 |
821 | process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) | 846 | process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) |
822 | { | 847 | { |
@@ -884,7 +909,7 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok) | |||
884 | } | 909 | } |
885 | 910 | ||
886 | /* ARGSUSED */ | 911 | /* ARGSUSED */ |
887 | int | 912 | static int |
888 | input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) | 913 | input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) |
889 | { | 914 | { |
890 | Authctxt *authctxt = ssh->authctxt; | 915 | Authctxt *authctxt = ssh->authctxt; |
@@ -905,7 +930,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) | |||
905 | oidv[0] != SSH_GSS_OIDTYPE || | 930 | oidv[0] != SSH_GSS_OIDTYPE || |
906 | oidv[1] != oidlen - 2) { | 931 | oidv[1] != oidlen - 2) { |
907 | debug("Badly encoded mechanism OID received"); | 932 | debug("Badly encoded mechanism OID received"); |
908 | userauth(authctxt, NULL); | 933 | userauth(ssh, NULL); |
909 | goto ok; | 934 | goto ok; |
910 | } | 935 | } |
911 | 936 | ||
@@ -918,7 +943,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) | |||
918 | if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) { | 943 | if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) { |
919 | /* Start again with next method on list */ | 944 | /* Start again with next method on list */ |
920 | debug("Trying to start again"); | 945 | debug("Trying to start again"); |
921 | userauth(authctxt, NULL); | 946 | userauth(ssh, NULL); |
922 | goto ok; | 947 | goto ok; |
923 | } | 948 | } |
924 | ok: | 949 | ok: |
@@ -929,7 +954,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) | |||
929 | } | 954 | } |
930 | 955 | ||
931 | /* ARGSUSED */ | 956 | /* ARGSUSED */ |
932 | int | 957 | static int |
933 | input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) | 958 | input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) |
934 | { | 959 | { |
935 | Authctxt *authctxt = ssh->authctxt; | 960 | Authctxt *authctxt = ssh->authctxt; |
@@ -952,7 +977,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) | |||
952 | 977 | ||
953 | /* Start again with the next method in the list */ | 978 | /* Start again with the next method in the list */ |
954 | if (GSS_ERROR(status)) { | 979 | if (GSS_ERROR(status)) { |
955 | userauth(authctxt, NULL); | 980 | userauth(ssh, NULL); |
956 | /* ok */ | 981 | /* ok */ |
957 | } | 982 | } |
958 | r = 0; | 983 | r = 0; |
@@ -962,7 +987,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh) | |||
962 | } | 987 | } |
963 | 988 | ||
964 | /* ARGSUSED */ | 989 | /* ARGSUSED */ |
965 | int | 990 | static int |
966 | input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) | 991 | input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) |
967 | { | 992 | { |
968 | Authctxt *authctxt = ssh->authctxt; | 993 | Authctxt *authctxt = ssh->authctxt; |
@@ -997,7 +1022,7 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh) | |||
997 | } | 1022 | } |
998 | 1023 | ||
999 | /* ARGSUSED */ | 1024 | /* ARGSUSED */ |
1000 | int | 1025 | static int |
1001 | input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) | 1026 | input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) |
1002 | { | 1027 | { |
1003 | char *msg = NULL; | 1028 | char *msg = NULL; |
@@ -1018,10 +1043,10 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) | |||
1018 | } | 1043 | } |
1019 | 1044 | ||
1020 | int | 1045 | int |
1021 | userauth_gsskeyex(Authctxt *authctxt) | 1046 | userauth_gsskeyex(struct ssh *ssh) |
1022 | { | 1047 | { |
1023 | struct ssh *ssh = active_state; /* XXX */ | 1048 | struct sshbuf *b = NULL; |
1024 | struct sshbuf *b; | 1049 | Authctxt *authctxt = ssh->authctxt; |
1025 | gss_buffer_desc gssbuf; | 1050 | gss_buffer_desc gssbuf; |
1026 | gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; | 1051 | gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; |
1027 | OM_uint32 ms; | 1052 | OM_uint32 ms; |
@@ -1032,12 +1057,13 @@ userauth_gsskeyex(Authctxt *authctxt) | |||
1032 | return (0); | 1057 | return (0); |
1033 | 1058 | ||
1034 | if (gss_kex_context == NULL) { | 1059 | if (gss_kex_context == NULL) { |
1035 | debug("No valid Key exchange context"); | 1060 | debug("No valid Key exchange context"); |
1036 | return (0); | 1061 | return (0); |
1037 | } | 1062 | } |
1038 | 1063 | ||
1039 | if ((b = sshbuf_new()) == NULL) | 1064 | if ((b = sshbuf_new()) == NULL) |
1040 | fatal("%s: sshbuf_new failed", __func__); | 1065 | fatal("%s: sshbuf_new failed", __func__); |
1066 | |||
1041 | ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, | 1067 | ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service, |
1042 | "gssapi-keyex"); | 1068 | "gssapi-keyex"); |
1043 | 1069 | ||
@@ -1066,10 +1092,10 @@ userauth_gsskeyex(Authctxt *authctxt) | |||
1066 | 1092 | ||
1067 | #endif /* GSSAPI */ | 1093 | #endif /* GSSAPI */ |
1068 | 1094 | ||
1069 | int | 1095 | static int |
1070 | userauth_none(Authctxt *authctxt) | 1096 | userauth_none(struct ssh *ssh) |
1071 | { | 1097 | { |
1072 | struct ssh *ssh = active_state; /* XXX */ | 1098 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
1073 | int r; | 1099 | int r; |
1074 | 1100 | ||
1075 | /* initial userauth request */ | 1101 | /* initial userauth request */ |
@@ -1082,25 +1108,22 @@ userauth_none(Authctxt *authctxt) | |||
1082 | return 1; | 1108 | return 1; |
1083 | } | 1109 | } |
1084 | 1110 | ||
1085 | int | 1111 | static int |
1086 | userauth_passwd(Authctxt *authctxt) | 1112 | userauth_passwd(struct ssh *ssh) |
1087 | { | 1113 | { |
1088 | struct ssh *ssh = active_state; /* XXX */ | 1114 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
1089 | static int attempt = 0; | 1115 | char *password, *prompt = NULL; |
1090 | char prompt[256]; | ||
1091 | char *password; | ||
1092 | const char *host = options.host_key_alias ? options.host_key_alias : | 1116 | const char *host = options.host_key_alias ? options.host_key_alias : |
1093 | authctxt->host; | 1117 | authctxt->host; |
1094 | int r; | 1118 | int r; |
1095 | 1119 | ||
1096 | if (attempt++ >= options.number_of_password_prompts) | 1120 | if (authctxt->attempt_passwd++ >= options.number_of_password_prompts) |
1097 | return 0; | 1121 | return 0; |
1098 | 1122 | ||
1099 | if (attempt != 1) | 1123 | if (authctxt->attempt_passwd != 1) |
1100 | error("Permission denied, please try again."); | 1124 | error("Permission denied, please try again."); |
1101 | 1125 | ||
1102 | snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", | 1126 | xasprintf(&prompt, "%s@%s's password: ", authctxt->server_user, host); |
1103 | authctxt->server_user, host); | ||
1104 | password = read_passphrase(prompt, 0); | 1127 | password = read_passphrase(prompt, 0); |
1105 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || | 1128 | if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || |
1106 | (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || | 1129 | (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || |
@@ -1112,7 +1135,8 @@ userauth_passwd(Authctxt *authctxt) | |||
1112 | (r = sshpkt_send(ssh)) != 0) | 1135 | (r = sshpkt_send(ssh)) != 0) |
1113 | fatal("%s: %s", __func__, ssh_err(r)); | 1136 | fatal("%s: %s", __func__, ssh_err(r)); |
1114 | 1137 | ||
1115 | if (password) | 1138 | free(prompt); |
1139 | if (password != NULL) | ||
1116 | freezero(password, strlen(password)); | 1140 | freezero(password, strlen(password)); |
1117 | 1141 | ||
1118 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, | 1142 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, |
@@ -1125,7 +1149,7 @@ userauth_passwd(Authctxt *authctxt) | |||
1125 | * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST | 1149 | * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST |
1126 | */ | 1150 | */ |
1127 | /* ARGSUSED */ | 1151 | /* ARGSUSED */ |
1128 | int | 1152 | static int |
1129 | input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) | 1153 | input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) |
1130 | { | 1154 | { |
1131 | Authctxt *authctxt = ssh->authctxt; | 1155 | Authctxt *authctxt = ssh->authctxt; |
@@ -1309,8 +1333,9 @@ id_filename_matches(Identity *id, Identity *private_id) | |||
1309 | } | 1333 | } |
1310 | 1334 | ||
1311 | static int | 1335 | static int |
1312 | sign_and_send_pubkey(struct ssh *ssh, Authctxt *authctxt, Identity *id) | 1336 | sign_and_send_pubkey(struct ssh *ssh, Identity *id) |
1313 | { | 1337 | { |
1338 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | ||
1314 | struct sshbuf *b = NULL; | 1339 | struct sshbuf *b = NULL; |
1315 | Identity *private_id, *sign_id = NULL; | 1340 | Identity *private_id, *sign_id = NULL; |
1316 | u_char *signature = NULL; | 1341 | u_char *signature = NULL; |
@@ -1468,8 +1493,9 @@ sign_and_send_pubkey(struct ssh *ssh, Authctxt *authctxt, Identity *id) | |||
1468 | } | 1493 | } |
1469 | 1494 | ||
1470 | static int | 1495 | static int |
1471 | send_pubkey_test(struct ssh *ssh, Authctxt *authctxt, Identity *id) | 1496 | send_pubkey_test(struct ssh *ssh, Identity *id) |
1472 | { | 1497 | { |
1498 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | ||
1473 | u_char *blob = NULL; | 1499 | u_char *blob = NULL; |
1474 | char *alg = NULL; | 1500 | char *alg = NULL; |
1475 | size_t bloblen; | 1501 | size_t bloblen; |
@@ -1745,12 +1771,15 @@ pubkey_prepare(Authctxt *authctxt) | |||
1745 | } | 1771 | } |
1746 | 1772 | ||
1747 | static void | 1773 | static void |
1748 | pubkey_cleanup(Authctxt *authctxt) | 1774 | pubkey_cleanup(struct ssh *ssh) |
1749 | { | 1775 | { |
1776 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | ||
1750 | Identity *id; | 1777 | Identity *id; |
1751 | 1778 | ||
1752 | if (authctxt->agent_fd != -1) | 1779 | if (authctxt->agent_fd != -1) { |
1753 | ssh_close_authentication_socket(authctxt->agent_fd); | 1780 | ssh_close_authentication_socket(authctxt->agent_fd); |
1781 | authctxt->agent_fd = -1; | ||
1782 | } | ||
1754 | for (id = TAILQ_FIRST(&authctxt->keys); id; | 1783 | for (id = TAILQ_FIRST(&authctxt->keys); id; |
1755 | id = TAILQ_FIRST(&authctxt->keys)) { | 1784 | id = TAILQ_FIRST(&authctxt->keys)) { |
1756 | TAILQ_REMOVE(&authctxt->keys, id, next); | 1785 | TAILQ_REMOVE(&authctxt->keys, id, next); |
@@ -1783,10 +1812,10 @@ try_identity(Identity *id) | |||
1783 | return 1; | 1812 | return 1; |
1784 | } | 1813 | } |
1785 | 1814 | ||
1786 | int | 1815 | static int |
1787 | userauth_pubkey(Authctxt *authctxt) | 1816 | userauth_pubkey(struct ssh *ssh) |
1788 | { | 1817 | { |
1789 | struct ssh *ssh = active_state; /* XXX */ | 1818 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
1790 | Identity *id; | 1819 | Identity *id; |
1791 | int sent = 0; | 1820 | int sent = 0; |
1792 | char *ident; | 1821 | char *ident; |
@@ -1807,7 +1836,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
1807 | ident = format_identity(id); | 1836 | ident = format_identity(id); |
1808 | debug("Offering public key: %s", ident); | 1837 | debug("Offering public key: %s", ident); |
1809 | free(ident); | 1838 | free(ident); |
1810 | sent = send_pubkey_test(ssh, authctxt, id); | 1839 | sent = send_pubkey_test(ssh, id); |
1811 | } | 1840 | } |
1812 | } else { | 1841 | } else { |
1813 | debug("Trying private key: %s", id->filename); | 1842 | debug("Trying private key: %s", id->filename); |
@@ -1815,8 +1844,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
1815 | if (id->key != NULL) { | 1844 | if (id->key != NULL) { |
1816 | if (try_identity(id)) { | 1845 | if (try_identity(id)) { |
1817 | id->isprivate = 1; | 1846 | id->isprivate = 1; |
1818 | sent = sign_and_send_pubkey(ssh, | 1847 | sent = sign_and_send_pubkey(ssh, id); |
1819 | authctxt, id); | ||
1820 | } | 1848 | } |
1821 | sshkey_free(id->key); | 1849 | sshkey_free(id->key); |
1822 | id->key = NULL; | 1850 | id->key = NULL; |
@@ -1832,17 +1860,16 @@ userauth_pubkey(Authctxt *authctxt) | |||
1832 | /* | 1860 | /* |
1833 | * Send userauth request message specifying keyboard-interactive method. | 1861 | * Send userauth request message specifying keyboard-interactive method. |
1834 | */ | 1862 | */ |
1835 | int | 1863 | static int |
1836 | userauth_kbdint(Authctxt *authctxt) | 1864 | userauth_kbdint(struct ssh *ssh) |
1837 | { | 1865 | { |
1838 | struct ssh *ssh = active_state; /* XXX */ | 1866 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
1839 | static int attempt = 0; | ||
1840 | int r; | 1867 | int r; |
1841 | 1868 | ||
1842 | if (attempt++ >= options.number_of_password_prompts) | 1869 | if (authctxt->attempt_kbdint++ >= options.number_of_password_prompts) |
1843 | return 0; | 1870 | return 0; |
1844 | /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ | 1871 | /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ |
1845 | if (attempt > 1 && !authctxt->info_req_seen) { | 1872 | if (authctxt->attempt_kbdint > 1 && !authctxt->info_req_seen) { |
1846 | debug3("userauth_kbdint: disable: no info_req_seen"); | 1873 | debug3("userauth_kbdint: disable: no info_req_seen"); |
1847 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); | 1874 | ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); |
1848 | return 0; | 1875 | return 0; |
@@ -1866,7 +1893,7 @@ userauth_kbdint(Authctxt *authctxt) | |||
1866 | /* | 1893 | /* |
1867 | * parse INFO_REQUEST, prompt user and send INFO_RESPONSE | 1894 | * parse INFO_REQUEST, prompt user and send INFO_RESPONSE |
1868 | */ | 1895 | */ |
1869 | int | 1896 | static int |
1870 | input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) | 1897 | input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) |
1871 | { | 1898 | { |
1872 | Authctxt *authctxt = ssh->authctxt; | 1899 | Authctxt *authctxt = ssh->authctxt; |
@@ -1932,13 +1959,14 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) | |||
1932 | } | 1959 | } |
1933 | 1960 | ||
1934 | static int | 1961 | static int |
1935 | ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp, | 1962 | ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, |
1936 | const u_char *data, size_t datalen) | 1963 | const u_char *data, size_t datalen) |
1937 | { | 1964 | { |
1938 | struct sshbuf *b; | 1965 | struct sshbuf *b; |
1939 | struct stat st; | 1966 | struct stat st; |
1940 | pid_t pid; | 1967 | pid_t pid; |
1941 | int i, r, to[2], from[2], status, sock = packet_get_connection_in(); | 1968 | int i, r, to[2], from[2], status; |
1969 | int sock = ssh_packet_get_connection_in(ssh); | ||
1942 | u_char rversion = 0, version = 2; | 1970 | u_char rversion = 0, version = 2; |
1943 | void (*osigchld)(int); | 1971 | void (*osigchld)(int); |
1944 | 1972 | ||
@@ -2045,10 +2073,10 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp, | |||
2045 | return 0; | 2073 | return 0; |
2046 | } | 2074 | } |
2047 | 2075 | ||
2048 | int | 2076 | static int |
2049 | userauth_hostbased(Authctxt *authctxt) | 2077 | userauth_hostbased(struct ssh *ssh) |
2050 | { | 2078 | { |
2051 | struct ssh *ssh = active_state; /* XXX */ | 2079 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
2052 | struct sshkey *private = NULL; | 2080 | struct sshkey *private = NULL; |
2053 | struct sshbuf *b = NULL; | 2081 | struct sshbuf *b = NULL; |
2054 | u_char *sig = NULL, *keyblob = NULL; | 2082 | u_char *sig = NULL, *keyblob = NULL; |
@@ -2112,7 +2140,8 @@ userauth_hostbased(Authctxt *authctxt) | |||
2112 | __func__, sshkey_ssh_name(private), fp); | 2140 | __func__, sshkey_ssh_name(private), fp); |
2113 | 2141 | ||
2114 | /* figure out a name for the client host */ | 2142 | /* figure out a name for the client host */ |
2115 | if ((lname = get_local_name(packet_get_connection_in())) == NULL) { | 2143 | lname = get_local_name(ssh_packet_get_connection_in(ssh)); |
2144 | if (lname == NULL) { | ||
2116 | error("%s: cannot get local ipaddr/name", __func__); | 2145 | error("%s: cannot get local ipaddr/name", __func__); |
2117 | goto out; | 2146 | goto out; |
2118 | } | 2147 | } |
@@ -2146,9 +2175,8 @@ userauth_hostbased(Authctxt *authctxt) | |||
2146 | #ifdef DEBUG_PK | 2175 | #ifdef DEBUG_PK |
2147 | sshbuf_dump(b, stderr); | 2176 | sshbuf_dump(b, stderr); |
2148 | #endif | 2177 | #endif |
2149 | r = ssh_keysign(private, &sig, &siglen, | 2178 | if ((r = ssh_keysign(ssh, private, &sig, &siglen, |
2150 | sshbuf_ptr(b), sshbuf_len(b)); | 2179 | sshbuf_ptr(b), sshbuf_len(b))) != 0) { |
2151 | if (r != 0) { | ||
2152 | error("sign using hostkey %s %s failed", | 2180 | error("sign using hostkey %s %s failed", |
2153 | sshkey_ssh_name(private), fp); | 2181 | sshkey_ssh_name(private), fp); |
2154 | goto out; | 2182 | goto out; |
@@ -650,4 +650,4 @@ AUTHORS | |||
650 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 650 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
651 | for privilege separation. | 651 | for privilege separation. |
652 | 652 | ||
653 | OpenBSD 6.4 July 22, 2018 OpenBSD 6.4 | 653 | OpenBSD 6.5 July 22, 2018 OpenBSD 6.5 |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.516 2018/09/21 12:23:17 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.533 2019/03/01 02:32:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -166,45 +166,38 @@ int debug_flag = 0; | |||
166 | * configuration, optionally using connection information provided by the | 166 | * configuration, optionally using connection information provided by the |
167 | * "-C" flag. | 167 | * "-C" flag. |
168 | */ | 168 | */ |
169 | int test_flag = 0; | 169 | static int test_flag = 0; |
170 | 170 | ||
171 | /* Flag indicating that the daemon is being started from inetd. */ | 171 | /* Flag indicating that the daemon is being started from inetd. */ |
172 | int inetd_flag = 0; | 172 | static int inetd_flag = 0; |
173 | 173 | ||
174 | /* Flag indicating that sshd should not detach and become a daemon. */ | 174 | /* Flag indicating that sshd should not detach and become a daemon. */ |
175 | int no_daemon_flag = 0; | 175 | static int no_daemon_flag = 0; |
176 | 176 | ||
177 | /* debug goes to stderr unless inetd_flag is set */ | 177 | /* debug goes to stderr unless inetd_flag is set */ |
178 | int log_stderr = 0; | 178 | static int log_stderr = 0; |
179 | 179 | ||
180 | /* Saved arguments to main(). */ | 180 | /* Saved arguments to main(). */ |
181 | char **saved_argv; | 181 | static char **saved_argv; |
182 | int saved_argc; | 182 | static int saved_argc; |
183 | 183 | ||
184 | /* re-exec */ | 184 | /* re-exec */ |
185 | int rexeced_flag = 0; | 185 | static int rexeced_flag = 0; |
186 | int rexec_flag = 1; | 186 | static int rexec_flag = 1; |
187 | int rexec_argc = 0; | 187 | static int rexec_argc = 0; |
188 | char **rexec_argv; | 188 | static char **rexec_argv; |
189 | 189 | ||
190 | /* | 190 | /* |
191 | * The sockets that the server is listening; this is used in the SIGHUP | 191 | * The sockets that the server is listening; this is used in the SIGHUP |
192 | * signal handler. | 192 | * signal handler. |
193 | */ | 193 | */ |
194 | #define MAX_LISTEN_SOCKS 16 | 194 | #define MAX_LISTEN_SOCKS 16 |
195 | int listen_socks[MAX_LISTEN_SOCKS]; | 195 | static int listen_socks[MAX_LISTEN_SOCKS]; |
196 | int num_listen_socks = 0; | 196 | static int num_listen_socks = 0; |
197 | |||
198 | /* | ||
199 | * the client's version string, passed by sshd2 in compat mode. if != NULL, | ||
200 | * sshd will skip the version-number exchange | ||
201 | */ | ||
202 | char *client_version_string = NULL; | ||
203 | char *server_version_string = NULL; | ||
204 | 197 | ||
205 | /* Daemon's agent connection */ | 198 | /* Daemon's agent connection */ |
206 | int auth_sock = -1; | 199 | int auth_sock = -1; |
207 | int have_agent = 0; | 200 | static int have_agent = 0; |
208 | 201 | ||
209 | /* | 202 | /* |
210 | * Any really sensitive data in the application is contained in this | 203 | * Any really sensitive data in the application is contained in this |
@@ -235,9 +228,26 @@ u_int session_id2_len = 0; | |||
235 | /* record remote hostname or ip */ | 228 | /* record remote hostname or ip */ |
236 | u_int utmp_len = HOST_NAME_MAX+1; | 229 | u_int utmp_len = HOST_NAME_MAX+1; |
237 | 230 | ||
238 | /* options.max_startup sized array of fd ints */ | 231 | /* |
239 | int *startup_pipes = NULL; | 232 | * startup_pipes/flags are used for tracking children of the listening sshd |
240 | int startup_pipe; /* in child */ | 233 | * process early in their lifespans. This tracking is needed for three things: |
234 | * | ||
235 | * 1) Implementing the MaxStartups limit of concurrent unauthenticated | ||
236 | * connections. | ||
237 | * 2) Avoiding a race condition for SIGHUP processing, where child processes | ||
238 | * may have listen_socks open that could collide with main listener process | ||
239 | * after it restarts. | ||
240 | * 3) Ensuring that rexec'd sshd processes have received their initial state | ||
241 | * from the parent listen process before handling SIGHUP. | ||
242 | * | ||
243 | * Child processes signal that they have completed closure of the listen_socks | ||
244 | * and (if applicable) received their rexec state by sending a char over their | ||
245 | * sock. Child processes signal that authentication has completed by closing | ||
246 | * the sock (or by exiting). | ||
247 | */ | ||
248 | static int *startup_pipes = NULL; | ||
249 | static int *startup_flags = NULL; /* Indicates child closed listener */ | ||
250 | static int startup_pipe = -1; /* in child */ | ||
241 | 251 | ||
242 | /* variables used for privilege separation */ | 252 | /* variables used for privilege separation */ |
243 | int use_privsep = -1; | 253 | int use_privsep = -1; |
@@ -245,8 +255,9 @@ struct monitor *pmonitor = NULL; | |||
245 | int privsep_is_preauth = 1; | 255 | int privsep_is_preauth = 1; |
246 | static int privsep_chroot = 1; | 256 | static int privsep_chroot = 1; |
247 | 257 | ||
248 | /* global authentication context */ | 258 | /* global connection state and authentication contexts */ |
249 | Authctxt *the_authctxt = NULL; | 259 | Authctxt *the_authctxt = NULL; |
260 | struct ssh *the_active_state; | ||
250 | 261 | ||
251 | /* global key/cert auth options. XXX move to permanent ssh->authctxt? */ | 262 | /* global key/cert auth options. XXX move to permanent ssh->authctxt? */ |
252 | struct sshauthopt *auth_opts = NULL; | 263 | struct sshauthopt *auth_opts = NULL; |
@@ -263,7 +274,7 @@ struct passwd *privsep_pw = NULL; | |||
263 | /* Prototypes for various functions defined later in this file. */ | 274 | /* Prototypes for various functions defined later in this file. */ |
264 | void destroy_sensitive_data(void); | 275 | void destroy_sensitive_data(void); |
265 | void demote_sensitive_data(void); | 276 | void demote_sensitive_data(void); |
266 | static void do_ssh2_kex(void); | 277 | static void do_ssh2_kex(struct ssh *); |
267 | 278 | ||
268 | /* | 279 | /* |
269 | * Close all listening sockets | 280 | * Close all listening sockets |
@@ -373,112 +384,11 @@ grace_alarm_handler(int sig) | |||
373 | kill(0, SIGTERM); | 384 | kill(0, SIGTERM); |
374 | } | 385 | } |
375 | 386 | ||
387 | /* XXX pre-format ipaddr/port so we don't need to access active_state */ | ||
376 | /* Log error and exit. */ | 388 | /* Log error and exit. */ |
377 | sigdie("Timeout before authentication for %s port %d", | 389 | sigdie("Timeout before authentication for %s port %d", |
378 | ssh_remote_ipaddr(active_state), ssh_remote_port(active_state)); | 390 | ssh_remote_ipaddr(the_active_state), |
379 | } | 391 | ssh_remote_port(the_active_state)); |
380 | |||
381 | static void | ||
382 | sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) | ||
383 | { | ||
384 | u_int i; | ||
385 | int remote_major, remote_minor; | ||
386 | char *s; | ||
387 | char buf[256]; /* Must not be larger than remote_version. */ | ||
388 | char remote_version[256]; /* Must be at least as big as buf. */ | ||
389 | |||
390 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n", | ||
391 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, | ||
392 | options.debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, | ||
393 | *options.version_addendum == '\0' ? "" : " ", | ||
394 | options.version_addendum); | ||
395 | |||
396 | /* Send our protocol version identification. */ | ||
397 | if (atomicio(vwrite, sock_out, server_version_string, | ||
398 | strlen(server_version_string)) | ||
399 | != strlen(server_version_string)) { | ||
400 | logit("Could not write ident string to %s port %d", | ||
401 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
402 | cleanup_exit(255); | ||
403 | } | ||
404 | |||
405 | /* Read other sides version identification. */ | ||
406 | memset(buf, 0, sizeof(buf)); | ||
407 | for (i = 0; i < sizeof(buf) - 1; i++) { | ||
408 | if (atomicio(read, sock_in, &buf[i], 1) != 1) { | ||
409 | logit("Did not receive identification string " | ||
410 | "from %s port %d", | ||
411 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
412 | cleanup_exit(255); | ||
413 | } | ||
414 | if (buf[i] == '\r') { | ||
415 | buf[i] = 0; | ||
416 | /* Kludge for F-Secure Macintosh < 1.0.2 */ | ||
417 | if (i == 12 && | ||
418 | strncmp(buf, "SSH-1.5-W1.0", 12) == 0) | ||
419 | break; | ||
420 | continue; | ||
421 | } | ||
422 | if (buf[i] == '\n') { | ||
423 | buf[i] = 0; | ||
424 | break; | ||
425 | } | ||
426 | } | ||
427 | buf[sizeof(buf) - 1] = 0; | ||
428 | client_version_string = xstrdup(buf); | ||
429 | |||
430 | /* | ||
431 | * Check that the versions match. In future this might accept | ||
432 | * several versions and set appropriate flags to handle them. | ||
433 | */ | ||
434 | if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n", | ||
435 | &remote_major, &remote_minor, remote_version) != 3) { | ||
436 | s = "Protocol mismatch.\n"; | ||
437 | (void) atomicio(vwrite, sock_out, s, strlen(s)); | ||
438 | logit("Bad protocol version identification '%.100s' " | ||
439 | "from %s port %d", client_version_string, | ||
440 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
441 | close(sock_in); | ||
442 | close(sock_out); | ||
443 | cleanup_exit(255); | ||
444 | } | ||
445 | debug("Client protocol version %d.%d; client software version %.100s", | ||
446 | remote_major, remote_minor, remote_version); | ||
447 | |||
448 | ssh->compat = compat_datafellows(remote_version); | ||
449 | |||
450 | if ((ssh->compat & SSH_BUG_PROBE) != 0) { | ||
451 | logit("probed from %s port %d with %s. Don't panic.", | ||
452 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
453 | client_version_string); | ||
454 | cleanup_exit(255); | ||
455 | } | ||
456 | if ((ssh->compat & SSH_BUG_SCANNER) != 0) { | ||
457 | logit("scanned from %s port %d with %s. Don't panic.", | ||
458 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
459 | client_version_string); | ||
460 | cleanup_exit(255); | ||
461 | } | ||
462 | if ((ssh->compat & SSH_BUG_RSASIGMD5) != 0) { | ||
463 | logit("Client version \"%.100s\" uses unsafe RSA signature " | ||
464 | "scheme; disabling use of RSA keys", remote_version); | ||
465 | } | ||
466 | |||
467 | chop(server_version_string); | ||
468 | debug("Local version string %.200s", server_version_string); | ||
469 | |||
470 | if (remote_major != 2 && | ||
471 | !(remote_major == 1 && remote_minor == 99)) { | ||
472 | s = "Protocol major versions differ.\n"; | ||
473 | (void) atomicio(vwrite, sock_out, s, strlen(s)); | ||
474 | close(sock_in); | ||
475 | close(sock_out); | ||
476 | logit("Protocol major versions differ for %s port %d: " | ||
477 | "%.200s vs. %.200s", | ||
478 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
479 | server_version_string, client_version_string); | ||
480 | cleanup_exit(255); | ||
481 | } | ||
482 | } | 392 | } |
483 | 393 | ||
484 | /* Destroy the host and server keys. They will no longer be needed. */ | 394 | /* Destroy the host and server keys. They will no longer be needed. */ |
@@ -580,7 +490,7 @@ privsep_preauth_child(void) | |||
580 | } | 490 | } |
581 | 491 | ||
582 | static int | 492 | static int |
583 | privsep_preauth(Authctxt *authctxt) | 493 | privsep_preauth(struct ssh *ssh) |
584 | { | 494 | { |
585 | int status, r; | 495 | int status, r; |
586 | pid_t pid; | 496 | pid_t pid; |
@@ -589,7 +499,7 @@ privsep_preauth(Authctxt *authctxt) | |||
589 | /* Set up unprivileged child process to deal with network data */ | 499 | /* Set up unprivileged child process to deal with network data */ |
590 | pmonitor = monitor_init(); | 500 | pmonitor = monitor_init(); |
591 | /* Store a pointer to the kex for later rekeying */ | 501 | /* Store a pointer to the kex for later rekeying */ |
592 | pmonitor->m_pkex = &active_state->kex; | 502 | pmonitor->m_pkex = &ssh->kex; |
593 | 503 | ||
594 | if (use_privsep == PRIVSEP_ON) | 504 | if (use_privsep == PRIVSEP_ON) |
595 | box = ssh_sandbox_init(pmonitor); | 505 | box = ssh_sandbox_init(pmonitor); |
@@ -610,7 +520,7 @@ privsep_preauth(Authctxt *authctxt) | |||
610 | } | 520 | } |
611 | if (box != NULL) | 521 | if (box != NULL) |
612 | ssh_sandbox_parent_preauth(box, pid); | 522 | ssh_sandbox_parent_preauth(box, pid); |
613 | monitor_child_preauth(authctxt, pmonitor); | 523 | monitor_child_preauth(ssh, pmonitor); |
614 | 524 | ||
615 | /* Wait for the child's exit status */ | 525 | /* Wait for the child's exit status */ |
616 | while (waitpid(pid, &status, 0) < 0) { | 526 | while (waitpid(pid, &status, 0) < 0) { |
@@ -649,7 +559,7 @@ privsep_preauth(Authctxt *authctxt) | |||
649 | } | 559 | } |
650 | 560 | ||
651 | static void | 561 | static void |
652 | privsep_postauth(Authctxt *authctxt) | 562 | privsep_postauth(struct ssh *ssh, Authctxt *authctxt) |
653 | { | 563 | { |
654 | #ifdef DISABLE_FD_PASSING | 564 | #ifdef DISABLE_FD_PASSING |
655 | if (1) { | 565 | if (1) { |
@@ -670,8 +580,8 @@ privsep_postauth(Authctxt *authctxt) | |||
670 | else if (pmonitor->m_pid != 0) { | 580 | else if (pmonitor->m_pid != 0) { |
671 | verbose("User child is on pid %ld", (long)pmonitor->m_pid); | 581 | verbose("User child is on pid %ld", (long)pmonitor->m_pid); |
672 | sshbuf_reset(loginmsg); | 582 | sshbuf_reset(loginmsg); |
673 | monitor_clear_keystate(pmonitor); | 583 | monitor_clear_keystate(ssh, pmonitor); |
674 | monitor_child_postauth(pmonitor); | 584 | monitor_child_postauth(ssh, pmonitor); |
675 | 585 | ||
676 | /* NEVERREACHED */ | 586 | /* NEVERREACHED */ |
677 | exit(0); | 587 | exit(0); |
@@ -692,13 +602,13 @@ privsep_postauth(Authctxt *authctxt) | |||
692 | 602 | ||
693 | skip: | 603 | skip: |
694 | /* It is safe now to apply the key state */ | 604 | /* It is safe now to apply the key state */ |
695 | monitor_apply_keystate(pmonitor); | 605 | monitor_apply_keystate(ssh, pmonitor); |
696 | 606 | ||
697 | /* | 607 | /* |
698 | * Tell the packet layer that authentication was successful, since | 608 | * Tell the packet layer that authentication was successful, since |
699 | * this information is not part of the key state. | 609 | * this information is not part of the key state. |
700 | */ | 610 | */ |
701 | packet_set_authenticated(); | 611 | ssh_packet_set_authenticated(ssh); |
702 | } | 612 | } |
703 | 613 | ||
704 | static void | 614 | static void |
@@ -865,7 +775,7 @@ notify_hostkeys(struct ssh *ssh) | |||
865 | char *fp; | 775 | char *fp; |
866 | 776 | ||
867 | /* Some clients cannot cope with the hostkeys message, skip those. */ | 777 | /* Some clients cannot cope with the hostkeys message, skip those. */ |
868 | if (datafellows & SSH_BUG_HOSTKEYS) | 778 | if (ssh->compat & SSH_BUG_HOSTKEYS) |
869 | return; | 779 | return; |
870 | 780 | ||
871 | if ((buf = sshbuf_new()) == NULL) | 781 | if ((buf = sshbuf_new()) == NULL) |
@@ -881,21 +791,29 @@ notify_hostkeys(struct ssh *ssh) | |||
881 | sshkey_ssh_name(key), fp); | 791 | sshkey_ssh_name(key), fp); |
882 | free(fp); | 792 | free(fp); |
883 | if (nkeys == 0) { | 793 | if (nkeys == 0) { |
884 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 794 | /* |
885 | packet_put_cstring("hostkeys-00@openssh.com"); | 795 | * Start building the request when we find the |
886 | packet_put_char(0); /* want-reply */ | 796 | * first usable key. |
797 | */ | ||
798 | if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || | ||
799 | (r = sshpkt_put_cstring(ssh, "hostkeys-00@openssh.com")) != 0 || | ||
800 | (r = sshpkt_put_u8(ssh, 0)) != 0) /* want reply */ | ||
801 | sshpkt_fatal(ssh, r, "%s: start request", __func__); | ||
887 | } | 802 | } |
803 | /* Append the key to the request */ | ||
888 | sshbuf_reset(buf); | 804 | sshbuf_reset(buf); |
889 | if ((r = sshkey_putb(key, buf)) != 0) | 805 | if ((r = sshkey_putb(key, buf)) != 0) |
890 | fatal("%s: couldn't put hostkey %d: %s", | 806 | fatal("%s: couldn't put hostkey %d: %s", |
891 | __func__, i, ssh_err(r)); | 807 | __func__, i, ssh_err(r)); |
892 | packet_put_string(sshbuf_ptr(buf), sshbuf_len(buf)); | 808 | if ((r = sshpkt_put_stringb(ssh, buf)) != 0) |
809 | sshpkt_fatal(ssh, r, "%s: append key", __func__); | ||
893 | nkeys++; | 810 | nkeys++; |
894 | } | 811 | } |
895 | debug3("%s: sent %u hostkeys", __func__, nkeys); | 812 | debug3("%s: sent %u hostkeys", __func__, nkeys); |
896 | if (nkeys == 0) | 813 | if (nkeys == 0) |
897 | fatal("%s: no hostkeys", __func__); | 814 | debug3("%s: no hostkeys", __func__); |
898 | packet_send(); | 815 | else if ((r = sshpkt_send(ssh)) != 0) |
816 | sshpkt_fatal(ssh, r, "%s: send", __func__); | ||
899 | sshbuf_free(buf); | 817 | sshbuf_free(buf); |
900 | } | 818 | } |
901 | 819 | ||
@@ -933,7 +851,7 @@ usage(void) | |||
933 | fprintf(stderr, "%s, %s\n", | 851 | fprintf(stderr, "%s, %s\n", |
934 | SSH_RELEASE, | 852 | SSH_RELEASE, |
935 | #ifdef WITH_OPENSSL | 853 | #ifdef WITH_OPENSSL |
936 | SSLeay_version(SSLEAY_VERSION) | 854 | OpenSSL_version(OPENSSL_VERSION) |
937 | #else | 855 | #else |
938 | "without OpenSSL" | 856 | "without OpenSSL" |
939 | #endif | 857 | #endif |
@@ -1015,14 +933,9 @@ server_accept_inetd(int *sock_in, int *sock_out) | |||
1015 | { | 933 | { |
1016 | int fd; | 934 | int fd; |
1017 | 935 | ||
1018 | startup_pipe = -1; | ||
1019 | if (rexeced_flag) { | 936 | if (rexeced_flag) { |
1020 | close(REEXEC_CONFIG_PASS_FD); | 937 | close(REEXEC_CONFIG_PASS_FD); |
1021 | *sock_in = *sock_out = dup(STDIN_FILENO); | 938 | *sock_in = *sock_out = dup(STDIN_FILENO); |
1022 | if (!debug_flag) { | ||
1023 | startup_pipe = dup(REEXEC_STARTUP_PIPE_FD); | ||
1024 | close(REEXEC_STARTUP_PIPE_FD); | ||
1025 | } | ||
1026 | } else { | 939 | } else { |
1027 | *sock_in = dup(STDIN_FILENO); | 940 | *sock_in = dup(STDIN_FILENO); |
1028 | *sock_out = dup(STDOUT_FILENO); | 941 | *sock_out = dup(STDOUT_FILENO); |
@@ -1147,8 +1060,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1147 | { | 1060 | { |
1148 | fd_set *fdset; | 1061 | fd_set *fdset; |
1149 | int i, j, ret, maxfd; | 1062 | int i, j, ret, maxfd; |
1150 | int startups = 0; | 1063 | int startups = 0, listening = 0, lameduck = 0; |
1151 | int startup_p[2] = { -1 , -1 }; | 1064 | int startup_p[2] = { -1 , -1 }; |
1065 | char c = 0; | ||
1152 | struct sockaddr_storage from; | 1066 | struct sockaddr_storage from; |
1153 | socklen_t fromlen; | 1067 | socklen_t fromlen; |
1154 | pid_t pid; | 1068 | pid_t pid; |
@@ -1162,6 +1076,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1162 | maxfd = listen_socks[i]; | 1076 | maxfd = listen_socks[i]; |
1163 | /* pipes connected to unauthenticated childs */ | 1077 | /* pipes connected to unauthenticated childs */ |
1164 | startup_pipes = xcalloc(options.max_startups, sizeof(int)); | 1078 | startup_pipes = xcalloc(options.max_startups, sizeof(int)); |
1079 | startup_flags = xcalloc(options.max_startups, sizeof(int)); | ||
1165 | for (i = 0; i < options.max_startups; i++) | 1080 | for (i = 0; i < options.max_startups; i++) |
1166 | startup_pipes[i] = -1; | 1081 | startup_pipes[i] = -1; |
1167 | 1082 | ||
@@ -1170,8 +1085,15 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1170 | * the daemon is killed with a signal. | 1085 | * the daemon is killed with a signal. |
1171 | */ | 1086 | */ |
1172 | for (;;) { | 1087 | for (;;) { |
1173 | if (received_sighup) | 1088 | if (received_sighup) { |
1174 | sighup_restart(); | 1089 | if (!lameduck) { |
1090 | debug("Received SIGHUP; waiting for children"); | ||
1091 | close_listen_socks(); | ||
1092 | lameduck = 1; | ||
1093 | } | ||
1094 | if (listening <= 0) | ||
1095 | sighup_restart(); | ||
1096 | } | ||
1175 | free(fdset); | 1097 | free(fdset); |
1176 | fdset = xcalloc(howmany(maxfd + 1, NFDBITS), | 1098 | fdset = xcalloc(howmany(maxfd + 1, NFDBITS), |
1177 | sizeof(fd_mask)); | 1099 | sizeof(fd_mask)); |
@@ -1197,19 +1119,37 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1197 | if (ret < 0) | 1119 | if (ret < 0) |
1198 | continue; | 1120 | continue; |
1199 | 1121 | ||
1200 | for (i = 0; i < options.max_startups; i++) | 1122 | for (i = 0; i < options.max_startups; i++) { |
1201 | if (startup_pipes[i] != -1 && | 1123 | if (startup_pipes[i] == -1 || |
1202 | FD_ISSET(startup_pipes[i], fdset)) { | 1124 | !FD_ISSET(startup_pipes[i], fdset)) |
1203 | /* | 1125 | continue; |
1204 | * the read end of the pipe is ready | 1126 | switch (read(startup_pipes[i], &c, sizeof(c))) { |
1205 | * if the child has closed the pipe | 1127 | case -1: |
1206 | * after successful authentication | 1128 | if (errno == EINTR || errno == EAGAIN) |
1207 | * or if the child has died | 1129 | continue; |
1208 | */ | 1130 | if (errno != EPIPE) { |
1131 | error("%s: startup pipe %d (fd=%d): " | ||
1132 | "read %s", __func__, i, | ||
1133 | startup_pipes[i], strerror(errno)); | ||
1134 | } | ||
1135 | /* FALLTHROUGH */ | ||
1136 | case 0: | ||
1137 | /* child exited or completed auth */ | ||
1209 | close(startup_pipes[i]); | 1138 | close(startup_pipes[i]); |
1210 | startup_pipes[i] = -1; | 1139 | startup_pipes[i] = -1; |
1211 | startups--; | 1140 | startups--; |
1141 | if (startup_flags[i]) | ||
1142 | listening--; | ||
1143 | break; | ||
1144 | case 1: | ||
1145 | /* child has finished preliminaries */ | ||
1146 | if (startup_flags[i]) { | ||
1147 | listening--; | ||
1148 | startup_flags[i] = 0; | ||
1149 | } | ||
1150 | break; | ||
1212 | } | 1151 | } |
1152 | } | ||
1213 | for (i = 0; i < num_listen_socks; i++) { | 1153 | for (i = 0; i < num_listen_socks; i++) { |
1214 | if (!FD_ISSET(listen_socks[i], fdset)) | 1154 | if (!FD_ISSET(listen_socks[i], fdset)) |
1215 | continue; | 1155 | continue; |
@@ -1263,6 +1203,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1263 | if (maxfd < startup_p[0]) | 1203 | if (maxfd < startup_p[0]) |
1264 | maxfd = startup_p[0]; | 1204 | maxfd = startup_p[0]; |
1265 | startups++; | 1205 | startups++; |
1206 | startup_flags[j] = 1; | ||
1266 | break; | 1207 | break; |
1267 | } | 1208 | } |
1268 | 1209 | ||
@@ -1288,7 +1229,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1288 | send_rexec_state(config_s[0], cfg); | 1229 | send_rexec_state(config_s[0], cfg); |
1289 | close(config_s[0]); | 1230 | close(config_s[0]); |
1290 | } | 1231 | } |
1291 | break; | 1232 | return; |
1292 | } | 1233 | } |
1293 | 1234 | ||
1294 | /* | 1235 | /* |
@@ -1297,13 +1238,14 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1297 | * parent continues listening. | 1238 | * parent continues listening. |
1298 | */ | 1239 | */ |
1299 | platform_pre_fork(); | 1240 | platform_pre_fork(); |
1241 | listening++; | ||
1300 | if ((pid = fork()) == 0) { | 1242 | if ((pid = fork()) == 0) { |
1301 | /* | 1243 | /* |
1302 | * Child. Close the listening and | 1244 | * Child. Close the listening and |
1303 | * max_startup sockets. Start using | 1245 | * max_startup sockets. Start using |
1304 | * the accepted socket. Reinitialize | 1246 | * the accepted socket. Reinitialize |
1305 | * logging (since our pid has changed). | 1247 | * logging (since our pid has changed). |
1306 | * We break out of the loop to handle | 1248 | * We return from this function to handle |
1307 | * the connection. | 1249 | * the connection. |
1308 | */ | 1250 | */ |
1309 | platform_post_fork_child(); | 1251 | platform_post_fork_child(); |
@@ -1318,7 +1260,18 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1318 | log_stderr); | 1260 | log_stderr); |
1319 | if (rexec_flag) | 1261 | if (rexec_flag) |
1320 | close(config_s[0]); | 1262 | close(config_s[0]); |
1321 | break; | 1263 | else { |
1264 | /* | ||
1265 | * Signal parent that the preliminaries | ||
1266 | * for this child are complete. For the | ||
1267 | * re-exec case, this happens after the | ||
1268 | * child has received the rexec state | ||
1269 | * from the server. | ||
1270 | */ | ||
1271 | (void)atomicio(vwrite, startup_pipe, | ||
1272 | "\0", 1); | ||
1273 | } | ||
1274 | return; | ||
1322 | } | 1275 | } |
1323 | 1276 | ||
1324 | /* Parent. Stay in the loop. */ | 1277 | /* Parent. Stay in the loop. */ |
@@ -1350,10 +1303,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1350 | #endif | 1303 | #endif |
1351 | explicit_bzero(rnd, sizeof(rnd)); | 1304 | explicit_bzero(rnd, sizeof(rnd)); |
1352 | } | 1305 | } |
1353 | |||
1354 | /* child process check (or debug mode) */ | ||
1355 | if (num_listen_socks < 0) | ||
1356 | break; | ||
1357 | } | 1306 | } |
1358 | } | 1307 | } |
1359 | 1308 | ||
@@ -1526,6 +1475,8 @@ main(int ac, char **av) | |||
1526 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 1475 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
1527 | sanitise_stdfd(); | 1476 | sanitise_stdfd(); |
1528 | 1477 | ||
1478 | seed_rng(); | ||
1479 | |||
1529 | /* Initialize configuration options to their default values. */ | 1480 | /* Initialize configuration options to their default values. */ |
1530 | initialize_server_options(&options); | 1481 | initialize_server_options(&options); |
1531 | 1482 | ||
@@ -1604,7 +1555,7 @@ main(int ac, char **av) | |||
1604 | break; | 1555 | break; |
1605 | case 'h': | 1556 | case 'h': |
1606 | servconf_add_hostkey("[command-line]", 0, | 1557 | servconf_add_hostkey("[command-line]", 0, |
1607 | &options, optarg); | 1558 | &options, optarg, 1); |
1608 | break; | 1559 | break; |
1609 | case 't': | 1560 | case 't': |
1610 | test_flag = 1; | 1561 | test_flag = 1; |
@@ -1613,7 +1564,7 @@ main(int ac, char **av) | |||
1613 | test_flag = 2; | 1564 | test_flag = 2; |
1614 | break; | 1565 | break; |
1615 | case 'C': | 1566 | case 'C': |
1616 | connection_info = get_connection_info(0, 0); | 1567 | connection_info = get_connection_info(ssh, 0, 0); |
1617 | if (parse_server_match_testspec(connection_info, | 1568 | if (parse_server_match_testspec(connection_info, |
1618 | optarg) == -1) | 1569 | optarg) == -1) |
1619 | exit(1); | 1570 | exit(1); |
@@ -1640,17 +1591,13 @@ main(int ac, char **av) | |||
1640 | } | 1591 | } |
1641 | if (rexeced_flag || inetd_flag) | 1592 | if (rexeced_flag || inetd_flag) |
1642 | rexec_flag = 0; | 1593 | rexec_flag = 0; |
1643 | if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/'))) | 1594 | if (!test_flag && rexec_flag && !path_absolute(av[0])) |
1644 | fatal("sshd re-exec requires execution with an absolute path"); | 1595 | fatal("sshd re-exec requires execution with an absolute path"); |
1645 | if (rexeced_flag) | 1596 | if (rexeced_flag) |
1646 | closefrom(REEXEC_MIN_FREE_FD); | 1597 | closefrom(REEXEC_MIN_FREE_FD); |
1647 | else | 1598 | else |
1648 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); | 1599 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); |
1649 | 1600 | ||
1650 | #ifdef WITH_OPENSSL | ||
1651 | OpenSSL_add_all_algorithms(); | ||
1652 | #endif | ||
1653 | |||
1654 | /* If requested, redirect the logs to the specified logfile. */ | 1601 | /* If requested, redirect the logs to the specified logfile. */ |
1655 | if (logfile != NULL) | 1602 | if (logfile != NULL) |
1656 | log_redirect_stderr_to(logfile); | 1603 | log_redirect_stderr_to(logfile); |
@@ -1685,16 +1632,24 @@ main(int ac, char **av) | |||
1685 | /* Fetch our configuration */ | 1632 | /* Fetch our configuration */ |
1686 | if ((cfg = sshbuf_new()) == NULL) | 1633 | if ((cfg = sshbuf_new()) == NULL) |
1687 | fatal("%s: sshbuf_new failed", __func__); | 1634 | fatal("%s: sshbuf_new failed", __func__); |
1688 | if (rexeced_flag) | 1635 | if (rexeced_flag) { |
1689 | recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg); | 1636 | recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg); |
1637 | if (!debug_flag) { | ||
1638 | startup_pipe = dup(REEXEC_STARTUP_PIPE_FD); | ||
1639 | close(REEXEC_STARTUP_PIPE_FD); | ||
1640 | /* | ||
1641 | * Signal parent that this child is at a point where | ||
1642 | * they can go away if they have a SIGHUP pending. | ||
1643 | */ | ||
1644 | (void)atomicio(vwrite, startup_pipe, "\0", 1); | ||
1645 | } | ||
1646 | } | ||
1690 | else if (strcasecmp(config_file_name, "none") != 0) | 1647 | else if (strcasecmp(config_file_name, "none") != 0) |
1691 | load_server_config(config_file_name, cfg); | 1648 | load_server_config(config_file_name, cfg); |
1692 | 1649 | ||
1693 | parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, | 1650 | parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, |
1694 | cfg, NULL); | 1651 | cfg, NULL); |
1695 | 1652 | ||
1696 | seed_rng(); | ||
1697 | |||
1698 | /* Fill in default values for those options not explicitly set. */ | 1653 | /* Fill in default values for those options not explicitly set. */ |
1699 | fill_default_server_options(&options); | 1654 | fill_default_server_options(&options); |
1700 | 1655 | ||
@@ -1739,7 +1694,7 @@ main(int ac, char **av) | |||
1739 | 1694 | ||
1740 | debug("sshd version %s, %s", SSH_VERSION, | 1695 | debug("sshd version %s, %s", SSH_VERSION, |
1741 | #ifdef WITH_OPENSSL | 1696 | #ifdef WITH_OPENSSL |
1742 | SSLeay_version(SSLEAY_VERSION) | 1697 | OpenSSL_version(OPENSSL_VERSION) |
1743 | #else | 1698 | #else |
1744 | "without OpenSSL" | 1699 | "without OpenSSL" |
1745 | #endif | 1700 | #endif |
@@ -1776,15 +1731,18 @@ main(int ac, char **av) | |||
1776 | } | 1731 | } |
1777 | 1732 | ||
1778 | for (i = 0; i < options.num_host_key_files; i++) { | 1733 | for (i = 0; i < options.num_host_key_files; i++) { |
1734 | int ll = options.host_key_file_userprovided[i] ? | ||
1735 | SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_DEBUG1; | ||
1736 | |||
1779 | if (options.host_key_files[i] == NULL) | 1737 | if (options.host_key_files[i] == NULL) |
1780 | continue; | 1738 | continue; |
1781 | if ((r = sshkey_load_private(options.host_key_files[i], "", | 1739 | if ((r = sshkey_load_private(options.host_key_files[i], "", |
1782 | &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) | 1740 | &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) |
1783 | error("Error loading host key \"%s\": %s", | 1741 | do_log2(ll, "Unable to load host key \"%s\": %s", |
1784 | options.host_key_files[i], ssh_err(r)); | 1742 | options.host_key_files[i], ssh_err(r)); |
1785 | if ((r = sshkey_load_public(options.host_key_files[i], | 1743 | if ((r = sshkey_load_public(options.host_key_files[i], |
1786 | &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) | 1744 | &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR) |
1787 | error("Error loading host key \"%s\": %s", | 1745 | do_log2(ll, "Unable to load host key \"%s\": %s", |
1788 | options.host_key_files[i], ssh_err(r)); | 1746 | options.host_key_files[i], ssh_err(r)); |
1789 | if (pubkey == NULL && key != NULL) | 1747 | if (pubkey == NULL && key != NULL) |
1790 | if ((r = sshkey_from_private(key, &pubkey)) != 0) | 1748 | if ((r = sshkey_from_private(key, &pubkey)) != 0) |
@@ -1801,7 +1759,7 @@ main(int ac, char **av) | |||
1801 | keytype = key->type; | 1759 | keytype = key->type; |
1802 | accumulate_host_timing_secret(cfg, key); | 1760 | accumulate_host_timing_secret(cfg, key); |
1803 | } else { | 1761 | } else { |
1804 | error("Could not load host key: %s", | 1762 | do_log2(ll, "Unable to load host key: %s", |
1805 | options.host_key_files[i]); | 1763 | options.host_key_files[i]); |
1806 | sensitive_data.host_keys[i] = NULL; | 1764 | sensitive_data.host_keys[i] = NULL; |
1807 | sensitive_data.host_pubkeys[i] = NULL; | 1765 | sensitive_data.host_pubkeys[i] = NULL; |
@@ -1826,13 +1784,11 @@ main(int ac, char **av) | |||
1826 | free(fp); | 1784 | free(fp); |
1827 | } | 1785 | } |
1828 | accumulate_host_timing_secret(cfg, NULL); | 1786 | accumulate_host_timing_secret(cfg, NULL); |
1829 | #ifndef GSSAPI | ||
1830 | /* The GSSAPI key exchange can run without a host key */ | 1787 | /* The GSSAPI key exchange can run without a host key */ |
1831 | if (!sensitive_data.have_ssh2_key) { | 1788 | if (!sensitive_data.have_ssh2_key && !options.gss_keyex) { |
1832 | logit("sshd: no hostkeys available -- exiting."); | 1789 | logit("sshd: no hostkeys available -- exiting."); |
1833 | exit(1); | 1790 | exit(1); |
1834 | } | 1791 | } |
1835 | #endif | ||
1836 | 1792 | ||
1837 | /* | 1793 | /* |
1838 | * Load certificates. They are stored in an array at identical | 1794 | * Load certificates. They are stored in an array at identical |
@@ -1902,7 +1858,7 @@ main(int ac, char **av) | |||
1902 | * use a blank one that will cause no predicate to match. | 1858 | * use a blank one that will cause no predicate to match. |
1903 | */ | 1859 | */ |
1904 | if (connection_info == NULL) | 1860 | if (connection_info == NULL) |
1905 | connection_info = get_connection_info(0, 0); | 1861 | connection_info = get_connection_info(ssh, 0, 0); |
1906 | parse_server_match_config(&options, connection_info); | 1862 | parse_server_match_config(&options, connection_info); |
1907 | dump_config(&options); | 1863 | dump_config(&options); |
1908 | } | 1864 | } |
@@ -2082,9 +2038,10 @@ main(int ac, char **av) | |||
2082 | * Register our connection. This turns encryption off because we do | 2038 | * Register our connection. This turns encryption off because we do |
2083 | * not have a key. | 2039 | * not have a key. |
2084 | */ | 2040 | */ |
2085 | packet_set_connection(sock_in, sock_out); | 2041 | if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL) |
2086 | packet_set_server(); | 2042 | fatal("Unable to create connection"); |
2087 | ssh = active_state; /* XXX */ | 2043 | the_active_state = ssh; |
2044 | ssh_packet_set_server(ssh); | ||
2088 | 2045 | ||
2089 | check_ip_options(ssh); | 2046 | check_ip_options(ssh); |
2090 | 2047 | ||
@@ -2094,7 +2051,7 @@ main(int ac, char **av) | |||
2094 | process_permitopen(ssh, &options); | 2051 | process_permitopen(ssh, &options); |
2095 | 2052 | ||
2096 | /* Set SO_KEEPALIVE if requested. */ | 2053 | /* Set SO_KEEPALIVE if requested. */ |
2097 | if (options.tcp_keep_alive && packet_connection_is_on_socket() && | 2054 | if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) && |
2098 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) | 2055 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) |
2099 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); | 2056 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); |
2100 | 2057 | ||
@@ -2120,7 +2077,7 @@ main(int ac, char **av) | |||
2120 | allow_severity = options.log_facility|LOG_INFO; | 2077 | allow_severity = options.log_facility|LOG_INFO; |
2121 | deny_severity = options.log_facility|LOG_WARNING; | 2078 | deny_severity = options.log_facility|LOG_WARNING; |
2122 | /* Check whether logins are denied from this host. */ | 2079 | /* Check whether logins are denied from this host. */ |
2123 | if (packet_connection_is_on_socket()) { | 2080 | if (ssh_packet_connection_is_on_socket(ssh)) { |
2124 | struct request_info req; | 2081 | struct request_info req; |
2125 | 2082 | ||
2126 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); | 2083 | request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); |
@@ -2212,11 +2169,15 @@ main(int ac, char **av) | |||
2212 | if (!debug_flag) | 2169 | if (!debug_flag) |
2213 | alarm(options.login_grace_time); | 2170 | alarm(options.login_grace_time); |
2214 | 2171 | ||
2215 | sshd_exchange_identification(ssh, sock_in, sock_out); | 2172 | if (kex_exchange_identification(ssh, -1, options.debian_banner, |
2216 | packet_set_nonblocking(); | 2173 | options.version_addendum) != 0) |
2174 | cleanup_exit(255); /* error already logged */ | ||
2175 | |||
2176 | ssh_packet_set_nonblocking(ssh); | ||
2217 | 2177 | ||
2218 | /* allocate authentication context */ | 2178 | /* allocate authentication context */ |
2219 | authctxt = xcalloc(1, sizeof(*authctxt)); | 2179 | authctxt = xcalloc(1, sizeof(*authctxt)); |
2180 | ssh->authctxt = authctxt; | ||
2220 | 2181 | ||
2221 | authctxt->loginmsg = loginmsg; | 2182 | authctxt->loginmsg = loginmsg; |
2222 | 2183 | ||
@@ -2233,7 +2194,7 @@ main(int ac, char **av) | |||
2233 | auth_debug_reset(); | 2194 | auth_debug_reset(); |
2234 | 2195 | ||
2235 | if (use_privsep) { | 2196 | if (use_privsep) { |
2236 | if (privsep_preauth(authctxt) == 1) | 2197 | if (privsep_preauth(ssh) == 1) |
2237 | goto authenticated; | 2198 | goto authenticated; |
2238 | } else if (have_agent) { | 2199 | } else if (have_agent) { |
2239 | if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) { | 2200 | if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) { |
@@ -2244,16 +2205,16 @@ main(int ac, char **av) | |||
2244 | 2205 | ||
2245 | /* perform the key exchange */ | 2206 | /* perform the key exchange */ |
2246 | /* authenticate user and start session */ | 2207 | /* authenticate user and start session */ |
2247 | do_ssh2_kex(); | 2208 | do_ssh2_kex(ssh); |
2248 | do_authentication2(authctxt); | 2209 | do_authentication2(ssh); |
2249 | 2210 | ||
2250 | /* | 2211 | /* |
2251 | * If we use privilege separation, the unprivileged child transfers | 2212 | * If we use privilege separation, the unprivileged child transfers |
2252 | * the current keystate and exits | 2213 | * the current keystate and exits |
2253 | */ | 2214 | */ |
2254 | if (use_privsep) { | 2215 | if (use_privsep) { |
2255 | mm_send_keystate(pmonitor); | 2216 | mm_send_keystate(ssh, pmonitor); |
2256 | packet_clear_keys(); | 2217 | ssh_packet_clear_keys(ssh); |
2257 | exit(0); | 2218 | exit(0); |
2258 | } | 2219 | } |
2259 | 2220 | ||
@@ -2271,7 +2232,7 @@ main(int ac, char **av) | |||
2271 | } | 2232 | } |
2272 | 2233 | ||
2273 | #ifdef SSH_AUDIT_EVENTS | 2234 | #ifdef SSH_AUDIT_EVENTS |
2274 | audit_event(SSH_AUTH_SUCCESS); | 2235 | audit_event(ssh, SSH_AUTH_SUCCESS); |
2275 | #endif | 2236 | #endif |
2276 | 2237 | ||
2277 | #ifdef GSSAPI | 2238 | #ifdef GSSAPI |
@@ -2293,11 +2254,11 @@ main(int ac, char **av) | |||
2293 | * file descriptor passing. | 2254 | * file descriptor passing. |
2294 | */ | 2255 | */ |
2295 | if (use_privsep) { | 2256 | if (use_privsep) { |
2296 | privsep_postauth(authctxt); | 2257 | privsep_postauth(ssh, authctxt); |
2297 | /* the monitor process [priv] will not return */ | 2258 | /* the monitor process [priv] will not return */ |
2298 | } | 2259 | } |
2299 | 2260 | ||
2300 | packet_set_timeout(options.client_alive_interval, | 2261 | ssh_packet_set_timeout(ssh, options.client_alive_interval, |
2301 | options.client_alive_count_max); | 2262 | options.client_alive_count_max); |
2302 | 2263 | ||
2303 | /* Try to send all our hostkeys to the client */ | 2264 | /* Try to send all our hostkeys to the client */ |
@@ -2307,7 +2268,7 @@ main(int ac, char **av) | |||
2307 | do_authenticated(ssh, authctxt); | 2268 | do_authenticated(ssh, authctxt); |
2308 | 2269 | ||
2309 | /* The connection has been terminated. */ | 2270 | /* The connection has been terminated. */ |
2310 | packet_get_bytes(&ibytes, &obytes); | 2271 | ssh_packet_get_bytes(ssh, &ibytes, &obytes); |
2311 | verbose("Transferred: sent %llu, received %llu bytes", | 2272 | verbose("Transferred: sent %llu, received %llu bytes", |
2312 | (unsigned long long)obytes, (unsigned long long)ibytes); | 2273 | (unsigned long long)obytes, (unsigned long long)ibytes); |
2313 | 2274 | ||
@@ -2319,10 +2280,10 @@ main(int ac, char **av) | |||
2319 | #endif /* USE_PAM */ | 2280 | #endif /* USE_PAM */ |
2320 | 2281 | ||
2321 | #ifdef SSH_AUDIT_EVENTS | 2282 | #ifdef SSH_AUDIT_EVENTS |
2322 | PRIVSEP(audit_event(SSH_CONNECTION_CLOSE)); | 2283 | PRIVSEP(audit_event(ssh, SSH_CONNECTION_CLOSE)); |
2323 | #endif | 2284 | #endif |
2324 | 2285 | ||
2325 | packet_close(); | 2286 | ssh_packet_close(ssh); |
2326 | 2287 | ||
2327 | if (use_privsep) | 2288 | if (use_privsep) |
2328 | mm_terminate(); | 2289 | mm_terminate(); |
@@ -2331,32 +2292,42 @@ main(int ac, char **av) | |||
2331 | } | 2292 | } |
2332 | 2293 | ||
2333 | int | 2294 | int |
2334 | sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, | 2295 | sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey, |
2335 | u_char **signature, size_t *slenp, const u_char *data, size_t dlen, | 2296 | struct sshkey *pubkey, u_char **signature, size_t *slenp, |
2336 | const char *alg, u_int flag) | 2297 | const u_char *data, size_t dlen, const char *alg) |
2337 | { | 2298 | { |
2338 | int r; | 2299 | int r; |
2339 | 2300 | ||
2340 | if (privkey) { | 2301 | if (use_privsep) { |
2341 | if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen, | 2302 | if (privkey) { |
2342 | alg, datafellows)) < 0) | 2303 | if (mm_sshkey_sign(ssh, privkey, signature, slenp, |
2343 | fatal("%s: key_sign failed", __func__); | 2304 | data, dlen, alg, ssh->compat) < 0) |
2344 | } else if (use_privsep) { | 2305 | fatal("%s: privkey sign failed", __func__); |
2345 | if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen, | 2306 | } else { |
2346 | alg, datafellows) < 0) | 2307 | if (mm_sshkey_sign(ssh, pubkey, signature, slenp, |
2347 | fatal("%s: pubkey_sign failed", __func__); | 2308 | data, dlen, alg, ssh->compat) < 0) |
2309 | fatal("%s: pubkey sign failed", __func__); | ||
2310 | } | ||
2348 | } else { | 2311 | } else { |
2349 | if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp, | 2312 | if (privkey) { |
2350 | data, dlen, alg, datafellows)) != 0) | 2313 | if (sshkey_sign(privkey, signature, slenp, data, dlen, |
2351 | fatal("%s: ssh_agent_sign failed: %s", | 2314 | alg, ssh->compat) < 0) |
2352 | __func__, ssh_err(r)); | 2315 | fatal("%s: privkey sign failed", __func__); |
2316 | } else { | ||
2317 | if ((r = ssh_agent_sign(auth_sock, pubkey, | ||
2318 | signature, slenp, data, dlen, alg, | ||
2319 | ssh->compat)) != 0) { | ||
2320 | fatal("%s: agent sign failed: %s", | ||
2321 | __func__, ssh_err(r)); | ||
2322 | } | ||
2323 | } | ||
2353 | } | 2324 | } |
2354 | return 0; | 2325 | return 0; |
2355 | } | 2326 | } |
2356 | 2327 | ||
2357 | /* SSH2 key exchange */ | 2328 | /* SSH2 key exchange */ |
2358 | static void | 2329 | static void |
2359 | do_ssh2_kex(void) | 2330 | do_ssh2_kex(struct ssh *ssh) |
2360 | { | 2331 | { |
2361 | char *myproposal[PROPOSAL_MAX] = { KEX_SERVER }; | 2332 | char *myproposal[PROPOSAL_MAX] = { KEX_SERVER }; |
2362 | struct kex *kex; | 2333 | struct kex *kex; |
@@ -2377,20 +2348,20 @@ do_ssh2_kex(void) | |||
2377 | } | 2348 | } |
2378 | 2349 | ||
2379 | if (options.rekey_limit || options.rekey_interval) | 2350 | if (options.rekey_limit || options.rekey_interval) |
2380 | packet_set_rekey_limits(options.rekey_limit, | 2351 | ssh_packet_set_rekey_limits(ssh, options.rekey_limit, |
2381 | options.rekey_interval); | 2352 | options.rekey_interval); |
2382 | 2353 | ||
2383 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( | 2354 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( |
2384 | list_hostkey_types()); | 2355 | list_hostkey_types()); |
2385 | 2356 | ||
2386 | #ifdef GSSAPI | 2357 | #if defined(GSSAPI) && defined(WITH_OPENSSL) |
2387 | { | 2358 | { |
2388 | char *orig; | 2359 | char *orig; |
2389 | char *gss = NULL; | 2360 | char *gss = NULL; |
2390 | char *newstr = NULL; | 2361 | char *newstr = NULL; |
2391 | orig = myproposal[PROPOSAL_KEX_ALGS]; | 2362 | orig = myproposal[PROPOSAL_KEX_ALGS]; |
2392 | 2363 | ||
2393 | /* | 2364 | /* |
2394 | * If we don't have a host key, then there's no point advertising | 2365 | * If we don't have a host key, then there's no point advertising |
2395 | * the other key exchange algorithms | 2366 | * the other key exchange algorithms |
2396 | */ | 2367 | */ |
@@ -2410,10 +2381,10 @@ do_ssh2_kex(void) | |||
2410 | else if (orig) | 2381 | else if (orig) |
2411 | newstr = orig; | 2382 | newstr = orig; |
2412 | 2383 | ||
2413 | /* | 2384 | /* |
2414 | * If we've got GSSAPI mechanisms, then we've got the 'null' host | 2385 | * If we've got GSSAPI mechanisms, then we've got the 'null' host |
2415 | * key alg, but we can't tell people about it unless its the only | 2386 | * key alg, but we can't tell people about it unless its the only |
2416 | * host key algorithm we support | 2387 | * host key algorithm we support |
2417 | */ | 2388 | */ |
2418 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) | 2389 | if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) |
2419 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; | 2390 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; |
@@ -2426,38 +2397,40 @@ do_ssh2_kex(void) | |||
2426 | #endif | 2397 | #endif |
2427 | 2398 | ||
2428 | /* start key exchange */ | 2399 | /* start key exchange */ |
2429 | if ((r = kex_setup(active_state, myproposal)) != 0) | 2400 | if ((r = kex_setup(ssh, myproposal)) != 0) |
2430 | fatal("kex_setup: %s", ssh_err(r)); | 2401 | fatal("kex_setup: %s", ssh_err(r)); |
2431 | kex = active_state->kex; | 2402 | kex = ssh->kex; |
2432 | #ifdef WITH_OPENSSL | 2403 | #ifdef WITH_OPENSSL |
2433 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 2404 | kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
2434 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 2405 | kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
2435 | kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; | 2406 | kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
2436 | kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; | 2407 | kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
2437 | kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; | 2408 | kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
2438 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 2409 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
2439 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | 2410 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
2440 | # ifdef OPENSSL_HAS_ECC | 2411 | # ifdef OPENSSL_HAS_ECC |
2441 | kex->kex[KEX_ECDH_SHA2] = kexecdh_server; | 2412 | kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
2442 | # endif | 2413 | # endif |
2443 | #endif | 2414 | # ifdef GSSAPI |
2444 | kex->kex[KEX_C25519_SHA256] = kexc25519_server; | ||
2445 | #ifdef GSSAPI | ||
2446 | if (options.gss_keyex) { | 2415 | if (options.gss_keyex) { |
2447 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; | 2416 | kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; |
2448 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; | 2417 | kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; |
2449 | kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; | 2418 | kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server; |
2419 | kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server; | ||
2420 | kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server; | ||
2421 | kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server; | ||
2422 | kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server; | ||
2450 | } | 2423 | } |
2451 | #endif | 2424 | # endif |
2452 | kex->server = 1; | 2425 | #endif /* WITH_OPENSSL */ |
2453 | kex->client_version_string=client_version_string; | 2426 | kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
2454 | kex->server_version_string=server_version_string; | 2427 | kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server; |
2455 | kex->load_host_public_key=&get_hostkey_public_by_type; | 2428 | kex->load_host_public_key=&get_hostkey_public_by_type; |
2456 | kex->load_host_private_key=&get_hostkey_private_by_type; | 2429 | kex->load_host_private_key=&get_hostkey_private_by_type; |
2457 | kex->host_key_index=&get_hostkey_index; | 2430 | kex->host_key_index=&get_hostkey_index; |
2458 | kex->sign = sshd_hostkey_sign; | 2431 | kex->sign = sshd_hostkey_sign; |
2459 | 2432 | ||
2460 | ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done); | 2433 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &kex->done); |
2461 | 2434 | ||
2462 | session_id2 = kex->session_id; | 2435 | session_id2 = kex->session_id; |
2463 | session_id2_len = kex->session_id_len; | 2436 | session_id2_len = kex->session_id_len; |
@@ -2476,10 +2449,8 @@ do_ssh2_kex(void) | |||
2476 | void | 2449 | void |
2477 | cleanup_exit(int i) | 2450 | cleanup_exit(int i) |
2478 | { | 2451 | { |
2479 | struct ssh *ssh = active_state; /* XXX */ | 2452 | if (the_active_state != NULL && the_authctxt != NULL) { |
2480 | 2453 | do_cleanup(the_active_state, the_authctxt); | |
2481 | if (the_authctxt) { | ||
2482 | do_cleanup(ssh, the_authctxt); | ||
2483 | if (use_privsep && privsep_is_preauth && | 2454 | if (use_privsep && privsep_is_preauth && |
2484 | pmonitor != NULL && pmonitor->m_pid > 1) { | 2455 | pmonitor != NULL && pmonitor->m_pid > 1) { |
2485 | debug("Killing privsep child %d", pmonitor->m_pid); | 2456 | debug("Killing privsep child %d", pmonitor->m_pid); |
@@ -2491,8 +2462,8 @@ cleanup_exit(int i) | |||
2491 | } | 2462 | } |
2492 | #ifdef SSH_AUDIT_EVENTS | 2463 | #ifdef SSH_AUDIT_EVENTS |
2493 | /* done after do_cleanup so it can cancel the PAM auth 'thread' */ | 2464 | /* done after do_cleanup so it can cancel the PAM auth 'thread' */ |
2494 | if (!use_privsep || mm_is_monitor()) | 2465 | if (the_active_state != NULL && (!use_privsep || mm_is_monitor())) |
2495 | audit_event(SSH_CONNECTION_ABANDON); | 2466 | audit_event(the_active_state, SSH_CONNECTION_ABANDON); |
2496 | #endif | 2467 | #endif |
2497 | _exit(i); | 2468 | _exit(i); |
2498 | } | 2469 | } |
diff --git a/sshd_config.0 b/sshd_config.0 index af54da6b2..545b9a89c 100644 --- a/sshd_config.0 +++ b/sshd_config.0 | |||
@@ -637,7 +637,7 @@ DESCRIPTION | |||
637 | the single token All which matches all criteria. The available | 637 | the single token All which matches all criteria. The available |
638 | criteria are User, Group, Host, LocalAddress, LocalPort, RDomain, | 638 | criteria are User, Group, Host, LocalAddress, LocalPort, RDomain, |
639 | and Address (with RDomain representing the rdomain(4) on which | 639 | and Address (with RDomain representing the rdomain(4) on which |
640 | the connection was received.) | 640 | the connection was received). |
641 | 641 | ||
642 | The match patterns may consist of single entries or comma- | 642 | The match patterns may consist of single entries or comma- |
643 | separated lists and may use the wildcard and negation operators | 643 | separated lists and may use the wildcard and negation operators |
@@ -725,9 +725,9 @@ DESCRIPTION | |||
725 | listen requests are permitted. Note that the GatewayPorts option | 725 | listen requests are permitted. Note that the GatewayPorts option |
726 | may further restrict which addresses may be listened on. Note | 726 | may further restrict which addresses may be listened on. Note |
727 | also that ssh(1) will request a listen host of M-bM-^@M-^\localhostM-bM-^@M-^] if no | 727 | also that ssh(1) will request a listen host of M-bM-^@M-^\localhostM-bM-^@M-^] if no |
728 | listen host was specifically requested, and this this name is | 728 | listen host was specifically requested, and this name is treated |
729 | treated differently to explicit localhost addresses of | 729 | differently to explicit localhost addresses of M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and |
730 | M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^]. | 730 | M-bM-^@M-^\::1M-bM-^@M-^]. |
731 | 731 | ||
732 | PermitOpen | 732 | PermitOpen |
733 | Specifies the destinations to which TCP port forwarding is | 733 | Specifies the destinations to which TCP port forwarding is |
@@ -1089,4 +1089,4 @@ AUTHORS | |||
1089 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 1089 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
1090 | for privilege separation. | 1090 | for privilege separation. |
1091 | 1091 | ||
1092 | OpenBSD 6.4 September 20, 2018 OpenBSD 6.4 | 1092 | OpenBSD 6.5 March 22, 2019 OpenBSD 6.5 |
diff --git a/sshd_config.5 b/sshd_config.5 index 03f813e72..e5380f5dc 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.282 2018/09/20 03:28:06 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.284 2019/03/22 20:58:34 jmc Exp $ |
37 | .Dd $Mdocdate: September 20 2018 $ | 37 | .Dd $Mdocdate: March 22 2019 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -674,16 +674,16 @@ The default is | |||
674 | Specifies whether user authentication based on GSSAPI is allowed. | 674 | Specifies whether user authentication based on GSSAPI is allowed. |
675 | The default is | 675 | The default is |
676 | .Cm no . | 676 | .Cm no . |
677 | .It Cm GSSAPIKeyExchange | ||
678 | Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange | ||
679 | doesn't rely on ssh keys to verify host identity. | ||
680 | The default is | ||
681 | .Cm no . | ||
682 | .It Cm GSSAPICleanupCredentials | 677 | .It Cm GSSAPICleanupCredentials |
683 | Specifies whether to automatically destroy the user's credentials cache | 678 | Specifies whether to automatically destroy the user's credentials cache |
684 | on logout. | 679 | on logout. |
685 | The default is | 680 | The default is |
686 | .Cm yes . | 681 | .Cm yes . |
682 | .It Cm GSSAPIKeyExchange | ||
683 | Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange | ||
684 | doesn't rely on ssh keys to verify host identity. | ||
685 | The default is | ||
686 | .Cm no . | ||
687 | .It Cm GSSAPIStrictAcceptorCheck | 687 | .It Cm GSSAPIStrictAcceptorCheck |
688 | Determines whether to be strict about the identity of the GSSAPI acceptor | 688 | Determines whether to be strict about the identity of the GSSAPI acceptor |
689 | a client authenticates against. | 689 | a client authenticates against. |
@@ -699,10 +699,30 @@ This facility is provided to assist with operation on multi homed machines. | |||
699 | The default is | 699 | The default is |
700 | .Cm yes . | 700 | .Cm yes . |
701 | .It Cm GSSAPIStoreCredentialsOnRekey | 701 | .It Cm GSSAPIStoreCredentialsOnRekey |
702 | Controls whether the user's GSSAPI credentials should be updated following a | 702 | Controls whether the user's GSSAPI credentials should be updated following a |
703 | successful connection rekeying. This option can be used to accepted renewed | 703 | successful connection rekeying. This option can be used to accepted renewed |
704 | or updated credentials from a compatible client. The default is | 704 | or updated credentials from a compatible client. The default is |
705 | .Cm no . | 705 | .Dq no . |
706 | .Pp | ||
707 | For this to work | ||
708 | .Cm GSSAPIKeyExchange | ||
709 | needs to be enabled in the server and also used by the client. | ||
710 | .It Cm GSSAPIKexAlgorithms | ||
711 | The list of key exchange algorithms that are accepted by GSSAPI | ||
712 | key exchange. Possible values are | ||
713 | .Bd -literal -offset 3n | ||
714 | gss-gex-sha1-, | ||
715 | gss-group1-sha1-, | ||
716 | gss-group14-sha1-, | ||
717 | gss-group14-sha256-, | ||
718 | gss-group16-sha512-, | ||
719 | gss-nistp256-sha256-, | ||
720 | gss-curve25519-sha256- | ||
721 | .Ed | ||
722 | .Pp | ||
723 | The default is | ||
724 | .Dq gss-gex-sha1-,gss-group14-sha1- . | ||
725 | This option only applies to protocol version 2 connections using GSSAPI. | ||
706 | .It Cm HostbasedAcceptedKeyTypes | 726 | .It Cm HostbasedAcceptedKeyTypes |
707 | Specifies the key types that will be accepted for hostbased authentication | 727 | Specifies the key types that will be accepted for hostbased authentication |
708 | as a list of comma-separated patterns. | 728 | as a list of comma-separated patterns. |
@@ -1118,7 +1138,7 @@ and | |||
1118 | .Cm RDomain | 1138 | .Cm RDomain |
1119 | representing the | 1139 | representing the |
1120 | .Xr rdomain 4 | 1140 | .Xr rdomain 4 |
1121 | on which the connection was received.) | 1141 | on which the connection was received). |
1122 | .Pp | 1142 | .Pp |
1123 | The match patterns may consist of single entries or comma-separated | 1143 | The match patterns may consist of single entries or comma-separated |
1124 | lists and may use the wildcard and negation operators described in the | 1144 | lists and may use the wildcard and negation operators described in the |
@@ -1271,7 +1291,7 @@ Note also that | |||
1271 | .Xr ssh 1 | 1291 | .Xr ssh 1 |
1272 | will request a listen host of | 1292 | will request a listen host of |
1273 | .Dq localhost | 1293 | .Dq localhost |
1274 | if no listen host was specifically requested, and this this name is | 1294 | if no listen host was specifically requested, and this name is |
1275 | treated differently to explicit localhost addresses of | 1295 | treated differently to explicit localhost addresses of |
1276 | .Dq 127.0.0.1 | 1296 | .Dq 127.0.0.1 |
1277 | and | 1297 | and |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.72 2018/10/11 00:52:46 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.73 2019/01/21 09:54:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -2057,13 +2057,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
2057 | ret = SSH_ERR_ALLOC_FAIL; | 2057 | ret = SSH_ERR_ALLOC_FAIL; |
2058 | goto out; | 2058 | goto out; |
2059 | } | 2059 | } |
2060 | if ((rsa_e = BN_new()) == NULL || | 2060 | if (sshbuf_get_bignum2(b, &rsa_e) != 0 || |
2061 | (rsa_n = BN_new()) == NULL) { | 2061 | sshbuf_get_bignum2(b, &rsa_n) != 0) { |
2062 | ret = SSH_ERR_ALLOC_FAIL; | ||
2063 | goto out; | ||
2064 | } | ||
2065 | if (sshbuf_get_bignum2(b, rsa_e) != 0 || | ||
2066 | sshbuf_get_bignum2(b, rsa_n) != 0) { | ||
2067 | ret = SSH_ERR_INVALID_FORMAT; | 2062 | ret = SSH_ERR_INVALID_FORMAT; |
2068 | goto out; | 2063 | goto out; |
2069 | } | 2064 | } |
@@ -2090,17 +2085,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
2090 | ret = SSH_ERR_ALLOC_FAIL; | 2085 | ret = SSH_ERR_ALLOC_FAIL; |
2091 | goto out; | 2086 | goto out; |
2092 | } | 2087 | } |
2093 | if ((dsa_p = BN_new()) == NULL || | 2088 | if (sshbuf_get_bignum2(b, &dsa_p) != 0 || |
2094 | (dsa_q = BN_new()) == NULL || | 2089 | sshbuf_get_bignum2(b, &dsa_q) != 0 || |
2095 | (dsa_g = BN_new()) == NULL || | 2090 | sshbuf_get_bignum2(b, &dsa_g) != 0 || |
2096 | (dsa_pub_key = BN_new()) == NULL) { | 2091 | sshbuf_get_bignum2(b, &dsa_pub_key) != 0) { |
2097 | ret = SSH_ERR_ALLOC_FAIL; | ||
2098 | goto out; | ||
2099 | } | ||
2100 | if (sshbuf_get_bignum2(b, dsa_p) != 0 || | ||
2101 | sshbuf_get_bignum2(b, dsa_q) != 0 || | ||
2102 | sshbuf_get_bignum2(b, dsa_g) != 0 || | ||
2103 | sshbuf_get_bignum2(b, dsa_pub_key) != 0) { | ||
2104 | ret = SSH_ERR_INVALID_FORMAT; | 2092 | ret = SSH_ERR_INVALID_FORMAT; |
2105 | goto out; | 2093 | goto out; |
2106 | } | 2094 | } |
@@ -2942,19 +2930,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
2942 | r = SSH_ERR_ALLOC_FAIL; | 2930 | r = SSH_ERR_ALLOC_FAIL; |
2943 | goto out; | 2931 | goto out; |
2944 | } | 2932 | } |
2945 | if ((dsa_p = BN_new()) == NULL || | 2933 | if ((r = sshbuf_get_bignum2(buf, &dsa_p)) != 0 || |
2946 | (dsa_q = BN_new()) == NULL || | 2934 | (r = sshbuf_get_bignum2(buf, &dsa_q)) != 0 || |
2947 | (dsa_g = BN_new()) == NULL || | 2935 | (r = sshbuf_get_bignum2(buf, &dsa_g)) != 0 || |
2948 | (dsa_pub_key = BN_new()) == NULL || | 2936 | (r = sshbuf_get_bignum2(buf, &dsa_pub_key)) != 0 || |
2949 | (dsa_priv_key = BN_new()) == NULL) { | 2937 | (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0) |
2950 | r = SSH_ERR_ALLOC_FAIL; | ||
2951 | goto out; | ||
2952 | } | ||
2953 | if ((r = sshbuf_get_bignum2(buf, dsa_p)) != 0 || | ||
2954 | (r = sshbuf_get_bignum2(buf, dsa_q)) != 0 || | ||
2955 | (r = sshbuf_get_bignum2(buf, dsa_g)) != 0 || | ||
2956 | (r = sshbuf_get_bignum2(buf, dsa_pub_key)) != 0 || | ||
2957 | (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) | ||
2958 | goto out; | 2938 | goto out; |
2959 | if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) { | 2939 | if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) { |
2960 | r = SSH_ERR_LIBCRYPTO_ERROR; | 2940 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -2968,12 +2948,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
2968 | dsa_pub_key = dsa_priv_key = NULL; /* transferred */ | 2948 | dsa_pub_key = dsa_priv_key = NULL; /* transferred */ |
2969 | break; | 2949 | break; |
2970 | case KEY_DSA_CERT: | 2950 | case KEY_DSA_CERT: |
2971 | if ((dsa_priv_key = BN_new()) == NULL) { | ||
2972 | r = SSH_ERR_ALLOC_FAIL; | ||
2973 | goto out; | ||
2974 | } | ||
2975 | if ((r = sshkey_froms(buf, &k)) != 0 || | 2951 | if ((r = sshkey_froms(buf, &k)) != 0 || |
2976 | (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0) | 2952 | (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0) |
2977 | goto out; | 2953 | goto out; |
2978 | if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { | 2954 | if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { |
2979 | r = SSH_ERR_LIBCRYPTO_ERROR; | 2955 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -2998,12 +2974,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
2998 | goto out; | 2974 | goto out; |
2999 | } | 2975 | } |
3000 | k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); | 2976 | k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
3001 | if (k->ecdsa == NULL || (exponent = BN_new()) == NULL) { | 2977 | if (k->ecdsa == NULL) { |
3002 | r = SSH_ERR_LIBCRYPTO_ERROR; | 2978 | r = SSH_ERR_LIBCRYPTO_ERROR; |
3003 | goto out; | 2979 | goto out; |
3004 | } | 2980 | } |
3005 | if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 || | 2981 | if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 || |
3006 | (r = sshbuf_get_bignum2(buf, exponent))) | 2982 | (r = sshbuf_get_bignum2(buf, &exponent))) |
3007 | goto out; | 2983 | goto out; |
3008 | if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { | 2984 | if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { |
3009 | r = SSH_ERR_LIBCRYPTO_ERROR; | 2985 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -3015,12 +2991,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
3015 | goto out; | 2991 | goto out; |
3016 | break; | 2992 | break; |
3017 | case KEY_ECDSA_CERT: | 2993 | case KEY_ECDSA_CERT: |
3018 | if ((exponent = BN_new()) == NULL) { | ||
3019 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
3020 | goto out; | ||
3021 | } | ||
3022 | if ((r = sshkey_froms(buf, &k)) != 0 || | 2994 | if ((r = sshkey_froms(buf, &k)) != 0 || |
3023 | (r = sshbuf_get_bignum2(buf, exponent)) != 0) | 2995 | (r = sshbuf_get_bignum2(buf, &exponent)) != 0) |
3024 | goto out; | 2996 | goto out; |
3025 | if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { | 2997 | if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { |
3026 | r = SSH_ERR_LIBCRYPTO_ERROR; | 2998 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -3037,21 +3009,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
3037 | r = SSH_ERR_ALLOC_FAIL; | 3009 | r = SSH_ERR_ALLOC_FAIL; |
3038 | goto out; | 3010 | goto out; |
3039 | } | 3011 | } |
3040 | if ((rsa_n = BN_new()) == NULL || | 3012 | if ((r = sshbuf_get_bignum2(buf, &rsa_n)) != 0 || |
3041 | (rsa_e = BN_new()) == NULL || | 3013 | (r = sshbuf_get_bignum2(buf, &rsa_e)) != 0 || |
3042 | (rsa_d = BN_new()) == NULL || | 3014 | (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 || |
3043 | (rsa_iqmp = BN_new()) == NULL || | 3015 | (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 || |
3044 | (rsa_p = BN_new()) == NULL || | 3016 | (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 || |
3045 | (rsa_q = BN_new()) == NULL) { | 3017 | (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0) |
3046 | r = SSH_ERR_ALLOC_FAIL; | ||
3047 | goto out; | ||
3048 | } | ||
3049 | if ((r = sshbuf_get_bignum2(buf, rsa_n)) != 0 || | ||
3050 | (r = sshbuf_get_bignum2(buf, rsa_e)) != 0 || | ||
3051 | (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || | ||
3052 | (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || | ||
3053 | (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || | ||
3054 | (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) | ||
3055 | goto out; | 3018 | goto out; |
3056 | if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) { | 3019 | if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) { |
3057 | r = SSH_ERR_LIBCRYPTO_ERROR; | 3020 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -3069,18 +3032,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
3069 | goto out; | 3032 | goto out; |
3070 | break; | 3033 | break; |
3071 | case KEY_RSA_CERT: | 3034 | case KEY_RSA_CERT: |
3072 | if ((rsa_d = BN_new()) == NULL || | ||
3073 | (rsa_iqmp = BN_new()) == NULL || | ||
3074 | (rsa_p = BN_new()) == NULL || | ||
3075 | (rsa_q = BN_new()) == NULL) { | ||
3076 | r = SSH_ERR_ALLOC_FAIL; | ||
3077 | goto out; | ||
3078 | } | ||
3079 | if ((r = sshkey_froms(buf, &k)) != 0 || | 3035 | if ((r = sshkey_froms(buf, &k)) != 0 || |
3080 | (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 || | 3036 | (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 || |
3081 | (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 || | 3037 | (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 || |
3082 | (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 || | 3038 | (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 || |
3083 | (r = sshbuf_get_bignum2(buf, rsa_q)) != 0) | 3039 | (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0) |
3084 | goto out; | 3040 | goto out; |
3085 | if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { | 3041 | if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { |
3086 | r = SSH_ERR_LIBCRYPTO_ERROR; | 3042 | r = SSH_ERR_LIBCRYPTO_ERROR; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.h,v 1.30 2018/09/14 04:17:44 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.31 2019/01/20 22:51:37 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -33,6 +33,7 @@ | |||
33 | #include <openssl/dsa.h> | 33 | #include <openssl/dsa.h> |
34 | # ifdef OPENSSL_HAS_ECC | 34 | # ifdef OPENSSL_HAS_ECC |
35 | # include <openssl/ec.h> | 35 | # include <openssl/ec.h> |
36 | # include <openssl/ecdsa.h> | ||
36 | # else /* OPENSSL_HAS_ECC */ | 37 | # else /* OPENSSL_HAS_ECC */ |
37 | # define EC_KEY void | 38 | # define EC_KEY void |
38 | # define EC_GROUP void | 39 | # define EC_GROUP void |
@@ -1,6 +1,6 @@ | |||
1 | /* $OpenBSD: version.h,v 1.83 2018/10/10 16:43:49 deraadt Exp $ */ | 1 | /* $OpenBSD: version.h,v 1.84 2019/04/03 15:48:45 djm Exp $ */ |
2 | 2 | ||
3 | #define SSH_VERSION "OpenSSH_7.9" | 3 | #define SSH_VERSION "OpenSSH_8.0" |
4 | 4 | ||
5 | #define SSH_PORTABLE "p1" | 5 | #define SSH_PORTABLE "p1" |
6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE | 6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE |