225 files changed, 14434 insertions, 12724 deletions

diff --git a/.depend b/.depend
index 2b29e3879..c6725ec77 100644
--- a/.depend
+++ b/.depend
@@ -6,47 +6,47 @@ audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-com
 audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
+auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
 auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h
 auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h
-auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h pathnames.h log.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
+auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h
+auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h uidswap.h pathnames.h log.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
 auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h
-auth.o: authfile.h monitor_wrap.h ssherr.h compat.h channels.h
-auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h misc.h servconf.h
+auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h dispatch.h authfile.h
+auth.o: monitor_wrap.h ssherr.h compat.h channels.h
+auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h misc.h servconf.h
 auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h
-auth2-hostbased.o: pathnames.h ssherr.h match.h
-auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h ssherr.h
-auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h monitor_wrap.h
-auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h
-auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h
-auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h
-auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h ssherr.h
-auth2.o: monitor_wrap.h digest.h
+auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h pathnames.h
+auth2-hostbased.o: ssherr.h match.h
+auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h ssherr.h
+auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h monitor_wrap.h
+auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h
+auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h auth-options.h
+auth2-pubkey.o: canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h
+auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h sshbuf.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h ssherr.h monitor_wrap.h
+auth2.o: digest.h
 authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h
 authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h ssherr.h krl.h
 bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h
-canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h canohost.h misc.h
+canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h canohost.h misc.h
 chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h
-channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h opacket.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h
+channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h
 cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h
 cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h
 cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sshbuf.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h
 cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h
 cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
-clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h
+clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h
 clientloop.o: myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h
-compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h log.h match.h kex.h mac.h
+compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h log.h match.h kex.h mac.h crypto_api.h
 crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crc32.h
 dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h
 digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h opacket.h compat.h ssherr.h
+dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h compat.h ssherr.h
 dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h
 ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ge25519.h fe25519.h sc25519.h
 entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
@@ -60,23 +60,19 @@ gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp
 hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h
 hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h
 hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h
-kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h log.h match.h misc.h monitor.h ssherr.h sshbuf.h
-kex.o: digest.h
-kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h digest.h ssherr.h
-kexc25519c.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h digest.h ssherr.h
-kexc25519s.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h ssherr.h
+kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.h ssh2.h atomicio.h version.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h log.h match.h
+kex.o: misc.h monitor.h ssherr.h sshbuf.h digest.h
+kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h ssh2.h
 kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-kexdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-kexdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-kexecdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-kexecdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
+kexgen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h ssh2.h sshbuf.h digest.h ssherr.h
 kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
+kexsntrup4591761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h
 krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h
 log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
-loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h
+loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h
 logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h
 mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h
 match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h
@@ -84,24 +80,23 @@ md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-comp
 misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h
 moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h openbsd-compat/openssl-compat.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h
-monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h
+monitor.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h dh.h packet.h dispatch.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h
 monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h monitor_fdpass.h
-monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
-monitor_wrap.o: auth-options.h packet.h dispatch.h opacket.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h
+monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
+monitor_wrap.o: auth-options.h packet.h dispatch.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h
 msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h
-mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h opacket.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h ssherr.h
-nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h opacket.h channels.h compat.h log.h
-opacket.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h
-packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h digest.h log.h canohost.h misc.h channels.h ssh.h
-packet.o: packet.h dispatch.h opacket.h ssherr.h sshbuf.h
+mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h ssherr.h
+nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h channels.h compat.h log.h
+packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h digest.h log.h canohost.h misc.h channels.h
+packet.o: ssh.h packet.h dispatch.h ssherr.h sshbuf.h
 platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
 platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
 poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h
-progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h
-readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h uidswap.h
-readconf.o: myproposal.h digest.h
+progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h utf8.h
+readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h crypto_api.h
+readconf.o: uidswap.h myproposal.h digest.h
 readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h
 rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h
 sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
@@ -114,25 +109,26 @@ sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openb
 sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sc25519.h crypto_api.h
 scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h
-servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h match.h channels.h
-servconf.o: groupaccess.h canohost.h packet.h dispatch.h opacket.h ssherr.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h
-serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
-serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h
-session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h sshbuf.h ssherr.h match.h uidswap.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
-session.o: cipher-aesctr.h rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h monitor_wrap.h sftp.h atomicio.h
+servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h
+servconf.o: match.h channels.h groupaccess.h canohost.h packet.h dispatch.h ssherr.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h
+serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h sshbuf.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h
+serverloop.o: rijndael.h kex.h mac.h crypto_api.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h
+session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h sshbuf.h ssherr.h match.h uidswap.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h
+session.o: rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h crypto_api.h monitor_wrap.h sftp.h atomicio.h
 sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h
 sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h
 sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h
 sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sftp.h misc.h xmalloc.h
 sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h
 sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h
+sntrup4591761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h
 ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h
 ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h
 ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h sshbuf.h sshkey.h ssherr.h ssh.h
 ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h uuencode.h sshbuf.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h
-ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h compat.h myproposal.h packet.h dispatch.h opacket.h log.h
+ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h crypto_api.h compat.h myproposal.h packet.h dispatch.h log.h
 ssh-keyscan.o: atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h
 ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h
 ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
@@ -140,27 +136,27 @@ ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/ope
 ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h opacket.h
-ssh.o: sshbuf.h channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h
-ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h log.h authfile.h misc.h
-ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h
+ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h sshbuf.h
+ssh.o: channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h
+ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h authfile.h misc.h
+ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h
 sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
 sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
 sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
 sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h
-sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h
-sshconnect.o: ssherr.h authfd.h
-sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h myproposal.h
+sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h ssherr.h
+sshconnect.o: authfd.h kex.h mac.h crypto_api.h
+sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h myproposal.h
 sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h
-sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h
-sshd.o: poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h
+sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
+sshd.o: cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h crypto_api.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h
 ssherr.o: ssherr.h
 sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
 sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h openbsd-compat/openssl-compat.h
 sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h
 sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h misc.h
 sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h
-ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h compat.h sshbuf.h ssherr.h ttymodes.h
+ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h log.h compat.h sshbuf.h ssherr.h ttymodes.h
 uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h uidswap.h xmalloc.h
 umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h
 umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h
diff --git a/.gitignore b/.gitignore
index 650eb3c3c..e7e02ea72 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,4 @@ ssh-keysign
 ssh-pkcs11-helper
 sshd
 !regress/misc/fuzz-harness/Makefile
+tags
diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index f1b3b7640..01d447a49 100644
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -5,6 +5,7 @@ fa728823ba21c4b45212750e1d3a4b2086fd1a62	more Makefile refactoring
 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e        moduli update
 814b2f670df75759e1581ecef530980b2b3d7e0f        remove redundant make defs
 04431e8e7872f49a2129bf080a6b73c19d576d40        moduli update
+c07772f58028fda683ee6abd41c73da3ff70d403        moduli update
 
 Old upstream tree:
 
diff --git a/ChangeLog b/ChangeLog
index 0307f62e0..fdc0a0619 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,2602 @@
+commit fd0fa130ecf06d7d092932adcd5d77f1549bfc8d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Apr 18 08:52:57 2019 +1000
+
+    makedepend
+
+commit 5de397a876b587ba05a9169237deffdc71f273b0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 5 11:29:51 2019 -0700
+
+    second thoughts: leave README in place
+    
+    A number of contrib/* files refer to the existing README so let's leave
+    it in place for release and add the new markdown version in parallel.
+    
+    I'll get rid of README after release.
+
+commit 5d3127d9274519b25ed10e320f45045ba8d7f3be
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 5 11:29:31 2019 -0700
+
+    Revert "rewrite README"
+    
+    This reverts commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f.
+
+commit 9444d82678cb7781820da4d1c23b3c2b9fb1e12f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 5 11:21:48 2019 -0700
+
+    rewrite README
+    
+    Include basic build instructions and comments on commonly-used build-
+    time flags, links to the manual pages and other resources.
+    
+    Now in Markdown format for better viewing on github, etc.
+
+commit a924de0c4908902433813ba205bee1446bd1a157
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Apr 5 03:41:52 2019 +1100
+
+    update versions
+
+commit 312dcee739bca5d6878c536537b2a8a497314b75
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 3 15:48:45 2019 +0000
+
+    upstream: openssh-8.0
+    
+    OpenBSD-Commit-ID: 5aafdf218679dab982fea20771afd643be9a127b
+
+commit 885bc114692046d55e2a170b932bdc0092fa3456
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Apr 4 02:47:40 2019 +1100
+
+    session: Do not use removed API
+    
+    from Jakub Jelen
+
+commit 9d7b2882b0c9a5e9bf8312ce4075bf178e2b98be
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 29 11:31:40 2019 +0000
+
+    upstream: when logging/fataling on error, include a bit more detail
+    
+    than just the function name and the error message
+    
+    OpenBSD-Commit-ID: dd72d7eba2215fcb89be516c378f633ea5bcca9f
+
+commit 79a87d32783d6c9db40af8f35e091d9d30365ae7
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Apr 3 06:27:45 2019 +1100
+
+    Remove "struct ssh" from sys_auth_record_login.
+    
+    It's not needed, and is not available from the call site in loginrec.c
+    Should only affect AIX, spotted by Kevin Brott.
+
+commit 138c0d52cdc90f9895333b82fc57d81cce7a3d90
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Apr 2 18:21:35 2019 +1100
+
+    Adapt custom_failed_login to new prototype.
+    
+    Spotted by Kevin Brott.
+
+commit a0ca4009ab2f0b1007ec8ab6864dbf9b760a8ed5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Apr 1 20:07:23 2019 +1100
+
+    Add includes.h for compat layer.
+    
+    Should fix build on AIX 7.2.
+
+commit 00991151786ce9b1d577bdad1f83a81d19c8236d
+Author: Tim Rice <tim@multitalents.net>
+Date:   Sun Mar 31 22:14:22 2019 -0700
+
+    Stop USL compilers for erroring with "integral constant expression expected"
+
+commit 43f47ebbdd4037b569c23b8f4f7981f53b567f1d
+Author: Tim Rice <tim@multitalents.net>
+Date:   Sun Mar 31 19:22:19 2019 -0700
+
+    Only use O_NOFOLLOW in fchownat and fchmodat if defined
+
+commit 342d6e51589b184c337cccfc4c788b60ff8b3765
+Author: Jakub Jelen <jjelen@redhat.com>
+Date:   Fri Mar 29 12:29:41 2019 +0100
+
+    Adjust softhsm2 path on Fedora Linux for regress
+    
+    The SoftHSM lives in Fedora in /usr/lib64/pkcs11/libsofthsm2.so
+
+commit f5abb05f8c7358dacdcb866fe2813f6d8efd5830
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Mar 28 09:26:14 2019 +1100
+
+    Only use O_NOFOLLOW in utimensat if defined.
+    
+    Fixes build on systems that don't have it (Solaris <=9)  Found by
+    Tom G. Christensen.
+
+commit 786cd4c1837fdc3fe7b4befe54a3f37db7df8715
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Wed Mar 27 18:18:21 2019 +0100
+
+    drop old Cygwin considerations
+    
+    - Cygwin supports non-DOS characters in filenames
+    - Cygwin does not support Windows XP anymore
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit 21da87f439b48a85b951ef1518fe85ac0273e719
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 27 09:29:14 2019 +0000
+
+    upstream: fix interaction between ClientAliveInterval and RekeyLimit
+    
+    that could cause connection to close incorrectly; Report and patch from Jakub
+    Jelen in bz#2757; ok dtucker@ markus@
+    
+    OpenBSD-Commit-ID: 17229a8a65bd8e6c2080318ec2b7a61e1aede3fb
+
+commit 4f0019a9afdb4a94d83b75e82dbbbe0cbe826c56
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 25 22:34:52 2019 +0000
+
+    upstream: Fix authentication failures when "AuthenticationMethods
+    
+    any" in a Match block overrides a more restrictive global default.
+    
+    Spotted by jmc@, ok markus@
+    
+    OpenBSD-Commit-ID: a90a4fe2ab81d0eeeb8fdfc21af81f7eabda6666
+
+commit d6e5def308610f194c0ec3ef97a34a3e9630e190
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 25 22:33:44 2019 +0000
+
+    upstream: whitespace
+    
+    OpenBSD-Commit-ID: 106e853ae8a477e8385bc53824d3884a8159db07
+
+commit 26e0cef07b04479537c971dec898741df1290fe5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Mar 25 16:19:44 2019 +0000
+
+    upstream: Expand comment to document rationale for default key
+    
+    sizes. "seems worthwhile" deraadt.
+    
+    OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
+
+commit f47269ea67eb4ff87454bf0d2a03e55532786482
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Mar 25 15:49:00 2019 +0000
+
+    upstream: Increase the default RSA key size to 3072 bits. Based on
+    
+    the estimates from NIST Special Publication 800-57, 3k bits provides security
+    equivalent to 128 bits which is the smallest symmetric cipher we enable by
+    default. ok markus@ deraadt@
+    
+    OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
+
+commit 62949c5b37af28d8490d94866e314a76be683a5e
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Mar 22 20:58:34 2019 +0000
+
+    upstream: full stop in the wrong place;
+    
+    OpenBSD-Commit-ID: 478a0567c83553a2aebf95d0f1bd67ac1b1253e4
+
+commit 1b1332b5bb975d759a50b37f0e8bc8cfb07a0bb0
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Mar 16 19:14:21 2019 +0000
+
+    upstream: benno helped me clean up the tcp forwarding section;
+    
+    OpenBSD-Commit-ID: d4bec27edefde636fb632b7f0b7c656b9c7b7f08
+
+commit 2aee9a49f668092ac5c9d34e904ef7a9722e541d
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Mar 8 17:24:43 2019 +0000
+
+    upstream: fix use-after-free in ssh-pkcs11; found by hshoexer w/AFL
+    
+    OpenBSD-Commit-ID: febce81cca72b71f70513fbee4ff52ca050f675c
+
+commit 9edbd7821e6837e98e7e95546cede804dac96754
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Mar 14 10:17:28 2019 +1100
+
+    Fix build when configured --without-openssl.
+    
+    ok djm@
+
+commit 825ab32f0d04a791e9d19d743c61ff8ed9b4d8e5
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Mar 14 08:51:17 2019 +1100
+
+    On Cygwin run sshd as SYSTEM where possible.
+    
+    Seteuid now creates user token using S4U.  We don't create a token
+    from scratch anymore, so we don't need the "Create a process token"
+    privilege.  The service can run under SYSTEM again...
+    
+    ...unless Cygwin is running on Windows Vista or Windows 7 in the
+    WOW64 32 bit emulation layer.  It turns out that WOW64 on these systems
+    didn't implement MsV1_0 S4U Logon so we still need the fallback
+    to NtCreateToken for these systems.
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit a212107bfdf4d3e870ab7a443e4d906e5b9578c3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Mar 13 10:49:16 2019 +1100
+
+    Replace alloca with xcalloc.
+    
+    The latter checks for memory exhaustion and integer overflow and may be
+    at a less predictable place.  Sanity check by vinschen at redhat.com, ok
+    djm@
+
+commit daa7505aadca68ba1a2c70cbdfce423208eb91ee
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Mar 12 09:19:19 2019 +1100
+
+    Use Cygwin-specific matching only for users+groups.
+    
+    Patch from vinschen at redhat.com, updated a little by me.
+
+commit fd10cf027b56f9aaa80c9e3844626a05066589a4
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Mar 6 22:14:23 2019 +0000
+
+    upstream: Move checks for lists of users or groups into their own
+    
+    function. This is a no-op on OpenBSD but will make things easier in
+    -portable, eg on systems where these checks should be case-insensitive.  ok
+    djm@
+    
+    OpenBSD-Commit-ID: 8bc9c8d98670e23f8eaaaefe29c1f98e7ba0487e
+
+commit ab5fee8eb6a011002fd9e32b1597f02aa8804a25
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Mar 6 21:06:59 2019 +0000
+
+    upstream: Reset last-seen time when sending a keepalive. Prevents
+    
+    sending two keepalives successively and prematurely terminating connection
+    when ClientAliveCount=1.  While there, collapse two similar tests into one.
+    ok markus@
+    
+    OpenBSD-Commit-ID: 043670d201dfe222537a2a4bed16ce1087de5ddd
+
+commit c13b74530f9f1d9df7aeae012004b31b2de4438e
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Tue Mar 5 16:17:12 2019 +0000
+
+    upstream: PKCS#11 support is no longer limited to RSA; ok benno@
+    
+    kn@
+    
+    OpenBSD-Commit-ID: 1a9bec64d530aed5f434a960e7515a3e80cbc826
+
+commit e9552d6043db7cd170ac6ba1b4d2c7a5eb2c3201
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 1 03:29:32 2019 +0000
+
+    upstream: in ssh_set_newkeys(), mention the direction that we're
+    
+    keying in debug messages. Previously it would be difficult to tell which
+    direction it was talking about
+    
+    OpenBSD-Commit-ID: c2b71bfcceb2a7389b9d0b497fb2122a406a522d
+
+commit 76a24b3fa193a9ca3e47a8779d497cb06500798b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 1 02:32:39 2019 +0000
+
+    upstream: Fix two race conditions in sshd relating to SIGHUP:
+    
+    1. Recently-forked child processes will briefly remain listening to
+      listen_socks. If the main server sshd process completes its restart
+      via execv() before these sockets are closed by the child processes
+      then it can fail to listen at the desired addresses/ports and/or
+      fail to restart.
+    
+    2. When a SIGHUP is received, there may be forked child processes that
+      are awaiting their reexecution state. If the main server sshd
+      process restarts before passing this state, these child processes
+      will yield errors and use a fallback path of reading the current
+      sshd_config from the filesystem rather than use the one that sshd
+      was started with.
+    
+    To fix both of these cases, we reuse the startup_pipes that are shared
+    between the main server sshd and forked children. Previously this was
+    used solely to implement tracking of pre-auth child processes for
+    MaxStartups, but this extends the messaging over these pipes to include
+    a child->parent message that the parent process is safe to restart. This
+    message is sent from the child after it has completed its preliminaries:
+    closing listen_socks and receiving its reexec state.
+    
+    bz#2953, reported by Michal Koutný; ok markus@ dtucker@
+    
+    OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab
+
+commit de817e9dfab99473017d28cdf69e60397d00ea21
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 1 02:16:47 2019 +0000
+
+    upstream: mention PKCS11Provide=none, reword a little and remove
+    
+    mention of RSA keys only (since we support ECDSA now and might support others
+    in the future). Inspired by Jakub Jelen via bz#2974
+    
+    OpenBSD-Commit-ID: a92e3686561bf624ccc64ab320c96c9e9a263aa5
+
+commit 95a8058c1a90a27acbb91392ba206854abc85226
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 1 02:08:50 2019 +0000
+
+    upstream: let PKCS11Provider=none do what users expect
+    
+    print PKCS11Provider instead of obsolete SmartcardDevice in config dump.
+    
+    bz#2974 ok dtucker@
+    
+    OpenBSD-Commit-ID: c303d6f0230a33aa2dd92dc9b68843d56a64f846
+
+commit 8e7bac35aa576d2fd7560836da83733e864ce649
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Feb 27 19:37:01 2019 +0000
+
+    upstream: dup stdout/in for proxycommand=-, otherwise stdout might
+    
+    be redirected to /dev/null; ok djm@
+    
+    OpenBSD-Commit-ID: 97dfce4c47ed4055042de8ebde85b7d88793e595
+
+commit 9b61130fbd95d196bce81ebeca94a4cb7c0d5ba0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Feb 23 08:20:43 2019 +0000
+
+    upstream: openssh-7.9 accidentally reused the server's algorithm lists
+    
+    in the client for KEX, ciphers and MACs. The ciphers and MACs were identical
+    between the client and server, but the error accidentially disabled the
+    diffie-hellman-group-exchange-sha1 KEX method.
+    
+    This fixes the client code to use the correct method list, but
+    because nobody complained, it also disables the
+    diffie-hellman-group-exchange-sha1 KEX method.
+    
+    Reported by nuxi AT vault24.org via bz#2697; ok dtucker
+    
+    OpenBSD-Commit-ID: e30c33a23c10fd536fefa120e86af1842e33fd57
+
+commit 37638c752041d591371900df820f070037878a2d
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Wed Feb 20 13:41:25 2019 +0100
+
+    Cygwin: implement case-insensitive Unicode user and group name matching
+    
+    The previous revert enabled case-insensitive user names again.  This
+    patch implements the case-insensitive user and group name matching.
+    To allow Unicode chars, implement the matcher using wchar_t chars in
+    Cygwin-specific code.  Keep the generic code changes as small as possible.
+    Cygwin: implement case-insensitive Unicode user and group name matching
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit bed1d43698807a07bb4ddb93a46b0bd84b9970b3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Feb 22 15:21:21 2019 +1100
+
+    Revert unintended parts of previous commit.
+
+commit f02afa350afac1b2f2d1413259a27a4ba1e2ca24
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Wed Feb 20 13:41:24 2019 +0100
+
+    Revert "[auth.c] On Cygwin, refuse usernames that have differences in case"
+    
+    This reverts commit acc9b29486dfd649dfda474e5c1a03b317449f1c.
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit 4c55b674835478eb80a1a7aeae588aa654e2a433
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Sat Feb 16 14:13:43 2019 +0100
+
+    Add tags to .gitignore
+    
+    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
+
+commit 625b62634c33eaef4b80d07529954fe5c6435fe5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 22 03:37:11 2019 +0000
+
+    upstream: perform removal of agent-forwarding directory in forward
+    
+    setup error path with user's privileged. This is a no-op as this code always
+    runs with user privilege now that we no longer support running sshd with
+    privilege separation disabled, but as long as the privsep skeleton is there
+    we should follow the rules.
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
+    
+    bz#2969 with patch from Erik Sjölund
+    
+    OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
+
+commit d9ecfaba0b2f1887d20e4368230632e709ca83be
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Feb 18 07:02:34 2019 +0000
+
+    upstream: sync the description of ~/.ssh/config with djm's updated
+    
+    description in ssh.1; issue pointed out by andreas kahari
+    
+    ok dtucker djm
+    
+    OpenBSD-Commit-ID: 1b01ef0ae2c6328165150badae317ec92e52b01c
+
+commit 38e83e4f219c752ebb1560633b73f06f0392018b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 12 23:53:10 2019 +0000
+
+    upstream: fix regression in r1.302 reported by naddy@ - only the first
+    
+    public key from the agent was being attempted for use.
+    
+    OpenBSD-Commit-ID: 07116aea521a04888718b2157f1ca723b2f46c8d
+
+commit 5c68ea8da790d711e6dd5f4c30d089c54032c59a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 11 09:44:42 2019 +0000
+
+    upstream: cleanup GSSAPI authentication context after completion of the
+    
+    authmethod. Move function-static GSSAPI state to the client Authctxt
+    structure. Make static a bunch of functions that aren't used outside this
+    file.
+    
+    Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@
+    
+    OpenBSD-Commit-ID: 497fb792c0ddb4f1ba631b6eed526861f115dbe5
+
+commit a8c807f1956f81a92a758d3d0237d0ff06d0be5d
+Author: benno@openbsd.org <benno@openbsd.org>
+Date:   Sun Feb 10 16:35:41 2019 +0000
+
+    upstream: ssh-keygen -D pkcs11.so needs to initialize pkcs11
+    
+    interactive, so it can ask for the smartcards PIN. ok markus@
+    
+    OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab
+
+commit 3d896c157c722bc47adca51a58dca859225b5874
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Feb 10 11:15:52 2019 +0000
+
+    upstream: when checking that filenames sent by the server side
+    
+    match what the client requested, be prepared to handle shell-style brace
+    alternations, e.g. "{foo,bar}".
+    
+    "looks good to me" millert@ + in snaps for the last week courtesy
+    deraadt@
+    
+    OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e
+
+commit 318e4f8548a4f5c0c913f61e27d4fc21ffb1eaae
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Feb 10 11:10:57 2019 +0000
+
+    upstream: syslog when connection is dropped for attempting to run a
+    
+    command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
+    
+    OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
+
+commit 2ff2e19653b8c0798b8b8eff209651bdb1be2761
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Feb 8 14:53:35 2019 +1100
+
+    don't set $MAIL if UsePam=yes
+    
+    PAM typically specifies the user environment if it's enabled, so don't
+    second guess. bz#2937; ok dtucker@
+
+commit 03e92dd27d491fe6d1a54e7b2f44ef1b0a916e52
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Feb 8 14:50:36 2019 +1100
+
+    use same close logic for stderr as stdout
+    
+    Avoids sending SIGPIPE to child processes after their parent exits
+    if they attempt to write to stderr.
+    
+    Analysis and patch from JD Paul; patch reworked by Jakub Jelen and
+    myself. bz#2071; ok dtucker@
+
+commit 8c53d409baeeaf652c0c125a9b164edc9dbeb6de
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Feb 5 11:35:56 2019 +0000
+
+    upstream: Adapt code in the non-USE_PIPES codepath to the new packet
+    
+    API. This code is not normally reachable since USE_PIPES is always defined.
+    bz#2961, patch from adrian.fita at gmail com.
+    
+    OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
+
+commit 7a7fdca78de4b4774950be056099e579ef595414
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 4 23:37:54 2019 +0000
+
+    upstream: fix NULL-deref crash in PKCS#11 code when attempting
+    
+    login to a token requiring a PIN; reported by benno@ fix mostly by markus@
+    
+    OpenBSD-Commit-ID: 438d0b114b1b4ba25a9869733db1921209aa9a31
+
+commit cac302a4b42a988e54d32eb254b29b79b648dbf5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Feb 4 02:39:42 2019 +0000
+
+    upstream: Remove obsolete "Protocol" from commented out examples. Patch
+    
+    from samy.mahmoudi at gmail com.
+    
+    OpenBSD-Commit-ID: 16aede33dae299725a03abdac5dcb4d73f5d0cbf
+
+commit 483b3b638500fd498b4b529356e5a0e18cf76891
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 1 03:52:23 2019 +0000
+
+    upstream: Save connection timeout and restore for 2nd and
+    
+    subsequent attempts, preventing them from having no timeout.  bz#2918, ok
+    djm@
+    
+    OpenBSD-Commit-ID: 4977f1d0521d9b6bba0c9a20d3d226cefac48292
+
+commit 5f004620fdc1b2108139300ee12f4014530fb559
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jan 30 19:51:15 2019 +0000
+
+    upstream: Add authors for public domain sntrup4591761 code;
+    
+    confirmed by Daniel J. Bernstein
+    
+    OpenBSD-Commit-ID: b4621f22b8b8ef13e063c852af5e54dbbfa413c1
+
+commit 2c21b75a7be6ebdcbceaebb43157c48dbb36f3d8
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Jan 27 07:14:11 2019 +0000
+
+    upstream: add -T to usage();
+    
+    OpenBSD-Commit-ID: a7ae14d9436c64e1bd05022329187ea3a0ce1899
+
+commit 19a0f0529d3df04118da829528cac7ceff380b24
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 28 03:50:39 2019 +0000
+
+    upstream: The test sshd_config in in $OBJ.
+    
+    OpenBSD-Regress-ID: 1e5d908a286d8e7de3a15a0020c8857f3a7c9172
+
+commit 8fe25440206319d15b52d12b948a5dfdec14dca3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 28 03:28:10 2019 +0000
+
+    upstream: Remove leftover debugging.
+    
+    OpenBSD-Regress-ID: 3d86c3d4867e46b35af3fd2ac8c96df0ffdcfeb9
+
+commit e30d32364d12c351eec9e14be6c61116f9d6cc90
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 28 00:12:36 2019 +0000
+
+    upstream: Enable ssh-dss for the agent test. Disable it for the
+    
+    certificate test.
+    
+    OpenBSD-Regress-ID: 388c1e03e1def539d350f139b37d69f12334668d
+
+commit ffdde469ed56249f5dc8af98da468dde35531398
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 28 00:08:26 2019 +0000
+
+    upstream: Count the number of key types instead of assuming there
+    
+    are only two.
+    
+    OpenBSD-Regress-ID: 0998702c41235782cf0beee396ec49b5056eaed9
+
+commit 1d05b4adcba08ab068466e5c08dee2f5417ec53a
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Sat Jan 26 23:42:40 2019 +0100
+
+    Cygwin: only tweak sshd_config file if it's new, drop creating sshd user
+    
+    The sshd_config tweaks were executed even if the old file was
+    still in place.  Fix that.  Also disable sshd user creation.
+    It's not used on Cygwin.
+
+commit 89843de0c4c733501f6b4f988098e6e06963df37
+Author: Corinna Vinschen <vinschen@redhat.com>
+Date:   Sat Jan 26 23:03:12 2019 +0100
+
+    Cygwin: Change service name to cygsshd
+    
+    Microsoft hijacked the sshd service name without asking.
+
+commit 2a9b3a2ce411d16cda9c79ab713c55f65b0ec257
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jan 27 06:30:53 2019 +0000
+
+    upstream: Generate all key supported key types and enable for keyscan
+    
+    test.
+    
+    OpenBSD-Regress-ID: 72f72ff49946c61bc949e1692dd9e3d71370891b
+
+commit 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 26 22:41:28 2019 +0000
+
+    upstream: check in scp client that filenames sent during
+    
+    remote->local directory copies satisfy the wildcard specified by the user.
+    
+    This checking provides some protection against a malicious server
+    sending unexpected filenames, but it comes at a risk of rejecting wanted
+    files due to differences between client and server wildcard expansion rules.
+    
+    For this reason, this also adds a new -T flag to disable the check.
+    
+    reported by Harry Sintonen
+    fix approach suggested by markus@;
+    has been in snaps for ~1wk courtesy deraadt@
+    
+    OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda
+
+commit c2c18a39683db382a15b438632afab3f551d50ce
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 26 22:35:01 2019 +0000
+
+    upstream: make ssh-keyscan return a non-zero exit status if it
+    
+    finds no keys. bz#2903
+    
+    OpenBSD-Commit-ID: 89f1081fb81d950ebb48e6e73d21807b2723d488
+
+commit 05b9a466700b44d49492edc2aa415fc2e8913dfe
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 24 17:00:29 2019 +0000
+
+    upstream: Accept the host key fingerprint as a synonym for "yes"
+    
+    when accepting an unknown host key.  This allows you to paste a fingerprint
+    obtained out of band into the yes/no prompt and have the client do the
+    comparison for you.  ok markus@ djm@
+    
+    OpenBSD-Commit-ID: 3c47d10b9f43d3d345e044fd9ec09709583a2767
+
+commit bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 24 16:52:17 2019 +0000
+
+    upstream: Have progressmeter force an update at the beginning and
+    
+    end of each transfer.  Fixes the problem recently introduces where very quick
+    transfers do not display the progressmeter at all.  Spotted by naddy@
+    
+    OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a
+
+commit 258e6ca003e47f944688ad8b8de087b58a7d966c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 24 02:42:23 2019 +0000
+
+    upstream: Check for both EAGAIN and EWOULDBLOCK. This is a no-op
+    
+    in OpenBSD (they are the same value) but makes things easier in -portable
+    where they may be distinct values.  "sigh ok" deraadt@
+    
+    (ID sync only, portable already had this change).
+    
+    OpenBSD-Commit-ID: 91f2bc7c0ecec905915ed59fa37feb9cc90e17d7
+
+commit 281ce042579b834cdc1e74314f1fb2eeb75d2612
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jan 24 02:34:52 2019 +0000
+
+    upstream: Always initialize 2nd arg to hpdelim2. It populates that
+    
+    *ONLY IF* there's a delimiter.  If there's not (the common case) it checked
+    uninitialized memory, which usually passed, but if not would cause spurious
+    failures when the uninitialized memory happens to contain "/".  ok deraadt.
+    
+    OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3
+
+commit d05ea255678d9402beda4416cd0360f3e5dfe938
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 23 21:50:56 2019 +0000
+
+    upstream: Remove support for obsolete host/port syntax.
+    
+    host/port was added in 2001 as an alternative to host:port syntax for
+    the benefit of IPv6 users.  These days there are establised standards
+    for this like [::1]:22 and the slash syntax is easily mistaken for CIDR
+    notation, which OpenSSH now supports for some things.  Remove the slash
+    notation from ListenAddress and PermitOpen.  bz#2335, patch from jjelen
+    at redhat.com, ok markus@
+    
+    OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7
+
+commit 177d6c80c557a5e060cd343a0c116a2f1a7f43db
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 23 20:48:52 2019 +0000
+
+    upstream: Remove duplicate word. bz#2958, patch from jjelen at
+    
+    redhat.com
+    
+    OpenBSD-Commit-ID: cca3965a8333f2b6aae48b79ec1d72f7a830dd2c
+
+commit be3e6cba95dffe5fcf190c713525b48c837e7875
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 23 09:49:00 2019 +0000
+
+    upstream: Remove 3 as a guess for possible generator during moduli
+    
+    generation. It's not mentioned in RFC4419 and it's not possible for
+    Sophie-Germain primes greater than 5.  bz#2330, from Christian Wittenhorst ,
+    ok djm@ tb@
+    
+    OpenBSD-Commit-ID: 1467652e6802ad3333b0959282d8d49dfe22c8cd
+
+commit 8976f1c4b2721c26e878151f52bdf346dfe2d54c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 23 08:01:46 2019 +0000
+
+    upstream: Sanitize scp filenames via snmprintf. To do this we move
+    
+    the progressmeter formatting outside of signal handler context and have the
+    atomicio callback called for EINTR too.  bz#2434 with contributions from djm
+    and jjelen at redhat.com, ok djm@
+    
+    OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8
+
+commit 6249451f381755f792c6b9e2c2f80cdc699c14e2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 24 10:00:20 2019 +1100
+
+    For broken read/readv comparisons, poll(RW).
+    
+    In the cases where we can't compare to read or readv function pointers
+    for some reason we currently ifdef out the poll() used to block while
+    waiting for reads or writes, falling back to busy waiting.  This restores
+    the poll() in this case, but has it always check for read or write,
+    removing an inline ifdef in the process.
+
+commit 5cb503dff4db251520e8bf7d23b9c97c06eee031
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 24 09:55:16 2019 +1100
+
+    Include unistd.h for strmode().
+
+commit f236ca2741f29b5c443c0b2db3aa9afb9ad9befe
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Jan 24 09:50:58 2019 +1100
+
+    Also undef SIMPLEQ_FOREACH_SAFE.
+    
+    Prevents macro redefinition warning on at least NetBSD 6.1.
+
+commit be063945e4e7d46b1734d973bf244c350fae172a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 23 04:51:02 2019 +0000
+
+    upstream: allow auto-incrementing certificate serial number for certs
+    
+    signed in a single commandline.
+    
+    OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b
+
+commit 851f80328931975fe68f71af363c4537cb896da2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 23 04:16:22 2019 +0000
+
+    upstream: move a bunch of global flag variables to main(); make the
+    
+    rest static
+    
+    OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc
+
+commit 2265402dc7d701a9aca9f8a7b7b0fd45b65c479f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jan 23 13:03:16 2019 +1100
+
+    depend
+
+commit 2c223878e53cc46def760add459f5f7c4fb43e35
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 23 02:01:10 2019 +0000
+
+    upstream: switch mainloop from select(2) to poll(2); ok deraadt@
+    
+    OpenBSD-Commit-ID: 37645419a330037d297f6f0adc3b3663e7ae7b2e
+
+commit bb956eaa94757ad058ff43631c3a7d6c94d38c2f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 23 00:30:41 2019 +0000
+
+    upstream: pass most arguments to the KEX hash functions as sshbuf
+    
+    rather than pointer+length; ok markus@
+    
+    OpenBSD-Commit-ID: ef0c89c52ccc89817a13a5205725148a28492bf7
+
+commit d691588b8e29622c66abf8932362b522cf7f4051
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 22:58:50 2019 +0000
+
+    upstream: backoff reading messages from active connections when the
+    
+    input buffer is too full to read one, or if the output buffer is too full to
+    enqueue a response; feedback & ok dtucker@
+    
+    OpenBSD-Commit-ID: df3c5b6d57c968975875de40d8955cbfed05a6c8
+
+commit f99ef8de967949a1fc25a5c28263ea32736e5943
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 20:48:01 2019 +0000
+
+    upstream: add -m to usage(); reminded by jmc@
+    
+    OpenBSD-Commit-ID: bca476a5236e8f94210290b3e6a507af0434613e
+
+commit 41923ce06ac149453debe472238e0cca7d5a2e5f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 12:03:58 2019 +0000
+
+    upstream: Correct some bugs in PKCS#11 token PIN handling at
+    
+    initial login, the attempt at reading the PIN could be skipped in some cases
+    especially on devices with integrated PIN readers.
+    
+    based on patch from Daniel Kucera in bz#2652; ok markus@
+    
+    OpenBSD-Commit-ID: fad70a61c60610afe8bb0db538c90e343e75e58e
+
+commit 2162171ad517501ba511fa9f8191945d01857bb4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 12:00:50 2019 +0000
+
+    upstream: Support keys that set the CKA_ALWAYS_AUTHENTICATE by
+    
+    requring a fresh login after the C_SignInit operation.
+    
+    based on patch from Jakub Jelen in bz#2638; ok markus
+    
+    OpenBSD-Commit-ID: a76e66996ba7c0923b46b74d46d499b811786661
+
+commit 7a2cb18a215b2cb335da3dc99489c52a91f4925b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 11:51:25 2019 +0000
+
+    upstream: Mention that configuration for the destination host is
+    
+    not applied to any ProxyJump/-J hosts. This has confused a few people...
+    
+    OpenBSD-Commit-ID: 03f4f641df6ca236c1bfc69836a256b873db868b
+
+commit ecd2f33cb772db4fa76776543599f1c1ab6f9fa0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 11:40:42 2019 +0000
+
+    upstream: Include -m in the synopsis for a few more commands that
+    
+    support it
+    
+    Be more explicit in the description of -m about where it may be used
+    
+    Prompted by Jakub Jelen in bz2904
+    
+    OpenBSD-Commit-ID: 3b398ac5e05d8a6356710d0ff114536c9d71046c
+
+commit ff5d2cf4ca373bb4002eef395ed2cbe2ff0826c1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 11:26:16 2019 +0000
+
+    upstream: print the full pubkey being attempted at loglevel >=
+    
+    debug2; bz2939
+    
+    OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290
+
+commit 180b520e2bab33b566b4b0cbac7d5f9940935011
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 11:19:42 2019 +0000
+
+    upstream: clarify: ssh-keygen -e only writes public keys, never
+    
+    private
+    
+    OpenBSD-Commit-ID: 7de7ff6d274d82febf9feb641e2415ffd6a30bfb
+
+commit c45616a199c322ca674315de88e788f1d2596e26
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 22 11:00:15 2019 +0000
+
+    upstream: mention the new vs. old key formats in the introduction
+    
+    and give some hints on how keys may be converted or written in the old
+    format.
+    
+    OpenBSD-Commit-ID: 9c90a9f92eddc249e07fad1204d0e15c8aa13823
+
+commit fd8eb1383a34c986a00ef13d745ae9bd3ea21760
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Jan 22 06:58:31 2019 +0000
+
+    upstream: tweak previous;
+    
+    OpenBSD-Commit-ID: d2a80e389da8e7ed71978643d8cbaa8605b597a8
+
+commit 68e924d5473c00057f8532af57741d258c478223
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Mon Jan 21 23:55:12 2019 +0000
+
+    upstream: Forgot to add -J to the synopsis.
+    
+    OpenBSD-Commit-ID: 26d95e409a0b72526526fc56ca1caca5cc3d3c5e
+
+commit 622dedf1a884f2927a9121e672bd9955e12ba108
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Mon Jan 21 22:50:42 2019 +0000
+
+    upstream: Add a -J option as a shortcut for -o Proxyjump= to scp(1)
+    
+    and sftp(1) to match ssh(1)'s interface.
+    
+    ok djm
+    
+    OpenBSD-Commit-ID: a75bc2d5f329caa7229a7e9fe346c4f41c2663fc
+
+commit c882d74652800150d538e22c80dd2bd3cdd5fae2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Jan 22 20:38:40 2019 +1100
+
+    Allow building against OpenSSL dev (3.x) version.
+
+commit d5520393572eb24aa0e001a1c61f49b104396e45
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Jan 22 10:50:40 2019 +1100
+
+    typo
+
+commit 2de9cec54230998ab10161576f77860a2559ccb7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Jan 22 10:49:52 2019 +1100
+
+    add missing header
+
+commit 533cfb01e49a2a30354e191669dc3159e03e99a7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 22:18:24 2019 +0000
+
+    upstream: switch sntrup implementation source from supercop to
+    
+    libpqcrypto; the latter is almost identical but doesn't rely on signed
+    underflow to implement an optimised integer sort; from markus@
+    
+    OpenBSD-Commit-ID: cd09bbf0e0fcef1bedca69fdf7990dc360567cf8
+
+commit d50ab3cd6fb859888a26b4d4e333239b4f6bf573
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Jan 22 00:02:23 2019 +1100
+
+    new files need includes.h
+
+commit c7670b091a7174760d619ef6738b4f26b2093301
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 12:53:35 2019 +0000
+
+    upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up
+    
+    debug verbosity.
+    
+    Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run
+    in debug mode ("ssh-agent -d"), so we get to see errors from the
+    PKCS#11 code.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d
+
+commit 49d8c8e214d39acf752903566b105d06c565442a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 12:50:12 2019 +0000
+
+    upstream: adapt to changes in KEX APIs and file removals
+    
+    OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca
+
+commit 35ecc53a83f8e8baab2e37549addfd05c73c30f1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 12:35:20 2019 +0000
+
+    upstream: adapt to changes in KEX API and file removals
+    
+    OpenBSD-Regress-ID: 92cad022d3b0d11e08f3e0055d6a14b8f994c0d7
+
+commit 7d69aae64c35868cc4f644583ab973113a79480e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 12:29:35 2019 +0000
+
+    upstream: adapt to bignum1 API removal and bignum2 API change
+    
+    OpenBSD-Regress-ID: cea6ff270f3d560de86b355a87a2c95b55a5ca63
+
+commit beab553f0a9578ef9bffe28b2c779725e77b39ec
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 09:13:41 2019 +0000
+
+    upstream: remove hack to use non-system libcrypto
+    
+    OpenBSD-Regress-ID: ce72487327eee4dfae1ab0212a1f33871fe0809f
+
+commit 4dc06bd57996f1a46b4c3bababe0d09bc89098f7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 23:14:04 2019 +1100
+
+    depend
+
+commit 70edd73edc4df54e5eee50cd27c25427b34612f8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 12:08:13 2019 +0000
+
+    upstream: fix reversed arguments to kex_load_hostkey(); manifested as
+    
+    errors in cert-hostkey.sh regress failures.
+    
+    OpenBSD-Commit-ID: 12dab63850b844f84d5a67e86d9e21a42fba93ba
+
+commit f1185abbf0c9108e639297addc77f8757ee00eb3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 11:22:00 2019 +0000
+
+    upstream: forgot to cvs add this file in previous series of commits;
+    
+    grrr
+    
+    OpenBSD-Commit-ID: bcff316c3e7da8fd15333e05d244442c3aaa66b0
+
+commit 7bef390b625bdc080f0fd4499ef03cef60fca4fa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:44:21 2019 +0000
+
+    upstream: nothing shall escape this purge
+    
+    OpenBSD-Commit-ID: 4795b0ff142b45448f7e15f3c2f77a947191b217
+
+commit aaca72d6f1279b842066e07bff797019efeb2c23
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:40:11 2019 +0000
+
+    upstream: rename kex->kem_client_pub -> kex->client_pub now that
+    
+    KEM has been renamed to kexgen
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
+
+commit 70867e1ca2eb08bbd494fe9c568df4fd3b35b867
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:38:54 2019 +0000
+
+    upstream: merge kexkem[cs] into kexgen
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 87d886b7f1812ff9355fda1435f6ea9b71a0ac89
+
+commit 71e67fff946396caa110a7964da23480757258ff
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:35:09 2019 +0000
+
+    upstream: pass values used in KEX hash computation as sshbuf
+    
+    rather than pointer+len
+    
+    suggested by me; implemented by markus@ ok me
+    
+    OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
+
+commit 4b83e2a2cc0c12e671a77eaba1c1245894f4e884
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:33:49 2019 +0000
+
+    upstream: remove kex_derive_keys_bn wrapper; no unused since the
+    
+    DH-like KEX methods have moved to KEM
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: bde9809103832f349545e4f5bb733d316db9a060
+
+commit 92dda34e373832f34a1944e5d9ebbebb184dedc1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:29:56 2019 +0000
+
+    upstream: use KEM API for vanilla ECDH
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
+
+commit b72357217cbe510a3ae155307a7be6b9181f1d1b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 23:11:21 2019 +1100
+
+    fixup missing ssherr.h
+
+commit 9c9c97e14fe190931f341876ad98213e1e1dc19f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:28:01 2019 +0000
+
+    upstream: use KEM API for vanilla DH KEX
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
+
+commit 2f6a9ddbbf6ca8623c53c323ff17fb6d68d66970
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:24:09 2019 +0000
+
+    upstream: use KEM API for vanilla c25519 KEX
+    
+    OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
+
+commit dfd591618cdf2c96727ac0eb65f89cf54af0d97e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:20:12 2019 +0000
+
+    upstream: Add support for a PQC KEX/KEM:
+    
+    sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
+    4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
+    enabled by default.
+    
+    introduce KEM API; a simplified framework for DH-ish KEX methods.
+    
+    from markus@ feedback & ok djm@
+    
+    OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
+
+commit b1b2ff4ed559051d1035419f8f236275fa66d5d6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:07:22 2019 +0000
+
+    upstream: factor out kex_verify_hostkey() - again, duplicated
+    
+    almost exactly across client and server for several KEX methods.
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 4e4a16d949dadde002a0aacf6d280a684e20829c
+
+commit bb39bafb6dc520cc097780f4611a52da7f19c3e2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:05:09 2019 +0000
+
+    upstream: factor out kex_load_hostkey() - this is duplicated in
+    
+    both the client and server implementations for most KEX methods.
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 8232fa7c21fbfbcaf838313b0c166dc6c8762f3c
+
+commit dec5e9d33891e3bc3f1395d7db0e56fdc7f86dfc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:03:37 2019 +0000
+
+    upstream: factor out kex_dh_compute_key() - it's shared between
+    
+    plain DH KEX and DH GEX in both the client and server implementations
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 12186e18791fffcd4642c82e7e0cfdd7ea37e2ec
+
+commit e93bd98eab79b9a78f64ee8dd4dffc4d3979c7ae
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 10:00:23 2019 +0000
+
+    upstream: factor out DH keygen; it's identical between the client
+    
+    and the server
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 2be57f6a0d44f1ab2c8de2b1b5d6f530c387fae9
+
+commit 5ae3f6d314465026d028af82609c1d49ad197655
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 09:55:52 2019 +0000
+
+    upstream: save the derived session id in kex_derive_keys() rather
+    
+    than making each kex method implementation do it.
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: d61ade9c8d1e13f665f8663c552abff8c8a30673
+
+commit 7be8572b32a15d5c3dba897f252e2e04e991c307
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 09:54:11 2019 +0000
+
+    upstream: Make sshpkt_get_bignum2() allocate the bignum it is
+    
+    parsing rather than make the caller do it. Saves a lot of boilerplate code.
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 576bf784f9a240f5a1401f7005364e59aed3bce9
+
+commit 803178bd5da7e72be94ba5b4c4c196d4b542da4d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 09:52:25 2019 +0000
+
+    upstream: remove obsolete (SSH v.1) sshbuf_get/put_bignum1
+    
+    functions
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 0380b1b2d9de063de3c5a097481a622e6a04943e
+
+commit f3ebaffd8714be31d4345f90af64992de4b3bba2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 09:49:37 2019 +0000
+
+    upstream: fix all-zero check in kexc25519_shared_key
+    
+    from markus@ ok djm@
+    
+    OpenBSD-Commit-ID: 60b1d364e0d9d34d1d1ef1620cb92e36cf06712d
+
+commit 9d1a9771d0ad3a83af733bf3d2650b53f43c269f
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Jan 21 07:09:10 2019 +0000
+
+    upstream: - -T was added to the first synopsis by mistake - since
+    
+    "..." denotes optional, no need to surround it in []
+    
+    ok djm
+    
+    OpenBSD-Commit-ID: 918f6d8eed4e0d8d9ef5eadae1b8983d796f0e25
+
+commit 2f0bad2bf85391dbb41315ab55032ec522660617
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jan 21 21:28:27 2019 +1100
+
+    Make --with-rpath take a flag instead of yes/no.
+    
+    Linkers need various flags for -rpath and similar, so make --with-rpath
+    take an optional flag argument which is passed to the linker.  ok djm@
+
+commit 23490a6c970ea1d03581a3b4208f2eb7a675f453
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 15:05:43 2019 +1100
+
+    fix previous test
+
+commit b6dd3277f2c49f9584a2097bc792e8f480397e87
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jan 21 13:50:17 2019 +1100
+
+    Wrap ECC static globals in EC_KEY_METHOD_NEW too.
+
+commit b2eb9db35b7191613f2f4b934d57b25938bb34b3
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 12:53:40 2019 +1100
+
+    pass TEST_SSH_SSHPKCS11HELPER to regress tests
+
+commit ba58a529f45b3dae2db68607d8c54ae96e90e705
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 12:31:29 2019 +1100
+
+    make agent-pkcs11 search harder for softhsm2.so
+
+commit 662be40c62339ab645113c930ce689466f028938
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 02:05:38 2019 +0000
+
+    upstream: always print the caller's error message in ossl_error(),
+    
+    even when there are no libcrypto errors to report.
+    
+    OpenBSD-Commit-ID: 09ebaa8f706e0eccedd209775baa1eee2ada806a
+
+commit ce46c3a077dfb4c531ccffcfff03f37775725b75
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 02:01:03 2019 +0000
+
+    upstream: get the ex_data (pkcs11_key object) back from the keys at
+    
+    the index at which it was inserted, rather than assuming index 0
+    
+    OpenBSD-Commit-ID: 1f3a6ce0346c8014e895e50423bef16401510aa8
+
+commit 0a5f2ea35626022299ece3c8817a1abe8cf37b3e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 01:05:00 2019 +0000
+
+    upstream: GSSAPI code got missed when converting to new packet API
+    
+    OpenBSD-Commit-ID: 37e4f06ab4a0f4214430ff462ba91acba28b7851
+
+commit 2efcf812b4c1555ca3aff744820a3b3bccd68298
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 11:57:21 2019 +1100
+
+    Fix -Wunused when compiling PKCS#11 without ECDSA
+
+commit 3c0c657ed7cd335fc05c0852d88232ca7e92a5d9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:26:44 2019 +0000
+
+    upstream: allow override of ssh-pkcs11-helper binary via
+    
+    $TEST_SSH_SSHPKCS11HELPER from markus@
+    
+    OpenBSD-Regress-ID: 7382a3d76746f5a792d106912a5819fd5e49e469
+
+commit 760ae37b4505453c6fa4faf1aa39a8671ab053af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:25:25 2019 +0000
+
+    upstream: adapt agent-pkcs11.sh test to softhsm2 and add support
+    
+    for ECDSA keys
+    
+    work by markus@, ok djm@
+    
+    OpenBSD-Regress-ID: 1ebc2be0e88eff1b6d8be2f9c00cdc60723509fe
+
+commit b2ce8b31a1f974a13e6d12e0a0c132b50bc45115
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:24:19 2019 +0000
+
+    upstream: add "extra:" target to run some extra tests that are not
+    
+    enabled by default (currently includes agent-pkcs11.sh); from markus@
+    
+    OpenBSD-Regress-ID: 9a969e1adcd117fea174d368dcb9c61eb50a2a3c
+
+commit 632976418d60b7193597bbc6ac7ca33981a41aab
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 21 00:47:34 2019 +0000
+
+    upstream: use ECDSA_SIG_set0() instead of poking signature values into
+    
+    structure directly; the latter works on LibreSSL but not on OpenSSL. From
+    portable.
+    
+    OpenBSD-Commit-ID: 5b22a1919d9cee907d3f8a029167f70a481891c6
+
+commit 5de6ac2bad11175135d9b819b3546db0ca0b4878
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 11:44:19 2019 +1100
+
+    remove HAVE_DLOPEN that snuck in
+    
+    portable doesn't use this
+
+commit e2cb445d786f7572da2af93e3433308eaed1093a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jan 21 11:32:28 2019 +1100
+
+    conditionalise ECDSA PKCS#11 support
+    
+    Require EC_KEY_METHOD support in libcrypto, evidenced by presence
+    of EC_KEY_METHOD_new() function.
+
+commit fcb1b0937182d0137a3c357c89735d0dc5869d54
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:12:35 2019 +0000
+
+    upstream: we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHOD
+    
+    now, so there is no need to keep a copy of each in the pkcs11_key object.
+    
+    work by markus@, ok djm@
+    
+    OpenBSD-Commit-ID: 43b4856516e45c0595f17a8e95b2daee05f12faa
+
+commit 6529409e85890cd6df7e5e81d04e393b1d2e4b0b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:11:11 2019 +0000
+
+    upstream: KNF previous; from markus@
+    
+    OpenBSD-Commit-ID: 3dfe35e25b310c3968b1e4e53a0cb1d03bda5395
+
+commit 58622a8c82f4e2aad630580543f51ba537c1f39e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:10:33 2019 +0000
+
+    upstream: use OpenSSL's RSA reference counting hooks to
+    
+    implicitly clean up pkcs11_key objects when their owning RSA object's
+    reference count drops to zero. Simplifies the cleanup path and makes it more
+    like ECDSA's
+    
+    work by markus@, ok djm@
+    
+    OpenBSD-Commit-ID: 74b9c98f405cd78f7148e9e4a4982336cd3df25c
+
+commit f118542fc82a3b3ab0360955b33bc5a271ea709f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:08:24 2019 +0000
+
+    upstream: make the PKCS#11 RSA code more like the new PKCS#11
+    
+    ECDSA code: use a single custom RSA_METHOD instead of a method per key
+    
+    suggested by me, but markus@ did all the work.
+    ok djm@
+    
+    OpenBSD-Commit-ID: 8aafcebe923dc742fc5537a995cee549d07e4b2e
+
+commit 445cfce49dfc904c6b8ab25afa2f43130296c1a5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:05:52 2019 +0000
+
+    upstream: fix leak of ECDSA pkcs11_key objects
+    
+    work by markus, ok djm@
+    
+    OpenBSD-Commit-ID: 9fc0c4f1d640aaa5f19b8d70f37ea19b8ad284a1
+
+commit 8a2467583f0b5760787273796ec929190c3f16ee
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:03:26 2019 +0000
+
+    upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access of
+    
+    EC_KEY internals as that won't work on OpenSSL
+    
+    work by markus@, feedback and ok djm@
+    
+    OpenBSD-Commit-ID: 4a99cdb89fbd6f5155ef8c521c99dc66e2612700
+
+commit 24757c1ae309324e98d50e5935478655be04e549
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:01:59 2019 +0000
+
+    upstream: cleanup PKCS#11 ECDSA pubkey loading: the returned
+    
+    object should never have a DER header
+    
+    work by markus; feedback and ok djm@
+    
+    OpenBSD-Commit-ID: b617fa585eddbbf0b1245b58b7a3c4b8d613db17
+
+commit 749aef30321595435ddacef2f31d7a8f2b289309
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 23:00:12 2019 +0000
+
+    upstream: cleanup unnecessary code in ECDSA pkcs#11 signature
+    
+    work by markus@, feedback and ok djm@
+    
+    OpenBSD-Commit-ID: affa5ca7d58d59fbd16169f77771dcdbd2b0306d
+
+commit 0c50992af49b562970dd0ba3f8f151f1119e260e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 22:57:45 2019 +0000
+
+    upstream: cleanup pkcs#11 client code: use sshkey_new in instead
+    
+    of stack- allocating a sshkey
+    
+    work by markus@, ok djm@
+    
+    OpenBSD-Commit-ID: a048eb6ec8aa7fa97330af927022c0da77521f91
+
+commit 854bd8674ee5074a239f7cadf757d55454802e41
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 22:54:30 2019 +0000
+
+    upstream: allow override of the pkcs#11 helper binary via
+    
+    $SSH_PKCS11_HELPER; needed for regress tests.
+    
+    work by markus@, ok me
+    
+    OpenBSD-Commit-ID: f78d8185500bd7c37aeaf7bd27336db62f0f7a83
+
+commit 93f02107f44d63a016d8c23ebd2ca9205c495c48
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 22:51:37 2019 +0000
+
+    upstream: add support for ECDSA keys in PKCS#11 tokens
+    
+    Work by markus@ and Pedro Martelletto, feedback and ok me@
+    
+    OpenBSD-Commit-ID: a37d651e221341376636056512bddfc16efb4424
+
+commit aa22c20e0c36c2fc610cfcc793b0d14079c38814
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jan 20 22:03:29 2019 +0000
+
+    upstream: add option to test whether keys in an agent are usable,
+    
+    by performing a signature and a verification using each key "ssh-add -T
+    pubkey [...]"
+    
+    work by markus@, ok djm@
+    
+    OpenBSD-Commit-ID: 931b888a600b6a883f65375bd5f73a4776c6d19b
+
+commit a36b0b14a12971086034d53c0c3dfbad07665abe
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Sun Jan 20 02:01:59 2019 +0000
+
+    upstream: Fix BN_is_prime_* calls in SSH, the API returns -1 on
+    
+    error.
+    
+    Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd
+    by David Benjamin.
+    
+    ok djm, dtucker
+    
+    OpenBSD-Commit-ID: 1ee832be3c44b1337f76b8562ec6d203f3b072f8
+
+commit ec4776bb01dd8d61fddc7d2a31ab10bf3d3d829a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jan 20 01:12:40 2019 +0000
+
+    upstream: DH-GEX min value is now specified in RFC8270. ok djm@
+    
+    OpenBSD-Commit-ID: 1229d0feb1d0ecefe05bf67a17578b263e991acc
+
+commit c90a7928c4191303e76a8c58b9008d464287ae1b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Jan 21 09:22:36 2019 +1100
+
+    Check for cc before gcc.
+    
+    If cc is something other than gcc and is the system compiler prefer using
+    that, unless otherwise told via $CC.  ok djm@
+
+commit 9b655dc9c9a353f0a527f0c6c43a5e35653c9503
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jan 20 14:55:27 2019 +1100
+
+    last bits of old packet API / active_state global
+
+commit 3f0786bbe73609ac96e5a0d91425ee21129f8e04
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jan 20 10:22:18 2019 +1100
+
+    remove PAM dependencies on old packet API
+    
+    Requires some caching of values, because the PAM code isn't
+    always called with packet context.
+
+commit 08f66d9f17e12c1140d1f1cf5c4dce67e915d3cc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jan 20 09:58:45 2019 +1100
+
+    remove vestiges of old packet API from loginrec.c
+
+commit c327813ea1d740e3e367109c17873815aba1328e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jan 20 09:45:38 2019 +1100
+
+    depend
+
+commit 135e302cfdbe91817294317c337cc38c3ff01cba
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 22:30:52 2019 +0000
+
+    upstream: fix error in refactor: use ssh_packet_disconnect() instead of
+    
+    sshpkt_error(). The first one logs the error and exits (what we want) instead
+    of just logging and blundering on.
+    
+    OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
+
+commit 245c6a0b220b58686ee35bc5fc1c359e9be2faaa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:45:31 2019 +0000
+
+    upstream: remove last traces of old packet API!
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 9bd10437026423eb8245636ad34797a20fbafd7d
+
+commit 04c091fc199f17dacf8921df0a06634b454e2722
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:43:56 2019 +0000
+
+    upstream: remove last references to active_state
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
+
+commit ec00f918b8ad90295044266c433340a8adc93452
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:43:07 2019 +0000
+
+    upstream: convert monitor.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5
+
+commit 6350e0316981489d4205952d6904d6fedba5bfe0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:42:30 2019 +0000
+
+    upstream: convert sshd.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891
+
+commit a5e2ad88acff2b7d131ee6d5dc5d339b0f8c6a6d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:41:53 2019 +0000
+
+    upstream: convert session.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
+
+commit 3a00a921590d4c4b7e96df11bb10e6f9253ad45e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:41:18 2019 +0000
+
+    upstream: convert auth.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
+
+commit 7ec5cb4d15ed2f2c5c9f5d00e6b361d136fc1e2d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:40:48 2019 +0000
+
+    upstream: convert serverloop.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885
+
+commit 64c9598ac05332d1327cbf55334dee4172d216c4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:40:21 2019 +0000
+
+    upstream: convert the remainder of sshconnect2.c to new packet
+    
+    API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71
+
+commit bc5e1169d101d16e3a5962a928db2bc49a8ef5a3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:39:12 2019 +0000
+
+    upstream: convert the remainder of clientloop.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e
+
+commit 5ebce136a6105f084db8f0d7ee41981d42daec40
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jan 20 09:44:53 2019 +1100
+
+    upstream: convert auth2.c to new packet API
+    
+    OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999
+
+commit 172a592a53ebe8649c4ac0d7946e6c08eb151af6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:37:48 2019 +0000
+
+    upstream: convert servconf.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4
+
+commit 8cc7a679d29cf6ecccfa08191e688c7f81ef95c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:37:13 2019 +0000
+
+    upstream: convert channels.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 0b8279b56113cbd4011fc91315c0796b63dc862c
+
+commit 06232038c794c7dfcb087be0ab0b3e65b09fd396
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:36:38 2019 +0000
+
+    upstream: convert sshconnect.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 222337cf6c96c347f1022d976fac74b4257c061f
+
+commit 25b2ed667216314471bb66752442c55b95792dc3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:36:06 2019 +0000
+
+    upstream: convert ssh.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21
+
+commit e3128b38623eef2fa8d6e7ae934d3bd08c7e973e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:35:25 2019 +0000
+
+    upstream: convert mux.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 4e3893937bae66416e984b282d8f0f800aafd802
+
+commit ed1df7226caf3a943a36d580d4d4e9275f8a61ee
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:34:45 2019 +0000
+
+    upstream: convert sshconnect2.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 1cb869e0d6e03539f943235641ea070cae2ebc58
+
+commit 23f22a4aaa923c61ec49a99ebaa383656e87fa40
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:33:57 2019 +0000
+
+    upstream: convert clientloop.c to new packet API
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 497b36500191f452a22abf283aa8d4a9abaee7fa
+
+commit ad60b1179c9682ca5aef0b346f99ef68cbbbc4e5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:33:13 2019 +0000
+
+    upstream: allow sshpkt_fatal() to take a varargs format; we'll
+    
+    use this to give packet-related fatal error messages more context (esp. the
+    remote endpoint) ok markus@
+    
+    OpenBSD-Commit-ID: de57211f9543426b515a8a10a4f481666b2b2a50
+
+commit 0fa174ebe129f3d0aeaf4e2d1dd8de745870d0ff
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jan 19 21:31:32 2019 +0000
+
+    upstream: begin landing remaining refactoring of packet parsing
+    
+    API, started almost exactly six years ago.
+    
+    This change stops including the old packet_* API by default and makes
+    each file that requires the old API include it explicitly. We will
+    commit file-by-file refactoring to remove the old API in consistent
+    steps.
+    
+    with & ok markus@
+    
+    OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
+
+commit 4ae7f80dfd02f2bde912a67c9f338f61e90fa79f
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Sat Jan 19 04:15:56 2019 +0000
+
+    upstream: Print an \r in front of the password prompt so parts of
+    
+    a password that was entered too early are likely clobbered by the prompt.
+    Idea from doas.
+    
+    from and ok djm
+    "i like it" deraadt
+    
+    OpenBSD-Commit-ID: 5fb97c68df6d8b09ab37f77bca1d84d799c4084e
+
+commit a6258e5dc314c7d504ac9f0fbc3be96475581dbe
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jan 18 11:09:01 2019 +1100
+
+    Add minimal fchownat and fchmodat implementations.
+    
+    Fixes builds on at least OS X Lion, NetBSD 6 and Solaris 10.
+
+commit 091093d25802b87d3b2b09f2c88d9f33e1ae5562
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Jan 18 12:11:42 2019 +1300
+
+    Add a minimal implementation of utimensat().
+    
+    Some systems (eg older OS X) do not have utimensat, so provide minimal
+    implementation in compat layer.  Fixes build on at least El Capitan.
+
+commit 609644027dde1f82213699cb6599e584c7efcb75
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 1 22:20:16 2019 +0000
+
+    upstream: regress bits for banner processing refactor (this test was
+    
+    depending on ssh returning a particular error message for banner parsing
+    failure)
+    
+    reminded by bluhm@
+    
+    OpenBSD-Regress-ID: f24fc303d40931157431df589b386abf5e1be575
+
+commit f47d72ddad75b93d3cbc781718b0fa9046c03df8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 17 04:45:09 2019 +0000
+
+    upstream: tun_fwd_ifnames variable should b
+    
+    =?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?=
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
+    
+    OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
+
+commit 943d0965263cae1c080ce5a9d0b5aa341885e55d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 17 04:20:53 2019 +0000
+
+    upstream: include time.h for time(3)/nanosleep(2); from Ian
+    
+    McKellar
+    
+    OpenBSD-Commit-ID: 6412ccd06a88f65b207a1089345f51fa1244ea51
+
+commit dbb4dec6d5d671b5e9d67ef02162a610ad052068
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jan 17 01:50:24 2019 +0000
+
+    upstream: many of the global variables in this file can be made static;
+    
+    patch from Markus Schmidt
+    
+    OpenBSD-Commit-ID: f3db619f67beb53257b21bac0e92b4fb7d5d5737
+
+commit 60d8c84e0887514c99c9ce071965fafaa1c3d34a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 16 23:23:45 2019 +0000
+
+    upstream: Add "-h" flag to sftp chown/chgrp/chmod commands to
+    
+    request they do not follow symlinks. Requires recently-committed
+    lsetstat@openssh.com extension on the server side.
+    
+    ok markus@ dtucker@
+    
+    OpenBSD-Commit-ID: f93bb3f6f7eb2fb7ef1e59126e72714f1626d604
+
+commit dbbc7e0eab7262f34b8e0cd6efecd1c77b905ed0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 16 23:22:10 2019 +0000
+
+    upstream: add support for a "lsetstat@openssh.com" extension. This
+    
+    replicates the functionality of the existing SSH2_FXP_SETSTAT operation but
+    does not follow symlinks. Based on a patch from Bert Haverkamp in bz#2067 but
+    with more attribute modifications supported.
+    
+    ok markus@ dtucker@
+    
+    OpenBSD-Commit-ID: f7234f6e90db19655d55d936a115ee4ccb6aaf80
+
+commit 4a526941d328fc3d97068c6a4cbd9b71b70fe5e1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 4 03:27:50 2019 +0000
+
+    upstream: eliminate function-static attempt counters for
+    
+    passwd/kbdint authmethods by moving them to the client authctxt; Patch from
+    Markus Schmidt, ok markus@
+    
+    OpenBSD-Commit-ID: 4df4404a5d5416eb056f68e0e2f4fa91ba3b3f7f
+
+commit 8a8183474c41bd6cebaa917346b549af2239ba2f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 4 03:23:00 2019 +0000
+
+    upstream: fix memory leak of ciphercontext when rekeying; bz#2942
+    
+    Patch from Markus Schmidt; ok markus@
+    
+    OpenBSD-Commit-ID: 7877f1b82e249986f1ef98d0ae76ce987d332bdd
+
+commit 5bed70afce0907b6217418d0655724c99b683d93
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 1 23:10:53 2019 +0000
+
+    upstream: static on global vars, const on handler tables that contain
+    
+    function pointers; from Mike Frysinger
+    
+    OpenBSD-Commit-ID: 7ef2305e50d3caa6326286db43cf2cfaf03960e0
+
+commit 007a88b48c97d092ed2f501bbdcb70d9925277be
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 27 23:02:11 2018 +0000
+
+    upstream: Request RSA-SHA2 signatures for
+    
+    rsa-sha2-{256|512}-cert-v01@openssh.com cert algorithms; ok markus@
+    
+    OpenBSD-Commit-ID: afc6f7ca216ccd821656d1c911d2a3deed685033
+
+commit eb347d086c35428c47fe52b34588cbbc9b49d9a6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 27 03:37:49 2018 +0000
+
+    upstream: ssh_packet_set_state() now frees ssh->kex implicitly, so
+    
+    don't do explicit kex_free() beforehand
+    
+    OpenBSD-Regress-ID: f2f73bad47f62a2040ccba0a72cadcb12eda49cf
+
+commit bb542f0cf6f7511a22a08c492861e256a82376a9
+Author: tedu@openbsd.org <tedu@openbsd.org>
+Date:   Sat Dec 15 00:50:21 2018 +0000
+
+    upstream: remove unused and problematic sudo clean. ok espie
+    
+    OpenBSD-Regress-ID: ca90c20a15a85b661e13e98b80c10e65cd662f7b
+
+commit 0a843d9a0e805f14653a555f5c7a8ba99d62c12d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 27 03:25:24 2018 +0000
+
+    upstream: move client/server SSH-* banners to buffers under
+    
+    ssh->kex and factor out the banner exchange. This eliminates some common code
+    from the client and server.
+    
+    Also be more strict about handling \r characters - these should only
+    be accepted immediately before \n (pointed out by Jann Horn).
+    
+    Inspired by a patch from Markus Schmidt.
+    (lots of) feedback and ok markus@
+    
+    OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
+
+commit 434b587afe41c19391821e7392005068fda76248
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Dec 7 04:36:09 2018 +0000
+
+    upstream: Fix calculation of initial bandwidth limits. Account for
+    
+    written bytes before the initial timer check so that the first buffer written
+    is accounted.  Set the threshold after which the timer is checked such that
+    the limit starts being computed as soon as possible, ie after the second
+    buffer is written.  This prevents an initial burst of traffic and provides a
+    more accurate bandwidth limit.  bz#2927, ok djm.
+    
+    OpenBSD-Commit-ID: ff3ef76e4e43040ec198c2718d5682c36b255cb6
+
+commit a6a0788cbbe8dfce2819ee43b09c80725742e21c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 7 03:39:40 2018 +0000
+
+    upstream: only consider the ext-info-c extension during the initial
+    
+    KEX. It shouldn't be sent in subsequent ones, but if it is present we should
+    ignore it.
+    
+    This prevents sshd from sending a SSH_MSG_EXT_INFO for REKEX for buggy
+    these clients. Reported by Jakub Jelen via bz2929; ok dtucker@
+    
+    OpenBSD-Commit-ID: 91564118547f7807030ec537480303e2371902f9
+
+commit 63bba57a32c5bb6158d57cf4c47022daf89c14a0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 7 03:33:18 2018 +0000
+
+    upstream: fix option letter pasto in previous
+    
+    OpenBSD-Commit-ID: e26c8bf2f2a808f3c47960e1e490d2990167ec39
+
+commit 737e4edd82406595815efadc28ed5161b8b0c01a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 7 03:32:26 2018 +0000
+
+    upstream: mention that the ssh-keygen -F (find host in
+    
+    authorized_keys) and -R (remove host from authorized_keys) options may accept
+    either a bare hostname or a [hostname]:port combo. bz#2935
+    
+    OpenBSD-Commit-ID: 5535cf4ce78375968b0d2cd7aa316fa3eb176780
+
+commit 8a22ffaa13391cfe5b40316d938fe0fb931e9296
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Dec 7 15:41:16 2018 +1100
+
+    expose $SSH_CONNECTION in the PAM environment
+    
+    This makes the connection 4-tuple available to PAM modules that
+    wish to use it in decision-making. bz#2741
+
+commit a784fa8c7a7b084d63bae82ccfea902131bb45c5
+Author: Kevin Adler <kadler@us.ibm.com>
+Date:   Wed Dec 12 22:12:45 2018 -0600
+
+    Don't pass loginmsg by address now that it's an sshbuf*
+    
+    In 120a1ec74, loginmsg was changed from the legacy Buffer type
+    to struct sshbuf*, but it missed changing calls to
+    sys_auth_allowed_user and sys_auth_record_login which passed
+    loginmsg by address. Now that it's a pointer, just pass it directly.
+    
+    This only affects AIX, unless there are out of tree users.
+
+commit 285310b897969a63ef224d39e7cc2b7316d86940
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 7 02:31:20 2018 +0000
+
+    upstream: no need to allocate channels_pre/channels_post in
+    
+    channel_init_channels() as we do it anyway in channel_handler_init() that we
+    call at the end of the function. Fix from Markus Schmidt via bz#2938
+    
+    OpenBSD-Commit-ID: 74893638af49e3734f1e33a54af1b7ea533373ed
+
+commit 87d6cf1cbc91df6815db8fe0acc7c910bc3d18e4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 30 02:24:52 2018 +0000
+
+    upstream: don't attempt to connect to empty SSH_AUTH_SOCK; bz#293
+    
+    OpenBSD-Commit-ID: 0e8fc8f19f14b21adef7109e0faa583d87c0e929
+
+commit 91b19198c3f604f5eef2c56dbe36f29478243141
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 28 06:00:38 2018 +0000
+
+    upstream: don't truncate user or host name in "user@host's
+    
+    OpenBSD-Commit-ID: e6ca01a8d58004b7f2cac0b1b7ce8f87e425e360
+
+commit dd0cf6318d9b4b3533bda1e3bc021b2cd7246b7a
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Nov 23 06:58:28 2018 +0000
+
+    upstream: tweak previous;
+    
+    OpenBSD-Commit-ID: 08f096922eb00c98251501c193ff9e83fbb5de4f
+
+commit 8a85f5458d1c802471ca899c97f89946f6666e61
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Nov 25 21:44:05 2018 +1100
+
+    Include stdio.h for FILE if needed.
+
+commit 16fb23f25454991272bfe4598cc05d20fcd25116
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Nov 25 14:05:57 2018 +1100
+
+    Reverse order of OpenSSL init functions.
+    
+    Try the new init function (OPENSSL_init_crypto) before falling back to
+    the old one (OpenSSL_add_all_algorithms).
+
+commit 98f878d2272bf8dff21f2a0265d963c29e33fed2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Nov 25 14:05:08 2018 +1100
+
+    Improve OpenSSL_add_all_algorithms check.
+    
+    OpenSSL_add_all_algorithms() may be a macro so check for that too.
+
+commit 9e34e0c59ab04514f9de9934a772283f7f372afe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 23 05:08:07 2018 +0000
+
+    upstream: add a ssh_config "Match final" predicate
+    
+    Matches in same pass as "Match canonical" but doesn't require
+    hostname canonicalisation be enabled. bz#2906 ok markus
+    
+    OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
+
+commit 4da58d58736b065b1182b563d10ad6765d811c6d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Nov 23 02:53:57 2018 +0000
+
+    upstream: Remove now-unneeded ifdef SIGINFO around handler since it is
+    
+    now always used for SIGUSR1 even when SIGINFO is not defined.  This will make
+    things simpler in -portable.
+    
+    OpenBSD-Regress-ID: 4ff0265b335820b0646d37beb93f036ded0dc43f
+
+commit c721d5877509875c8515df0215fa1dab862013bc
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 23 14:11:20 2018 +1100
+
+    Move RANDOM_SEED_SIZE outside ifdef.
+    
+    RANDOM_SEED_SIZE is used by both the OpenSSL and non-OpenSSL code
+    This fixes the build with configureed --without-openssl.
+
+commit deb51552c3ce7ce72c8d0232e4f36f2e7c118c7d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 22 19:59:28 2018 +1100
+
+    Resync with OpenBSD by pulling in an ifdef SIGINFO.
+
+commit 28c7b2cd050f4416bfcf3869a20e3ea138aa52fe
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 23 10:45:20 2018 +1100
+
+    fix configure test for OpenSSL version
+    
+    square brackets in case statements may be eaten by autoconf.
+    
+    Report and fix from Filipp Gunbin; tweaked by naddy@
+
+commit 42c5ec4b97b6a1bae70f323952d0646af16ce710
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 23 10:40:06 2018 +1100
+
+    refactor libcrypto initialisation
+    
+    Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
+    supports it.
+    
+    Move all libcrypto initialisation to a single function, and call that
+    from seed_rng() that is called early in each tool's main().
+    
+    Prompted by patch from Rosen Penev
+
+commit 5b60b6c02009547a3e2a99d4886965de2a4719da
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Nov 22 08:59:11 2018 +0000
+
+    upstream: Output info on SIGUSR1 as well as
+    
+    SIGINFO to resync with portable.  (ID sync only).
+    
+    OpenBSD-Regress-ID: 699d153e2de22dce51a1b270c40a98472d1a1b16
+
+commit e4ae345dc75b34fd870c2e8690d831d2c1088eb7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Nov 22 08:48:32 2018 +0000
+
+    upstream: Append pid to temp files in /var/run and set a cleanup
+    
+    trap for them. This allows multiple instances of tests to run without
+    colliding.
+    
+    OpenBSD-Regress-ID: 57add105ecdfc54752d8003acdd99eb68c3e0b4c
+
+commit f72d0f52effca5aa20a193217346615ecd3eed53
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Oct 31 11:09:27 2018 +0000
+
+    upstream: UsePrivilegeSeparation no is deprecated
+    
+    test "yes" and "sandbox".
+    
+    OpenBSD-Regress-ID: 80e685ed8990766527dc629b1affc09a75bfe2da
+
+commit 35d0e5fefc419bddcbe09d7fc163d8cd3417125b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Oct 17 23:28:05 2018 +0000
+
+    upstream: add some knobs:
+    
+    UNITTEST_FAST?= no     # Skip slow tests (e.g. less intensive fuzzing).
+    UNITTEST_SLOW?= no     # Include slower tests (e.g. more intensive fuzzing).
+    UNITTEST_VERBOSE?= no  # Verbose test output (inc. per-test names).
+    
+    useful if you want to run the tests as a smoke test to exercise the
+    functionality without waiting for all the fuzzers to run.
+    
+    OpenBSD-Regress-ID: e04d82ebec86068198cd903acf1c67563c57315e
+
+commit c1941293d9422a14dda372b4c21895e72aa7a063
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 22 15:52:26 2018 +1100
+
+    Resync Makefile.inc with upstream.
+    
+    It's unused in -portable, but having it out of sync makes other syncs
+    fail to apply.
+
+commit 928f1231f65f88cd4c73e6e0edd63d2cf6295d77
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Nov 19 04:12:32 2018 +0000
+
+    upstream: silence (to log level debug2) failure messages when
+    
+    loading the default hostkeys. Hostkeys explicitly specified in the
+    configuration or on the command-line are still reported as errors, and
+    failure to load at least one host key remains a fatal error.
+    MIME-Version: 1.0
+    Content-Type: text/plain; charset=UTF-8
+    Content-Transfer-Encoding: 8bit
+    
+    Based on patch from Dag-Erling Smørgrav via
+    https://github.com/openssh/openssh-portable/pull/103
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: ffc2e35a75d1008effaf05a5e27425041c27b684
+
+commit 7fca94edbe8ca9f879da9fdd2afd959c4180f4c7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Nov 18 22:43:29 2018 +0000
+
+    upstream: Fix inverted logic for redirecting ProxyCommand stderr to
+    
+    /dev/null. Fixes mosh in proxycommand mode that was broken by the previous
+    ProxyCommand change that was reported by matthieu@. ok djm@ danj@
+    
+    OpenBSD-Commit-ID: c6fc9641bc250221a0a81c6beb2e72d603f8add6
+
+commit ccef7c4faf914993b53035cd2b25ce02ab039c9d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 06:17:38 2018 +0000
+
+    upstream: redirect stderr of ProxyCommands to /dev/null when ssh is
+    
+    started with ControlPersist; based on patch from Steffen Prohaska
+    
+    OpenBSD-Commit-ID: 1bcaa14a03ae80369d31021271ec75dce2597957
+
+commit 15182fd96845a03216d7ac5a2cf31c4e77e406e3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 06:10:29 2018 +0000
+
+    upstream: make grandparent-parent-child sshbuf chains robust to
+    
+    use-after-free faults if the ancestors are freed before the descendents.
+    Nothing in OpenSSH uses this deallocation pattern. Reported by Jann Horn
+    
+    OpenBSD-Commit-ID: d93501d1d2734245aac802a252b9bb2eccdba0f2
+
+commit 2a35862e664afde774d4a72497d394fe7306ccb5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 03:26:01 2018 +0000
+
+    upstream: use path_absolute() for pathname checks; from Manoj Ampalam
+    
+    OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
+
+commit d0d1dfa55be1c5c0d77ab3096b198a64235f936d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 16 14:11:44 2018 +1100
+
+    Test for OPENSSL_init_crypto before using.
+    
+    Check for the presence of OPENSSL_init_crypto and all the flags we want
+    before trying to use it (bz#2931).
+
+commit 6010c0303a422a9c5fa8860c061bf7105eb7f8b2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 03:03:10 2018 +0000
+
+    upstream: disallow empty incoming filename or ones that refer to the
+    
+    current directory; based on report/patch from Harry Sintonen
+    
+    OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9
+
+commit aaed635e3a401cfcc4cc97f33788179c458901c3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 02:46:20 2018 +0000
+
+    upstream: fix bug in client that was keeping a redundant ssh-agent
+    
+    socket around for the life of the connection; bz#2912; reported by Simon
+    Tatham; ok dtucker@
+    
+    OpenBSD-Commit-ID: 4ded588301183d343dce3e8c5fc1398e35058478
+
+commit e76135e3007f1564427b2956c628923d8dc2f75a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 02:43:56 2018 +0000
+
+    upstream: fix bug in HostbasedAcceptedKeyTypes and
+    
+    PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types were
+    specified, then authentication would always fail for RSA keys as the monitor
+    checks only the base key (not the signature algorithm) type against
+    *AcceptedKeyTypes. bz#2746; reported by Jakub Jelen; ok dtucker
+    
+    OpenBSD-Commit-ID: 117bc3dc54578dbdb515a1d3732988cb5b00461b
+
+commit 5c1a63562cac0574c226224075b0829a50b48c9d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 16 02:30:20 2018 +0000
+
+    upstream: support a prefix of '@' to suppress echo of sftp batch
+    
+    commands; bz#2926; ok dtucker@
+    
+    OpenBSD-Commit-ID: 9d635636bc84aeae796467e059f7634de990a79d
+
+commit 90ef45f7aac33eaf55ec344e101548a01e570f29
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Tue Nov 13 07:22:45 2018 +0000
+
+    upstream: fix markup error (missing blank before delimiter); from
+    
+    Mike Frysinger <vapier at gentoo dot org>
+    
+    OpenBSD-Commit-ID: 1bc5392f795ca86318d695e0947eaf71a5a4f6d9
+
+commit 960e7c672dc106f3b759c081de3edb4d1138b36e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 9 02:57:58 2018 +0000
+
+    upstream: typo in error message; caught by Debian lintian, via
+    
+    Colin Watson
+    
+    OpenBSD-Commit-ID: bff614c7bd1f4ca491a84e9b5999f848d0d66758
+
+commit 81f1620c836e6c79c0823ba44acca605226a80f1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 9 02:56:22 2018 +0000
+
+    upstream: correct local variable name; from yawang AT microsoft.com
+    
+    OpenBSD-Commit-ID: a0c228390856a215bb66319c89cb3959d3af8c87
+
+commit 1293740e800fa2e5ccd38842a2e4970c6f3b9831
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Oct 31 11:20:05 2018 +0000
+
+    upstream: Import new moduli.
+    
+    OpenBSD-Commit-ID: c07772f58028fda683ee6abd41c73da3ff70d403
+
+commit 46925ae28e53fc9add336a4fcdb7ed4b86c3591c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 26 01:23:03 2018 +0000
+
+    upstream: mention ssh-ed25519-cert-v01@openssh.com in list of cert
+    
+    key type at start of doc
+    
+    OpenBSD-Commit-ID: b46b0149256d67f05f2d5d01e160634ed1a67324
+
+commit 8d8340e2c215155637fe19cb1a837f71b2d55f7b
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 16 13:32:13 2018 +1100
+
+    Remove fallback check for /usr/local/ssl.
+    
+    If configure could not find a working OpenSSL installation it would
+    fall back to checking in /usr/local/ssl.  This made sense back when
+    systems did not ship with OpenSSL, but most do and OpenSSL 1.1 doesn't
+    use that as a default any more.  The fallback behaviour also meant
+    that if you pointed --with-ssl-dir at a specific directory and it
+    didn't work, it would silently use either the system libs or the ones
+    in /usr/local/ssl.  If you want to use /usr/local/ssl you'll need to
+    pass configure --with-ssl-dir=/usr/local/ssl.  ok djm@
+
+commit ce93472134fb22eff73edbcd173a21ae38889331
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Nov 16 12:44:01 2018 +1100
+
+    Fix check for OpenSSL 1.0.1 exactly.
+    
+    Both INSTALL and configure.ac claim OpenSSL >= 1.0.1 is supported; fix
+    compile-time check for 1.0.1 to match.
+
+commit f2970868f86161a22b2c377057fa3891863a692a
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Nov 11 15:58:20 2018 +1100
+
+    Improve warnings in cygwin service setup.
+    
+    bz#2922, patch from vinschen at redhat.com.
+
+commit bd2d54fc1eee84bf87158a1277a50e6c8a303339
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Nov 11 15:54:54 2018 +1100
+
+    Remove hardcoded service name in cygwin setup.
+    
+    bz#2922, patch from Christian.Lupien at USherbrooke.ca, sanity check
+    by vinschen at redhat.com.
+
+commit d0153c77bf7964e694f1d26c56c41a571b8e9466
+Author: Dag-Erling Smørgrav <des@des.no>
+Date:   Tue Oct 9 23:03:40 2018 +0200
+
+    AC_CHECK_SIZEOF() no longer needs a second argument.
+
+commit 9b47b083ca9d866249ada9f02dbd57c87b13806e
+Author: Manoj Ampalam <manojamp@microsoft.com>
+Date:   Thu Nov 8 22:41:59 2018 -0800
+
+    Fix error message w/out nistp521.
+    
+    Correct error message when OpenSSL doesn't support certain ECDSA key
+    lengths.
+
+commit 624d19ac2d56fa86a22417c35536caceb3be346f
+Author: Eneas U de Queiroz <cote2004-github@yahoo.com>
+Date:   Tue Oct 9 16:17:42 2018 -0300
+
+    fix compilation with openssl built without ECC
+    
+    ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be
+    guarded by OPENSSL_HAS_ECC
+    
+    Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
+
+commit 1801cd11d99d05a66ab5248c0555f55909a355ce
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Nov 8 15:03:11 2018 +1100
+
+    Simplify OpenSSL 1.1 function checks.
+    
+    Replace AC_SEARCH_LIBS checks for OpenSSL 1.1 functions with a single
+    AC_CHECK_FUNCS.  ok djm@
+
+commit bc32f118d484e4d71d2a0828fd4eab7e4176c9af
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Nov 5 17:31:24 2018 +1100
+
+    Fix pasto for HAVE_EVP_CIPHER_CTX_SET_IV.
+    
+    Prevents unnecessary redefinition.  Patch from mforney at mforney.org.
+
+commit 3719df60c66abc4b47200d41f571d67772f293ba
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Wed Oct 31 22:21:03 2018 +1100
+
+    Import new moduli.
+
+commit 595605d4abede475339d6a1f07a8cc674c11d1c3
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Oct 28 15:18:13 2018 +1100
+
+    Update check for minimum OpenSSL version.
+
+commit 6ab75aba340d827140d7ba719787aabaf39a0355
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Oct 28 15:16:31 2018 +1100
+
+    Update required OpenSSL versions to match current.
+
+commit c801b0e38eae99427f37869370151b78f8e15c5d
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sun Oct 28 14:34:12 2018 +1100
+
+    Use detected version functions in openssl compat.
+    
+    Use detected functions in compat layer instead of guessing based on
+    versions.  Really fixes builds with LibreSSL, not just configure.
+
+commit 262d81a259d4aa1507c709ec9d5caa21c7740722
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Oct 27 16:45:59 2018 +1100
+
+    Check for the existence of openssl version funcs.
+    
+    Check for the existence of openssl version functions and use the ones
+    detected instead of trying to guess based on the int32 version
+    identifier.  Fixes builds with LibreSSL.
+
+commit 406a24b25d6a2bdd70cacd16de7e899dcb2a8829
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 26 13:43:28 2018 +1100
+
+    fix builds on OpenSSL <= 1.0.x
+    
+    I thought OpenSSL 1.0.x offered the new-style OpenSSL_version_num() API
+    to obtain version number, but they don't.
+
+commit 859754bdeb41373d372e36b5dc89c547453addb3
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Oct 23 17:10:41 2018 +1100
+
+    remove remaining references to SSLeay
+    
+    Prompted by Rosen Penev
+
+commit b9fea45a68946c8dfeace72ad1f6657c18f2a98a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Oct 23 17:10:35 2018 +1100
+
+    regen depend
+
+commit a65784c9f9c5d00cf1a0e235090170abc8d07c73
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 23 05:56:35 2018 +0000
+
+    upstream: refer to OpenSSL not SSLeay;
+    
+    we're old, but we don't have to act it
+    
+    OpenBSD-Commit-ID: 9ca38d11f8ed19e61a55108d1e892d696cee08ec
+
+commit c0a35265907533be10ca151ac797f34ae0d68969
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Oct 22 11:22:50 2018 +1100
+
+    fix compile for openssl 1.0.x w/ --with-ssl-engine
+    
+    bz#2921, patch from cotequeiroz
+
+commit 31b49525168245abe16ad49d7b7f519786b53a38
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Mon Oct 22 20:05:18 2018 +1100
+
+    Include openssl compatibility.
+    
+    Patch from rosenp at gmail.com via openssh-unix-dev.
+
+commit a4fc253f5f44f0e4c47aafe2a17d2c46481d3c04
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 19 03:12:42 2018 +0000
+
+    upstream: when printing certificate contents "ssh-keygen -Lf
+    
+    /path/certificate", include the algorithm that the CA used to sign the cert.
+    
+    OpenBSD-Commit-ID: 1ea20b5048a851a7a0758dcb9777a211a2c0dddd
+
+commit 83b3d99d2b47321b7ebb8db6f6ea04f3808bc069
+Author: florian@openbsd.org <florian@openbsd.org>
+Date:   Mon Oct 15 11:28:50 2018 +0000
+
+    upstream: struct sockaddr_storage is guaranteed to be large enough,
+    
+    no need to check the size. OK kn, deraadt
+    
+    OpenBSD-Commit-ID: 0aa56e92eb49c79f495b31a5093109ec5841f439
+
 commit aede1c34243a6f7feae2fb2cb686ade5f9be6f3d
 Author: Damien Miller <djm@mindrot.org>
 Date:   Wed Oct 17 11:01:20 2018 +1100
@@ -7741,1966 +10340,3 @@ Date:   Mon Apr 17 11:02:31 2017 +0000
     -Wpointer-sign and -Wold-style-definition.
     
     Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a
-
-commit 4d827f0d75a53d3952288ab882efbddea7ffadfe
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Apr 4 00:24:56 2017 +0000
-
-    upstream commit
-    
-    disallow creation (of empty files) in read-only mode;
-    reported by Michal Zalewski, feedback & ok deraadt@
-    
-    Upstream-ID: 5d9c8f2fa8511d4ecf95322994ffe73e9283899b
-
-commit ef47843af0a904a21c920e619c5aec97b65dd9ac
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Sun Mar 26 00:18:52 2017 +0000
-
-    upstream commit
-    
-    incorrect renditions of this quote bother me
-    
-    Upstream-ID: 1662be3ebb7a71d543da088119c31d4d463a9e49
-
-commit d9048861bea842c4eba9c2dbbf97064cc2a5ef02
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Mar 31 11:04:43 2017 +1100
-
-    Check for and use gcc's -pipe.
-    
-    Speeds up configure and build by a couple of percent.  ok djm@
-
-commit 282cad2240c4fbc104c2f2df86d688192cbbe4bb
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 16:34:44 2017 +1100
-
-    Import fmt_scaled.c rev 1.16 from OpenBSD.
-    
-    Fix overly-conservative overflow checks on mulitplications and add checks
-    on additions.  This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN
-    will still be flagged as a range error).  ok millert@
-
-commit c73a229e4edf98920f395e19fd310684fc6bb951
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 16:34:02 2017 +1100
-
-    Import fmt_scaled.c rev 1.15 from OpenBSD.
-    
-    Collapse underflow and overflow checks into a single block.
-    ok djm@ millert@
-
-commit d427b73bf5a564f663d16546dbcbd84ba8b9d4af
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 16:32:57 2017 +1100
-
-    Import fmt_scaled.c rev 1.14 from OpenBSD.
-    
-    Catch integer underflow in scan_scaled reported by Nicolas Iooss.
-    ok deraadt@ djm@
-
-commit d13281f2964abc5f2e535e1613c77fc61b0c53e7
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 12:39:39 2017 +1100
-
-    Don't check privsep user or path when unprivileged
-    
-    If running with privsep (mandatory now) as a non-privileged user, we
-    don't chroot or change to an unprivileged user however we still checked
-    the existence of the user and directory.  Don't do those checks if we're
-    not going to use them.  Based in part on a patch from Lionel Fourquaux
-    via Corinna Vinschen, ok djm@
-
-commit f2742a481fe151e493765a3fbdef200df2ea7037
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 10:50:31 2017 +1100
-
-    Remove SHA256 EVP wrapper implementation.
-    
-    All supported versions of OpenSSL should now have SHA256 so remove our
-    EVP wrapper implementaion.  ok djm@
-
-commit 5346f271fc76549caf4a8e65b5fba319be422fe9
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 10:23:58 2017 +1100
-
-    Remove check for OpenSSL < 0.9.8g.
-    
-    We no longer support OpenSSL < 1.0.1 so remove check for unreliable ECC
-    in OpenSSL < 0.9.8g.
-
-commit 8fed0a5fe7b4e78a6810b133d8e91be9742ee0a1
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 10:16:15 2017 +1100
-
-    Remove compat code for OpenSSL < 0.9.7.
-    
-    Resyncs that code with OpenBSD upstream.
-
-commit 608ec1f62ff22fdccc3952e51463d79c43cbd0d3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Mar 29 09:50:54 2017 +1100
-
-    Remove SSHv1 code path.
-    
-    Server-side support for Protocol 1 has been removed so remove !compat20
-    PAM code path.
-
-commit 7af27bf538cbc493d609753f9a6d43168d438f1b
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Mar 24 09:44:56 2017 +1100
-
-    Enable ldns when using ldns-config.
-    
-    Actually enable ldns when attempting to use ldns-config.  bz#2697, patch
-    from fredrik at fornwall.net.
-
-commit 58b8cfa2a062b72139d7229ae8de567f55776f24
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Mar 22 12:43:02 2017 +1100
-
-    Missing header on Linux/s390
-    
-    Patch from Jakub Jelen
-
-commit 096fb65084593f9f3c1fc91b6d9052759a272a00
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Mar 20 22:08:06 2017 +0000
-
-    upstream commit
-    
-    remove /usr/bin/time calls around tests, makes diffing test
-    runs harder. Based on patch from Mike Frysinger
-    
-    Upstream-Regress-ID: 81c1083b14dcf473b23d2817882f40b346ebc95c
-
-commit 6b853c6f8ba5eecc50f3b57af8e63f8184eb0fa6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 21 08:47:55 2017 +1100
-
-    Fix syntax error on Linux/X32
-    
-    Patch from Mike Frysinger
-
-commit d38f05dbdd291212bc95ea80648b72b7177e9f4e
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Mar 20 13:38:27 2017 +1100
-
-    Add llabs() implementation.
-
-commit 72536316a219b7394996a74691a5d4ec197480f7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 20 12:23:04 2017 +1100
-
-    crank version numbers
-
-commit 3be52bc36bdfd24ded7e0f46999e7db520fb4e3f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Mar 20 01:18:59 2017 +0000
-
-    upstream commit
-    
-    openssh-7.5
-    
-    Upstream-ID: b8b9a4a949427c393cd868215e1724ceb3467ee5
-
-commit db84e52fe9cfad57f22e7e23c5fbf00092385129
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 20 12:07:20 2017 +1100
-
-    I'm a doofus.
-    
-    Unbreak obvious syntax error.
-
-commit 89f04852db27643717c9c3a2b0dde97ae50099ee
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 20 11:53:34 2017 +1100
-
-    on Cygwin, check paths from server for backslashes
-    
-    Pointed out by Jann Horn of Google Project Zero
-
-commit 7ef1f9bafc2cc8d97ff2fbd4f280002b6e8ea5d9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 20 11:48:34 2017 +1100
-
-    Yet another synonym for ASCII: "646"
-    
-    Used by NetBSD; this unbreaks mprintf() and friends there for the C
-    locale (caught by dtucker@ and his menagerie of test systems).
-
-commit 9165abfea3f68a0c684a6ed2e575e59bc31a3a6b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Mar 20 09:58:34 2017 +1100
-
-    create test mux socket in /tmp
-    
-    Creating the socket in $OBJ could blow past the (quite limited)
-    path limit for Unix domain sockets. As a bandaid for bz#2660,
-    reported by Colin Watson; ok dtucker@
-
-commit 2adbe1e63bc313d03e8e84e652cc623af8ebb163
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Mar 15 07:07:39 2017 +0000
-
-    upstream commit
-    
-    disallow KEXINIT before NEWKEYS; ok djm; report by
-    vegard.nossum at oracle.com
-    
-    Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
-
-commit 2fbf91684d76d38b9cf06550b69c9e41bca5a71c
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Mar 16 14:05:46 2017 +1100
-
-    Include includes.h for compat bits.
-
-commit b55f634e96b9c5b0cd991e23a9ca181bec4bdbad
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Mar 16 13:45:17 2017 +1100
-
-    Wrap stdint.h in #ifdef HAVE_STDINT_H
-
-commit 55a1117d7342a0bf8b793250cf314bab6b482b99
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Mar 16 11:22:42 2017 +1100
-
-    Adapt Cygwin config script to privsep knob removal
-    
-    Patch from Corinna Vinschen.
-
-commit 1a321bfdb91defe3c4d9cca5651724ae167e5436
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Wed Mar 15 03:52:30 2017 +0000
-
-    upstream commit
-    
-    accidents happen to the best of us; ok djm
-    
-    Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604
-
-commit 25f837646be8c2017c914d34be71ca435dfc0e07
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 15 02:25:09 2017 +0000
-
-    upstream commit
-    
-    fix regression in 7.4: deletion of PKCS#11-hosted keys
-    would fail unless they were specified by full physical pathname. Report and
-    fix from Jakub Jelen via bz#2682; ok dtucker@
-    
-    Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268
-
-commit a8c5eeacf032a7d3408957e45dd7603cc1baf55f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 15 02:19:09 2017 +0000
-
-    upstream commit
-    
-    Fix segfault when sshd attempts to load RSA1 keys (can
-    only happen when protocol v.1 support is enabled for the client). Reported by
-    Jakub Jelen in bz#2686; ok dtucker
-    
-    Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7
-
-commit 66705948c0639a7061a0d0753266da7685badfec
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Mar 14 07:19:07 2017 +0000
-
-    upstream commit
-    
-    Mark the sshd_config UsePrivilegeSeparation option as
-    deprecated, effectively making privsep mandatory in sandboxing mode. ok
-    markus@ deraadt@
-    
-    (note: this doesn't remove the !privsep code paths, though that will
-    happen eventually).
-    
-    Upstream-ID: b4c52666256c4dd865f8ce9431af5d6ce2d74a0a
-
-commit f86586b03fe6cd8f595289bde200a94bc2c191af
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 14 18:26:29 2017 +1100
-
-    Make seccomp-bpf sandbox work on Linux/X32
-    
-    Allow clock_gettime syscall with X32 bit masked off. Apparently
-    this is required for at least some kernel versions. bz#2142
-    Patch mostly by Colin Watson. ok dtucker@
-
-commit 2429cf78dd2a9741ce27ba25ac41c535274a0af6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 14 18:01:52 2017 +1100
-
-    require OpenSSL >=1.0.1
-
-commit e3ea335abeab731c68f2b2141bee85a4b0bf680f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 14 17:48:43 2017 +1100
-
-    Remove macro trickery; no binary change
-    
-    This stops the SC_ALLOW(), SC_ALLOW_ARG() and SC_DENY() macros
-    prepending __NR_ to the syscall number parameter and just makes
-    them explicit in the macro invocations.
-    
-    No binary change in stripped object file before/after.
-
-commit 5f1596e11d55539678c41f68aed358628d33d86f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 14 13:15:18 2017 +1100
-
-    support ioctls for ICA crypto card on Linux/s390
-    
-    Based on patch from Eduardo Barretto; ok dtucker@
-
-commit b1b22dd0df2668b322dda174e501dccba2cf5c44
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Mar 14 14:19:36 2017 +1100
-
-    Plumb conversion test into makefile.
-
-commit f57783f1ddfb4cdfbd612c6beb5ec01cb5b9a6b9
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Mar 14 01:20:29 2017 +0000
-
-    upstream commit
-    
-    Add unit test for convtime().
-    
-    Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1
-
-commit 8884b7247d094cd11ff9e39c325ba928c5bdbc6c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Mar 14 01:10:07 2017 +0000
-
-    upstream commit
-    
-    Add ASSERT_LONG_* helpers.
-    
-    Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431
-
-commit c6774d21185220c0ba11e8fd204bf0ad1a432071
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Mar 14 00:55:37 2017 +0000
-
-    upstream commit
-    
-    Fix convtime() overflow test on boundary condition,
-    spotted by & ok djm.
-    
-    Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708
-
-commit f5746b40cfe6d767c8e128fe50c43274b31cd594
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Mar 14 00:25:03 2017 +0000
-
-    upstream commit
-    
-    Check for integer overflow when parsing times in
-    convtime().  Reported by nicolas.iooss at m4x.org, ok djm@
-    
-    Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
-
-commit f5907982f42a8d88a430b8a46752cbb7859ba979
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Mar 14 13:38:15 2017 +1100
-
-    Add a "unit" target to run only unit tests.
-
-commit 9e96b41682aed793fadbea5ccd472f862179fb02
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Mar 14 12:24:47 2017 +1100
-
-    Fix weakness in seccomp-bpf sandbox arg inspection
-    
-    Syscall arguments are passed via an array of 64-bit values in struct
-    seccomp_data, but we were only inspecting the bottom 32 bits and not
-    even those correctly for BE systems.
-    
-    Fortunately, the only case argument inspection was used was in the
-    socketcall filtering so using this for sandbox escape seems
-    impossible.
-    
-    ok dtucker
-
-commit 8ff3fc3f2f7c13e8968717bc2b895ee32c441275
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Mar 11 23:44:16 2017 +0000
-
-    upstream commit
-    
-    regress tests for loading certificates without public keys;
-    bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@
-    
-    Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
-
-commit 1e24552716194db8f2f620587b876158a9ef56ad
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sat Mar 11 23:40:26 2017 +0000
-
-    upstream commit
-    
-    allow ssh to use certificates accompanied by a private
-    key file but no corresponding plain *.pub public key. bz#2617 based on patch
-    from Adam Eijdenberg; ok dtucker@ markus@
-    
-    Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
-
-commit 0fb1a617a07b8df5de188dd5a0c8bf293d4bfc0e
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Sat Mar 11 13:07:35 2017 +0000
-
-    upstream commit
-    
-    Don't count the initial block twice when computing how
-    many bytes to discard for the work around for the attacks against CBC-mode.
-    ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL
-    
-    Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2
-
-commit ef653dd5bd5777132d9f9ee356225f9ee3379504
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 07:18:32 2017 +0000
-
-    upstream commit
-    
-    krl.c
-    
-    Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
-
-commit d94c1dfef2ea30ca67b1204ada7c3b537c54f4d0
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Mar 12 10:48:14 2017 +1100
-
-    sync fmt_scaled.c with OpenBSD
-    
-    revision 1.13
-    date: 2017/03/11 23:37:23;  author: djm;  state: Exp;  lines: +14 -1;  commitid: jnFKyHkB3CEiEZ2R;
-    fix signed integer overflow in scan_scaled. Found by Nicolas Iooss
-    using AFL against ssh_config. ok deraadt@ millert@
-    ----------------------------
-    revision 1.12
-    date: 2013/11/29 19:00:51;  author: deraadt;  state: Exp;  lines: +6 -5;
-    fairly simple unsigned char casts for ctype
-    ok krw
-    ----------------------------
-    revision 1.11
-    date: 2012/11/12 14:07:20;  author: halex;  state: Exp;  lines: +4 -2;
-    make scan_scaled set errno to EINVAL rather than ERANGE if it encounters
-    an invalid multiplier, like the man page says it should
-    
-    "looks sensible" deraadt@, ok ian@
-    ----------------------------
-    revision 1.10
-    date: 2009/06/20 15:00:04;  author: martynas;  state: Exp;  lines: +4 -4;
-    use llabs instead of the home-grown version;  and some comment changes
-    ok ian@, millert@
-    ----------------------------
-
-commit 894221a63fa061e52e414ca58d47edc5fe645968
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 05:01:13 2017 +0000
-
-    upstream commit
-    
-    When updating hostkeys, accept RSA keys if
-    HostkeyAlgorithms contains any RSA keytype. Previously, ssh could ignore RSA
-    keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms
-    nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok
-    dtucker@
-    
-    Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2
-
-commit dd3e2298663f4cc1a06bc69582d00dcfee27d73c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 04:24:55 2017 +0000
-
-    upstream commit
-    
-    make hostname matching really insensitive to case;
-    bz#2685, reported by Petr Cerny; ok dtucker@
-    
-    Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253
-
-commit 77a9be9446697fe8b5499fe651f4a82a71a4b51f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 03:52:48 2017 +0000
-
-    upstream commit
-    
-    reword a comment to make it fit 80 columns
-    
-    Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4
-
-commit 61b8ef6a66efaec07e023342cb94a10bdc2254dc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 04:27:32 2017 +0000
-
-    upstream commit
-    
-    better match sshd config parser behaviour: fatal() if
-    line is overlong, increase line buffer to match sshd's; bz#2651 reported by
-    Don Fong; ok dtucker@
-    
-    Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18
-
-commit db2597207e69912f2592cd86a1de8e948a9d7ffb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 04:26:06 2017 +0000
-
-    upstream commit
-    
-    ensure hostname is lower-case before hashing it;
-    bz#2591 reported by Griff Miller II; ok dtucker@
-    
-    Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
-
-commit df9936936c695f85c1038bd706d62edf752aca4b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 04:24:55 2017 +0000
-
-    upstream commit
-    
-    make hostname matching really insensitive to case;
-    bz#2685, reported by Petr Cerny; ok dtucker@
-    
-    Upstream-ID: e632b7a9bf0d0558d5ff56dab98b7cca6c3db549
-
-commit 67eed24bfa7645d88fa0b883745fccb22a0e527e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 04:11:00 2017 +0000
-
-    upstream commit
-    
-    Remove old null check from config dumper.  Patch from
-    jjelen at redhat.com vi bz#2687, ok djm@
-    
-    Upstream-ID: 824ab71467b78c4bab0dd1b3a38e8bc5f63dd528
-
-commit 183ba55aaaecca0206184b854ad6155df237adbe
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 04:07:20 2017 +0000
-
-    upstream commit
-    
-    fix regression in 7.4 server-sig-algs, where we were
-    accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
-    Goncalves; ok dtucker@
-    
-    Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
-
-commit 66be4fe8c4435af5bbc82998501a142a831f1181
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 03:53:11 2017 +0000
-
-    upstream commit
-    
-    Check for NULL return value from key_new.  Patch from
-    jjelen at redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: 059e33cd43cba88dc8caf0b1936fd4dd88fd5b8e
-
-commit ec2892b5c7fea199914cb3a6afb3af38f84990bf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 03:52:48 2017 +0000
-
-    upstream commit
-    
-    reword a comment to make it fit 80 columns
-    
-    Upstream-ID: b4b48b4487c0821d16e812c40c9b09f03b28e349
-
-commit 7fadbb6da3f4122de689165651eb39985e1cba85
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 03:48:57 2017 +0000
-
-    upstream commit
-    
-    Check for NULL argument to sshkey_read.  Patch from
-    jjelen at redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e
-
-commit 5a06b9e019e2b0b0f65a223422935b66f3749de3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 03:45:40 2017 +0000
-
-    upstream commit
-    
-    Plug some mem leaks mostly on error paths.  From jjelen
-    at redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: 3fb030149598957a51b7c8beb32bf92cf30c96f2
-
-commit f6edbe9febff8121f26835996b1229b5064d31b7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 03:24:48 2017 +0000
-
-    upstream commit
-    
-    Plug mem leak on GLOB_NOMATCH case.  From jjelen at
-    redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d
-
-commit 566b3a46e89a2fda2db46f04f2639e92da64a120
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 03:22:40 2017 +0000
-
-    upstream commit
-    
-    Plug descriptor leaks of auth_sock.  From jjelen at
-    redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: 248acb99a5ed2fdca37d1aa33c0fcee7be286d88
-
-commit 8a2834454c73dfc1eb96453c0e97690595f3f4c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 03:18:24 2017 +0000
-
-    upstream commit
-    
-    correctly hash hosts with a port number. Reported by Josh
-    Powers in bz#2692; ok dtucker@
-    
-    Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442
-
-commit 9747b9c742de409633d4753bf1a752cbd211e2d3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 10 03:15:58 2017 +0000
-
-    upstream commit
-    
-    don't truncate off \r\n from long stderr lines; bz#2688,
-    reported by Brian Dyson; ok dtucker@
-    
-    Upstream-ID: cdfdc4ba90639af807397ce996153c88af046ca4
-
-commit 4a4b75adac862029a1064577eb5af299b1580cdd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Mar 10 02:59:51 2017 +0000
-
-    upstream commit
-    
-    Validate digest arg in ssh_digest_final; from jjelen at
-    redhat.com via bz#2687, ok djm@
-    
-    Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878
-
-commit bee0167be2340d8de4bdc1ab1064ec957c85a447
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Mar 10 13:40:18 2017 +1100
-
-    Check for NULL from malloc.
-    
-    Part of bz#2687, from jjelen at redhat.com.
-
-commit da39b09d43b137a5a3d071b51589e3efb3701238
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Mar 10 13:22:32 2017 +1100
-
-    If OSX is using launchd, remove screen no.
-    
-    Check for socket with and without screen number.  From Apple and Jakob
-    Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@
-
-commit 8fb15311a011517eb2394bb95a467c209b8b336c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Mar 8 12:07:47 2017 +0000
-
-    upstream commit
-    
-    quote [host]:port in generated ProxyJump commandline; the
-    [ / ] characters can confuse some shells (e.g. zsh). Reported by Lauri
-    Tirkkonen via bugs@
-    
-    Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182
-
-commit 18501151cf272a15b5f2c5e777f2e0933633c513
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Mar 6 02:03:20 2017 +0000
-
-    upstream commit
-    
-    Check l->hosts before dereferencing; fixes potential null
-    pointer deref. ok djm@
-    
-    Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
-
-commit d072370793f1a20f01ad827ba8fcd3b8f2c46165
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Mar 6 00:44:51 2017 +0000
-
-    upstream commit
-    
-    linenum is unsigned long so use %lu in log formats.  ok
-    deraadt@
-    
-    Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
-
-commit 12d3767ba4c84c32150cbe6ff6494498780f12c9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Mar 3 06:13:11 2017 +0000
-
-    upstream commit
-    
-    fix ssh-keygen -H accidentally corrupting known_hosts that
-    contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
-    hostkeys_foreach() when hostname matching is in use, so we need to look for
-    the hash marker explicitly.
-    
-    Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
-
-commit d7abb771bd5a941b26144ba400a34563a1afa589
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Feb 28 06:10:08 2017 +0000
-
-    upstream commit
-    
-    small memleak: free fd_set on connection timeout (though
-    we are heading to exit anyway). From Tom Rix in bz#2683
-    
-    Upstream-ID: 10e3dadbb8199845b66581473711642d9e6741c4
-
-commit 78142e3ab3887e53a968d6e199bcb18daaf2436e
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Mon Feb 27 14:30:33 2017 +0000
-
-    upstream commit
-    
-    errant dot; from klemens nanni
-    
-    Upstream-ID: 83d93366a5acf47047298c5d3ebc5e7426f37921
-
-commit 8071a6924c12bb51406a9a64a4b2892675112c87
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 24 03:16:34 2017 +0000
-
-    upstream commit
-    
-    might as well set the listener socket CLOEXEC
-    
-    Upstream-ID: 9c538433d6a0ca79f5f21decc5620e46fb68ab57
-
-commit d5499190559ebe374bcdfa8805408646ceffad64
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Feb 19 00:11:29 2017 +0000
-
-    upstream commit
-    
-    add test cases for C locale; ok schwarze@
-    
-    Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
-
-commit 011c8ffbb0275281a0cf330054cf21be10c43e37
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Feb 19 00:10:57 2017 +0000
-
-    upstream commit
-    
-    Add a common nl_langinfo(CODESET) alias for US-ASCII
-    "ANSI_X3.4-1968" that is used by Linux. Fixes mprintf output truncation for
-    non-UTF-8 locales on Linux spotted by dtucker@; ok deraadt@ schwarze@
-    
-    Upstream-ID: c6808956ebffd64066f9075d839f74ff0dd60719
-
-commit 0c4430a19b73058a569573492f55e4c9eeaae67b
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Feb 7 23:03:11 2017 +0000
-
-    upstream commit
-    
-    Remove deprecated SSH1 options RSAAuthentication and
-    RhostsRSAAuthentication from regression test sshd_config.
-    
-    Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491
-
-commit 3baa4cdd197c95d972ec3d07f1c0d08f2d7d9199
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 17 02:32:05 2017 +0000
-
-    upstream commit
-    
-    Do not show rsa1 key type in usage when compiled without
-    SSH1 support.
-    
-    Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
-
-commit ecc35893715f969e98fee118481f404772de4132
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 17 02:31:14 2017 +0000
-
-    upstream commit
-    
-    ifdef out "rsa1" from the list of supported keytypes when
-    compiled without SSH1 support.  Found by kdunlop at guralp.com, ok djm@
-    
-    Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f
-
-commit 10577c6d96a55b877a960b2d0b75edef1b9945af
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 17 02:04:15 2017 +0000
-
-    upstream commit
-    
-    For ProxyJump/-J, surround host name with brackets to
-    allow literal IPv6 addresses. From Dick Visser; ok dtucker@
-    
-    Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1
-
-commit b2afdaf1b52231aa23d2153f4a8c5a60a694dda4
-Author: jsg@openbsd.org <jsg@openbsd.org>
-Date:   Wed Feb 15 23:38:31 2017 +0000
-
-    upstream commit
-    
-    Fix memory leaks in match_filter_list() error paths.
-    
-    ok dtucker@ markus@
-    
-    Upstream-ID: c7f96ac0877f6dc9188bbc908100a8d246cc7f0e
-
-commit 6d5a41b38b55258213ecfaae9df7a758caa752a1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Feb 15 01:46:47 2017 +0000
-
-    upstream commit
-    
-    fix division by zero crash in "df" output when server
-    returns zero total filesystem blocks/inodes. Spotted by Guido Vranken; ok
-    dtucker@
-    
-    Upstream-ID: 6fb6c2ae6b289aa07b6232dbc0be54682ef5419f
-
-commit bd5d7d239525d595ecea92765334af33a45d9d63
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Feb 12 15:45:15 2017 +1100
-
-    ifdef out EVP_R_PRIVATE_KEY_DECODE_ERROR
-    
-    EVP_R_PRIVATE_KEY_DECODE_ERROR was added in OpenSSL 1.0.0 so ifdef out
-    for the benefit of OpenSSL versions prior to that.
-
-commit 155d540d00ff55f063421ec182ec8ff2b7ab6cbe
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 10 04:34:50 2017 +0000
-
-    upstream commit
-    
-    bring back r1.34 that was backed out for problems loading
-    public keys:
-    
-    translate OpenSSL error codes to something more
-    meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
-    
-    with additional fix from Jakub Jelen to solve the backout.
-    bz#2525 bz#2523 re-ok dtucker@
-    
-    Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031
-
-commit a287c5ad1e0bf9811c7b9221979b969255076019
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 10 03:36:40 2017 +0000
-
-    upstream commit
-    
-    Sanitise escape sequences in key comments sent to printf
-    but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@
-    
-    Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
-
-commit e40269be388972848aafcca7060111c70aab5b87
-Author: millert@openbsd.org <millert@openbsd.org>
-Date:   Wed Feb 8 20:32:43 2017 +0000
-
-    upstream commit
-    
-    Avoid printf %s NULL.  From semarie@, OK djm@
-    
-    Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
-
-commit 5b90709ab8704dafdb31e5651073b259d98352bc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Feb 6 09:22:51 2017 +0000
-
-    upstream commit
-    
-    Restore \r\n newline sequence for server ident string. The CR
-    got lost in the flensing of SSHv1. Pointed out by Stef Bon
-    
-    Upstream-ID: 5333fd43ce5396bf5999496096fac5536e678fac
-
-commit 97c31c46ee2e6b46dfffdfc4f90bbbf188064cbc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 3 23:01:42 2017 +0000
-
-    upstream commit
-    
-    unit test for match_filter_list() function; still want a
-    better name for this...
-    
-    Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a
-
-commit f1a193464a7b77646f0d0cedc929068e4a413ab4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 3 23:05:57 2017 +0000
-
-    upstream commit
-    
-    use ssh_packet_set_log_preamble() to include connection
-    username in packet log messages, e.g.
-    
-    Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth]
-    
-    ok markus@ bz#113
-    
-    Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
-
-commit 07edd7e9537ab32aa52abb5fb2a915c350fcf441
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 3 23:03:33 2017 +0000
-
-    upstream commit
-    
-    add ssh_packet_set_log_preamble() to allow inclusion of a
-    preamble string in disconnect messages; ok markus@
-    
-    Upstream-ID: 34cb41182cd76d414c214ccb01c01707849afead
-
-commit 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 3 23:01:19 2017 +0000
-
-    upstream commit
-    
-    support =- for removing methods from algorithms lists,
-    e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like
-    it" markus@
-    
-    Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
-
-commit c924b2ef941028a1f31e6e94f54dfeeeef462a4e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Feb 3 05:05:56 2017 +0000
-
-    upstream commit
-    
-    allow form-feed characters at EOL; bz#2431 ok dtucker@
-    
-    Upstream-ID: 1f453afaba6da2ae69d6afdf1ae79a917552f1a2
-
-commit 523db8540b720c4d21ab0ff6f928476c70c38aab
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Feb 3 16:01:22 2017 +1100
-
-    prefer to use ldns-config to find libldns
-    
-    Should fix bz#2603 - "Build with ldns and without kerberos support
-    fails if ldns compiled with kerberos support" by including correct
-    cflags/libs
-    
-    ok dtucker@
-
-commit c998bf0afa1a01257a53793eba57941182e9e0b7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Feb 3 02:56:00 2017 +0000
-
-    upstream commit
-    
-    Make ssh_packet_set_rekey_limits take u32 for the number of
-    seconds until rekeying (negative values are rejected at config parse time).
-    This allows the removal of some casts and a signed vs unsigned comparison
-    warning.
-    
-    rekey_time is cast to int64 for the comparison which is a no-op
-    on OpenBSD, but should also do the right thing in -portable on
-    anything still using 32bit time_t (until the system time actually
-    wraps, anyway).
-    
-    some early guidance deraadt@, ok djm@
-    
-    Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c
-
-commit 3ec5fa4ba97d4c4853620daea26a33b9f1fe3422
-Author: jsg@openbsd.org <jsg@openbsd.org>
-Date:   Thu Feb 2 10:54:25 2017 +0000
-
-    upstream commit
-    
-    In vasnmprintf() return an error if malloc fails and
-    don't set a function argument to the address of free'd memory.
-    
-    ok djm@
-    
-    Upstream-ID: 1efffffff2f51d53c9141f245b90ac23d33b9779
-
-commit 858252fb1d451ebb0969cf9749116c8f0ee42753
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Feb 1 02:59:09 2017 +0000
-
-    upstream commit
-    
-    Return true reason for port forwarding failures where
-    feasible rather than always "administratively prohibited".  bz#2674, ok djm@
-    
-    Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
-
-commit 6ba9f893838489add6ec4213c7a997b425e4a9e0
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Jan 30 23:27:39 2017 +0000
-
-    upstream commit
-    
-    Small correction to the known_hosts section on when it is
-    updated. Patch from lkppo at free.fr some time ago, pointed out by smallm at
-    sdf.org
-    
-    Upstream-ID: 1834d7af179dea1a12ad2137f84566664af225d5
-
-commit c61d5ec3c11e7ff9779b6127421d9f166cf10915
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Feb 3 14:10:34 2017 +1100
-
-    Remove _XOPEN_SOURCE from wide char detection.
-    
-    Having _XOPEN_SOURCE unconditionally causes problems on some platforms
-    and configurations, notably Solaris 64-bit binaries.  It was there for
-    the benefit of Linux put the required bits in the *-*linux* section.
-    
-    Patch from yvoinov at gmail.com.
-
-commit f25ee13b3e81fd80efeb871dc150fe49d7fc8afd
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 05:22:14 2017 +0000
-
-    upstream commit
-    
-    fully unbreak: some $SSH invocations did not have -F
-    specified and could pick up the ~/.ssh/config of the user running the tests
-    
-    Upstream-Regress-ID: f362d1892c0d3e66212d5d3fc02d915c58ef6b89
-
-commit 6956e21fb26652887475fe77ea40d2efcf25908b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 04:54:07 2017 +0000
-
-    upstream commit
-    
-    partially unbreak: was not specifying hostname on some
-    $SSH invocations
-    
-    Upstream-Regress-ID: bc8a5e98e57bad0a92ef4f34ed91c1d18294e2cc
-
-commit 52763dd3fe0a4678dafdf7aeb32286e514130afc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 01:03:00 2017 +0000
-
-    upstream commit
-    
-    revise keys/principals command hang fix (bz#2655) to
-    consume entire output, avoiding sending SIGPIPE to subprocesses early; ok
-    dtucker@
-    
-    Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
-
-commit 381a2615a154a82c4c53b787f4a564ef894fe9ac
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 00:38:50 2017 +0000
-
-    upstream commit
-    
-    small cleanup post SSHv1 removal:
-    
-    remove SSHv1-isms in commented examples
-    
-    reorder token table to group deprecated and compile-time conditional tokens
-    better
-    
-    fix config dumping code for some compile-time conditional options that
-    weren't being correctly skipped (SSHv1 and PKCS#11)
-    
-    Upstream-ID: f2e96b3cb3158d857c5a91ad2e15925df3060105
-
-commit 4833d01591b7eb049489d9558b65f5553387ed43
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 00:34:01 2017 +0000
-
-    upstream commit
-    
-    some explicit NULL tests when dumping configured
-    forwardings; from Karsten Weiss
-    
-    Upstream-ID: 40957b8dea69672b0e50df6b4a91a94e3e37f72d
-
-commit 326e2fae9f2e3e067b5651365eba86b35ee5a6b2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 00:32:28 2017 +0000
-
-    upstream commit
-    
-    misplaced braces in test; from Karsten Weiss
-    
-    Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae
-
-commit 3e032a95e46bfaea9f9e857678ac8fa5f63997fb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Jan 30 00:32:03 2017 +0000
-
-    upstream commit
-    
-    don't dereference authctxt before testing != NULL, it
-    causes compilers to make assumptions; from Karsten Weiss
-    
-    Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2
-
-commit 01cfaa2b1cfb84f3cdd32d1bf82b120a8d30e057
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 6 02:51:16 2017 +0000
-
-    upstream commit
-    
-    use correct ssh-add program; bz#2654, from Colin Watson
-    
-    Upstream-Regress-ID: 7042a36e1bdaec6562f6e57e9d047efe9c7a6030
-
-commit e5c7ec67cdc42ae2584085e0fc5cc5ee91133cf5
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 6 02:26:10 2017 +0000
-
-    upstream commit
-    
-    Account for timeouts in the integrity tests as failures.
-    
-    If the first test in a series for a given MAC happens to modify the low
-    bytes of a packet length, then ssh will time out and this will be
-    interpreted as a test failure.  Patch from cjwatson at debian.org via
-    bz#2658.
-    
-    Upstream-Regress-ID: e7467613b0badedaa300bc6fc7495ec2f44e2fb9
-
-commit dbaf599b61bd6e0f8469363a8c8e7f633b334018
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 6 02:09:25 2017 +0000
-
-    upstream commit
-    
-    Make forwarding test less racy by using unix domain
-    sockets instead of TCP ports where possible.  Patch from cjwatson at
-    debian.org via bz#2659.
-    
-    Upstream-Regress-ID: 4756375aac5916ef9d25452a1c1d5fa9e90299a9
-
-commit 9390b0031ebd6eb5488d3bc4d4333c528dffc0a6
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Jan 29 21:35:23 2017 +0000
-
-    upstream commit
-    
-    Fix typo in ~C error message for bad port forward
-    cancellation. bz#2672, from Brad Marshall via Colin Watson and Ubuntu's
-    bugtracker.
-    
-    Upstream-ID: 0d4a7e5ead6cc59c9a44b4c1e5435ab3aada09af
-
-commit 4ba15462ca38883b8a61a1eccc093c79462d5414
-Author: guenther@openbsd.org <guenther@openbsd.org>
-Date:   Sat Jan 21 11:32:04 2017 +0000
-
-    upstream commit
-    
-    The POSIX APIs that that sockaddrs all ignore the s*_len
-    field in the incoming socket, so userspace doesn't need to set it unless it
-    has its own reasons for tracking the size along with the sockaddr.
-    
-    ok phessler@ deraadt@ florian@
-    
-    Upstream-ID: ca6e49e2f22f2b9e81d6d924b90ecd7e422e7437
-
-commit a1187bd3ef3e4940af849ca953a1b849dae78445
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Jan 6 16:28:12 2017 +0000
-
-    upstream commit
-    
-    keep the tokens list sorted;
-    
-    Upstream-ID: b96239dae4fb3aa94146bb381afabcc7740a1638
-
-commit b64077f9767634715402014f509e58decf1e140d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 6 09:27:52 2017 +0000
-
-    upstream commit
-    
-    fix previous
-    
-    Upstream-ID: c107d6a69bc22325d79fbf78a2a62e04bcac6895
-
-commit 5e820e9ea2e949aeb93071fe31c80b0c42f2b2de
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 6 03:53:58 2017 +0000
-
-    upstream commit
-    
-    show a useful error message when included config files
-    can't be opened; bz#2653, ok dtucker@
-    
-    Upstream-ID: f598b73b5dfe497344cec9efc9386b4e5a3cb95b
-
-commit 13bd2e2d622d01dc85d22b94520a5b243d006049
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 6 03:45:41 2017 +0000
-
-    upstream commit
-    
-    sshd_config is documented to set
-    GSSAPIStrictAcceptorCheck=yes by default, so actually make it do this.
-    bz#2637 ok dtucker
-    
-    Upstream-ID: 99ef8ac51f17f0f7aec166cb2e34228d4d72a665
-
-commit f89b928534c9e77f608806a217d39a2960cc7fd0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Jan 6 03:41:58 2017 +0000
-
-    upstream commit
-    
-    Avoid confusing error message when attempting to use
-    ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583
-    
-    Upstream-ID: 5d214abd3a21337d67c6dcc5aa6f313298d0d165
-
-commit 0999533014784579aa6f01c2d3a06e3e8804b680
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Jan 6 02:34:54 2017 +0000
-
-    upstream commit
-    
-    Re-add '%k' token for AuthorizedKeysCommand which was
-    lost during the re-org in rev 1.235.  bz#2656, from jboning at gmail.com.
-    
-    Upstream-ID: 2884e203c02764d7b3fe7472710d9c24bdc73e38
-
-commit 51045869fa084cdd016fdd721ea760417c0a3bf3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 4 05:37:40 2017 +0000
-
-    upstream commit
-    
-    unbreak Unix domain socket forwarding for root; ok
-    markus@
-    
-    Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2
-
-commit 58fca12ba967ea5c768653535604e1522d177e44
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Jan 16 09:08:32 2017 +1100
-
-    Remove LOGIN_PROGRAM.
-    
-    UseLogin is gone, remove leftover.  bz#2665, from cjwatson at debian.org
-
-commit b108ce92aae0ca0376dce9513d953be60e449ae1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Jan 4 02:21:43 2017 +0000
-
-    upstream commit
-    
-    relax PKCS#11 whitelist a bit to allow libexec as well as
-    lib directories.
-    
-    Upstream-ID: cf5617958e2e2d39f8285fd3bc63b557da484702
-
-commit c7995f296b9222df2846f56ecf61e5ae13d7a53d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Jan 3 05:46:51 2017 +0000
-
-    upstream commit
-    
-    check number of entries in SSH2_FXP_NAME response; avoids
-    unreachable overflow later. Reported by Jann Horn
-    
-    Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f
-
-commit ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 30 22:08:02 2016 +0000
-
-    upstream commit
-    
-    fix deadlock when keys/principals command produces a lot of
-    output and a key is matched early; bz#2655, patch from jboning AT gmail.com
-    
-    Upstream-ID: e19456429bf99087ea994432c16d00a642060afe
-
-commit 30eee7d1b2fec33c14870cc11910610be5d2aa6f
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Dec 20 12:16:11 2016 +1100
-
-    Re-add missing "Prerequisites" header and fix typo
-    
-    Patch from HARUYAMA Seigo <haruyama at unixuser org>.
-
-commit c8c60f3663165edd6a52632c6ddbfabfce1ca865
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 19 22:35:23 2016 +0000
-
-    upstream commit
-    
-    use standard /bin/sh equality test; from Mike Frysinger
-    
-    Upstream-Regress-ID: 7b6f0b63525f399844c8ac211003acb8e4b0bec2
-
-commit 4a354fc231174901f2629437c2a6e924a2dd6772
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Dec 19 15:59:26 2016 +1100
-
-    crank version numbers for release
-
-commit 5f8d0bb8413d4d909cc7aa3c616fb0538224c3c9
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 19 04:55:51 2016 +0000
-
-    upstream commit
-    
-    openssh-7.4
-    
-    Upstream-ID: 1ee404adba6bbe10ae9277cbae3a94abe2867b79
-
-commit 3a8213ea0ed843523e34e55ab9c852332bab4c7b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Dec 19 04:55:18 2016 +0000
-
-    upstream commit
-    
-    remove testcase that depends on exact output and
-    behaviour of snprintf(..., "%s", NULL)
-    
-    Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f
-
-commit eae735a82d759054f6ec7b4e887fb7a5692c66d7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Dec 19 03:32:57 2016 +0000
-
-    upstream commit
-    
-    Use LOGNAME to get current user and fall back to whoami if
-    not set. Mainly to benefit -portable since some platforms don't have whoami.
-    
-    Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa
-
-commit 0d2f88428487518eea60602bd593989013831dcf
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Dec 16 03:51:19 2016 +0000
-
-    upstream commit
-    
-    Add regression test for AllowUsers and DenyUsers.  Patch from
-    Zev Weiss <zev at bewilderbeest.net>
-    
-    Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9
-
-commit 3bc8180a008929f6fe98af4a56fb37d04444b417
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Dec 16 15:02:24 2016 +1100
-
-    Add missing monitor.h include.
-    
-    Fixes warning pointed out by Zev Weiss <zev at bewilderbeest.net>
-
-commit 410681f9015d76cc7b137dd90dac897f673244a0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 16 02:48:55 2016 +0000
-
-    upstream commit
-    
-    revert to rev1.2; the new bits in this test depend on changes
-    to ssh that aren't yet committed
-    
-    Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123
-
-commit 2f2ffa4fbe4b671bbffa0611f15ba44cff64d58e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Dec 16 01:06:27 2016 +0000
-
-    upstream commit
-    
-    Move the "stop sshd" code into its own helper function.
-    Patch from Zev Weiss <zev at bewilderbeest.net>, ok djm@
-    
-    Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329
-
-commit e15e7152331e3976b35475fd4e9c72897ad0f074
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 16 01:01:07 2016 +0000
-
-    upstream commit
-    
-    regression test for certificates along with private key
-    with no public half. bz#2617, mostly from Adam Eijdenberg
-    
-    Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115
-
-commit 9a70ec085faf6e55db311cd1a329f1a35ad2a500
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Dec 15 23:50:37 2016 +0000
-
-    upstream commit
-    
-    Use $SUDO to read pidfile in case root's umask is
-    restricted.  From portable.
-    
-    Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98
-
-commit fe06b68f824f8f55670442fb31f2c03526dd326c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Dec 15 21:29:05 2016 +0000
-
-    upstream commit
-    
-    Add missing braces in DenyUsers code.  Patch from zev at
-    bewilderbeest.net, ok deraadt@
-    
-    Upstream-ID: d747ace338dcf943b077925f90f85f789714b54e
-
-commit dcc7d74242a574fd5c4afbb4224795b1644321e7
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Dec 15 21:20:41 2016 +0000
-
-    upstream commit
-    
-    Fix text in error message.  Patch from zev at
-    bewilderbeest.net.
-    
-    Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6
-
-commit b737e4d7433577403a31cff6614f6a1b0b5e22f4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Dec 14 00:36:34 2016 +0000
-
-    upstream commit
-    
-    disable Unix-domain socket forwarding when privsep is
-    disabled
-    
-    Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0
-
-commit 08a1e7014d65c5b59416a0e138c1f73f417496eb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Dec 9 03:04:29 2016 +0000
-
-    upstream commit
-    
-    log connections dropped in excess of MaxStartups at
-    verbose LogLevel; bz#2613 based on diff from Tomas Kuthan; ok dtucker@
-    
-    Upstream-ID: 703ae690dbf9b56620a6018f8a3b2389ce76d92b
-
-commit 10e290ec00964b2bf70faab15a10a5574bb80527
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Dec 13 13:51:32 2016 +1100
-
-    Get default of TEST_SSH_UTF8 from environment.
-
-commit b9b8ba3f9ed92c6220b58d70d1e6d8aa3eea1104
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Dec 13 12:56:40 2016 +1100
-
-    Remove commented-out includes.
-    
-    These commented-out includes have "Still needed?" comments.  Since
-    they've been commented out for ~13 years I assert that they're not.
-
-commit 25275f1c9d5f01a0877d39444e8f90521a598ea0
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Dec 13 12:54:23 2016 +1100
-
-    Add prototype for strcasestr in compat library.
-
-commit afec07732aa2985142f3e0b9a01eb6391f523dec
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Dec 13 10:23:03 2016 +1100
-
-    Add strcasestr to compat library.
-    
-    Fixes build on (at least) Solaris 10.
-
-commit dda78a03af32e7994f132d923c2046e98b7c56c8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Dec 12 13:57:10 2016 +1100
-
-    Force Turkish locales back to C/POSIX; bz#2643
-    
-    Turkish locales are unique in their handling of the letters 'i' and
-    'I' (yes, they are different letters) and OpenSSH isn't remotely
-    prepared to deal with that. For now, the best we can do is to force
-    OpenSSH to use the C/POSIX locale and try to preserve the UTF-8
-    encoding if possible.
-    
-    ok dtucker@
-
-commit c35995048f41239fc8895aadc3374c5f75180554
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Dec 9 12:52:02 2016 +1100
-
-    exit is in stdlib.h not unistd.h (that's _exit).
-
-commit d399a8b914aace62418c0cfa20341aa37a192f98
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Dec 9 12:33:25 2016 +1100
-
-    Include <unistd.h> for exit in utf8 locale test.
-
-commit 47b8c99ab3221188ad3926108dd9d36da3b528ec
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Dec 8 15:48:34 2016 +1100
-
-    Check for utf8 local support before testing it.
-    
-    Check for utf8 local support and if not found, do not attempt to run the
-    utf8 tests.  Suggested by djm@
-
-commit 4089fc1885b3a2822204effbb02b74e3da58240d
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Dec 8 12:57:24 2016 +1100
-
-    Use AC_PATH_TOOL for krb5-config.
-    
-    This will use the host-prefixed version when cross compiling; patch from
-    david.michael at coreos.com.
-
-commit b4867e0712c89b93be905220c82f0a15e6865d1e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Dec 6 07:48:01 2016 +0000
-
-    upstream commit
-    
-    make IdentityFile successfully load and use certificates that
-    have no corresponding bare public key. E.g. just a private id_rsa and
-    certificate id_rsa-cert.pub (and no id_rsa.pub).
-    
-    bz#2617 ok dtucker@
-    
-    Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604
-
-commit c9792783a98881eb7ed295680013ca97a958f8ac
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 25 14:04:21 2016 +1100
-
-    Add a gnome-ssh-askpass3 target for GTK+3 version
-    
-    Based on patch from Colin Watson via bz#2640
-
-commit 7be85ae02b9de0993ce0a1d1e978e11329f6e763
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 25 14:03:53 2016 +1100
-
-    Make gnome-ssh-askpass2.c GTK+3-friendly
-    
-    Patch from Colin Watson via bz#2640
-
-commit b9844a45c7f0162fd1b5465683879793d4cc4aaa
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Dec 4 23:54:02 2016 +0000
-
-    upstream commit
-    
-    Fix public key authentication when multiple
-    authentication is in use. Instead of deleting and re-preparing the entire
-    keys list, just reset the 'used' flags; the keys list is already in a good
-    order (with already- tried keys at the back)
-    
-    Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@
-    
-    Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176
-
-commit f2398eb774075c687b13af5bc22009eb08889abe
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Dec 4 22:27:25 2016 +0000
-
-    upstream commit
-    
-    Unlink PidFile on SIGHUP and always recreate it when the
-    new sshd starts. Regression tests (and possibly other things) depend on the
-    pidfile being recreated after SIGHUP, and unlinking it means it won't contain
-    a stale pid if sshd fails to restart.  ok djm@ markus@
-    
-    Upstream-ID: 132dd6dda0c77dd49d2f15b2573b5794f6160870
-
-commit 85aa2efeba51a96bf6834f9accf2935d96150296
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 30 03:01:33 2016 +0000
-
-    upstream commit
-    
-    test new behaviour of cert force-command restriction vs.
-    authorized_key/ principals
-    
-    Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c
-
-commit 5d333131cd8519d022389cfd3236280818dae1bc
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Nov 30 06:54:26 2016 +0000
-
-    upstream commit
-    
-    tweak previous; while here fix up FILES and AUTHORS;
-    
-    Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa
-
-commit 786d5994da79151180cb14a6cf157ebbba61c0cc
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 30 03:07:37 2016 +0000
-
-    upstream commit
-    
-    add a whitelist of paths from which ssh-agent will load
-    (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@
-    
-    Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f
-
-commit 7844f357cdd90530eec81340847783f1f1da010b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 30 03:00:05 2016 +0000
-
-    upstream commit
-    
-    Add a sshd_config DisableForwaring option that disables
-    X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as
-    anything else we might implement in the future.
-    
-    This, like the 'restrict' authorized_keys flag, is intended to be a
-    simple and future-proof way of restricting an account. Suggested as
-    a complement to 'restrict' by Jann Horn; ok markus@
-    
-    Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7
-
-commit fd6dcef2030d23c43f986d26979f84619c10589d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Nov 30 02:57:40 2016 +0000
-
-    upstream commit
-    
-    When a forced-command appears in both a certificate and
-    an authorized keys/principals command= restriction, refuse to accept the
-    certificate unless they are identical.
-    
-    The previous (documented) behaviour of having the certificate forced-
-    command override the other could be a bit confused and more error-prone.
-    
-    Pointed out by Jann Horn of Project Zero; ok dtucker@
-    
-    Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f
-
-commit 7fc4766ac78abae81ee75b22b7550720bfa28a33
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Nov 30 00:28:31 2016 +0000
-
-    upstream commit
-    
-    On startup, check to see if sshd is already daemonized
-    and if so, skip the call to daemon() and do not rewrite the PidFile.  This
-    means that when sshd re-execs itself on SIGHUP the process ID will no longer
-    change.  Should address bz#2641.  ok djm@ markus@.
-    
-    Upstream-ID: 5ea0355580056fb3b25c1fd6364307d9638a37b9
-
-commit c9f880c195c65f1dddcbc4ce9d6bfea7747debcc
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Nov 30 13:51:49 2016 +1100
-
-    factor out common PRNG reseed before privdrop
-    
-    Add a call to RAND_poll() to ensure than more than pid+time gets
-    stirred into child processes states. Prompted by analysis from Jann
-    Horn at Project Zero. ok dtucker@
-
-commit 79e4829ec81dead1b30999e1626eca589319a47f
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 25 03:02:01 2016 +0000
-
-    upstream commit
-    
-    Allow PuTTY interop tests to run unattended.  bz#2639,
-    patch from cjwatson at debian.org.
-    
-    Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0
-
-commit 504c3a9a1bf090f6b27260fc3e8ea7d984d163dc
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 25 02:56:49 2016 +0000
-
-    upstream commit
-    
-    Reverse args to sshd-log-wrapper.  Matches change in
-    portable, where it allows sshd do be optionally run under Valgrind.
-    
-    Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906
-
-commit bd13017736ec2f8f9ca498fe109fb0035f322733
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Fri Nov 25 02:49:18 2016 +0000
-
-    upstream commit
-    
-    Fix typo in trace message; from portable.
-    
-    Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a
-
-commit 7da751d8b007c7f3e814fd5737c2351440d78b4c
-Author: tb@openbsd.org <tb@openbsd.org>
-Date:   Tue Nov 1 13:43:27 2016 +0000
-
-    upstream commit
-    
-    Clean up MALLOC_OPTIONS.  For the unittests, move
-    MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc.
-    
-    ok otto
-    
-    Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12
-
-commit 36f58e68221bced35e06d1cca8d97c48807a8b71
-Author: tb@openbsd.org <tb@openbsd.org>
-Date:   Mon Oct 31 23:45:08 2016 +0000
-
-    upstream commit
-    
-    Remove the obsolete A and P flags from MALLOC_OPTIONS.
-    
-    ok dtucker
-    
-    Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59
-
-commit b0899ee26a6630883c0f2350098b6a35e647f512
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Nov 29 03:54:50 2016 +0000
-
-    upstream commit
-    
-    Factor out code to disconnect from controlling terminal
-    into its own function.  ok djm@
-    
-    Upstream-ID: 39fd9e8ebd7222615a837312face5cc7ae962885
-
-commit 54d022026aae4f53fa74cc636e4a032d9689b64d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 25 23:24:45 2016 +0000
-
-    upstream commit
-    
-    use sshbuf_allocate() to pre-allocate the buffer used for
-    loading keys. This avoids implicit realloc inside the buffer code, which
-    might theoretically leave fragments of the key on the heap. This doesn't
-    appear to happen in practice for normal sized keys, but was observed for
-    novelty oversize ones.
-    
-    Pointed out by Jann Horn of Project Zero; ok markus@
-    
-    Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1
-
-commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Nov 25 23:22:04 2016 +0000
-
-    upstream commit
-    
-    split allocation out of sshbuf_reserve() into a separate
-    sshbuf_allocate() function; ok markus@
-    
-    Upstream-ID: 11b8a2795afeeb1418d508a2c8095b3355577ec2
-
-commit f0ddedee460486fa0e32fefb2950548009e5026e
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Wed Nov 23 23:14:15 2016 +0000
-
-    upstream commit
-    
-    allow ClientAlive{Interval,CountMax} in Match; ok dtucker,
-    djm
-    
-    Upstream-ID: 8beb4c1eadd588f1080b58932281983864979f55
-
-commit 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Nov 8 22:04:34 2016 +0000
-
-    upstream commit
-    
-    unbreak DenyUsers; reported by henning@
-    
-    Upstream-ID: 1c67d4148f5e953c35acdb62e7c08ae8e33f7cb2
-
-commit 010359b32659f455fddd2bd85fd7cc4d7a3b994a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Nov 6 05:46:37 2016 +0000
-
-    upstream commit
-    
-    Validate address ranges for AllowUser/DenyUsers at
-    configuration load time and refuse to accept bad ones. It was previously
-    possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and
-    these would always match.
-    
-    Thanks to Laurence Parry for a detailed bug report. ok markus (for
-    a previous diff version)
-    
-    Upstream-ID: 9dfcdd9672b06e65233ea4434c38226680d40bfb
-
-commit efb494e81d1317209256b38b49f4280897c61e69
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Oct 28 03:33:52 2016 +0000
-
-    upstream commit
-    
-    Improve pkcs11_add_provider() logging: demote some
-    excessively verbose error()s to debug()s, include PKCS#11 provider name and
-    slot in log messages where possible. bz#2610, based on patch from Jakub Jelen
-    
-    Upstream-ID: 3223ef693cfcbff9079edfc7e89f55bf63e1973d
-
-commit 5ee3fb5affd7646f141749483205ade5fc54adaf
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Nov 1 08:12:33 2016 +1100
-
-    Use ptrace(PT_DENY_ATTACH, ..) on OS X.
-
-commit 315d2a4e674d0b7115574645cb51f968420ebb34
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Oct 28 14:34:07 2016 +1100
-
-    Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
-    
-    ok dtucker@
-
-commit a9ff3950b8e80ff971b4d44bbce96df27aed28af
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 28 14:26:58 2016 +1100
-
-    Move OPENSSL_NO_RIPEMD160 to compat.
-    
-    Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the
-    ripemd160 MACs.
-
-commit bce58885160e5db2adda3054c3b81fe770f7285a
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 28 13:52:31 2016 +1100
-
-    Check if RIPEMD160 is disabled in OpenSSL.
-
-commit d924640d4c355d1b5eca1f4cc60146a9975dbbff
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 28 13:38:19 2016 +1100
-
-    Skip ssh1 specfic ciphers.
-    
-    cipher-3des1.c and cipher-bf1.c are specific to sshv1 so don't even try
-    to compile them when Protocol 1 is not enabled.
-
-commit 79d078e7a49caef746516d9710ec369ba45feab6
-Author: jsg@openbsd.org <jsg@openbsd.org>
-Date:   Tue Oct 25 04:08:13 2016 +0000
-
-    upstream commit
-    
-    Fix logic in add_local_forward() that inverted a test
-    when code was refactored out into bind_permitted().  This broke ssh port
-    forwarding for non-priv ports as a non root user.
-    
-    ok dtucker@ 'looks good' deraadt@
-    
-    Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9
-
-commit a903e315dee483e555c8a3a02c2946937f9b4e5d
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Oct 24 01:09:17 2016 +0000
-
-    upstream commit
-    
-    Remove dead breaks, found via opencoverage.net.  ok
-    deraadt@
-    
-    Upstream-ID: ad9cc655829d67fad219762810770787ba913069
-
-commit b4e96b4c9bea4182846e4942ba2048e6d708ee54
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Oct 26 08:43:25 2016 +1100
-
-    Use !=NULL instead of >0 for getdefaultproj.
-    
-    getdefaultproj() returns a pointer so test it for NULL inequality
-    instead of >0.  Fixes compiler warning and is more correct.  Patch from
-    David Binderman.
-
-commit 1c4ef0b808d3d38232aeeb1cebb7e9a43def42c5
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Sun Oct 23 22:04:05 2016 +0000
-
-    upstream commit
-    
-    Factor out "can bind to low ports" check into its own function.  This will
-    make it easier for Portable to support platforms with permissions models
-    other than uid==0 (eg bz#2625).  ok djm@, "doesn't offend me too much"
-    deraadt@.
-    
-    Upstream-ID: 86213df4183e92b8f189a6d2dac858c994bfface
-
-commit 0b9ee623d57e5de7e83e66fd61a7ba9a5be98894
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Oct 19 23:21:56 2016 +0000
-
-    upstream commit
-    
-    When tearing down ControlMaster connecctions, don't
-    pollute stderr when LogLevel=quiet.  Patch from Tim Kuijsten via tech@.
-    
-    Upstream-ID: d9b3a68b2a7c2f2fc7f74678e29a4618d55ceced
-
-commit 09e6a7d8354224933febc08ddcbc2010f542284e
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Oct 24 09:06:18 2016 +1100
-
-    Wrap stdint.h include in ifdef.
-
-commit 08d9e9516e587b25127545c029e5464b2e7f2919
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 21 09:46:46 2016 +1100
-
-    Fix formatting.
-
-commit 461f50e7ab8751d3a55e9158c44c13031db7ba1d
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 21 06:55:58 2016 +1100
-
-    Update links to https.
-    
-    www.openssh.com now supports https and ftp.openbsd.org no longer
-    supports ftp.  Make all links to these https.
-
-commit dd4e7212a6141f37742de97795e79db51e4427ad
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 21 06:48:46 2016 +1100
-
-    Update host key generation examples.
-    
-    Remove ssh1 host key generation, add ssh-keygen -A
-
-commit 6d49ae82634c67e9a4d4af882bee20b40bb8c639
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Oct 21 05:22:55 2016 +1100
-
-    Update links.
-    
-    Make links to openssh.com HTTPS now that it's supported, point release
-    notes link to the HTML release notes page, and update a couple of other
-    links and bits of text.
-
-commit fe0d1ca6ace06376625084b004ee533f2c2ea9d6
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 20 03:42:09 2016 +1100
-
-    Remote channels .orig and .rej files.
-    
-    These files were incorrectly added during an OpenBSD sync.
diff --git a/ChangeLog.gssapi b/ChangeLog.gssapi
deleted file mode 100644
index f117a336a..000000000
--- a/ChangeLog.gssapi
+++ /dev/null
@@ -1,113 +0,0 @@
-20110101
-  - Finally update for OpenSSH 5.6p1
-  - Add GSSAPIServerIdentity option from Jim Basney
- 
-20100308
-  - [ Makefile.in, key.c, key.h ]
-    Updates for OpenSSH 5.4p1
-  - [ servconf.c ]
-    Include GSSAPI options in the sshd -T configuration dump, and flag
-    some older configuration options as being unsupported. Thanks to Colin 
-    Watson.
-  -
-
-20100124
-  - [ sshconnect2.c ]
-    Adapt to deal with additional element in Authmethod structure. Thanks to
-    Colin Watson
-
-20090615
-  - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c
-      sshd.c ]
-    Fix issues identified by Greg Hudson following a code review
-        Check return value of gss_indicate_mechs
-        Protect GSSAPI calls in monitor, so they can only be used if enabled
-        Check return values of bignum functions in key exchange
-        Use BN_clear_free to clear other side's DH value
-        Make ssh_gssapi_id_kex more robust
-        Only configure kex table pointers if GSSAPI is enabled
-        Don't leak mechanism list, or gss mechanism list
-        Cast data.length before printing
-        If serverkey isn't provided, use an empty string, rather than NULL
-
-20090201
-  - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h
-      ssh_config.5 sshconnet2.c ]
-    Add support for the GSSAPIClientIdentity option, which allows the user
-    to specify which GSSAPI identity to use to contact a given server
-
-20080404
-  - [ gss-serv.c ]
-    Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow
-    been omitted from a previous version of this patch. Reported by Borislav
-    Stoichkov
-
-20070317
-  - [ gss-serv-krb5.c ]
-    Remove C99ism, where new_ccname was being declared in the middle of a 
-    function
-
-20061220
-  - [ servconf.c ]
-    Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and 
-    documented, behaviour. Reported by Dan Watson.
-
-20060910
-  - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c
-      ssh-gss.h ]
-    add support for gss-group14-sha1 key exchange mechanisms
-  - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ]
-    Add GSSAPIStrictAcceptorCheck option to allow the disabling of
-    acceptor principal checking on multi-homed machines.
-    <Bugzilla #928>
-  - [ sshd_config ssh_config ]
-    Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample
-    configuration files
-  - [ kexgss.c kegsss.c sshconnect2.c sshd.c ]
-    Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf()
-    Limit length of error messages displayed by client
-
-20060909
-  - [ gss-genr.c gss-serv.c ]
-    move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server
-    only, where they belong 
-    <Bugzilla #1225>
-
-20060829
-  - [ gss-serv-krb5.c ]
-    Fix CCAPI credentials cache name when creating KRB5CCNAME environment 
-    variable
-
-20060828
-  - [ gss-genr.c ]
-    Avoid Heimdal context freeing problem
-    <Fixed upstream 20060829>
-
-20060818
-  - [ gss-genr.c ssh-gss.h sshconnect2.c ]
-    Make sure that SPENGO is disabled 
-    <Bugzilla #1218 - Fixed upstream 20060818>
-
-20060421
-  - [ gssgenr.c, sshconnect2.c ]
-    a few type changes (signed versus unsigned, int versus size_t) to
-    fix compiler errors/warnings 
-    (from jbasney AT ncsa.uiuc.edu)
-  - [ kexgssc.c, sshconnect2.c ]
-    fix uninitialized variable warnings
-    (from jbasney AT ncsa.uiuc.edu)
-  - [ gssgenr.c ]
-    pass oid to gss_display_status (helpful when using GSSAPI mechglue)
-    (from jbasney AT ncsa.uiuc.edu)
-    <Bugzilla #1220 >
-  - [ gss-serv-krb5.c ]
-    #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H
-    (from jbasney AT ncsa.uiuc.edu)
-    <Fixed upstream 20060304>
-  - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c 
-    add client-side GssapiKeyExchange option
-    (from jbasney AT ncsa.uiuc.edu)
-  - [ sshconnect2.c ]
-    add support for GssapiTrustDns option for gssapi-with-mic
-    (from jbasney AT ncsa.uiuc.edu)
-    <gssapi-with-mic support is Bugzilla #1008>
diff --git a/INSTALL b/INSTALL
index 3fd265dbf..f1f8f00f3 100644
--- a/INSTALL
+++ b/INSTALL
@@ -13,15 +13,15 @@ OpenSSL)
 Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems):
 http://www.gzip.org/zlib/
 
-libcrypto (LibreSSL or OpenSSL >= 1.0.1 < 1.1.0)
-LibreSSL http://www.libressl.org/ ; or
-OpenSSL http://www.openssl.org/
+libcrypto from either of:
+ - LibreSSL (http://www.libressl.org/)
+ - OpenSSL 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g (http://www.openssl.org/)
 
 LibreSSL/OpenSSL should be compiled as a position-independent library
 (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it.
 If you must use a non-position-independent libcrypto, then you may need
-to configure OpenSSH --without-pie.  Note that because of API changes,
-OpenSSL 1.1.x is not currently supported.
+to configure OpenSSH --without-pie.  Note that due to a bug in EVP_CipherInit
+OpenSSL 1.1 versions prior to 1.1.0g can't be used.
 
 The remaining items are optional.
 
diff --git a/Makefile.in b/Makefile.in
index ee166114d..0960a6a03 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -88,7 +88,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
         canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
         cipher-ctr.o cleanup.o \
         compat.o crc32.o fatal.o hostfile.o \
-        log.o match.o moduli.o nchan.o packet.o opacket.o \
+        log.o match.o moduli.o nchan.o packet.o \
         readpass.o ttymodes.o xmalloc.o addrmatch.o \
         atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \
         monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
@@ -98,11 +98,12 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
         ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
         sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \
         kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
-        kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
-        kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
+        kexgexc.o kexgexs.o \
+        sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \
         kexgssc.o \
         platform-pledge.o platform-tracing.o platform-misc.o
 
+
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
         sshconnect.o sshconnect2.o mux.o
 
@@ -187,7 +188,7 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
 ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
         $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 
-ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o
+ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o
         $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 
 ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
@@ -600,6 +601,7 @@ tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS)
         TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \
         TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \
         TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \
+        TEST_SSH_SSHPKCS11HELPER="$${BUILDDIR}/ssh-pkcs11-helper"; \
         TEST_SSH_PLINK="plink"; \
         TEST_SSH_PUTTYGEN="puttygen"; \
         TEST_SSH_CONCH="conch"; \
diff --git a/OVERVIEW b/OVERVIEW
index 515567f45..cec7cd75b 100644
--- a/OVERVIEW
+++ b/OVERVIEW
@@ -34,11 +34,12 @@ these programs.
 
     - Ssh contains several encryption algorithms.  These are all
       accessed through the cipher.h interface.  The interface code is
-      in cipher.c, and the implementations are in libc.
+      in cipher.c, and the implementations are either in libc or
+      LibreSSL.
 
   Multiple Precision Integer Library
 
-    - Uses the SSLeay BIGNUM sublibrary.
+    - Uses the LibreSSL BIGNUM sublibrary.
 
   Random Numbers
 
@@ -158,4 +159,4 @@ these programs.
         uidswap.c    uid-swapping
         xmalloc.c    "safe" malloc routines
 
-$OpenBSD: OVERVIEW,v 1.14 2018/07/27 03:55:22 dtucker Exp $
+$OpenBSD: OVERVIEW,v 1.15 2018/10/23 05:56:35 djm Exp $
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys
index 11363fdc3..48338e671 100644
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -36,6 +36,7 @@ Certified keys are represented using new key types:
     ecdsa-sha2-nistp256-cert-v01@openssh.com
     ecdsa-sha2-nistp384-cert-v01@openssh.com
     ecdsa-sha2-nistp521-cert-v01@openssh.com
+    ssh-ed25519-cert-v01@openssh.com
 
 Two additional types exist for RSA certificates to force use of
 SHA-2 signatures (SHA-256 and SHA-512 respectively):
@@ -303,4 +304,4 @@ permit-user-rc          empty         Flag indicating that execution of
                                       of this script will not be permitted if
                                       this option is not present.
 
-$OpenBSD: PROTOCOL.certkeys,v 1.15 2018/07/03 11:39:54 djm Exp $
+$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $
diff --git a/README b/README
index 05916459c..77cb0ef3a 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-See https://www.openssh.com/releasenotes.html#7.9p1 for the release notes.
+See https://www.openssh.com/releasenotes.html#8.0p1 for the release notes.
 
 Please read https://www.openssh.com/report.html for bug reporting
 instructions and note that we do not use Github for bug reporting or
diff --git a/README.md b/README.md
new file mode 100644
index 000000000..4e2624161
--- /dev/null
+++ b/README.md
@@ -0,0 +1,74 @@
+# Portable OpenSSH
+
+OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ``ssh`` and server ``sshd``, file transfer utilities ``scp`` and ``sftp`` as well as tools for key generation (``ssh-keygen``), run-time key storage (``ssh-agent``) and a number of supporting programs.
+
+This is a port of OpenBSD's [OpenSSH](https://openssh.com) to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM).
+
+## Documentation
+
+The official documentation for OpenSSH are the man pages for each tool:
+
+* [ssh(1)](https://man.openbsd.org/ssh.1)
+* [sshd(8)](https://man.openbsd.org/sshd.8)
+* [ssh-keygen(1)](https://man.openbsd.org/ssh-keygen.1)
+* [ssh-agent(1)](https://man.openbsd.org/ssh-agent.1)
+* [scp(1)](https://man.openbsd.org/scp.1)
+* [sftp(1)](https://man.openbsd.org/sftp.1)
+* [ssh-keyscan(8)](https://man.openbsd.org/ssh-keyscan.8)
+* [sftp-server(8)](https://man.openbsd.org/sftp-server.8)
+
+## Stable Releases
+
+Stable release tarballs are available from a number of [download mirrors](https://www.openssh.com/portable.html#downloads). We recommend the use of a stable release for most users. Please read the [release notes](https://www.openssh.com/releasenotes.html) for details of recent changes and potential incompatibilities.
+
+## Building Portable OpenSSH
+
+### Dependencies
+
+Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers, as well as [zlib](https://www.zlib.net/) and ``libcrypto`` from either [LibreSSL](https://www.libressl.org/) or [OpenSSL](https://www.openssl.org) to build. Certain platforms and build-time options may require additional dependencies.
+
+### Building a release
+
+Releases include a pre-built copy of the ``configure`` script and may be built using:
+
+```
+tar zxvf openssh-X.Y.tar.gz
+cd openssh
+./configure # [options]
+make && make tests
+```
+
+See the [Build-time Customisation](#build-time-customisation) section below for configure options. If you plan on installing OpenSSH to your system, then you will usually want to specify destination paths.
+ 
+### Building from git
+
+If building from git, you'll need [autoconf](https://www.gnu.org/software/autoconf/) installed to build the ``configure`` script. The following commands will check out and build portable OpenSSH from git:
+
+```
+git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git
+cd openssh-portable
+autoreconf
+./configure
+make && make tests
+```
+
+### Build-time Customisation
+
+There are many build-time customisation options available. All Autoconf destination path flags (e.g. ``--prefix``) are supported (and are usually required if you want to install OpenSSH).
+
+For a full list of available flags, run ``configure --help`` but a few of the more frequently-used ones are described below. Some of these flags will require additional libraries and/or headers be installed.
+
+Flag | Meaning
+--- | ---
+``--with-pam`` | Enable [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module) support. [OpenPAM](https://www.openpam.org/), [Linux PAM](http://www.linux-pam.org/) and Solaris PAM are supported.
+``--with-libedit`` | Enable [libedit](https://www.thrysoee.dk/editline/) support for sftp.
+``--with-kerberos5`` | Enable Kerberos/GSSAPI support. Both [Heimdal](https://www.h5l.org/) and [MIT](https://web.mit.edu/kerberos/) Kerberos implementations are supported.
+``--with-selinux`` | Enable [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) support.
+
+## Development
+
+Portable OpenSSH development is discussed on the [openssh-unix-dev mailing list](https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev) ([archive mirror](https://marc.info/?l=openssh-unix-dev)). Bugs and feature requests are tracked on our [Bugzilla](https://bugzilla.mindrot.org/).
+
+## Reporting bugs
+
+_Non-security_ bugs may be reported to the developers via [Bugzilla](https://bugzilla.mindrot.org/) or via the mailing list above. Security bugs should be reported to [openssh@openssh.com](mailto:openssh.openssh.com).
diff --git a/atomicio.c b/atomicio.c
index d91bd7621..e00c9f0d4 100644
--- a/atomicio.c
+++ b/atomicio.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */
+/* $OpenBSD: atomicio.c,v 1.30 2019/01/24 02:42:23 dtucker Exp $ */
 /*
  * Copyright (c) 2006 Damien Miller. All rights reserved.
  * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved.
@@ -57,9 +57,11 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n,
         ssize_t res;
         struct pollfd pfd;
 
-#ifndef BROKEN_READ_COMPARISON
         pfd.fd = fd;
+#ifndef BROKEN_READ_COMPARISON
         pfd.events = f == read ? POLLIN : POLLOUT;
+#else
+        pfd.events = POLLIN|POLLOUT;
 #endif
         while (n > pos) {
                 res = (f) (fd, s + pos, n - pos);
@@ -73,9 +75,7 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n,
                                 }
                                 continue;
                         } else if (errno == EAGAIN || errno == EWOULDBLOCK) {
-#ifndef BROKEN_READ_COMPARISON
                                 (void)poll(&pfd, 1, -1);
-#endif
                                 continue;
                         }
                         return 0;
@@ -119,9 +119,11 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd,
         /* Make a copy of the iov array because we may modify it below */
         memcpy(iov, _iov, (size_t)iovcnt * sizeof(*_iov));
 
-#ifndef BROKEN_READV_COMPARISON
         pfd.fd = fd;
+#ifndef BROKEN_READV_COMPARISON
         pfd.events = f == readv ? POLLIN : POLLOUT;
+#else
+        pfd.events = POLLIN|POLLOUT;
 #endif
         for (; iovcnt > 0 && iov[0].iov_len > 0;) {
                 res = (f) (fd, iov, iovcnt);
@@ -135,9 +137,7 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd,
                                 }
                                 continue;
                         } else if (errno == EAGAIN || errno == EWOULDBLOCK) {
-#ifndef BROKEN_READV_COMPARISON
                                 (void)poll(&pfd, 1, -1);
-#endif
                                 continue;
                         }
                         return 0;
diff --git a/atomicio.h b/atomicio.h
index 0d728ac86..8b3cc6e21 100644
--- a/atomicio.h
+++ b/atomicio.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: atomicio.h,v 1.11 2010/09/22 22:58:51 djm Exp $ */
+/* $OpenBSD: atomicio.h,v 1.12 2018/12/27 03:25:25 djm Exp $ */
 
 /*
  * Copyright (c) 2006 Damien Miller.  All rights reserved.
@@ -29,6 +29,8 @@
 #ifndef _ATOMICIO_H
 #define _ATOMICIO_H
 
+struct iovec;
+
 /*
  * Ensure all of data on socket comes through. f==read || f==vwrite
  */
diff --git a/audit-bsm.c b/audit-bsm.c
index 1409f69ae..0ba16c72c 100644
--- a/audit-bsm.c
+++ b/audit-bsm.c
@@ -391,7 +391,7 @@ audit_session_close(struct logininfo *li)
 }
 
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         char    textbuf[BSM_TEXTBUFSZ];
         static int logged_in = 0;
diff --git a/audit-linux.c b/audit-linux.c
index 136ed76bb..3fcbe5c53 100644
--- a/audit-linux.c
+++ b/audit-linux.c
@@ -97,10 +97,8 @@ audit_session_close(struct logininfo *li)
 }
 
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
-        struct ssh *ssh = active_state; /* XXX */
-
         switch(event) {
         case SSH_AUTH_SUCCESS:
         case SSH_CONNECTION_CLOSE:
diff --git a/audit.c b/audit.c
index 33a04376d..dd2f03558 100644
--- a/audit.c
+++ b/audit.c
@@ -131,7 +131,7 @@ audit_connection_from(const char *host, int port)
  * events and what they mean).
  */
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         debug("audit event euid %d user %s event %d (%s)", geteuid(),
             audit_username(), event, audit_event_lookup(event));
diff --git a/audit.h b/audit.h
index 0b593666d..38cb5ad31 100644
--- a/audit.h
+++ b/audit.h
@@ -27,6 +27,8 @@
 
 #include "loginrec.h"
 
+struct ssh;
+
 enum ssh_audit_event_type {
         SSH_LOGIN_EXCEED_MAXTRIES,
         SSH_LOGIN_ROOT_DENIED,
@@ -46,7 +48,7 @@ enum ssh_audit_event_type {
 typedef enum ssh_audit_event_type ssh_audit_event_t;
 
 void    audit_connection_from(const char *, int);
-void    audit_event(ssh_audit_event_t);
+void    audit_event(struct ssh *, ssh_audit_event_t);
 void    audit_session_open(struct logininfo *);
 void    audit_session_close(struct logininfo *);
 void    audit_run_command(const char *);
diff --git a/auth-pam.c b/auth-pam.c
index 1dec53e92..bde0a8f56 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -248,6 +248,9 @@ static int sshpam_maxtries_reached = 0;
 static char **sshpam_env = NULL;
 static Authctxt *sshpam_authctxt = NULL;
 static const char *sshpam_password = NULL;
+static char *sshpam_rhost = NULL;
+static char *sshpam_laddr = NULL;
+static char *sshpam_conninfo = NULL;
 
 /* Some PAM implementations don't implement this */
 #ifndef HAVE_PAM_GETENVLIST
@@ -669,13 +672,17 @@ sshpam_cleanup(void)
 }
 
 static int
-sshpam_init(Authctxt *authctxt)
+sshpam_init(struct ssh *ssh, Authctxt *authctxt)
 {
-        const char *pam_rhost, *pam_user, *user = authctxt->user;
+        const char *pam_user, *user = authctxt->user;
         const char **ptr_pam_user = &pam_user;
-        struct ssh *ssh = active_state; /* XXX */
 
-        if (sshpam_handle != NULL) {
+        if (sshpam_handle == NULL) {
+                if (ssh == NULL) {
+                        fatal("%s: called initially with no "
+                            "packet context", __func__);
+                }
+        } if (sshpam_handle != NULL) {
                 /* We already have a PAM context; check if the user matches */
                 sshpam_err = pam_get_item(sshpam_handle,
                     PAM_USER, (sshpam_const void **)ptr_pam_user);
@@ -694,14 +701,33 @@ sshpam_init(Authctxt *authctxt)
                 sshpam_handle = NULL;
                 return (-1);
         }
-        pam_rhost = auth_get_canonical_hostname(ssh, options.use_dns);
-        debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost);
-        sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost);
-        if (sshpam_err != PAM_SUCCESS) {
-                pam_end(sshpam_handle, sshpam_err);
-                sshpam_handle = NULL;
-                return (-1);
+
+        if (ssh != NULL && sshpam_rhost == NULL) {
+                /*
+                 * We need to cache these as we don't have packet context
+                 * during the kbdint flow.
+                 */
+                sshpam_rhost = xstrdup(auth_get_canonical_hostname(ssh,
+                    options.use_dns));
+                sshpam_laddr = get_local_ipaddr(
+                    ssh_packet_get_connection_in(ssh));
+                xasprintf(&sshpam_conninfo, "SSH_CONNECTION=%.50s %d %.50s %d",
+                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
+                    sshpam_laddr, ssh_local_port(ssh));
         }
+        if (sshpam_rhost != NULL) {
+                debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost);
+                sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST,
+                    sshpam_rhost);
+                if (sshpam_err != PAM_SUCCESS) {
+                        pam_end(sshpam_handle, sshpam_err);
+                        sshpam_handle = NULL;
+                        return (-1);
+                }
+                /* Put SSH_CONNECTION in the PAM environment too */
+                pam_putenv(sshpam_handle, sshpam_conninfo);
+        }
+
 #ifdef PAM_TTY_KLUDGE
         /*
          * Some silly PAM modules (e.g. pam_time) require a TTY to operate.
@@ -755,7 +781,7 @@ sshpam_init_ctx(Authctxt *authctxt)
                 return NULL;
 
         /* Initialize PAM */
-        if (sshpam_init(authctxt) == -1) {
+        if (sshpam_init(NULL, authctxt) == -1) {
                 error("PAM: initialization failed");
                 return (NULL);
         }
@@ -787,7 +813,6 @@ static int
 sshpam_query(void *ctx, char **name, char **info,
     u_int *num, char ***prompts, u_int **echo_on)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct sshbuf *buffer;
         struct pam_ctxt *ctxt = ctx;
         size_t plen;
@@ -877,8 +902,7 @@ sshpam_query(void *ctx, char **name, char **info,
                         }
                         error("PAM: %s for %s%.100s from %.100s", msg,
                             sshpam_authctxt->valid ? "" : "illegal user ",
-                            sshpam_authctxt->user,
-                            auth_get_canonical_hostname(ssh, options.use_dns));
+                            sshpam_authctxt->user, sshpam_rhost);
                         /* FALLTHROUGH */
                 default:
                         *num = 0;
@@ -995,12 +1019,14 @@ KbdintDevice mm_sshpam_device = {
  * This replaces auth-pam.c
  */
 void
-start_pam(Authctxt *authctxt)
+start_pam(struct ssh *ssh)
 {
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+
         if (!options.use_pam)
                 fatal("PAM: initialisation requested when UsePAM=no");
 
-        if (sshpam_init(authctxt) == -1)
+        if (sshpam_init(ssh, authctxt) == -1)
                 fatal("PAM: initialisation failed");
 }
 
diff --git a/auth-pam.h b/auth-pam.h
index 419860745..9fcea270f 100644
--- a/auth-pam.h
+++ b/auth-pam.h
@@ -27,7 +27,7 @@
 
 struct ssh;
 
-void start_pam(Authctxt *);
+void start_pam(struct ssh *);
 void finish_pam(void);
 u_int do_pam_account(void);
 void do_pam_session(struct ssh *);
diff --git a/auth.c b/auth.c
index 9d1d453f1..8ffd77662 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.133 2018/09/12 01:19:12 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -50,6 +50,7 @@
 #include <unistd.h>
 #include <limits.h>
 #include <netdb.h>
+#include <time.h>
 
 #include "xmalloc.h"
 #include "match.h"
@@ -96,9 +97,8 @@ static struct sshbuf *auth_debug;
  * Otherwise true is returned.
  */
 int
-allowed_user(struct passwd * pw)
+allowed_user(struct ssh *ssh, struct passwd * pw)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct stat st;
         const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
         u_int i;
@@ -258,7 +258,7 @@ allowed_user(struct passwd * pw)
         }
 
 #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER
-        if (!sys_auth_allowed_user(pw, &loginmsg))
+        if (!sys_auth_allowed_user(pw, loginmsg))
                 return 0;
 #endif
 
@@ -308,10 +308,10 @@ format_method_key(Authctxt *authctxt)
 }
 
 void
-auth_log(Authctxt *authctxt, int authenticated, int partial,
+auth_log(struct ssh *ssh, int authenticated, int partial,
     const char *method, const char *submethod)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         int level = SYSLOG_LEVEL_VERBOSE;
         const char *authmsg;
         char *extra = NULL;
@@ -356,26 +356,26 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
             (strcmp(method, "password") == 0 ||
             strncmp(method, "keyboard-interactive", 20) == 0 ||
             strcmp(method, "challenge-response") == 0))
-                record_failed_login(authctxt->user,
+                record_failed_login(ssh, authctxt->user,
                     auth_get_canonical_hostname(ssh, options.use_dns), "ssh");
 # ifdef WITH_AIXAUTHENTICATE
         if (authenticated)
                 sys_auth_record_login(authctxt->user,
                     auth_get_canonical_hostname(ssh, options.use_dns), "ssh",
-                    &loginmsg);
+                    loginmsg);
 # endif
 #endif
 #ifdef SSH_AUDIT_EVENTS
         if (authenticated == 0 && !authctxt->postponed)
-                audit_event(audit_classify_auth(method));
+                audit_event(ssh, audit_classify_auth(method));
 #endif
 }
 
 
 void
-auth_maxtries_exceeded(Authctxt *authctxt)
+auth_maxtries_exceeded(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
 
         error("maximum authentication attempts exceeded for "
             "%s%.100s from %.200s port %d ssh2",
@@ -383,7 +383,7 @@ auth_maxtries_exceeded(Authctxt *authctxt)
             authctxt->user,
             ssh_remote_ipaddr(ssh),
             ssh_remote_port(ssh));
-        packet_disconnect("Too many authentication failures");
+        ssh_packet_disconnect(ssh, "Too many authentication failures");
         /* NOTREACHED */
 }
 
@@ -438,7 +438,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
          * Ensure that filename starts anchored. If not, be backward
          * compatible and prepend the '%h/'
          */
-        if (*file == '/')
+        if (path_absolute(file))
                 return (file);
 
         i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file);
@@ -558,9 +558,8 @@ auth_openprincipals(const char *file, struct passwd *pw, int strict_modes)
 }
 
 struct passwd *
-getpwnamallow(const char *user)
+getpwnamallow(struct ssh *ssh, const char *user)
 {
-        struct ssh *ssh = active_state; /* XXX */
 #ifdef HAVE_LOGIN_CAP
         extern login_cap_t *lc;
 #ifdef BSD_AUTH
@@ -568,8 +567,9 @@ getpwnamallow(const char *user)
 #endif
 #endif
         struct passwd *pw;
-        struct connection_info *ci = get_connection_info(1, options.use_dns);
+        struct connection_info *ci;
 
+        ci = get_connection_info(ssh, 1, options.use_dns);
         ci->user = user;
         parse_server_match_config(&options, ci);
         log_change_level(options.log_level);
@@ -584,32 +584,19 @@ getpwnamallow(const char *user)
 #if defined(_AIX) && defined(HAVE_SETAUTHDB)
         aix_restoreauthdb();
 #endif
-#ifdef HAVE_CYGWIN
-        /*
-         * Windows usernames are case-insensitive.  To avoid later problems
-         * when trying to match the username, the user is only allowed to
-         * login if the username is given in the same case as stored in the
-         * user database.
-         */
-        if (pw != NULL && strcmp(user, pw->pw_name) != 0) {
-                logit("Login name %.100s does not match stored username %.100s",
-                    user, pw->pw_name);
-                pw = NULL;
-        }
-#endif
         if (pw == NULL) {
                 logit("Invalid user %.100s from %.100s port %d",
                     user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
 #ifdef CUSTOM_FAILED_LOGIN
-                record_failed_login(user,
+                record_failed_login(ssh, user,
                     auth_get_canonical_hostname(ssh, options.use_dns), "ssh");
 #endif
 #ifdef SSH_AUDIT_EVENTS
-                audit_event(SSH_INVALID_USER);
+                audit_event(ssh, SSH_INVALID_USER);
 #endif /* SSH_AUDIT_EVENTS */
                 return (NULL);
         }
-        if (!allowed_user(pw))
+        if (!allowed_user(ssh, pw))
                 return (NULL);
 #ifdef HAVE_LOGIN_CAP
         if ((lc = login_getclass(pw->pw_class)) == NULL) {
@@ -688,9 +675,8 @@ auth_debug_add(const char *fmt,...)
 }
 
 void
-auth_debug_send(void)
+auth_debug_send(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state;         /* XXX */
         char *msg;
         int r;
 
@@ -800,7 +786,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
          * If executing an explicit binary, then verify the it exists
          * and appears safe-ish to execute
          */
-        if (*av[0] != '/') {
+        if (!path_absolute(av[0])) {
                 error("%s path is not absolute", tag);
                 return 0;
         }
diff --git a/auth.h b/auth.h
index 90802a5eb..8f13bdf48 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.96 2018/04/10 00:10:49 djm Exp $ */
+/* $OpenBSD: auth.h,v 1.99 2019/01/19 21:43:56 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -133,8 +133,8 @@ auth_rhosts2(struct passwd *, const char *, const char *, const char *);
 
 int      auth_password(struct ssh *, const char *);
 
-int      hostbased_key_allowed(struct passwd *, const char *, char *,
-            struct sshkey *);
+int      hostbased_key_allowed(struct ssh *, struct passwd *,
+            const char *, char *, struct sshkey *);
 int      user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int,
     struct sshauthopt **);
 int      auth2_key_already_used(Authctxt *, const struct sshkey *);
@@ -167,15 +167,13 @@ int auth_shadow_pwexpired(Authctxt *);
 #include "audit.h"
 void remove_kbdint_device(const char *);
 
-void    do_authentication2(Authctxt *);
+void    do_authentication2(struct ssh *);
 
-void    auth_log(Authctxt *, int, int, const char *, const char *);
-void    auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn));
+void    auth_log(struct ssh *, int, int, const char *, const char *);
+void    auth_maxtries_exceeded(struct ssh *) __attribute__((noreturn));
 void    userauth_finish(struct ssh *, int, const char *, const char *);
 int     auth_root_allowed(struct ssh *, const char *);
 
-void    userauth_send_banner(const char *);
-
 char    *auth2_read_banner(void);
 int      auth2_methods_valid(const char *, int);
 int      auth2_update_methods_lists(Authctxt *, const char *, const char *);
@@ -189,8 +187,8 @@ void	auth2_challenge_stop(struct ssh *);
 int     bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
 int     bsdauth_respond(void *, u_int, char **);
 
-int     allowed_user(struct passwd *);
-struct passwd * getpwnamallow(const char *user);
+int     allowed_user(struct ssh *, struct passwd *);
+struct passwd * getpwnamallow(struct ssh *, const char *user);
 
 char    *expand_authorized_keys(const char *, struct passwd *pw);
 char    *authorized_principals_file(struct passwd *);
@@ -211,8 +209,8 @@ struct sshkey	*get_hostkey_public_by_index(int, struct ssh *);
 struct sshkey   *get_hostkey_public_by_type(int, int, struct ssh *);
 struct sshkey   *get_hostkey_private_by_type(int, int, struct ssh *);
 int      get_hostkey_index(struct sshkey *, int, struct ssh *);
-int      sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **,
-             size_t *, const u_char *, size_t, const char *, u_int);
+int      sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *,
+    u_char **, size_t *, const u_char *, size_t, const char *);
 
 /* Key / cert options linkage to auth layer */
 const struct sshauthopt *auth_options(struct ssh *);
@@ -225,7 +223,7 @@ void	 auth_log_authopts(const char *, const struct sshauthopt *, int);
 /* debug messages during authentication */
 void     auth_debug_add(const char *fmt,...)
     __attribute__((format(printf, 1, 2)));
-void     auth_debug_send(void);
+void     auth_debug_send(struct ssh *);
 void     auth_debug_reset(void);
 
 struct passwd *fakepw(void);
diff --git a/auth2-gss.c b/auth2-gss.c
index 1f12bb113..d6446c0cf 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -54,7 +54,7 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
 static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh);
 static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
 
-/* 
+/*
  * The 'gssapi_keyex' userauth mechanism.
  */
 static int
@@ -62,7 +62,7 @@ userauth_gsskeyex(struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
         int r, authenticated = 0;
-        struct sshbuf *b;
+        struct sshbuf *b = NULL;
         gss_buffer_desc mic, gssbuf;
         u_char *p;
         size_t len;
@@ -70,8 +70,10 @@ userauth_gsskeyex(struct ssh *ssh)
         if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
             (r = sshpkt_get_end(ssh)) != 0)
                 fatal("%s: %s", __func__, ssh_err(r));
+
         if ((b = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
+
         mic.value = p;
         mic.length = len;
 
@@ -83,11 +85,11 @@ userauth_gsskeyex(struct ssh *ssh)
         gssbuf.length = sshbuf_len(b);
 
         /* gss_kex_context is NULL with privsep, so we can't check it here */
-        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
+        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
             &gssbuf, &mic))))
                 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
-                    authctxt->pw));
-        
+                    authctxt->pw, 1));
+
         sshbuf_free(b);
         free(mic.value);
 
@@ -301,7 +303,7 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
                 fatal("%s: %s", __func__, ssh_err(r));
 
         authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
-            authctxt->pw));
+            authctxt->pw, 1));
 
         if ((!use_privsep || mm_is_monitor()) &&
             (displayname = ssh_gssapi_displayname()) != NULL)
@@ -347,8 +349,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
         gssbuf.length = sshbuf_len(b);
 
         if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
-                authenticated = 
-                    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
+                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+                    authctxt->pw, 0));
         else
                 logit("GSSAPI MIC check failed");
 
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 764ceff74..0c40fad4e 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.38 2018/09/20 03:28:06 djm Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.40 2019/01/19 21:43:56 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -147,7 +147,8 @@ userauth_hostbased(struct ssh *ssh)
 
         /* test for allowed key and correct signature */
         authenticated = 0;
-        if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
+        if (PRIVSEP(hostbased_key_allowed(ssh, authctxt->pw, cuser,
+            chost, key)) &&
             PRIVSEP(sshkey_verify(key, sig, slen,
             sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0)
                 authenticated = 1;
@@ -167,10 +168,9 @@ done:
 
 /* return 1 if given hostkey is allowed */
 int
-hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
-    struct sshkey *key)
+hostbased_key_allowed(struct ssh *ssh, struct passwd *pw,
+    const char *cuser, char *chost, struct sshkey *key)
 {
-        struct ssh *ssh = active_state; /* XXX */
         const char *resolvedname, *ipaddr, *lookup, *reason;
         HostStatus host_status;
         int len;
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 2fb5950ea..0b3975a74 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.87 2019/01/22 11:26:16 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -102,6 +102,22 @@ userauth_pubkey(struct ssh *ssh)
             (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
             (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
                 fatal("%s: parse request failed: %s", __func__, ssh_err(r));
+
+        if (log_level_get() >= SYSLOG_LEVEL_DEBUG2) {
+                char *keystring;
+                struct sshbuf *pkbuf;
+
+                if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
+                        fatal("%s: sshbuf_from failed", __func__);
+                if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
+                        fatal("%s: sshbuf_dtob64 failed", __func__);
+                debug2("%s: %s user %s %s public key %s %s", __func__,
+                    authctxt->valid ? "valid" : "invalid", authctxt->user,
+                    have_sig ? "attempting" : "querying", pkalg, keystring);
+                sshbuf_free(pkbuf);
+                free(keystring);
+        }
+
         pktype = sshkey_type_from_name(pkalg);
         if (pktype == KEY_UNSPEC) {
                 /* this is perfectly legal */
diff --git a/auth2.c b/auth2.c
index 3035926ba..d60e7f1f2 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.149 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: auth2.c,v 1.155 2019/03/25 22:34:52 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -35,6 +35,7 @@
 #include <stdarg.h>
 #include <string.h>
 #include <unistd.h>
+#include <time.h>
 
 #include "atomicio.h"
 #include "xmalloc.h"
@@ -139,18 +140,21 @@ auth2_read_banner(void)
         return (banner);
 }
 
-void
-userauth_send_banner(const char *msg)
+static void
+userauth_send_banner(struct ssh *ssh, const char *msg)
 {
-        packet_start(SSH2_MSG_USERAUTH_BANNER);
-        packet_put_cstring(msg);
-        packet_put_cstring("");         /* language, unused */
-        packet_send();
+        int r;
+
+        if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_BANNER)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, msg)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "")) != 0 ||   /* language, unused */
+            (r = sshpkt_send(ssh)) != 0)
+                fatal("%s: %s", __func__, ssh_err(r));
         debug("%s: sent", __func__);
 }
 
 static void
-userauth_banner(void)
+userauth_banner(struct ssh *ssh)
 {
         char *banner = NULL;
 
@@ -159,7 +163,7 @@ userauth_banner(void)
 
         if ((banner = PRIVSEP(auth2_read_banner())) == NULL)
                 goto done;
-        userauth_send_banner(banner);
+        userauth_send_banner(ssh, banner);
 
 done:
         free(banner);
@@ -169,10 +173,10 @@ done:
  * loop until authctxt->success == TRUE
  */
 void
-do_authentication2(Authctxt *authctxt)
+do_authentication2(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state;         /* XXX */
-        ssh->authctxt = authctxt;               /* XXX move to caller */
+        Authctxt *authctxt = ssh->authctxt;
+
         ssh_dispatch_init(ssh, &dispatch_protocol_error);
         ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_REQUEST, &input_service_request);
         ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt->success);
@@ -184,10 +188,12 @@ static int
 input_service_request(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
-        u_int len;
-        int acceptit = 0;
-        char *service = packet_get_cstring(&len);
-        packet_check_eom();
+        char *service = NULL;
+        int r, acceptit = 0;
+
+        if ((r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                goto out;
 
         if (authctxt == NULL)
                 fatal("input_service_request: no authctxt");
@@ -196,20 +202,24 @@ input_service_request(int type, u_int32_t seq, struct ssh *ssh)
                 if (!authctxt->success) {
                         acceptit = 1;
                         /* now we can handle user-auth requests */
-                        ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request);
+                        ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST,
+                            &input_userauth_request);
                 }
         }
         /* XXX all other service requests are denied */
 
         if (acceptit) {
-                packet_start(SSH2_MSG_SERVICE_ACCEPT);
-                packet_put_cstring(service);
-                packet_send();
-                packet_write_wait();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_ACCEPT)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, service)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0 ||
+                    (r = ssh_packet_write_wait(ssh)) != 0)
+                        goto out;
         } else {
                 debug("bad service request %s", service);
-                packet_disconnect("bad service request %s", service);
+                ssh_packet_disconnect(ssh, "bad service request %s", service);
         }
+        r = 0;
+ out:
         free(service);
         return 0;
 }
@@ -257,16 +267,17 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
         Authmethod *m = NULL;
-        char *user, *service, *method, *style = NULL, *role = NULL;
-        int authenticated = 0;
+        char *user = NULL, *service = NULL, *method = NULL, *style = NULL, *role = NULL;
+        int r, authenticated = 0;
         double tstart = monotime_double();
 
         if (authctxt == NULL)
                 fatal("input_userauth_request: no authctxt");
 
-        user = packet_get_cstring(NULL);
-        service = packet_get_cstring(NULL);
-        method = packet_get_cstring(NULL);
+        if ((r = sshpkt_get_cstring(ssh, &user, NULL)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &service, NULL)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &method, NULL)) != 0)
+                goto out;
         debug("userauth-request for user %s service %s method %s", user, service, method);
         debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
 
@@ -280,7 +291,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 
         if (authctxt->attempt++ == 0) {
                 /* setup auth context */
-                authctxt->pw = PRIVSEP(getpwnamallow(user));
+                authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
                 authctxt->user = xstrdup(user);
                 if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
                         authctxt->valid = 1;
@@ -290,12 +301,12 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                         /* Invalid user, fake password information */
                         authctxt->pw = fakepw();
 #ifdef SSH_AUDIT_EVENTS
-                        PRIVSEP(audit_event(SSH_INVALID_USER));
+                        PRIVSEP(audit_event(ssh, SSH_INVALID_USER));
 #endif
                 }
 #ifdef USE_PAM
                 if (options.use_pam)
-                        PRIVSEP(start_pam(authctxt));
+                        PRIVSEP(start_pam(ssh));
 #endif
                 ssh_packet_set_log_preamble(ssh, "%suser %s",
                     authctxt->valid ? "authenticating " : "invalid ", user);
@@ -306,13 +317,14 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                 authctxt->role = role ? xstrdup(role) : NULL;
                 if (use_privsep)
                         mm_inform_authserv(service, style, role);
-                userauth_banner();
+                userauth_banner(ssh);
                 if (auth2_setup_methods_lists(authctxt) != 0)
-                        packet_disconnect("no authentication methods enabled");
+                        ssh_packet_disconnect(ssh,
+                            "no authentication methods enabled");
         } else if (strcmp(user, authctxt->user) != 0 ||
             strcmp(service, authctxt->service) != 0) {
-                packet_disconnect("Change of username or service not allowed: "
-                    "(%s,%s) -> (%s,%s)",
+                ssh_packet_disconnect(ssh, "Change of username or service "
+                    "not allowed: (%s,%s) -> (%s,%s)",
                     authctxt->user, authctxt->service, user, service);
         }
         /* reset state */
@@ -338,11 +350,12 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                 ensure_minimum_time_since(tstart,
                     user_specific_delay(authctxt->user));
         userauth_finish(ssh, authenticated, method, NULL);
-
+        r = 0;
+ out:
         free(service);
         free(user);
         free(method);
-        return 0;
+        return r;
 }
 
 void
@@ -351,7 +364,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
 {
         Authctxt *authctxt = ssh->authctxt;
         char *methods;
-        int partial = 0;
+        int r, partial = 0;
 
         if (!authctxt->valid && authenticated)
                 fatal("INTERNAL ERROR: authenticated invalid user %s",
@@ -364,7 +377,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
             !auth_root_allowed(ssh, method)) {
                 authenticated = 0;
 #ifdef SSH_AUDIT_EVENTS
-                PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
+                PRIVSEP(audit_event(ssh, SSH_LOGIN_ROOT_DENIED));
 #endif
         }
 
@@ -376,7 +389,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
         }
 
         /* Log before sending the reply */
-        auth_log(authctxt, authenticated, partial, method, submethod);
+        auth_log(ssh, authenticated, partial, method, submethod);
 
         /* Update information exposed to session */
         if (authenticated || partial)
@@ -395,8 +408,11 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
                                 if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)
                                         fatal("%s: buffer error: %s",
                                             __func__, ssh_err(r));
-                                userauth_send_banner(sshbuf_ptr(loginmsg));
-                                packet_write_wait();
+                                userauth_send_banner(ssh, sshbuf_ptr(loginmsg));
+                                if ((r = ssh_packet_write_wait(ssh)) != 0) {
+                                        sshpkt_fatal(ssh, r,
+                                            "%s: send PAM banner", __func__);
+                                }
                         }
                         fatal("Access denied for user %s by PAM account "
                             "configuration", authctxt->user);
@@ -406,10 +422,12 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
 
         if (authenticated == 1) {
                 /* turn off userauth */
-                ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
-                packet_start(SSH2_MSG_USERAUTH_SUCCESS);
-                packet_send();
-                packet_write_wait();
+                ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_REQUEST,
+                    &dispatch_protocol_ignore);
+                if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_SUCCESS)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0 ||
+                    (r = ssh_packet_write_wait(ssh)) != 0)
+                        fatal("%s: %s", __func__, ssh_err(r));
                 /* now we can break out */
                 authctxt->success = 1;
                 ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
@@ -420,18 +438,19 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
                         authctxt->failures++;
                 if (authctxt->failures >= options.max_authtries) {
 #ifdef SSH_AUDIT_EVENTS
-                        PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
+                        PRIVSEP(audit_event(ssh, SSH_LOGIN_EXCEED_MAXTRIES));
 #endif
-                        auth_maxtries_exceeded(authctxt);
+                        auth_maxtries_exceeded(ssh);
                 }
                 methods = authmethods_get(authctxt);
                 debug3("%s: failure partial=%d next methods=\"%s\"", __func__,
                     partial, methods);
-                packet_start(SSH2_MSG_USERAUTH_FAILURE);
-                packet_put_cstring(methods);
-                packet_put_char(partial);
-                packet_send();
-                packet_write_wait();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_FAILURE)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, methods)) != 0 ||
+                    (r = sshpkt_put_u8(ssh, partial)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0 ||
+                    (r = ssh_packet_write_wait(ssh)) != 0)
+                        fatal("%s: %s", __func__, ssh_err(r));
                 free(methods);
         }
 }
@@ -566,6 +585,14 @@ auth2_setup_methods_lists(Authctxt *authctxt)
 {
         u_int i;
 
+        /* First, normalise away the "any" pseudo-method */
+        if (options.num_auth_methods == 1 &&
+            strcmp(options.auth_methods[0], "any") == 0) {
+                free(options.auth_methods[0]);
+                options.auth_methods[0] = NULL;
+                options.num_auth_methods = 0;
+        }
+
         if (options.num_auth_methods == 0)
                 return 0;
         debug3("%s: checking methods", __func__);
diff --git a/authfd.c b/authfd.c
index 62cbf8c19..95348abfc 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.111 2018/07/09 21:59:10 markus Exp $ */
+/* $OpenBSD: authfd.c,v 1.113 2018/12/27 23:02:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -94,7 +94,7 @@ ssh_get_authentication_socket(int *fdp)
                 *fdp = -1;
 
         authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
-        if (!authsocket)
+        if (authsocket == NULL || *authsocket == '\0')
                 return SSH_ERR_AGENT_NOT_PRESENT;
 
         memset(&sunaddr, 0, sizeof(sunaddr));
diff --git a/channels.c b/channels.c
index c85d46abd..657381b80 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.386 2018/10/04 01:04:52 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.389 2019/01/19 21:37:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -227,11 +227,7 @@ channel_init_channels(struct ssh *ssh)
 {
         struct ssh_channels *sc;
 
-        if ((sc = calloc(1, sizeof(*sc))) == NULL ||
-            (sc->channel_pre = calloc(SSH_CHANNEL_MAX_TYPE,
-            sizeof(*sc->channel_pre))) == NULL ||
-            (sc->channel_post = calloc(SSH_CHANNEL_MAX_TYPE,
-            sizeof(*sc->channel_post))) == NULL)
+        if ((sc = calloc(1, sizeof(*sc))) == NULL)
                 fatal("%s: allocation failed", __func__);
         sc->channels_alloc = 10;
         sc->channels = xcalloc(sc->channels_alloc, sizeof(*sc->channels));
@@ -2104,16 +2100,18 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c,
     fd_set *readset, fd_set *writeset)
 {
         char buf[CHAN_RBUF];
-        int r;
         ssize_t len;
+        int r, force;
+
+        force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED;
 
-        if (!c->detach_close && !FD_ISSET(c->efd, readset))
+        if (c->efd == -1 || (!force && !FD_ISSET(c->efd, readset)))
                 return 1;
 
         len = read(c->efd, buf, sizeof(buf));
         debug2("channel %d: read %zd from efd %d", c->self, len, c->efd);
         if (len < 0 && (errno == EINTR || ((errno == EAGAIN ||
-            errno == EWOULDBLOCK) && !c->detach_close)))
+            errno == EWOULDBLOCK) && !force)))
                 return 1;
         if (len <= 0) {
                 debug2("channel %d: closing read-efd %d",
@@ -2995,10 +2993,10 @@ channel_input_data(int type, u_int32_t seq, struct ssh *ssh)
                 return 0;
 
         /* Get the data. */
-        if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0)
+        if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
                 fatal("%s: channel %d: get data: %s", __func__,
                     c->self, ssh_err(r));
-        ssh_packet_check_eom(ssh);
 
         win_len = data_len;
         if (c->datagram)
@@ -3072,11 +3070,11 @@ channel_input_extended_data(int type, u_int32_t seq, struct ssh *ssh)
                 logit("channel %d: bad ext data", c->self);
                 return 0;
         }
-        if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0) {
+        if ((r = sshpkt_get_string_direct(ssh, &data, &data_len)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0) {
                 error("%s: parse data: %s", __func__, ssh_err(r));
                 ssh_packet_disconnect(ssh, "Invalid extended_data message");
         }
-        ssh_packet_check_eom(ssh);
 
         if (data_len > c->local_window) {
                 logit("channel %d: rcvd too much extended_data %zu, win %u",
@@ -3095,8 +3093,12 @@ int
 channel_input_ieof(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c = channel_from_packet_id(ssh, __func__, "ieof");
+        int r;
 
-        ssh_packet_check_eom(ssh);
+        if ((r = sshpkt_get_end(ssh)) != 0) {
+                error("%s: parse data: %s", __func__, ssh_err(r));
+                ssh_packet_disconnect(ssh, "Invalid ieof message");
+        }
 
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
@@ -3116,10 +3118,14 @@ int
 channel_input_oclose(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c = channel_from_packet_id(ssh, __func__, "oclose");
+        int r;
 
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
-        ssh_packet_check_eom(ssh);
+        if ((r = sshpkt_get_end(ssh)) != 0) {
+                error("%s: parse data: %s", __func__, ssh_err(r));
+                ssh_packet_disconnect(ssh, "Invalid oclose message");
+        }
         chan_rcvd_oclose(ssh, c);
         return 0;
 }
@@ -3134,7 +3140,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh)
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
         if (c->type != SSH_CHANNEL_OPENING)
-                packet_disconnect("Received open confirmation for "
+                ssh_packet_disconnect(ssh, "Received open confirmation for "
                     "non-opening channel %d.", c->self);
         /*
          * Record the remote channel number and mark that the channel
@@ -3142,11 +3148,11 @@ channel_input_open_confirmation(int type, u_int32_t seq, struct ssh *ssh)
          */
         if ((r = sshpkt_get_u32(ssh, &c->remote_id)) != 0 ||
             (r = sshpkt_get_u32(ssh, &remote_window)) != 0 ||
-            (r = sshpkt_get_u32(ssh, &remote_maxpacket)) != 0) {
+            (r = sshpkt_get_u32(ssh, &remote_maxpacket)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0) {
                 error("%s: window/maxpacket: %s", __func__, ssh_err(r));
-                packet_disconnect("Invalid open confirmation message");
+                ssh_packet_disconnect(ssh, "Invalid open confirmation message");
         }
-        ssh_packet_check_eom(ssh);
 
         c->have_remote_id = 1;
         c->remote_window = remote_window;
@@ -3189,19 +3195,19 @@ channel_input_open_failure(int type, u_int32_t seq, struct ssh *ssh)
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
         if (c->type != SSH_CHANNEL_OPENING)
-                packet_disconnect("Received open failure for "
+                ssh_packet_disconnect(ssh, "Received open failure for "
                     "non-opening channel %d.", c->self);
         if ((r = sshpkt_get_u32(ssh, &reason)) != 0) {
                 error("%s: reason: %s", __func__, ssh_err(r));
-                packet_disconnect("Invalid open failure message");
+                ssh_packet_disconnect(ssh, "Invalid open failure message");
         }
         /* skip language */
         if ((r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 ||
-            (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0) {
+            (r = sshpkt_get_string_direct(ssh, NULL, NULL)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0) {
                 error("%s: message/lang: %s", __func__, ssh_err(r));
-                packet_disconnect("Invalid open failure message");
+                ssh_packet_disconnect(ssh, "Invalid open failure message");
         }
-        ssh_packet_check_eom(ssh);
         logit("channel %d: open failed: %s%s%s", c->self,
             reason2txt(reason), msg ? ": ": "", msg ? msg : "");
         free(msg);
@@ -3231,11 +3237,11 @@ channel_input_window_adjust(int type, u_int32_t seq, struct ssh *ssh)
 
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
-        if ((r = sshpkt_get_u32(ssh, &adjust)) != 0) {
+        if ((r = sshpkt_get_u32(ssh, &adjust)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0) {
                 error("%s: adjust: %s", __func__, ssh_err(r));
-                packet_disconnect("Invalid window adjust message");
+                ssh_packet_disconnect(ssh, "Invalid window adjust message");
         }
-        ssh_packet_check_eom(ssh);
         debug2("channel %d: rcvd adjust %u", c->self, adjust);
         if ((new_rwin = c->remote_window + adjust) < c->remote_window) {
                 fatal("channel %d: adjust %u overflows remote window %u",
@@ -3251,9 +3257,10 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh)
         int id = channel_parse_id(ssh, __func__, "status confirm");
         Channel *c;
         struct channel_confirm *cc;
+        int r;
 
         /* Reset keepalive timeout */
-        packet_set_alive_timeouts(0);
+        ssh_packet_set_alive_timeouts(ssh, 0);
 
         debug2("%s: type %d id %d", __func__, type, id);
 
@@ -3263,7 +3270,8 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh)
         }
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
-        ssh_packet_check_eom(ssh);
+        if ((r = sshpkt_get_end(ssh)) != 0)
+                ssh_packet_disconnect(ssh, "Invalid status confirm message");
         if ((cc = TAILQ_FIRST(&c->status_confirms)) == NULL)
                 return 0;
         cc->cb(ssh, type, c, cc->ctx);
@@ -3298,7 +3306,7 @@ channel_set_af(struct ssh *ssh, int af)
  * "127.0.0.1" / "::1"     -> accepted even if gateway_ports isn't set
  */
 static const char *
-channel_fwd_bind_addr(const char *listen_addr, int *wildcardp,
+channel_fwd_bind_addr(struct ssh *ssh, const char *listen_addr, int *wildcardp,
     int is_client, struct ForwardOptions *fwd_opts)
 {
         const char *addr = NULL;
@@ -3321,7 +3329,8 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp,
                         if (*listen_addr != '\0' &&
                             strcmp(listen_addr, "0.0.0.0") != 0 &&
                             strcmp(listen_addr, "*") != 0) {
-                                packet_send_debug("Forwarding listen address "
+                                ssh_packet_send_debug(ssh,
+                                    "Forwarding listen address "
                                     "\"%s\" overridden by server "
                                     "GatewayPorts", listen_addr);
                         }
@@ -3375,7 +3384,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type,
         }
 
         /* Determine the bind address, cf. channel_fwd_bind_addr() comment */
-        addr = channel_fwd_bind_addr(fwd->listen_host, &wildcard,
+        addr = channel_fwd_bind_addr(ssh, fwd->listen_host, &wildcard,
             is_client, fwd_opts);
         debug3("%s: type %d wildcard %d addr %s", __func__,
             type, wildcard, (addr == NULL) ? "NULL" : addr);
@@ -3392,7 +3401,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type,
         if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
                 if (addr == NULL) {
                         /* This really shouldn't happen */
-                        packet_disconnect("getaddrinfo: fatal error: %s",
+                        ssh_packet_disconnect(ssh, "getaddrinfo: fatal error: %s",
                             ssh_gai_strerror(r));
                 } else {
                         error("%s: getaddrinfo(%.64s): %s", __func__, addr,
@@ -3641,7 +3650,7 @@ channel_cancel_lport_listener_tcpip(struct ssh *ssh,
 {
         u_int i;
         int found = 0;
-        const char *addr = channel_fwd_bind_addr(lhost, NULL, 1, fwd_opts);
+        const char *addr = channel_fwd_bind_addr(ssh, lhost, NULL, 1, fwd_opts);
 
         for (i = 0; i < ssh->chanctxt->channels_alloc; i++) {
                 Channel *c = ssh->chanctxt->channels[i];
@@ -3793,7 +3802,7 @@ channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd,
     int *allocated_listen_port, struct ForwardOptions *fwd_opts)
 {
         if (!check_rfwd_permission(ssh, fwd)) {
-                packet_send_debug("port forwarding refused");
+                ssh_packet_send_debug(ssh, "port forwarding refused");
                 return 0;
         }
         if (fwd->listen_path != NULL) {
diff --git a/clientloop.c b/clientloop.c
index 1464634b0..9b90c64f3 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.322 2019/03/29 11:31:40 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -164,7 +164,7 @@ static int need_rekeying;	/* Set to non-zero if rekeying is requested. */
 static int session_closed;      /* In SSH2: login session closed. */
 static u_int x11_refuse_time;   /* If >0, refuse x11 opens after this time. */
 
-static void client_init_dispatch(void);
+static void client_init_dispatch(struct ssh *ssh);
 int     session_ident = -1;
 
 /* Track escape per proto2 channel */
@@ -368,7 +368,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                                     SSH_X11_PROTO, x11_timeout_real,
                                     _PATH_DEVNULL);
                         }
-                        debug2("%s: %s", __func__, cmd);
+                        debug2("%s: xauth command: %s", __func__, cmd);
 
                         if (timeout != 0 && x11_refuse_time == 0) {
                                 now = monotime() + 1;
@@ -479,21 +479,24 @@ client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh)
                 free(gc);
         }
 
-        packet_set_alive_timeouts(0);
+        ssh_packet_set_alive_timeouts(ssh, 0);
         return 0;
 }
 
 static void
-server_alive_check(void)
+server_alive_check(struct ssh *ssh)
 {
-        if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
+        int r;
+
+        if (ssh_packet_inc_alive_timeouts(ssh) > options.server_alive_count_max) {
                 logit("Timeout, server %s not responding.", host);
                 cleanup_exit(255);
         }
-        packet_start(SSH2_MSG_GLOBAL_REQUEST);
-        packet_put_cstring("keepalive@openssh.com");
-        packet_put_char(1);     /* boolean: want reply */
-        packet_send();
+        if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "keepalive@openssh.com")) != 0 ||
+            (r = sshpkt_put_u8(ssh, 1)) != 0 ||         /* boolean: want reply */
+            (r = sshpkt_send(ssh)) != 0)
+                fatal("%s: send packet: %s", __func__, ssh_err(r));
         /* Insert an empty placeholder to maintain ordering */
         client_register_global_confirm(NULL, NULL);
 }
@@ -513,12 +516,12 @@ client_wait_until_can_do_something(struct ssh *ssh,
         int r, ret;
 
         /* Add any selections by the channel mechanism. */
-        channel_prepare_select(active_state, readsetp, writesetp, maxfdp,
+        channel_prepare_select(ssh, readsetp, writesetp, maxfdp,
             nallocp, &minwait_secs);
 
         /* channel_prepare_select could have closed the last channel */
         if (session_closed && !channel_still_open(ssh) &&
-            !packet_have_data_to_write()) {
+            !ssh_packet_have_data_to_write(ssh)) {
                 /* clear mask since we did not call select() */
                 memset(*readsetp, 0, *nallocp);
                 memset(*writesetp, 0, *nallocp);
@@ -528,7 +531,7 @@ client_wait_until_can_do_something(struct ssh *ssh,
         FD_SET(connection_in, *readsetp);
 
         /* Select server connection if have data to write to the server. */
-        if (packet_have_data_to_write())
+        if (ssh_packet_have_data_to_write(ssh))
                 FD_SET(connection_out, *writesetp);
 
         /*
@@ -543,7 +546,8 @@ client_wait_until_can_do_something(struct ssh *ssh,
                 server_alive_time = now + options.server_alive_interval;
         }
         if (options.rekey_interval > 0 && !rekeying)
-                timeout_secs = MINIMUM(timeout_secs, packet_get_rekey_timeout());
+                timeout_secs = MINIMUM(timeout_secs,
+                    ssh_packet_get_rekey_timeout(ssh));
         set_control_persist_exit_time(ssh);
         if (control_persist_exit_time > 0) {
                 timeout_secs = MINIMUM(timeout_secs,
@@ -584,7 +588,7 @@ client_wait_until_can_do_something(struct ssh *ssh,
                  * Keepalive we check here, rekeying is checked in clientloop.
                  */
                 if (server_alive_time != 0 && server_alive_time <= monotime())
-                        server_alive_check();
+                        server_alive_check(ssh);
         }
 
 }
@@ -616,7 +620,7 @@ client_suspend_self(struct sshbuf *bin, struct sshbuf *bout, struct sshbuf *berr
 }
 
 static void
-client_process_net_input(fd_set *readset)
+client_process_net_input(struct ssh *ssh, fd_set *readset)
 {
         char buf[SSH_IOBUFSZ];
         int r, len;
@@ -662,7 +666,7 @@ client_process_net_input(fd_set *readset)
                         quit_pending = 1;
                         return;
                 }
-                packet_process_incoming(buf, len);
+                ssh_packet_process_incoming(ssh, buf, len);
         }
 }
 
@@ -1035,7 +1039,7 @@ process_escapes(struct ssh *ssh, Channel *c,
                                 channel_request_start(ssh, c->self, "break", 0);
                                 if ((r = sshpkt_put_u32(ssh, 1000)) != 0 ||
                                     (r = sshpkt_send(ssh)) != 0)
-                                        fatal("%s: %s", __func__,
+                                        fatal("%s: send packet: %s", __func__,
                                             ssh_err(r));
                                 continue;
 
@@ -1186,9 +1190,9 @@ process_escapes(struct ssh *ssh, Channel *c,
  */
 
 static void
-client_process_buffered_input_packets(void)
+client_process_buffered_input_packets(struct ssh *ssh)
 {
-        ssh_dispatch_run_fatal(active_state, DISPATCH_NONBLOCK, &quit_pending);
+        ssh_dispatch_run_fatal(ssh, DISPATCH_NONBLOCK, &quit_pending);
 }
 
 /* scan buf[] for '~' before sending data to the peer */
@@ -1285,8 +1289,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
         /* Initialize variables. */
         last_was_cr = 1;
         exit_status = -1;
-        connection_in = packet_get_connection_in();
-        connection_out = packet_get_connection_out();
+        connection_in = ssh_packet_get_connection_in(ssh);
+        connection_out = ssh_packet_get_connection_out(ssh);
         max_fd = MAXIMUM(connection_in, connection_out);
 
         quit_pending = 0;
@@ -1295,7 +1299,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
         if ((stderr_buffer = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
 
-        client_init_dispatch();
+        client_init_dispatch(ssh);
 
         /*
          * Set signal handlers, (e.g. to restore non-blocking mode)
@@ -1331,7 +1335,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
         while (!quit_pending) {
 
                 /* Process buffered packets sent by the server. */
-                client_process_buffered_input_packets();
+                client_process_buffered_input_packets(ssh);
 
                 if (session_closed && !channel_still_open(ssh))
                         break;
@@ -1350,7 +1354,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                          * Make packets from buffered channel data, and
                          * enqueue them for sending to the server.
                          */
-                        if (packet_not_very_much_data_to_write())
+                        if (ssh_packet_not_very_much_data_to_write(ssh))
                                 channel_output_poll(ssh);
 
                         /*
@@ -1387,7 +1391,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                 }
 
                 /* Buffer input from the connection.  */
-                client_process_net_input(readset);
+                client_process_net_input(ssh, readset);
 
                 if (quit_pending)
                         break;
@@ -1397,7 +1401,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                  * sender.
                  */
                 if (FD_ISSET(connection_out, writeset))
-                        packet_write_poll();
+                        ssh_packet_write_poll(ssh);
 
                 /*
                  * If we are a backgrounded control master, and the
@@ -1419,12 +1423,13 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
         /* Stop watching for window change. */
         signal(SIGWINCH, SIG_DFL);
 
-        packet_start(SSH2_MSG_DISCONNECT);
-        packet_put_int(SSH2_DISCONNECT_BY_APPLICATION);
-        packet_put_cstring("disconnected by user");
-        packet_put_cstring(""); /* language tag */
-        packet_send();
-        packet_write_wait();
+        if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
+            (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "disconnected by user")) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "")) != 0 ||   /* language tag */
+            (r = sshpkt_send(ssh)) != 0 ||
+            (r = ssh_packet_write_wait(ssh)) != 0)
+                fatal("%s: send disconnect: %s", __func__, ssh_err(r));
 
         channel_free_all(ssh);
 
@@ -1481,7 +1486,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 
         /* Report bytes transferred, and transfer rates. */
         total_time = monotime_double() - start_time;
-        packet_get_bytes(&ibytes, &obytes);
+        ssh_packet_get_bytes(ssh, &ibytes, &obytes);
         verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds",
             (unsigned long long)obytes, (unsigned long long)ibytes, total_time);
         if (total_time > 0)
@@ -1501,21 +1506,29 @@ client_request_forwarded_tcpip(struct ssh *ssh, const char *request_type,
         Channel *c = NULL;
         struct sshbuf *b = NULL;
         char *listen_address, *originator_address;
-        u_short listen_port, originator_port;
+        u_int listen_port, originator_port;
         int r;
 
         /* Get rest of the packet */
-        listen_address = packet_get_string(NULL);
-        listen_port = packet_get_int();
-        originator_address = packet_get_string(NULL);
-        originator_port = packet_get_int();
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &listen_address, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &listen_port)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &originator_address, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                fatal("%s: parse packet: %s", __func__, ssh_err(r));
 
         debug("%s: listen %s port %d, originator %s port %d", __func__,
             listen_address, listen_port, originator_address, originator_port);
 
-        c = channel_connect_by_listen_address(ssh, listen_address, listen_port,
-            "forwarded-tcpip", originator_address);
+        if (listen_port > 0xffff)
+                error("%s: invalid listen port", __func__);
+        else if (originator_port > 0xffff)
+                error("%s: invalid originator port", __func__);
+        else {
+                c = channel_connect_by_listen_address(ssh,
+                    listen_address, listen_port, "forwarded-tcpip",
+                    originator_address);
+        }
 
         if (c != NULL && c->type == SSH_CHANNEL_MUX_CLIENT) {
                 if ((b = sshbuf_new()) == NULL) {
@@ -1553,15 +1566,15 @@ client_request_forwarded_streamlocal(struct ssh *ssh,
 {
         Channel *c = NULL;
         char *listen_path;
+        int r;
 
         /* Get the remote path. */
-        listen_path = packet_get_string(NULL);
-        /* XXX: Skip reserved field for now. */
-        if (packet_get_string_ptr(NULL) == NULL)
-                fatal("%s: packet_get_string_ptr failed", __func__);
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &listen_path, NULL)) != 0 ||
+            (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 ||    /* reserved */
+            (r = sshpkt_get_end(ssh)) != 0)
+                fatal("%s: parse packet: %s", __func__, ssh_err(r));
 
-        debug("%s: %s", __func__, listen_path);
+        debug("%s: request: %s", __func__, listen_path);
 
         c = channel_connect_by_listen_path(ssh, listen_path,
             "forwarded-streamlocal@openssh.com", "forwarded-streamlocal");
@@ -1574,8 +1587,8 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan)
 {
         Channel *c = NULL;
         char *originator;
-        u_short originator_port;
-        int sock;
+        u_int originator_port;
+        int r, sock;
 
         if (!options.forward_x11) {
                 error("Warning: ssh server tried X11 forwarding.");
@@ -1588,11 +1601,13 @@ client_request_x11(struct ssh *ssh, const char *request_type, int rchan)
                     "expired");
                 return NULL;
         }
-        originator = packet_get_string(NULL);
-        originator_port = packet_get_int();
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                fatal("%s: parse packet: %s", __func__, ssh_err(r));
         /* XXX check permission */
-        debug("client_request_x11: request from %s %d", originator,
+        /* XXX range check originator port? */
+        debug("client_request_x11: request from %s %u", originator,
             originator_port);
         free(originator);
         sock = x11_connect_display(ssh);
@@ -1636,7 +1651,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode,
     int local_tun, int remote_tun)
 {
         Channel *c;
-        int fd;
+        int r, fd;
         char *ifname = NULL;
 
         if (tun_mode == SSH_TUNMODE_NO)
@@ -1661,14 +1676,15 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode,
                     sys_tun_outfilter, NULL, NULL);
 #endif
 
-        packet_start(SSH2_MSG_CHANNEL_OPEN);
-        packet_put_cstring("tun@openssh.com");
-        packet_put_int(c->self);
-        packet_put_int(c->local_window_max);
-        packet_put_int(c->local_maxpacket);
-        packet_put_int(tun_mode);
-        packet_put_int(remote_tun);
-        packet_send();
+        if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "tun@openssh.com")) != 0 ||
+            (r = sshpkt_put_u32(ssh, c->self)) != 0 ||
+            (r = sshpkt_put_u32(ssh, c->local_window_max)) != 0 ||
+            (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 ||
+            (r = sshpkt_put_u32(ssh, tun_mode)) != 0 ||
+            (r = sshpkt_put_u32(ssh, remote_tun)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: send reply", __func__);
 
         return ifname;
 }
@@ -1678,14 +1694,17 @@ static int
 client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c = NULL;
-        char *ctype;
-        int rchan;
-        u_int rmaxpack, rwindow, len;
-
-        ctype = packet_get_string(&len);
-        rchan = packet_get_int();
-        rwindow = packet_get_int();
-        rmaxpack = packet_get_int();
+        char *ctype = NULL;
+        int r;
+        u_int rchan;
+        size_t len;
+        u_int rmaxpack, rwindow;
+
+        if ((r = sshpkt_get_cstring(ssh, &ctype, &len)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rchan)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rwindow)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rmaxpack)) != 0)
+                goto out;
 
         debug("client_input_channel_open: ctype %s rchan %d win %d max %d",
             ctype, rchan, rwindow, rmaxpack);
@@ -1709,57 +1728,66 @@ client_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
                 c->remote_window = rwindow;
                 c->remote_maxpacket = rmaxpack;
                 if (c->type != SSH_CHANNEL_CONNECTING) {
-                        packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
-                        packet_put_int(c->remote_id);
-                        packet_put_int(c->self);
-                        packet_put_int(c->local_window);
-                        packet_put_int(c->local_maxpacket);
-                        packet_send();
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->self)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->local_window)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0)
+                                sshpkt_fatal(ssh, r, "%s: send reply", __func__);
                 }
         } else {
                 debug("failure %s", ctype);
-                packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE);
-                packet_put_int(rchan);
-                packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED);
-                packet_put_cstring("open failed");
-                packet_put_cstring("");
-                packet_send();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, rchan)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "open failed")) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "")) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: send failure", __func__);
         }
+        r = 0;
+ out:
         free(ctype);
-        return 0;
+        return r;
 }
 
 static int
 client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c = NULL;
-        int exitval, id, reply, success = 0;
-        char *rtype;
-
-        id = packet_get_int();
-        c = channel_lookup(ssh, id);
+        char *rtype = NULL;
+        u_char reply;
+        u_int id, exitval;
+        int r, success = 0;
+
+        if ((r = sshpkt_get_u32(ssh, &id)) != 0)
+                return r;
+        if (id <= INT_MAX)
+                c = channel_lookup(ssh, id);
         if (channel_proxy_upstream(c, type, seq, ssh))
                 return 0;
-        rtype = packet_get_string(NULL);
-        reply = packet_get_char();
+        if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 ||
+            (r = sshpkt_get_u8(ssh, &reply)) != 0)
+                goto out;
 
-        debug("client_input_channel_req: channel %d rtype %s reply %d",
+        debug("client_input_channel_req: channel %u rtype %s reply %d",
             id, rtype, reply);
 
-        if (id == -1) {
-                error("client_input_channel_req: request for channel -1");
-        } else if (c == NULL) {
+        if (c == NULL) {
                 error("client_input_channel_req: channel %d: "
                     "unknown channel", id);
         } else if (strcmp(rtype, "eow@openssh.com") == 0) {
-                packet_check_eom();
+                if ((r = sshpkt_get_end(ssh)) != 0)
+                        goto out;
                 chan_rcvd_eow(ssh, c);
         } else if (strcmp(rtype, "exit-status") == 0) {
-                exitval = packet_get_int();
+                if ((r = sshpkt_get_u32(ssh, &exitval)) != 0)
+                        goto out;
                 if (c->ctl_chan != -1) {
                         mux_exit_message(ssh, c, exitval);
                         success = 1;
-                } else if (id == session_ident) {
+                } else if ((int)id == session_ident) {
                         /* Record exit value of local session */
                         success = 1;
                         exit_status = exitval;
@@ -1768,19 +1796,23 @@ client_input_channel_req(int type, u_int32_t seq, struct ssh *ssh)
                         debug("%s: no sink for exit-status on channel %d",
                             __func__, id);
                 }
-                packet_check_eom();
+                if ((r = sshpkt_get_end(ssh)) != 0)
+                        goto out;
         }
         if (reply && c != NULL && !(c->flags & CHAN_CLOSE_SENT)) {
                 if (!c->have_remote_id)
                         fatal("%s: channel %d: no remote_id",
                             __func__, c->self);
-                packet_start(success ?
-                    SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
-                packet_put_int(c->remote_id);
-                packet_send();
+                if ((r = sshpkt_start(ssh, success ?
+                    SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: send failure", __func__);
         }
+        r = 0;
+ out:
         free(rtype);
-        return 0;
+        return r;
 }
 
 struct hostkeys_update_ctx {
@@ -1997,7 +2029,10 @@ client_global_hostkeys_private_confirm(struct ssh *ssh, int type,
         if (ndone != ctx->nnew)
                 fatal("%s: ndone != ctx->nnew (%zu / %zu)", __func__,
                     ndone, ctx->nnew);  /* Shouldn't happen */
-        ssh_packet_check_eom(ssh);
+        if ((r = sshpkt_get_end(ssh)) != 0) {
+                error("%s: protocol error", __func__);
+                goto out;
+        }
 
         /* Make the edits to known_hosts */
         update_known_hosts(ctx);
@@ -2031,9 +2066,8 @@ key_accepted_by_hostkeyalgs(const struct sshkey *key)
  * HostkeyAlgorithms preference before they are accepted.
  */
 static int
-client_input_hostkeys(void)
+client_input_hostkeys(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
         const u_char *blob = NULL;
         size_t i, len = 0;
         struct sshbuf *buf = NULL;
@@ -2184,23 +2218,27 @@ static int
 client_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
 {
         char *rtype;
-        int want_reply;
-        int success = 0;
+        u_char want_reply;
+        int r, success = 0;
 
-        rtype = packet_get_cstring(NULL);
-        want_reply = packet_get_char();
+        if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 ||
+            (r = sshpkt_get_u8(ssh, &want_reply)) != 0)
+                goto out;
         debug("client_input_global_request: rtype %s want_reply %d",
             rtype, want_reply);
         if (strcmp(rtype, "hostkeys-00@openssh.com") == 0)
-                success = client_input_hostkeys();
+                success = client_input_hostkeys(ssh);
         if (want_reply) {
-                packet_start(success ?
-                    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
-                packet_send();
-                packet_write_wait();
+                if ((r = sshpkt_start(ssh, success ? SSH2_MSG_REQUEST_SUCCESS :
+                    SSH2_MSG_REQUEST_FAILURE)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0 ||
+                    (r = ssh_packet_write_wait(ssh)) != 0)
+                        goto out;
         }
+        r = 0;
+ out:
         free(rtype);
-        return 0;
+        return r;
 }
 
 void
@@ -2208,7 +2246,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
     const char *term, struct termios *tiop, int in_fd, struct sshbuf *cmd,
     char **env)
 {
-        int i, j, matched, len;
+        int i, j, matched, len, r;
         char *name, *val;
         Channel *c = NULL;
 
@@ -2217,7 +2255,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
         if ((c = channel_lookup(ssh, id)) == NULL)
                 fatal("%s: channel %d: unknown channel", __func__, id);
 
-        packet_set_interactive(want_tty,
+        ssh_packet_set_interactive(ssh, want_tty,
             options.ip_qos_interactive, options.ip_qos_bulk);
 
         if (want_tty) {
@@ -2229,15 +2267,18 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
 
                 channel_request_start(ssh, id, "pty-req", 1);
                 client_expect_confirm(ssh, id, "PTY allocation", CONFIRM_TTY);
-                packet_put_cstring(term != NULL ? term : "");
-                packet_put_int((u_int)ws.ws_col);
-                packet_put_int((u_int)ws.ws_row);
-                packet_put_int((u_int)ws.ws_xpixel);
-                packet_put_int((u_int)ws.ws_ypixel);
+                if ((r = sshpkt_put_cstring(ssh, term != NULL ? term : ""))
+                    != 0 ||
+                    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_row)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_xpixel)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, (u_int)ws.ws_ypixel)) != 0)
+                        fatal("%s: build packet: %s", __func__, ssh_err(r));
                 if (tiop == NULL)
                         tiop = get_saved_tio();
                 ssh_tty_make_modes(ssh, -1, tiop);
-                packet_send();
+                if ((r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: send packet: %s", __func__, ssh_err(r));
                 /* XXX wait for reply */
                 c->client_tty = 1;
         }
@@ -2269,9 +2310,12 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
 
                         debug("Sending env %s = %s", name, val);
                         channel_request_start(ssh, id, "env", 0);
-                        packet_put_cstring(name);
-                        packet_put_cstring(val);
-                        packet_send();
+                        if ((r = sshpkt_put_cstring(ssh, name)) != 0 ||
+                            (r = sshpkt_put_cstring(ssh, val)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0) {
+                                fatal("%s: send packet: %s",
+                                    __func__, ssh_err(r));
+                        }
                         free(name);
                 }
         }
@@ -2286,9 +2330,10 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
 
                 debug("Setting env %s = %s", name, val);
                 channel_request_start(ssh, id, "env", 0);
-                packet_put_cstring(name);
-                packet_put_cstring(val);
-                packet_send();
+                if ((r = sshpkt_put_cstring(ssh, name)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, val)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: send packet: %s", __func__, ssh_err(r));
                 free(name);
         }
 
@@ -2308,39 +2353,43 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
                         channel_request_start(ssh, id, "exec", 1);
                         client_expect_confirm(ssh, id, "exec", CONFIRM_CLOSE);
                 }
-                packet_put_string(sshbuf_ptr(cmd), sshbuf_len(cmd));
-                packet_send();
+                if ((r = sshpkt_put_stringb(ssh, cmd)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: send command: %s", __func__, ssh_err(r));
         } else {
                 channel_request_start(ssh, id, "shell", 1);
                 client_expect_confirm(ssh, id, "shell", CONFIRM_CLOSE);
-                packet_send();
+                if ((r = sshpkt_send(ssh)) != 0) {
+                        fatal("%s: send shell request: %s",
+                            __func__, ssh_err(r));
+                }
         }
 }
 
 static void
-client_init_dispatch(void)
+client_init_dispatch(struct ssh *ssh)
 {
-        dispatch_init(&dispatch_protocol_error);
-
-        dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
-        dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
-        dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
-        dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
-        dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req);
-        dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
-        dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &channel_input_status_confirm);
-        dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &channel_input_status_confirm);
-        dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request);
+        ssh_dispatch_init(ssh, &dispatch_protocol_error);
+
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_DATA, &channel_input_data);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_SUCCESS, &channel_input_status_confirm);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_FAILURE, &channel_input_status_confirm);
+        ssh_dispatch_set(ssh, SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request);
 
         /* rekeying */
-        dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
+        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 
         /* global request reply messages */
-        dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply);
-        dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply);
+        ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply);
+        ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply);
 }
 
 void
diff --git a/config.h.in b/config.h.in
index 209760c7c..05b7206df 100644
--- a/config.h.in
+++ b/config.h.in
@@ -393,19 +393,19 @@
 /* Define if you have /dev/ptc */
 #undef HAVE_DEV_PTS_AND_PTC
 
-/* Define if libcrypto has DH_get0_key */
+/* Define to 1 if you have the `DH_get0_key' function. */
 #undef HAVE_DH_GET0_KEY
 
-/* Define if libcrypto has DH_get0_pqg */
+/* Define to 1 if you have the `DH_get0_pqg' function. */
 #undef HAVE_DH_GET0_PQG
 
-/* Define if libcrypto has DH_set0_key */
+/* Define to 1 if you have the `DH_set0_key' function. */
 #undef HAVE_DH_SET0_KEY
 
-/* Define if libcrypto has DH_set0_pqg */
+/* Define to 1 if you have the `DH_set0_pqg' function. */
 #undef HAVE_DH_SET0_PQG
 
-/* Define if libcrypto has DH_set_length */
+/* Define to 1 if you have the `DH_set_length' function. */
 #undef HAVE_DH_SET_LENGTH
 
 /* Define to 1 if you have the <dirent.h> header file. */
@@ -420,30 +420,33 @@
 /* Define to 1 if you have the `DSA_generate_parameters_ex' function. */
 #undef HAVE_DSA_GENERATE_PARAMETERS_EX
 
-/* Define if libcrypto has DSA_get0_key */
+/* Define to 1 if you have the `DSA_get0_key' function. */
 #undef HAVE_DSA_GET0_KEY
 
-/* Define if libcrypto has DSA_get0_pqg */
+/* Define to 1 if you have the `DSA_get0_pqg' function. */
 #undef HAVE_DSA_GET0_PQG
 
-/* Define if libcrypto has DSA_set0_key */
+/* Define to 1 if you have the `DSA_set0_key' function. */
 #undef HAVE_DSA_SET0_KEY
 
-/* Define if libcrypto has DSA_set0_pqg */
+/* Define to 1 if you have the `DSA_set0_pqg' function. */
 #undef HAVE_DSA_SET0_PQG
 
-/* Define if libcrypto has DSA_SIG_get0 */
+/* Define to 1 if you have the `DSA_SIG_get0' function. */
 #undef HAVE_DSA_SIG_GET0
 
-/* Define if libcrypto has DSA_SIG_set0 */
+/* Define to 1 if you have the `DSA_SIG_set0' function. */
 #undef HAVE_DSA_SIG_SET0
 
-/* Define if libcrypto has ECDSA_SIG_get0 */
+/* Define to 1 if you have the `ECDSA_SIG_get0' function. */
 #undef HAVE_ECDSA_SIG_GET0
 
-/* Define if libcrypto has ECDSA_SIG_set0 */
+/* Define to 1 if you have the `ECDSA_SIG_set0' function. */
 #undef HAVE_ECDSA_SIG_SET0
 
+/* Define to 1 if you have the `EC_KEY_METHOD_new' function. */
+#undef HAVE_EC_KEY_METHOD_NEW
+
 /* Define to 1 if you have the <elf.h> header file. */
 #undef HAVE_ELF_H
 
@@ -471,18 +474,21 @@
 /* Define if your system has /etc/default/login */
 #undef HAVE_ETC_DEFAULT_LOGIN
 
-/* Define if libcrypto has EVP_CIPHER_CTX_ctrl */
+/* Define to 1 if you have the `EVP_CIPHER_CTX_ctrl' function. */
 #undef HAVE_EVP_CIPHER_CTX_CTRL
 
-/* Define if libcrypto has EVP_CIPHER_CTX_set_iv */
+/* Define to 1 if you have the `EVP_CIPHER_CTX_get_iv' function. */
 #undef HAVE_EVP_CIPHER_CTX_GET_IV
 
-/* Define if libcrypto has EVP_CIPHER_CTX_iv */
+/* Define to 1 if you have the `EVP_CIPHER_CTX_iv' function. */
 #undef HAVE_EVP_CIPHER_CTX_IV
 
-/* Define if libcrypto has EVP_CIPHER_CTX_iv_noconst */
+/* Define to 1 if you have the `EVP_CIPHER_CTX_iv_noconst' function. */
 #undef HAVE_EVP_CIPHER_CTX_IV_NOCONST
 
+/* Define to 1 if you have the `EVP_CIPHER_CTX_set_iv' function. */
+#undef HAVE_EVP_CIPHER_CTX_SET_IV
+
 /* Define to 1 if you have the `EVP_DigestFinal_ex' function. */
 #undef HAVE_EVP_DIGESTFINAL_EX
 
@@ -495,16 +501,16 @@
 /* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */
 #undef HAVE_EVP_MD_CTX_COPY_EX
 
-/* Define if libcrypto has EVP_MD_CTX_free */
+/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
 #undef HAVE_EVP_MD_CTX_FREE
 
 /* Define to 1 if you have the `EVP_MD_CTX_init' function. */
 #undef HAVE_EVP_MD_CTX_INIT
 
-/* Define if libcrypto has EVP_MD_CTX_new */
+/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
 #undef HAVE_EVP_MD_CTX_NEW
 
-/* Define if libcrypto has EVP_PKEY_get0_RSA */
+/* Define to 1 if you have the `EVP_PKEY_get0_RSA' function. */
 #undef HAVE_EVP_PKEY_GET0_RSA
 
 /* Define to 1 if you have the `EVP_ripemd160' function. */
@@ -522,9 +528,15 @@
 /* Define to 1 if you have the `fchmod' function. */
 #undef HAVE_FCHMOD
 
+/* Define to 1 if you have the `fchmodat' function. */
+#undef HAVE_FCHMODAT
+
 /* Define to 1 if you have the `fchown' function. */
 #undef HAVE_FCHOWN
 
+/* Define to 1 if you have the `fchownat' function. */
+#undef HAVE_FCHOWNAT
+
 /* Use F_CLOSEM fcntl for closefrom */
 #undef HAVE_FCNTL_CLOSEM
 
@@ -935,8 +947,17 @@
 /* Define to 1 if you have the `openpty' function. */
 #undef HAVE_OPENPTY
 
-/* Define if your ssl headers are included with #include <openssl/header.h> */
-#undef HAVE_OPENSSL
+/* as a macro */
+#undef HAVE_OPENSSL_ADD_ALL_ALGORITHMS
+
+/* Define to 1 if you have the `OPENSSL_init_crypto' function. */
+#undef HAVE_OPENSSL_INIT_CRYPTO
+
+/* Define to 1 if you have the `OpenSSL_version' function. */
+#undef HAVE_OPENSSL_VERSION
+
+/* Define to 1 if you have the `OpenSSL_version_num' function. */
+#undef HAVE_OPENSSL_VERSION_NUM
 
 /* Define if you have Digital Unix Security Integration Architecture */
 #undef HAVE_OSF_SIA
@@ -1029,46 +1050,46 @@
 /* Define to 1 if you have the `RSA_generate_key_ex' function. */
 #undef HAVE_RSA_GENERATE_KEY_EX
 
-/* Define if libcrypto has RSA_get0_crt_params */
+/* Define to 1 if you have the `RSA_get0_crt_params' function. */
 #undef HAVE_RSA_GET0_CRT_PARAMS
 
-/* Define if libcrypto has RSA_get0_factors */
+/* Define to 1 if you have the `RSA_get0_factors' function. */
 #undef HAVE_RSA_GET0_FACTORS
 
-/* Define if libcrypto has RSA_get0_key */
+/* Define to 1 if you have the `RSA_get0_key' function. */
 #undef HAVE_RSA_GET0_KEY
 
 /* Define to 1 if you have the `RSA_get_default_method' function. */
 #undef HAVE_RSA_GET_DEFAULT_METHOD
 
-/* Define if libcrypto has RSA_meth_dup */
+/* Define to 1 if you have the `RSA_meth_dup' function. */
 #undef HAVE_RSA_METH_DUP
 
-/* Define if libcrypto has RSA_meth_free */
+/* Define to 1 if you have the `RSA_meth_free' function. */
 #undef HAVE_RSA_METH_FREE
 
-/* Define if libcrypto has RSA_meth_get_finish */
+/* Define to 1 if you have the `RSA_meth_get_finish' function. */
 #undef HAVE_RSA_METH_GET_FINISH
 
-/* Define if libcrypto has RSA_meth_set1_name */
+/* Define to 1 if you have the `RSA_meth_set1_name' function. */
 #undef HAVE_RSA_METH_SET1_NAME
 
-/* Define if libcrypto has RSA_meth_set_finish */
+/* Define to 1 if you have the `RSA_meth_set_finish' function. */
 #undef HAVE_RSA_METH_SET_FINISH
 
-/* Define if libcrypto has RSA_meth_set_priv_dec */
+/* Define to 1 if you have the `RSA_meth_set_priv_dec' function. */
 #undef HAVE_RSA_METH_SET_PRIV_DEC
 
-/* Define if libcrypto has RSA_meth_set_priv_enc */
+/* Define to 1 if you have the `RSA_meth_set_priv_enc' function. */
 #undef HAVE_RSA_METH_SET_PRIV_ENC
 
-/* Define if libcrypto has RSA_get0_srt_params */
+/* Define to 1 if you have the `RSA_set0_crt_params' function. */
 #undef HAVE_RSA_SET0_CRT_PARAMS
 
-/* Define if libcrypto has RSA_set0_factors */
+/* Define to 1 if you have the `RSA_set0_factors' function. */
 #undef HAVE_RSA_SET0_FACTORS
 
-/* Define if libcrypto has RSA_set0_key */
+/* Define to 1 if you have the `RSA_set0_key' function. */
 #undef HAVE_RSA_SET0_KEY
 
 /* Define to 1 if you have the <sandbox.h> header file. */
@@ -1512,6 +1533,9 @@
 /* Define to 1 if you have the <util.h> header file. */
 #undef HAVE_UTIL_H
 
+/* Define to 1 if you have the `utimensat' function. */
+#undef HAVE_UTIMENSAT
+
 /* Define to 1 if you have the `utimes' function. */
 #undef HAVE_UTIMES
 
@@ -1845,9 +1869,6 @@
 /* Use btmp to log bad logins */
 #undef USE_BTMP
 
-/* platform uses an in-memory credentials cache */
-#undef USE_CCAPI
-
 /* Use libedit for sftp */
 #undef USE_LIBEDIT
 
@@ -1863,9 +1884,6 @@
 /* Use PIPES instead of a socketpair() */
 #undef USE_PIPES
 
-/* platform has the Security Authorization Session API */
-#undef USE_SECURITY_SESSION_API
-
 /* Define if you have Solaris privileges */
 #undef USE_SOLARIS_PRIVS
 
diff --git a/configure b/configure
index 21a41103f..d276473ca 100755
--- a/configure
+++ b/configure
@@ -2625,197 +2625,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
 ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
 ac_compiler_gnu=$ac_cv_c_compiler_gnu
 if test -n "$ac_tool_prefix"; then
-  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_CC="${ac_tool_prefix}gcc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
-  ac_ct_CC=$CC
-  # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$ac_ct_CC"; then
-  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_ac_ct_CC="gcc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-  if test "x$ac_ct_CC" = x; then
-    CC=""
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    CC=$ac_ct_CC
-  fi
-else
-  CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
-          if test -n "$ac_tool_prefix"; then
-    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_CC="${ac_tool_prefix}cc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  fi
-fi
-if test -z "$CC"; then
-  # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
-       ac_prog_rejected=yes
-       continue
-     fi
-    ac_cv_prog_CC="cc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
-  # We found a bogon in the path, so make sure we never use it.
-  set dummy $ac_cv_prog_CC
-  shift
-  if test $# != 0; then
-    # We chose a different compiler from the bogus one.
-    # However, it has the same basename, so the bogon will be chosen
-    # first if we set CC to just the basename; use the full file name.
-    shift
-    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
-  fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
-  if test -n "$ac_tool_prefix"; then
-  for ac_prog in cl.exe
+  for ac_prog in cc gcc
   do
     # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
 set dummy $ac_tool_prefix$ac_prog; ac_word=$2
@@ -2859,7 +2669,7 @@ fi
 fi
 if test -z "$CC"; then
   ac_ct_CC=$CC
-  for ac_prog in cl.exe
+  for ac_prog in cc gcc
 do
   # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
@@ -2914,8 +2724,6 @@ esac
   fi
 fi
 
-fi
-
 
 test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
@@ -6735,10 +6543,11 @@ fi
 if test "${with_rpath+set}" = set; then :
   withval=$with_rpath;
                 if test "x$withval" = "xno" ; then
-                        need_dash_r=""
-                fi
-                if test "x$withval" = "xyes" ; then
-                        need_dash_r=1
+                        rpath_opt=""
+                elif test "x$withval" = "xyes" ; then
+                        rpath_opt="-R"
+                else
+                        rpath_opt="$withval"
                 fi
 
 
@@ -8059,7 +7868,7 @@ $as_echo "#define NEED_SETPGRP 1" >>confdefs.h
 *-*-netbsd*)
         check_for_libcrypt_before=1
         if test "x$withval" != "xno" ; then
-                need_dash_r=1
+                rpath_opt="-R"
         fi
         CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
 
@@ -8153,7 +7962,7 @@ $as_echo "#define SYSLOG_R_SAFE_IN_SIGHAND 1" >>confdefs.h
         ;;
 *-*-solaris*)
         if test "x$withval" != "xno" ; then
-                need_dash_r=1
+                rpath_opt="-R"
         fi
         $as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h
 
@@ -9083,14 +8892,14 @@ if test "${with_zlib+set}" = set; then :
                 as_fn_error $? "*** zlib is required ***" "$LINENO" 5
           elif test "x$withval" != "xyes"; then
                 if test -d "$withval/lib"; then
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                         fi
                 else
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval} ${LDFLAGS}"
                         fi
@@ -9161,8 +8970,8 @@ else
                 saved_CPPFLAGS="$CPPFLAGS"
                 saved_LDFLAGS="$LDFLAGS"
                 save_LIBS="$LIBS"
-                                if test -n "${need_dash_r}"; then
-                        LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                        LDFLAGS="-L/usr/local/lib ${rpath_opt}/usr/local/lib ${saved_LDFLAGS}"
                 else
                         LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
                 fi
@@ -10607,8 +10416,8 @@ $as_echo "no" >&6; }
                         fi
                 else
                         CPPFLAGS="$CPPFLAGS -I${withval}/include"
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                         fi
@@ -11030,7 +10839,9 @@ for ac_func in  \
         errx \
         explicit_bzero \
         fchmod \
+        fchmodat \
         fchown \
+        fchownat \
         flock \
         freeaddrinfo \
         freezero \
@@ -11123,6 +10934,7 @@ for ac_func in  \
         truncate \
         unsetenv \
         updwtmpx \
+        utimensat \
         user_from_uid \
         usleep \
         vasprintf \
@@ -12742,20 +12554,20 @@ if test "${with_ssl_dir+set}" = set; then :
                                 ./*|../*)       withval="`pwd`/$withval"
                         esac
                         if test -d "$withval/lib"; then
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                                 fi
                         elif test -d "$withval/lib64"; then
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
                                 fi
                         else
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval} ${LDFLAGS}"
                                 fi
@@ -12821,17 +12633,12 @@ return RAND_add ();
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
 
-$as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
-
 else
-
-                                                if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
-                        else
-                                LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
-                        fi
-                        CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
-                        ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default"
+  as_fn_error $? "*** working libcrypto not found, check config.log" "$LINENO" 5
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+        ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default"
 if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then :
 
 else
@@ -12839,40 +12646,6 @@ else
 fi
 
 
-                        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RAND_add ();
-int
-main ()
-{
-return RAND_add ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
-
-else
-
-                                        as_fn_error $? "*** Can't find recent OpenSSL libcrypto (see config.log for details) ***" "$LINENO" 5
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
 
         # Determine OpenSSL header version
         { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5
@@ -12933,6 +12706,20 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
 fi
 
 
+        # Determining OpenSSL library version is version dependent.
+        for ac_func in OpenSSL_version OpenSSL_version_num
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
         # Determine OpenSSL library version
         { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5
 $as_echo_n "checking OpenSSL library version... " >&6; }
@@ -12962,9 +12749,18 @@ main ()
                 fd = fopen(DATA,"w");
                 if(fd == NULL)
                         exit(1);
-
-                if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(),
-                    SSLeay_version(SSLEAY_VERSION))) < 0)
+#ifndef OPENSSL_VERSION
+# define OPENSSL_VERSION SSLEAY_VERSION
+#endif
+#ifndef HAVE_OPENSSL_VERSION
+# define OpenSSL_version        SSLeay_version
+#endif
+#ifndef HAVE_OPENSSL_VERSION_NUM
+# define OpenSSL_version_num    SSLeay
+#endif
+                if ((rc = fprintf(fd, "%08lx (%s)\n",
+                    (unsigned long)OpenSSL_version_num(),
+                    OpenSSL_version(OPENSSL_VERSION))) < 0)
                         exit(1);
 
                 exit(0);
@@ -12982,14 +12778,15 @@ if ac_fn_c_try_run "$LINENO"; then :
                                 as_fn_error $? "OpenSSL >= 1.0.1 required (have \"$ssl_library_ver\")" "$LINENO" 5
                                 ;;
                         100*)   ;; # 1.0.x
-                        1010000123456*)
+                        101000[0123456]*)
                                 # https://github.com/openssl/openssl/pull/4613
                                 as_fn_error $? "OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have \"$ssl_library_ver\")" "$LINENO" 5
                                 ;;
                         101*)   ;; # 1.1.x
                         200*)   ;; # LibreSSL
+                        300*)   ;; # OpenSSL development branch.
                         *)
-                                as_fn_error $? "OpenSSL > 1.1.x is not yet supported (have \"$ssl_library_ver\")" "$LINENO" 5
+                                as_fn_error $? "Unknown/unsupported OpenSSL version (\"$ssl_library_ver\")" "$LINENO" 5
                                 ;;
                         esac
                         { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5
@@ -13028,7 +12825,10 @@ int
 main ()
 {
 
-                exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
+#ifndef HAVE_OPENSSL_VERSION_NUM
+# define OpenSSL_version_num    SSLeay
+#endif
+                exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1);
 
   ;
   return 0;
@@ -13069,11 +12869,11 @@ fi
 $as_echo_n "checking if programs using OpenSSL functions will link... " >&6; }
         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
- #include <openssl/evp.h>
+ #include <openssl/err.h>
 int
 main ()
 {
- SSLeay_add_all_algorithms();
+ ERR_load_crypto_strings();
   ;
   return 0;
 }
@@ -13093,11 +12893,11 @@ $as_echo "no" >&6; }
 $as_echo_n "checking if programs using OpenSSL need -ldl... " >&6; }
                         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
- #include <openssl/evp.h>
+ #include <openssl/err.h>
 int
 main ()
 {
- SSLeay_add_all_algorithms();
+ ERR_load_crypto_strings();
   ;
   return 0;
 }
@@ -13126,11 +12926,12 @@ rm -f core conftest.err conftest.$ac_objext \
         for ac_func in  \
                 BN_is_prime_ex \
                 DSA_generate_parameters_ex \
-                EVP_DigestInit_ex \
+                EVP_CIPHER_CTX_ctrl \
                 EVP_DigestFinal_ex \
-                EVP_MD_CTX_init \
+                EVP_DigestInit_ex \
                 EVP_MD_CTX_cleanup \
                 EVP_MD_CTX_copy_ex \
+                EVP_MD_CTX_init \
                 HMAC_CTX_init \
                 RSA_generate_key_ex \
                 RSA_get_default_method \
@@ -13147,6 +12948,75 @@ fi
 done
 
 
+        # OpenSSL_add_all_algorithms may be a macro.
+        ac_fn_c_check_func "$LINENO" "OpenSSL_add_all_algorithms" "ac_cv_func_OpenSSL_add_all_algorithms"
+if test "x$ac_cv_func_OpenSSL_add_all_algorithms" = xyes; then :
+
+$as_echo "#define HAVE_OPENSSL_ADD_ALL_ALGORITHMS 1" >>confdefs.h
+
+else
+  ac_fn_c_check_decl "$LINENO" "OpenSSL_add_all_algorithms" "ac_cv_have_decl_OpenSSL_add_all_algorithms" "#include <openssl/evp.h>
+
+"
+if test "x$ac_cv_have_decl_OpenSSL_add_all_algorithms" = xyes; then :
+
+$as_echo "#define HAVE_OPENSSL_ADD_ALL_ALGORITHMS 1" >>confdefs.h
+
+fi
+
+
+fi
+
+
+        # LibreSSL/OpenSSL 1.1x API
+        for ac_func in  \
+                OPENSSL_init_crypto \
+                DH_get0_key \
+                DH_get0_pqg \
+                DH_set0_key \
+                DH_set_length \
+                DH_set0_pqg \
+                DSA_get0_key \
+                DSA_get0_pqg \
+                DSA_set0_key \
+                DSA_set0_pqg \
+                DSA_SIG_get0 \
+                DSA_SIG_set0 \
+                ECDSA_SIG_get0 \
+                ECDSA_SIG_set0 \
+                EVP_CIPHER_CTX_iv \
+                EVP_CIPHER_CTX_iv_noconst \
+                EVP_CIPHER_CTX_get_iv \
+                EVP_CIPHER_CTX_set_iv \
+                RSA_get0_crt_params \
+                RSA_get0_factors \
+                RSA_get0_key \
+                RSA_set0_crt_params \
+                RSA_set0_factors \
+                RSA_set0_key \
+                RSA_meth_free \
+                RSA_meth_dup \
+                RSA_meth_set1_name \
+                RSA_meth_get_finish \
+                RSA_meth_set_priv_enc \
+                RSA_meth_set_priv_dec \
+                RSA_meth_set_finish \
+                EVP_PKEY_get0_RSA \
+                EVP_MD_CTX_new \
+                EVP_MD_CTX_free \
+
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
         if test "x$openssl_engine" = "xyes" ; then
                 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5
 $as_echo_n "checking for OpenSSL ENGINE support... " >&6; }
@@ -13302,1989 +13172,6 @@ fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
 
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_ctrl" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_ctrl... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_ctrl ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_ctrl ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_ctrl=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_ctrl=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_ctrl" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_ctrl" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_ctrl
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_CTRL 1" >>confdefs.h
-
-fi
-
-
-        # LibreSSL/OpenSSL 1.1x API
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_get0_key" >&5
-$as_echo_n "checking for library containing DH_get0_key... " >&6; }
-if ${ac_cv_search_DH_get0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DH_get0_key ();
-int
-main ()
-{
-return DH_get0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DH_get0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DH_get0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DH_get0_key+:} false; then :
-
-else
-  ac_cv_search_DH_get0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_get0_key" >&5
-$as_echo "$ac_cv_search_DH_get0_key" >&6; }
-ac_res=$ac_cv_search_DH_get0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DH_GET0_KEY 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_get0_pqg" >&5
-$as_echo_n "checking for library containing DH_get0_pqg... " >&6; }
-if ${ac_cv_search_DH_get0_pqg+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DH_get0_pqg ();
-int
-main ()
-{
-return DH_get0_pqg ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DH_get0_pqg=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DH_get0_pqg+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DH_get0_pqg+:} false; then :
-
-else
-  ac_cv_search_DH_get0_pqg=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_get0_pqg" >&5
-$as_echo "$ac_cv_search_DH_get0_pqg" >&6; }
-ac_res=$ac_cv_search_DH_get0_pqg
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DH_GET0_PQG 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set0_key" >&5
-$as_echo_n "checking for library containing DH_set0_key... " >&6; }
-if ${ac_cv_search_DH_set0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DH_set0_key ();
-int
-main ()
-{
-return DH_set0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DH_set0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DH_set0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DH_set0_key+:} false; then :
-
-else
-  ac_cv_search_DH_set0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set0_key" >&5
-$as_echo "$ac_cv_search_DH_set0_key" >&6; }
-ac_res=$ac_cv_search_DH_set0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DH_SET0_KEY 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set_length" >&5
-$as_echo_n "checking for library containing DH_set_length... " >&6; }
-if ${ac_cv_search_DH_set_length+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DH_set_length ();
-int
-main ()
-{
-return DH_set_length ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DH_set_length=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DH_set_length+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DH_set_length+:} false; then :
-
-else
-  ac_cv_search_DH_set_length=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set_length" >&5
-$as_echo "$ac_cv_search_DH_set_length" >&6; }
-ac_res=$ac_cv_search_DH_set_length
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DH_SET_LENGTH 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DH_set0_pqg" >&5
-$as_echo_n "checking for library containing DH_set0_pqg... " >&6; }
-if ${ac_cv_search_DH_set0_pqg+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DH_set0_pqg ();
-int
-main ()
-{
-return DH_set0_pqg ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DH_set0_pqg=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DH_set0_pqg+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DH_set0_pqg+:} false; then :
-
-else
-  ac_cv_search_DH_set0_pqg=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DH_set0_pqg" >&5
-$as_echo "$ac_cv_search_DH_set0_pqg" >&6; }
-ac_res=$ac_cv_search_DH_set0_pqg
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DH_SET0_PQG 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_get0_key" >&5
-$as_echo_n "checking for library containing DSA_get0_key... " >&6; }
-if ${ac_cv_search_DSA_get0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_get0_key ();
-int
-main ()
-{
-return DSA_get0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_get0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_get0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_get0_key+:} false; then :
-
-else
-  ac_cv_search_DSA_get0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_get0_key" >&5
-$as_echo "$ac_cv_search_DSA_get0_key" >&6; }
-ac_res=$ac_cv_search_DSA_get0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_GET0_KEY 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_get0_pqg" >&5
-$as_echo_n "checking for library containing DSA_get0_pqg... " >&6; }
-if ${ac_cv_search_DSA_get0_pqg+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_get0_pqg ();
-int
-main ()
-{
-return DSA_get0_pqg ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_get0_pqg=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_get0_pqg+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_get0_pqg+:} false; then :
-
-else
-  ac_cv_search_DSA_get0_pqg=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_get0_pqg" >&5
-$as_echo "$ac_cv_search_DSA_get0_pqg" >&6; }
-ac_res=$ac_cv_search_DSA_get0_pqg
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_GET0_PQG 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_set0_key" >&5
-$as_echo_n "checking for library containing DSA_set0_key... " >&6; }
-if ${ac_cv_search_DSA_set0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_set0_key ();
-int
-main ()
-{
-return DSA_set0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_set0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_set0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_set0_key+:} false; then :
-
-else
-  ac_cv_search_DSA_set0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_set0_key" >&5
-$as_echo "$ac_cv_search_DSA_set0_key" >&6; }
-ac_res=$ac_cv_search_DSA_set0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_SET0_KEY 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_set0_pqg" >&5
-$as_echo_n "checking for library containing DSA_set0_pqg... " >&6; }
-if ${ac_cv_search_DSA_set0_pqg+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_set0_pqg ();
-int
-main ()
-{
-return DSA_set0_pqg ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_set0_pqg=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_set0_pqg+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_set0_pqg+:} false; then :
-
-else
-  ac_cv_search_DSA_set0_pqg=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_set0_pqg" >&5
-$as_echo "$ac_cv_search_DSA_set0_pqg" >&6; }
-ac_res=$ac_cv_search_DSA_set0_pqg
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_SET0_PQG 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_SIG_get0" >&5
-$as_echo_n "checking for library containing DSA_SIG_get0... " >&6; }
-if ${ac_cv_search_DSA_SIG_get0+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_SIG_get0 ();
-int
-main ()
-{
-return DSA_SIG_get0 ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_SIG_get0=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_SIG_get0+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_SIG_get0+:} false; then :
-
-else
-  ac_cv_search_DSA_SIG_get0=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_SIG_get0" >&5
-$as_echo "$ac_cv_search_DSA_SIG_get0" >&6; }
-ac_res=$ac_cv_search_DSA_SIG_get0
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_SIG_GET0 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing DSA_SIG_set0" >&5
-$as_echo_n "checking for library containing DSA_SIG_set0... " >&6; }
-if ${ac_cv_search_DSA_SIG_set0+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char DSA_SIG_set0 ();
-int
-main ()
-{
-return DSA_SIG_set0 ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_DSA_SIG_set0=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_DSA_SIG_set0+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_DSA_SIG_set0+:} false; then :
-
-else
-  ac_cv_search_DSA_SIG_set0=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_DSA_SIG_set0" >&5
-$as_echo "$ac_cv_search_DSA_SIG_set0" >&6; }
-ac_res=$ac_cv_search_DSA_SIG_set0
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_DSA_SIG_SET0 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ECDSA_SIG_get0" >&5
-$as_echo_n "checking for library containing ECDSA_SIG_get0... " >&6; }
-if ${ac_cv_search_ECDSA_SIG_get0+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ECDSA_SIG_get0 ();
-int
-main ()
-{
-return ECDSA_SIG_get0 ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_ECDSA_SIG_get0=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_ECDSA_SIG_get0+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_ECDSA_SIG_get0+:} false; then :
-
-else
-  ac_cv_search_ECDSA_SIG_get0=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ECDSA_SIG_get0" >&5
-$as_echo "$ac_cv_search_ECDSA_SIG_get0" >&6; }
-ac_res=$ac_cv_search_ECDSA_SIG_get0
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_ECDSA_SIG_GET0 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ECDSA_SIG_set0" >&5
-$as_echo_n "checking for library containing ECDSA_SIG_set0... " >&6; }
-if ${ac_cv_search_ECDSA_SIG_set0+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ECDSA_SIG_set0 ();
-int
-main ()
-{
-return ECDSA_SIG_set0 ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_ECDSA_SIG_set0=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_ECDSA_SIG_set0+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_ECDSA_SIG_set0+:} false; then :
-
-else
-  ac_cv_search_ECDSA_SIG_set0=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ECDSA_SIG_set0" >&5
-$as_echo "$ac_cv_search_ECDSA_SIG_set0" >&6; }
-ac_res=$ac_cv_search_ECDSA_SIG_set0
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_ECDSA_SIG_SET0 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_iv" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_iv... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_iv ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_iv ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_iv=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_iv+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_iv=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_iv" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_iv" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_iv
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_IV 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_iv_noconst" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_iv_noconst... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_iv_noconst ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_iv_noconst ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_iv_noconst=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_iv_noconst+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_iv_noconst=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_iv_noconst" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_iv_noconst" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_iv_noconst
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_IV_NOCONST 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_get_iv" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_get_iv... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_get_iv ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_get_iv ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_get_iv=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_get_iv+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_get_iv=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_get_iv" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_get_iv" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_get_iv
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_GET_IV 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_set_iv" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_set_iv... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_set_iv ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_set_iv ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_set_iv=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_set_iv+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_set_iv=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_set_iv" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_set_iv" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_set_iv
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_GET_IV 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_crt_params" >&5
-$as_echo_n "checking for library containing RSA_get0_crt_params... " >&6; }
-if ${ac_cv_search_RSA_get0_crt_params+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_get0_crt_params ();
-int
-main ()
-{
-return RSA_get0_crt_params ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_get0_crt_params=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_get0_crt_params+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_get0_crt_params+:} false; then :
-
-else
-  ac_cv_search_RSA_get0_crt_params=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_crt_params" >&5
-$as_echo "$ac_cv_search_RSA_get0_crt_params" >&6; }
-ac_res=$ac_cv_search_RSA_get0_crt_params
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_GET0_CRT_PARAMS 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_factors" >&5
-$as_echo_n "checking for library containing RSA_get0_factors... " >&6; }
-if ${ac_cv_search_RSA_get0_factors+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_get0_factors ();
-int
-main ()
-{
-return RSA_get0_factors ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_get0_factors=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_get0_factors+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_get0_factors+:} false; then :
-
-else
-  ac_cv_search_RSA_get0_factors=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_factors" >&5
-$as_echo "$ac_cv_search_RSA_get0_factors" >&6; }
-ac_res=$ac_cv_search_RSA_get0_factors
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_GET0_FACTORS 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_get0_key" >&5
-$as_echo_n "checking for library containing RSA_get0_key... " >&6; }
-if ${ac_cv_search_RSA_get0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_get0_key ();
-int
-main ()
-{
-return RSA_get0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_get0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_get0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_get0_key+:} false; then :
-
-else
-  ac_cv_search_RSA_get0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_get0_key" >&5
-$as_echo "$ac_cv_search_RSA_get0_key" >&6; }
-ac_res=$ac_cv_search_RSA_get0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_GET0_KEY 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_crt_params" >&5
-$as_echo_n "checking for library containing RSA_set0_crt_params... " >&6; }
-if ${ac_cv_search_RSA_set0_crt_params+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_set0_crt_params ();
-int
-main ()
-{
-return RSA_set0_crt_params ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_set0_crt_params=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_set0_crt_params+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_set0_crt_params+:} false; then :
-
-else
-  ac_cv_search_RSA_set0_crt_params=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_crt_params" >&5
-$as_echo "$ac_cv_search_RSA_set0_crt_params" >&6; }
-ac_res=$ac_cv_search_RSA_set0_crt_params
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_SET0_CRT_PARAMS 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_factors" >&5
-$as_echo_n "checking for library containing RSA_set0_factors... " >&6; }
-if ${ac_cv_search_RSA_set0_factors+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_set0_factors ();
-int
-main ()
-{
-return RSA_set0_factors ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_set0_factors=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_set0_factors+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_set0_factors+:} false; then :
-
-else
-  ac_cv_search_RSA_set0_factors=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_factors" >&5
-$as_echo "$ac_cv_search_RSA_set0_factors" >&6; }
-ac_res=$ac_cv_search_RSA_set0_factors
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_SET0_FACTORS 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_set0_key" >&5
-$as_echo_n "checking for library containing RSA_set0_key... " >&6; }
-if ${ac_cv_search_RSA_set0_key+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_set0_key ();
-int
-main ()
-{
-return RSA_set0_key ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_set0_key=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_set0_key+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_set0_key+:} false; then :
-
-else
-  ac_cv_search_RSA_set0_key=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_set0_key" >&5
-$as_echo "$ac_cv_search_RSA_set0_key" >&6; }
-ac_res=$ac_cv_search_RSA_set0_key
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_SET0_KEY 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_free" >&5
-$as_echo_n "checking for library containing RSA_meth_free... " >&6; }
-if ${ac_cv_search_RSA_meth_free+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_free ();
-int
-main ()
-{
-return RSA_meth_free ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_free=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_free+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_free+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_free=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_free" >&5
-$as_echo "$ac_cv_search_RSA_meth_free" >&6; }
-ac_res=$ac_cv_search_RSA_meth_free
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_FREE 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_dup" >&5
-$as_echo_n "checking for library containing RSA_meth_dup... " >&6; }
-if ${ac_cv_search_RSA_meth_dup+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_dup ();
-int
-main ()
-{
-return RSA_meth_dup ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_dup=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_dup+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_dup+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_dup=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_dup" >&5
-$as_echo "$ac_cv_search_RSA_meth_dup" >&6; }
-ac_res=$ac_cv_search_RSA_meth_dup
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_DUP 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set1_name" >&5
-$as_echo_n "checking for library containing RSA_meth_set1_name... " >&6; }
-if ${ac_cv_search_RSA_meth_set1_name+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_set1_name ();
-int
-main ()
-{
-return RSA_meth_set1_name ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_set1_name=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_set1_name+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_set1_name+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_set1_name=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set1_name" >&5
-$as_echo "$ac_cv_search_RSA_meth_set1_name" >&6; }
-ac_res=$ac_cv_search_RSA_meth_set1_name
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_SET1_NAME 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_get_finish" >&5
-$as_echo_n "checking for library containing RSA_meth_get_finish... " >&6; }
-if ${ac_cv_search_RSA_meth_get_finish+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_get_finish ();
-int
-main ()
-{
-return RSA_meth_get_finish ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_get_finish=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_get_finish+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_get_finish+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_get_finish=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_get_finish" >&5
-$as_echo "$ac_cv_search_RSA_meth_get_finish" >&6; }
-ac_res=$ac_cv_search_RSA_meth_get_finish
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_GET_FINISH 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_priv_enc" >&5
-$as_echo_n "checking for library containing RSA_meth_set_priv_enc... " >&6; }
-if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_set_priv_enc ();
-int
-main ()
-{
-return RSA_meth_set_priv_enc ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_set_priv_enc=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_set_priv_enc+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_set_priv_enc=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_priv_enc" >&5
-$as_echo "$ac_cv_search_RSA_meth_set_priv_enc" >&6; }
-ac_res=$ac_cv_search_RSA_meth_set_priv_enc
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_SET_PRIV_ENC 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_priv_dec" >&5
-$as_echo_n "checking for library containing RSA_meth_set_priv_dec... " >&6; }
-if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_set_priv_dec ();
-int
-main ()
-{
-return RSA_meth_set_priv_dec ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_set_priv_dec=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_set_priv_dec+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_set_priv_dec=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_priv_dec" >&5
-$as_echo "$ac_cv_search_RSA_meth_set_priv_dec" >&6; }
-ac_res=$ac_cv_search_RSA_meth_set_priv_dec
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_SET_PRIV_DEC 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_meth_set_finish" >&5
-$as_echo_n "checking for library containing RSA_meth_set_finish... " >&6; }
-if ${ac_cv_search_RSA_meth_set_finish+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RSA_meth_set_finish ();
-int
-main ()
-{
-return RSA_meth_set_finish ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_RSA_meth_set_finish=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_RSA_meth_set_finish+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_RSA_meth_set_finish+:} false; then :
-
-else
-  ac_cv_search_RSA_meth_set_finish=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_meth_set_finish" >&5
-$as_echo "$ac_cv_search_RSA_meth_set_finish" >&6; }
-ac_res=$ac_cv_search_RSA_meth_set_finish
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_RSA_METH_SET_FINISH 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_PKEY_get0_RSA" >&5
-$as_echo_n "checking for library containing EVP_PKEY_get0_RSA... " >&6; }
-if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_PKEY_get0_RSA ();
-int
-main ()
-{
-return EVP_PKEY_get0_RSA ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_PKEY_get0_RSA=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_PKEY_get0_RSA+:} false; then :
-
-else
-  ac_cv_search_EVP_PKEY_get0_RSA=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_PKEY_get0_RSA" >&5
-$as_echo "$ac_cv_search_EVP_PKEY_get0_RSA" >&6; }
-ac_res=$ac_cv_search_EVP_PKEY_get0_RSA
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_PKEY_GET0_RSA 1" >>confdefs.h
-
-fi
-
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_MD_CTX_new" >&5
-$as_echo_n "checking for library containing EVP_MD_CTX_new... " >&6; }
-if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_MD_CTX_new ();
-int
-main ()
-{
-return EVP_MD_CTX_new ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_MD_CTX_new=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_MD_CTX_new+:} false; then :
-
-else
-  ac_cv_search_EVP_MD_CTX_new=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_MD_CTX_new" >&5
-$as_echo "$ac_cv_search_EVP_MD_CTX_new" >&6; }
-ac_res=$ac_cv_search_EVP_MD_CTX_new
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_MD_CTX_NEW 1" >>confdefs.h
-
-fi
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_MD_CTX_free" >&5
-$as_echo_n "checking for library containing EVP_MD_CTX_free... " >&6; }
-if ${ac_cv_search_EVP_MD_CTX_free+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_MD_CTX_free ();
-int
-main ()
-{
-return EVP_MD_CTX_free ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_MD_CTX_free=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_MD_CTX_free+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_MD_CTX_free+:} false; then :
-
-else
-  ac_cv_search_EVP_MD_CTX_free=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_MD_CTX_free" >&5
-$as_echo "$ac_cv_search_EVP_MD_CTX_free" >&6; }
-ac_res=$ac_cv_search_EVP_MD_CTX_free
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_MD_CTX_FREE 1" >>confdefs.h
-
-fi
-
-
         { $as_echo "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5
 $as_echo_n "checking if EVP_DigestUpdate returns an int... " >&6; }
         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -15626,6 +13513,17 @@ rm -f core conftest.err conftest.$ac_objext \
 
 $as_echo "#define OPENSSL_HAS_ECC 1" >>confdefs.h
 
+                for ac_func in EC_KEY_METHOD_new
+do :
+  ac_fn_c_check_func "$LINENO" "EC_KEY_METHOD_new" "ac_cv_func_EC_KEY_METHOD_new"
+if test "x$ac_cv_func_EC_KEY_METHOD_new" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_EC_KEY_METHOD_NEW 1
+_ACEOF
+
+fi
+done
+
         fi
         if test x$enable_nistp256 = x1; then
 
@@ -20190,8 +18088,8 @@ fi
 
 
                 fi
-                if test ! -z "$need_dash_r" ; then
-                        LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
+                if test -n "${rpath_opt}" ; then
+                        LDFLAGS="$LDFLAGS ${rpath_opt}${KRB5ROOT}/lib"
                 fi
                 if test ! -z "$blibpath" ; then
                         blibpath="$blibpath:${KRB5ROOT}/lib"
diff --git a/configure.ac b/configure.ac
index 8a5db4cb5..de140f578 100644
--- a/configure.ac
+++ b/configure.ac
@@ -19,7 +19,7 @@ AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
 AC_CONFIG_HEADER([config.h])
-AC_PROG_CC
+AC_PROG_CC([cc gcc])
 AC_CANONICAL_HOST
 AC_C_BIGENDIAN
 
@@ -285,10 +285,11 @@ AC_ARG_WITH([rpath],
         [  --without-rpath         Disable auto-added -R linker paths],
         [
                 if test "x$withval" = "xno" ; then
-                        need_dash_r=""
-                fi
-                if test "x$withval" = "xyes" ; then
-                        need_dash_r=1
+                        rpath_opt=""
+                elif test "x$withval" = "xyes" ; then
+                        rpath_opt="-R"
+                else
+                        rpath_opt="$withval"
                 fi
         ]
 )
@@ -668,7 +669,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
         AC_TRY_COMPILE([#include <Security/AuthSession.h>],
                 [SessionCreate(0, 0);],
                 [ac_cv_use_security_session_api="yes"
-                 AC_DEFINE([USE_SECURITY_SESSION_API], [1], 
+                 AC_DEFINE([USE_SECURITY_SESSION_API], [1],
                         [platform has the Security Authorization Session API])
                  LIBS="$LIBS -framework Security"
                  AC_MSG_RESULT([yes])],
@@ -679,7 +680,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
                 [#include <Kerberos/Kerberos.h>],
                 [cc_context_t c;
                  (void) cc_initialize (&c, 0, NULL, NULL);],
-                [AC_DEFINE([USE_CCAPI], [1], 
+                [AC_DEFINE([USE_CCAPI], [1],
                         [platform uses an in-memory credentials cache])
                  LIBS="$LIBS -framework Security"
                  AC_MSG_RESULT([yes])
@@ -935,7 +936,7 @@ mips-sony-bsd|mips-sony-newsos4)
 *-*-netbsd*)
         check_for_libcrypt_before=1
         if test "x$withval" != "xno" ; then
-                need_dash_r=1
+                rpath_opt="-R"
         fi
         CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
         AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way])
@@ -986,7 +987,7 @@ mips-sony-bsd|mips-sony-newsos4)
         ;;
 *-*-solaris*)
         if test "x$withval" != "xno" ; then
-                need_dash_r=1
+                rpath_opt="-R"
         fi
         AC_DEFINE([PAM_SUN_CODEBASE])
         AC_DEFINE([LOGIN_NEEDS_UTMPX])
@@ -1287,14 +1288,14 @@ AC_ARG_WITH([zlib],
                 AC_MSG_ERROR([*** zlib is required ***])
           elif test "x$withval" != "xyes"; then
                 if test -d "$withval/lib"; then
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                         fi
                 else
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval} ${LDFLAGS}"
                         fi
@@ -1314,8 +1315,8 @@ AC_CHECK_LIB([z], [deflate], ,
                 saved_LDFLAGS="$LDFLAGS"
                 save_LIBS="$LIBS"
                 dnl Check default zlib install dir
-                if test -n "${need_dash_r}"; then
-                        LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
+                if test -n "${rpath_opt}"; then
+                        LDFLAGS="-L/usr/local/lib ${rpath_opt}/usr/local/lib ${saved_LDFLAGS}"
                 else
                         LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
                 fi
@@ -1638,8 +1639,8 @@ AC_ARG_WITH([libedit],
                         fi
                 else
                         CPPFLAGS="$CPPFLAGS -I${withval}/include"
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                        if test -n "${rpath_opt}"; then
+                                LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                         else
                                 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                         fi
@@ -1799,7 +1800,9 @@ AC_CHECK_FUNCS([ \
         errx \
         explicit_bzero \
         fchmod \
+        fchmodat \
         fchown \
+        fchownat \
         flock \
         freeaddrinfo \
         freezero \
@@ -1892,6 +1895,7 @@ AC_CHECK_FUNCS([ \
         truncate \
         unsetenv \
         updwtmpx \
+        utimensat \
         user_from_uid \
         usleep \
         vasprintf \
@@ -2556,20 +2560,20 @@ AC_ARG_WITH([ssl-dir],
                                 ./*|../*)       withval="`pwd`/$withval"
                         esac
                         if test -d "$withval/lib"; then
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval}/lib ${rpath_opt}${withval}/lib ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval}/lib ${LDFLAGS}"
                                 fi
                         elif test -d "$withval/lib64"; then
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval}/lib64 ${rpath_opt}${withval}/lib64 ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
                                 fi
                         else
-                                if test -n "${need_dash_r}"; then
-                                        LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
+                                if test -n "${rpath_opt}"; then
+                                        LDFLAGS="-L${withval} ${rpath_opt}${withval} ${LDFLAGS}"
                                 else
                                         LDFLAGS="-L${withval} ${LDFLAGS}"
                                 fi
@@ -2607,26 +2611,10 @@ AC_ARG_WITH([ssl-engine],
 
 if test "x$openssl" = "xyes" ; then
         LIBS="-lcrypto $LIBS"
-        AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1],
-                [Define if your ssl headers are included
-                with #include <openssl/header.h>])],
-                [
-                        dnl Check default openssl install dir
-                        if test -n "${need_dash_r}"; then
-                                LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
-                        else
-                                LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
-                        fi
-                        CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
-                        AC_CHECK_HEADER([openssl/opensslv.h], ,
-                            [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])])
-                        AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])],
-                                [
-                                        AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
-                                ]
-                        )
-                ]
-        )
+        AC_TRY_LINK_FUNC([RAND_add], ,
+            [AC_MSG_ERROR([*** working libcrypto not found, check config.log])])
+        AC_CHECK_HEADER([openssl/opensslv.h], ,
+            [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])])
 
         # Determine OpenSSL header version
         AC_MSG_CHECKING([OpenSSL header version])
@@ -2665,6 +2653,9 @@ if test "x$openssl" = "xyes" ; then
                 ]
         )
 
+        # Determining OpenSSL library version is version dependent.
+        AC_CHECK_FUNCS([OpenSSL_version OpenSSL_version_num])
+
         # Determine OpenSSL library version
         AC_MSG_CHECKING([OpenSSL library version])
         AC_RUN_IFELSE(
@@ -2681,9 +2672,18 @@ if test "x$openssl" = "xyes" ; then
                 fd = fopen(DATA,"w");
                 if(fd == NULL)
                         exit(1);
-
-                if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(),
-                    SSLeay_version(SSLEAY_VERSION))) < 0)
+#ifndef OPENSSL_VERSION
+# define OPENSSL_VERSION SSLEAY_VERSION
+#endif
+#ifndef HAVE_OPENSSL_VERSION
+# define OpenSSL_version        SSLeay_version
+#endif
+#ifndef HAVE_OPENSSL_VERSION_NUM
+# define OpenSSL_version_num    SSLeay
+#endif
+                if ((rc = fprintf(fd, "%08lx (%s)\n",
+                    (unsigned long)OpenSSL_version_num(),
+                    OpenSSL_version(OPENSSL_VERSION))) < 0)
                         exit(1);
 
                 exit(0);
@@ -2696,14 +2696,15 @@ if test "x$openssl" = "xyes" ; then
                                 AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")])
                                 ;;
                         100*)   ;; # 1.0.x
-                        101000[0123456]*)
+                        101000[[0123456]]*)
                                 # https://github.com/openssl/openssl/pull/4613
                                 AC_MSG_ERROR([OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have "$ssl_library_ver")])
                                 ;;
                         101*)   ;; # 1.1.x
                         200*)   ;; # LibreSSL
+                        300*)   ;; # OpenSSL development branch.
                         *)
-                                AC_MSG_ERROR([OpenSSL > 1.1.x is not yet supported (have "$ssl_library_ver")])
+                                AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_library_ver")])
                                 ;;
                         esac
                         AC_MSG_RESULT([$ssl_library_ver])
@@ -2725,7 +2726,10 @@ if test "x$openssl" = "xyes" ; then
         #include <openssl/opensslv.h>
         #include <openssl/crypto.h>
                 ]], [[
-                exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
+#ifndef HAVE_OPENSSL_VERSION_NUM
+# define OpenSSL_version_num    SSLeay
+#endif
+                exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1);
                 ]])],
                 [
                         AC_MSG_RESULT([yes])
@@ -2752,8 +2756,8 @@ if test "x$openssl" = "xyes" ; then
 
         AC_MSG_CHECKING([if programs using OpenSSL functions will link])
         AC_LINK_IFELSE(
-                [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
-                [[ SSLeay_add_all_algorithms(); ]])],
+                [AC_LANG_PROGRAM([[ #include <openssl/err.h> ]],
+                [[ ERR_load_crypto_strings(); ]])],
                 [
                         AC_MSG_RESULT([yes])
                 ],
@@ -2763,8 +2767,8 @@ if test "x$openssl" = "xyes" ; then
                         LIBS="$LIBS -ldl"
                         AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
                         AC_LINK_IFELSE(
-                                [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
-                                [[ SSLeay_add_all_algorithms(); ]])],
+                                [AC_LANG_PROGRAM([[ #include <openssl/err.h> ]],
+                                [[ ERR_load_crypto_strings(); ]])],
                                 [
                                         AC_MSG_RESULT([yes])
                                 ],
@@ -2779,16 +2783,64 @@ if test "x$openssl" = "xyes" ; then
         AC_CHECK_FUNCS([ \
                 BN_is_prime_ex \
                 DSA_generate_parameters_ex \
-                EVP_DigestInit_ex \
+                EVP_CIPHER_CTX_ctrl \
                 EVP_DigestFinal_ex \
-                EVP_MD_CTX_init \
+                EVP_DigestInit_ex \
                 EVP_MD_CTX_cleanup \
                 EVP_MD_CTX_copy_ex \
+                EVP_MD_CTX_init \
                 HMAC_CTX_init \
                 RSA_generate_key_ex \
                 RSA_get_default_method \
         ])
 
+        # OpenSSL_add_all_algorithms may be a macro.
+        AC_CHECK_FUNC(OpenSSL_add_all_algorithms,
+            AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a function]),
+            AC_CHECK_DECL(OpenSSL_add_all_algorithms,
+                AC_DEFINE(HAVE_OPENSSL_ADD_ALL_ALGORITHMS, 1, [as a macro]), ,
+                [[#include <openssl/evp.h>]]
+            )
+        )
+
+        # LibreSSL/OpenSSL 1.1x API
+        AC_CHECK_FUNCS([ \
+                OPENSSL_init_crypto \
+                DH_get0_key \
+                DH_get0_pqg \
+                DH_set0_key \
+                DH_set_length \
+                DH_set0_pqg \
+                DSA_get0_key \
+                DSA_get0_pqg \
+                DSA_set0_key \
+                DSA_set0_pqg \
+                DSA_SIG_get0 \
+                DSA_SIG_set0 \
+                ECDSA_SIG_get0 \
+                ECDSA_SIG_set0 \
+                EVP_CIPHER_CTX_iv \
+                EVP_CIPHER_CTX_iv_noconst \
+                EVP_CIPHER_CTX_get_iv \
+                EVP_CIPHER_CTX_set_iv \
+                RSA_get0_crt_params \
+                RSA_get0_factors \
+                RSA_get0_key \
+                RSA_set0_crt_params \
+                RSA_set0_factors \
+                RSA_set0_key \
+                RSA_meth_free \
+                RSA_meth_dup \
+                RSA_meth_set1_name \
+                RSA_meth_get_finish \
+                RSA_meth_set_priv_enc \
+                RSA_meth_set_priv_dec \
+                RSA_meth_set_finish \
+                EVP_PKEY_get0_RSA \
+                EVP_MD_CTX_new \
+                EVP_MD_CTX_free \
+        ])
+
         if test "x$openssl_engine" = "xyes" ; then
                 AC_MSG_CHECKING([for OpenSSL ENGINE support])
                 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
@@ -2872,119 +2924,6 @@ if test "x$openssl" = "xyes" ; then
                 ]
         )
 
-        AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto],
-                [AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1],
-                    [Define if libcrypto has EVP_CIPHER_CTX_ctrl])])
-
-        # LibreSSL/OpenSSL 1.1x API
-        AC_SEARCH_LIBS([DH_get0_key], [crypto],
-                [AC_DEFINE([HAVE_DH_GET0_KEY], [1],
-                    [Define if libcrypto has DH_get0_key])])
-        AC_SEARCH_LIBS([DH_get0_pqg], [crypto],
-                [AC_DEFINE([HAVE_DH_GET0_PQG], [1],
-                    [Define if libcrypto has DH_get0_pqg])])
-        AC_SEARCH_LIBS([DH_set0_key], [crypto],
-                [AC_DEFINE([HAVE_DH_SET0_KEY], [1],
-                    [Define if libcrypto has DH_set0_key])])
-        AC_SEARCH_LIBS([DH_set_length], [crypto],
-                [AC_DEFINE([HAVE_DH_SET_LENGTH], [1],
-                    [Define if libcrypto has DH_set_length])])
-        AC_SEARCH_LIBS([DH_set0_pqg], [crypto],
-                [AC_DEFINE([HAVE_DH_SET0_PQG], [1],
-                    [Define if libcrypto has DH_set0_pqg])])
-
-        AC_SEARCH_LIBS([DSA_get0_key], [crypto],
-                [AC_DEFINE([HAVE_DSA_GET0_KEY], [1],
-                    [Define if libcrypto has DSA_get0_key])])
-        AC_SEARCH_LIBS([DSA_get0_pqg], [crypto],
-                [AC_DEFINE([HAVE_DSA_GET0_PQG], [1],
-                    [Define if libcrypto has DSA_get0_pqg])])
-        AC_SEARCH_LIBS([DSA_set0_key], [crypto],
-                [AC_DEFINE([HAVE_DSA_SET0_KEY], [1],
-                    [Define if libcrypto has DSA_set0_key])])
-        AC_SEARCH_LIBS([DSA_set0_pqg], [crypto],
-                [AC_DEFINE([HAVE_DSA_SET0_PQG], [1],
-                    [Define if libcrypto has DSA_set0_pqg])])
-
-        AC_SEARCH_LIBS([DSA_SIG_get0], [crypto],
-                [AC_DEFINE([HAVE_DSA_SIG_GET0], [1],
-                    [Define if libcrypto has DSA_SIG_get0])])
-        AC_SEARCH_LIBS([DSA_SIG_set0], [crypto],
-                [AC_DEFINE([HAVE_DSA_SIG_SET0], [1],
-                    [Define if libcrypto has DSA_SIG_set0])])
-
-        AC_SEARCH_LIBS([ECDSA_SIG_get0], [crypto],
-                [AC_DEFINE([HAVE_ECDSA_SIG_GET0], [1],
-                    [Define if libcrypto has ECDSA_SIG_get0])])
-        AC_SEARCH_LIBS([ECDSA_SIG_set0], [crypto],
-                [AC_DEFINE([HAVE_ECDSA_SIG_SET0], [1],
-                    [Define if libcrypto has ECDSA_SIG_set0])])
-
-        AC_SEARCH_LIBS([EVP_CIPHER_CTX_iv], [crypto],
-                [AC_DEFINE([HAVE_EVP_CIPHER_CTX_IV], [1],
-                    [Define if libcrypto has EVP_CIPHER_CTX_iv])])
-        AC_SEARCH_LIBS([EVP_CIPHER_CTX_iv_noconst], [crypto],
-                [AC_DEFINE([HAVE_EVP_CIPHER_CTX_IV_NOCONST], [1],
-                    [Define if libcrypto has EVP_CIPHER_CTX_iv_noconst])])
-        AC_SEARCH_LIBS([EVP_CIPHER_CTX_get_iv], [crypto],
-                [AC_DEFINE([HAVE_EVP_CIPHER_CTX_GET_IV], [1],
-                    [Define if libcrypto has EVP_CIPHER_CTX_get_iv])])
-        AC_SEARCH_LIBS([EVP_CIPHER_CTX_set_iv], [crypto],
-                [AC_DEFINE([HAVE_EVP_CIPHER_CTX_GET_IV], [1],
-                    [Define if libcrypto has EVP_CIPHER_CTX_set_iv])])
-
-        AC_SEARCH_LIBS([RSA_get0_crt_params], [crypto],
-                [AC_DEFINE([HAVE_RSA_GET0_CRT_PARAMS], [1],
-                    [Define if libcrypto has RSA_get0_crt_params])])
-        AC_SEARCH_LIBS([RSA_get0_factors], [crypto],
-                [AC_DEFINE([HAVE_RSA_GET0_FACTORS], [1],
-                    [Define if libcrypto has RSA_get0_factors])])
-        AC_SEARCH_LIBS([RSA_get0_key], [crypto],
-                [AC_DEFINE([HAVE_RSA_GET0_KEY], [1],
-                    [Define if libcrypto has RSA_get0_key])])
-        AC_SEARCH_LIBS([RSA_set0_crt_params], [crypto],
-                [AC_DEFINE([HAVE_RSA_SET0_CRT_PARAMS], [1],
-                    [Define if libcrypto has RSA_get0_srt_params])])
-        AC_SEARCH_LIBS([RSA_set0_factors], [crypto],
-                [AC_DEFINE([HAVE_RSA_SET0_FACTORS], [1],
-                    [Define if libcrypto has RSA_set0_factors])])
-        AC_SEARCH_LIBS([RSA_set0_key], [crypto],
-                [AC_DEFINE([HAVE_RSA_SET0_KEY], [1],
-                    [Define if libcrypto has RSA_set0_key])])
-
-        AC_SEARCH_LIBS([RSA_meth_free], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_FREE], [1],
-                    [Define if libcrypto has RSA_meth_free])])
-        AC_SEARCH_LIBS([RSA_meth_dup], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_DUP], [1],
-                    [Define if libcrypto has RSA_meth_dup])])
-        AC_SEARCH_LIBS([RSA_meth_set1_name], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_SET1_NAME], [1],
-                    [Define if libcrypto has RSA_meth_set1_name])])
-        AC_SEARCH_LIBS([RSA_meth_get_finish], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_GET_FINISH], [1],
-                    [Define if libcrypto has RSA_meth_get_finish])])
-        AC_SEARCH_LIBS([RSA_meth_set_priv_enc], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_SET_PRIV_ENC], [1],
-                    [Define if libcrypto has RSA_meth_set_priv_enc])])
-        AC_SEARCH_LIBS([RSA_meth_set_priv_dec], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_SET_PRIV_DEC], [1],
-                    [Define if libcrypto has RSA_meth_set_priv_dec])])
-        AC_SEARCH_LIBS([RSA_meth_set_finish], [crypto],
-                [AC_DEFINE([HAVE_RSA_METH_SET_FINISH], [1],
-                    [Define if libcrypto has RSA_meth_set_finish])])
-
-        AC_SEARCH_LIBS([EVP_PKEY_get0_RSA], [crypto],
-                [AC_DEFINE([HAVE_EVP_PKEY_GET0_RSA], [1],
-                    [Define if libcrypto has EVP_PKEY_get0_RSA])])
-
-        AC_SEARCH_LIBS([EVP_MD_CTX_new], [crypto],
-                [AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [1],
-                    [Define if libcrypto has EVP_MD_CTX_new])])
-        AC_SEARCH_LIBS([EVP_MD_CTX_free], [crypto],
-                [AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [1],
-                    [Define if libcrypto has EVP_MD_CTX_free])])
-
         AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
         AC_LINK_IFELSE(
                 [AC_LANG_PROGRAM([[
@@ -3116,6 +3055,7 @@ if test "x$openssl" = "xyes" ; then
         if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
             test x$enable_nistp521 = x1; then
                 AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC])
+                AC_CHECK_FUNCS([EC_KEY_METHOD_new])
         fi
         if test x$enable_nistp256 = x1; then
                 AC_DEFINE([OPENSSL_HAS_NISTP256], [1],
@@ -3596,10 +3536,10 @@ fi
 AC_CHECK_TYPES([long long, unsigned long long, long double])
 
 # Check datatype sizes
-AC_CHECK_SIZEOF([short int], [2])
-AC_CHECK_SIZEOF([int], [4])
-AC_CHECK_SIZEOF([long int], [4])
-AC_CHECK_SIZEOF([long long int], [8])
+AC_CHECK_SIZEOF([short int])
+AC_CHECK_SIZEOF([int])
+AC_CHECK_SIZEOF([long int])
+AC_CHECK_SIZEOF([long long int])
 
 # Sanity check long long for some platforms (AIX)
 if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
@@ -4548,8 +4488,8 @@ AC_ARG_WITH([kerberos5],
                                         [ CPPFLAGS="$oldCPP" ])
 
                 fi
-                if test ! -z "$need_dash_r" ; then
-                        LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
+                if test -n "${rpath_opt}" ; then
+                        LDFLAGS="$LDFLAGS ${rpath_opt}${KRB5ROOT}/lib"
                 fi
                 if test ! -z "$blibpath" ; then
                         blibpath="$blibpath:${KRB5ROOT}/lib"
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index 261020af3..a8572e2ac 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -61,7 +61,7 @@ LOCALSTATEDIR=/var
 
 sshd_config_configured=no
 port_number=22
-service_name=sshd
+service_name=cygsshd
 strictmodes=yes
 cygwin_value=""
 user_account=
@@ -307,7 +307,7 @@ check_service_files_ownership() {
 
   if [ -z "${run_service_as}" ]
   then
-    accnt_name=$(/usr/bin/cygrunsrv -VQ sshd |
+    accnt_name=$(/usr/bin/cygrunsrv -VQ "${service_name}" |
                  /usr/bin/sed -ne 's/^Account *: *//gp')
     if [ "${accnt_name}" = "LocalSystem" ]
     then
@@ -329,9 +329,9 @@ check_service_files_ownership() {
     fi
     if [ -z "${run_service_as}" ]
     then
-      csih_warning "Couldn't determine name of user running sshd service from account database!"
+      csih_warning "Couldn't determine name of user running ${service_name} service from account database!"
       csih_warning "As a result, this script cannot make sure that the files used"
-      csih_warning "by the sshd service belong to the user running the service."
+      csih_warning "by the ${service_name} service belong to the user running the service."
       return 1
     fi
   fi
@@ -367,8 +367,8 @@ check_service_files_ownership() {
   if [ $ret -ne 0 ]
   then
     csih_warning "Couldn't change owner of important files to ${run_service_as}!"
-    csih_warning "This may cause the sshd service to fail!  Please make sure that"
-    csih_warning "you have suufficient permissions to change the ownership of files"
+    csih_warning "This may cause the ${service_name} service to fail!  Please make sure that"
+    csih_warning "you have sufficient permissions to change the ownership of files"
     csih_warning "and try to run the ssh-host-config script again."
   fi
   return $ret
@@ -394,14 +394,24 @@ install_service() {
     then
       csih_get_cygenv "${cygwin_value}"
 
-      if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
+      if ( [ "$csih_FORCE_PRIVILEGED_USER" != "yes" ] )
       then
-        csih_inform "On Windows Server 2003, Windows Vista, and above, the"
-        csih_inform "SYSTEM account cannot setuid to other users -- a capability"
-        csih_inform "sshd requires.  You need to have or to create a privileged"
-        csih_inform "account.  This script will help you do so."
-        echo
+        # Enforce using privileged user on 64 bit Vista or W7 under WOW64
+        is_wow64=$(/usr/bin/uname | /usr/bin/grep -q 'WOW' && echo 1 || echo 0)
 
+        if ( csih_is_nt2003 && ! csih_is_windows8 && [ "${is_wow64}" = "1" ] )
+        then
+          csih_inform "Running 32 bit Cygwin on 64 bit Windows Vista or Windows 7"
+          csih_inform "the SYSTEM account is not sufficient to setuid to a local"
+          csih_inform "user account.  You need to have or to create a privileged"
+          csih_inform "account.  This script will help you do so."
+          echo
+          csih_FORCE_PRIVILEGED_USER=yes
+        fi
+      fi
+
+      if ( [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
+      then
         [ "${opt_force}" = "yes" ] && opt_f=-f
         [ -n "${user_account}" ] && opt_u="-u ""${user_account}"""
         csih_select_privileged_username ${opt_f} ${opt_u} sshd
@@ -412,11 +422,12 @@ install_service() {
           csih_request "Do you want to proceed anyway?" || exit 1
           let ++ret
         fi
+        # Never returns empty if NT or above
+        run_service_as=$(csih_service_should_run_as)
+      else
+        run_service_as="SYSTEM"
       fi
 
-      # Never returns empty if NT or above
-      run_service_as=$(csih_service_should_run_as)
-
       if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]
       then
         password="${csih_PRIVILEGED_PASSWORD}"
@@ -446,7 +457,7 @@ install_service() {
           echo
           csih_inform "The sshd service has been installed under the LocalSystem"
           csih_inform "account (also known as SYSTEM). To start the service now, call"
-          csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'.  Otherwise, it"
+          csih_inform "\`net start ${service_name}' or \`cygrunsrv -S ${service_name}'.  Otherwise, it"
           csih_inform "will start automatically after the next reboot."
         fi
       else
@@ -669,14 +680,24 @@ then
 fi
 
 # handle sshd_config
+# make sure not to change the existing file
+mod_before=""
+if [ -e "${SYSCONFDIR}/sshd_config" ]
+then
+  mod_before=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:')
+fi
 csih_install_config "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults" || let ++warning_cnt
+mod_now=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:')
 if ! /usr/bin/cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1
 then
   sshd_config_configured=yes
 fi
-sshd_strictmodes || let warning_cnt+=$?
-sshd_privsep || let warning_cnt+=$?
-sshd_config_tweak || let warning_cnt+=$?
+if [ "${mod_before}" != "${mod_now}" ]
+then
+  sshd_strictmodes || let warning_cnt+=$?
+  sshd_config_tweak || let warning_cnt+=$?
+fi
+#sshd_privsep || let warning_cnt+=$?
 update_services_file || let warning_cnt+=$?
 update_inetd_conf || let warning_cnt+=$?
 install_service || let warning_cnt+=$?
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index d7823483d..f3c175523 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
-%define ver 7.9p1
+%define ver 8.0p1
 %define rel 1%{?dist}
 
 # OpenSSH privilege separation requires a user & group ID
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index b43d8985a..478871815 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
 
 Summary:        OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:           openssh
-Version:        7.9p1
+Version:        8.0p1
 URL:            https://www.openssh.com/
 Release:        1
 Source0:        openssh-%{version}.tar.gz
diff --git a/crypto_api.h b/crypto_api.h
index 7f45bbd69..eb05251ff 100644
--- a/crypto_api.h
+++ b/crypto_api.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
+/* $OpenBSD: crypto_api.h,v 1.5 2019/01/21 10:20:12 djm Exp $ */
 
 /*
  * Assembled from generated headers and source files by Markus Friedl.
@@ -15,10 +15,15 @@
 #endif
 #include <stdlib.h>
 
+typedef int8_t crypto_int8;
+typedef uint8_t crypto_uint8;
+typedef int16_t crypto_int16;
+typedef uint16_t crypto_uint16;
 typedef int32_t crypto_int32;
 typedef uint32_t crypto_uint32;
 
 #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len))
+#define small_random32() arc4random()
 
 #define crypto_hash_sha512_BYTES 64U
 
@@ -37,4 +42,15 @@ int	crypto_sign_ed25519_open(unsigned char *, unsigned long long *,
     const unsigned char *, unsigned long long, const unsigned char *);
 int     crypto_sign_ed25519_keypair(unsigned char *, unsigned char *);
 
+#define crypto_kem_sntrup4591761_PUBLICKEYBYTES 1218
+#define crypto_kem_sntrup4591761_SECRETKEYBYTES 1600
+#define crypto_kem_sntrup4591761_CIPHERTEXTBYTES 1047
+#define crypto_kem_sntrup4591761_BYTES 32
+
+int     crypto_kem_sntrup4591761_enc(unsigned char *cstr, unsigned char *k,
+    const unsigned char *pk);
+int     crypto_kem_sntrup4591761_dec(unsigned char *k,
+    const unsigned char *cstr, const unsigned char *sk);
+int     crypto_kem_sntrup4591761_keypair(unsigned char *pk, unsigned char *sk);
+
 #endif /* crypto_api_h */
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 65e73673d..46a4f4209 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,11 +1,12 @@
 # see git-dpm(1) from git-dpm package
-6b56cd57db9061296231f14d537f1ebaf25e8877
-6b56cd57db9061296231f14d537f1ebaf25e8877
-3d246f10429fc9a37b98eabef94fe8dc7c61002b
-3d246f10429fc9a37b98eabef94fe8dc7c61002b
-openssh_7.9p1.orig.tar.gz
-993aceedea8ecabb1d0dd7293508a361891c4eaa
-1565384
+7d50f9e5be88179325983a1f58c9d51bb58f025a
+7d50f9e5be88179325983a1f58c9d51bb58f025a
+102062f825fb26a74295a1c089c00c4c4c76b68a
+102062f825fb26a74295a1c089c00c4c4c76b68a
+openssh_8.0p1.orig.tar.gz
+756dbb99193f9541c9206a667eaa27b0fa184a4f
+1597697
 debianTag="debian/%e%%%V"
 patchedTag="patched/%e%%%V"
 upstreamTag="upstream/%U"
+signature:a287987d9d505aaa8a89e693920f14b9b9e27a5f:683:openssh_8.0p1.orig.tar.gz.asc
diff --git a/debian/NEWS b/debian/NEWS
index c0a535cf2..c8d01545f 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,17 @@
+openssh (1:8.0p1-1) unstable; urgency=medium
+
+  OpenSSH 8.0 includes a number of changes that may affect existing
+  configurations:
+
+   * sshd(8): Remove support for obsolete "host/port" syntax.
+     Slash-separated host/port was added in 2001 as an alternative to
+     host:port syntax for the benefit of IPv6 users.  These days there are
+     established standards for this like [::1]:22 and the slash syntax is
+     easily mistaken for CIDR notation, which OpenSSH supports for some
+     things.  Remove the slash notation from ListenAddress and PermitOpen.
+
+ -- Colin Watson <cjwatson@debian.org>  Wed, 05 Jun 2019 07:09:47 +0100
+
 openssh (1:7.9p1-1) unstable; urgency=medium
 
   OpenSSH 7.9 includes a number of changes that may affect existing
diff --git a/debian/changelog b/debian/changelog
index 8b18f3506..c272f8fc8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,129 @@
+openssh (1:8.0p1-1) UNRELEASED; urgency=medium
+
+  * New upstream release (https://www.openssh.com/txt/release-8.0, closes:
+    #927792):
+    - ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
+      PKCS#11 tokens (LP: #1665695).
+    - ssh(1), sshd(8): Add experimental quantum-computing resistant key
+      exchange method, based on a combination of Streamlined NTRU Prime
+      4591^761 and X25519.
+    - ssh-keygen(1): Increase the default RSA key size to 3072 bits,
+      following NIST Special Publication 800-57's guidance for a 128-bit
+      equivalent symmetric security level (LP: #1445625).
+    - ssh(1): Allow "PKCS11Provider=none" to override later instances of the
+      PKCS11Provider directive in ssh_config.
+    - sshd(8): Add a log message for situations where a connection is
+      dropped for attempting to run a command but a sshd_config
+      ForceCommand=internal-sftp restriction is in effect.
+    - ssh(1): When prompting whether to record a new host key, accept the
+      key fingerprint as a synonym for "yes".  This allows the user to paste
+      a fingerprint obtained out of band at the prompt and have the client
+      do the comparison for you.
+    - ssh-keygen(1): When signing multiple certificates on a single
+      command-line invocation, allow automatically incrementing the
+      certificate serial number.
+    - scp(1), sftp(1): Accept -J option as an alias to ProxyJump on the scp
+      and sftp command-lines.
+    - ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
+      command-line flags to increase the verbosity of output; pass verbose
+      flags though to subprocesses, such as ssh-pkcs11-helper started from
+      ssh-agent.
+    - ssh-add(1): Add a "-T" option to allowing testing whether keys in an
+      agent are usable by performing a signature and a verification.
+    - sftp-server(8): Add a "lsetstat@openssh.com" protocol extension that
+      replicates the functionality of the existing SSH2_FXP_SETSTAT
+      operation but does not follow symlinks.
+    - sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request they
+      do not follow symlinks.
+    - sshd(8): Expose $SSH_CONNECTION in the PAM environment.  This makes
+      the connection 4-tuple available to PAM modules that wish to use it in
+      decision-making.
+    - sshd(8): Add a ssh_config "Match final" predicate.  Matches in same
+      pass as "Match canonical" but doesn't require hostname
+      canonicalisation be enabled.
+    - sftp(1): Support a prefix of '@' to suppress echo of sftp batch
+      commands.
+    - ssh-keygen(1): When printing certificate contents using "ssh-keygen
+      -Lf /path/certificate", include the algorithm that the CA used to sign
+      the cert.
+    - sshd(8): Fix authentication failures when sshd_config contains
+      "AuthenticationMethods any" inside a Match block that overrides a more
+      restrictive default.
+    - sshd(8): Avoid sending duplicate keepalives when ClientAliveCount is
+      enabled.
+    - sshd(8): Fix two race conditions related to SIGHUP daemon restart.
+      Remnant file descriptors in recently-forked child processes could
+      block the parent sshd's attempt to listen(2) to the configured
+      addresses.  Also, the restarting parent sshd could exit before any
+      child processes that were awaiting their re-execution state had
+      completed reading it, leaving them in a fallback path.
+    - ssh(1): Fix stdout potentially being redirected to /dev/null when
+      ProxyCommand=- was in use.
+    - sshd(8): Avoid sending SIGPIPE to child processes if they attempt to
+      write to stderr after their parent processes have exited.
+    - ssh(1): Fix bad interaction between the ssh_config ConnectTimeout and
+      ConnectionAttempts directives - connection attempts after the first
+      were ignoring the requested timeout (LP: #1798049).
+    - ssh-keyscan(1): Return a non-zero exit status if no keys were found
+      (closes: #374980, LP: #1661745).
+    - scp(1): Sanitize scp filenames to allow UTF-8 characters without
+      terminal control sequences.
+    - sshd(8): Fix confusion between ClientAliveInterval and time-based
+      RekeyLimit that could cause connections to be incorrectly closed.
+    - ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN handling at
+      initial token login.  The attempt to read the PIN could be skipped in
+      some cases, particularly on devices with integrated PIN readers.  This
+      would lead to an inability to retrieve keys from these tokens.
+    - ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
+      CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
+      C_SignInit operation.
+    - ssh(1): Improve documentation for ProxyJump/-J, clarifying that local
+      configuration does not apply to jump hosts.
+    - ssh-keygen(1): Clarify manual - ssh-keygen -e only writes public keys,
+      not private.
+    - ssh(1), sshd(8): be more strict in processing protocol banners,
+      allowing \r characters only immediately before \n.
+    - Various: fix a number of memory leaks.
+    - scp(1), sftp(1): fix calculation of initial bandwidth limits.  Account
+      for bytes written before the timer starts and adjust the schedule on
+      which recalculations are performed.  Avoids an initial burst of
+      traffic and yields more accurate bandwidth limits.
+    - sshd(8): Only consider the ext-info-c extension during the initial key
+      eschange.  It shouldn't be sent in subsequent ones, but if it is
+      present we should ignore it.  This prevents sshd from sending a
+      SSH_MSG_EXT_INFO for REKEX for these buggy clients.
+    - ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in
+      authorized_keys) and -R (remove host from authorized_keys) options may
+      accept either a bare hostname or a [hostname]:port combo.
+    - ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK.
+    - sshd(8): Silence error messages when sshd fails to load some of the
+      default host keys.  Failure to load an explicitly-configured hostkey
+      is still an error, and failure to load any host key is still fatal.
+    - ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
+      started with ControlPersist; prevents random ProxyCommand output from
+      interfering with session output.
+    - ssh(1): The ssh client was keeping a redundant ssh-agent socket
+      (leftover from authentication) around for the life of the connection.
+    - sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
+      PubkeyAcceptedKeyTypes options.  If only RSA-SHA2 signature types were
+      specified, then authentication would always fail for RSA keys as the
+      monitor checks only the base key (not the signature algorithm) type
+      against *AcceptedKeyTypes.
+    - ssh(1): Request correct signature types from ssh-agent when
+      certificate keys and RSA-SHA2 signatures are in use.
+    - sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies the
+      user environment if it's enabled (closes: #189920, #532754).
+  * Mostly resynced GSSAPI key exchange patch with Fedora.  Major changes:
+    - Support selection of GSSAPI key exchange algorithms.
+    - Support GSSAPI key exchange methods with DH and SHA2.
+    - Support GSSAPI key exchange using ECDH and SHA2.
+    - Make sure the Kerberos tickets are cleaned up with the user context.
+    - Enable gssapi-keyex authentication without gssapi-with-mic.
+    - Allow querying for GSSAPI key exchange algorithms from ssh (-Q
+      kex-gss).
+
+ -- Colin Watson <cjwatson@debian.org>  Wed, 05 Jun 2019 07:09:47 +0100
+
 openssh (1:7.9p1-10) unstable; urgency=medium
 
   * Temporarily revert IPQoS defaults to pre-7.8 values until issues with
diff --git a/debian/openssh-client.docs b/debian/openssh-client.docs
index d80ec1262..11aa99402 100644
--- a/debian/openssh-client.docs
+++ b/debian/openssh-client.docs
@@ -1,4 +1,3 @@
-ChangeLog.gssapi
 OVERVIEW
 README
 README.dns
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index c895e63db..3e5fac6e1 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
-From 67a6cbb29f77920718884e783238f4a00fe64001 Mon Sep 17 00:00:00 2001
+From f9a76ef65bfb6c17d613ab3db2bf39db5087adfc Mon Sep 17 00:00:00 2001
 From: Tomas Pospisek <tpo_deb@sourcepole.ch>
 Date: Sun, 9 Feb 2014 16:10:07 +0000
 Subject: Install authorized_keys(5) as a symlink to sshd(8)
@@ -13,10 +13,10 @@ Patch-Name: authorized-keys-man-symlink.patch
  1 file changed, 1 insertion(+)
 
 diff --git a/Makefile.in b/Makefile.in
-index 70050ffb6..ee166114d 100644
+index c31821acc..0960a6a03 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -356,6 +356,7 @@ install-files:
+@@ -357,6 +357,7 @@ install-files:
         $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
         $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
         $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
diff --git a/debian/patches/check-filenames-in-scp-client.patch b/debian/patches/check-filenames-in-scp-client.patch
deleted file mode 100644
index 519358ce6..000000000
--- a/debian/patches/check-filenames-in-scp-client.patch
+++ /dev/null
@@ -1,187 +0,0 @@
-From 125924e47db3713a85a70e0f8d6c23818d2ea054 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Sat, 26 Jan 2019 22:41:28 +0000
-Subject: upstream: check in scp client that filenames sent during
-
-remote->local directory copies satisfy the wildcard specified by the user.
-
-This checking provides some protection against a malicious server
-sending unexpected filenames, but it comes at a risk of rejecting wanted
-files due to differences between client and server wildcard expansion rules.
-
-For this reason, this also adds a new -T flag to disable the check.
-
-reported by Harry Sintonen
-fix approach suggested by markus@;
-has been in snaps for ~1wk courtesy deraadt@
-
-OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda
-
-CVE-2019-6111
-
-Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
-Last-Update: 2019-02-08
-
-Patch-Name: check-filenames-in-scp-client.patch
----
- scp.1 | 12 +++++++++++-
- scp.c | 37 +++++++++++++++++++++++++++++--------
- 2 files changed, 40 insertions(+), 9 deletions(-)
-
-diff --git a/scp.1 b/scp.1
-index 0e5cc1b2d..397e77091 100644
---- a/scp.1
-+++ b/scp.1
-@@ -18,7 +18,7 @@
- .Nd secure copy (remote file copy program)
- .Sh SYNOPSIS
- .Nm scp
--.Op Fl 346BCpqrv
-+.Op Fl 346BCpqrTv
- .Op Fl c Ar cipher
- .Op Fl F Ar ssh_config
- .Op Fl i Ar identity_file
-@@ -208,6 +208,16 @@ to use for the encrypted connection.
- The program must understand
- .Xr ssh 1
- options.
-+.It Fl T
-+Disable strict filename checking.
-+By default when copying files from a remote host to a local directory
-+.Nm
-+checks that the received filenames match those requested on the command-line
-+to prevent the remote end from sending unexpected or unwanted files.
-+Because of differences in how various operating systems and shells interpret
-+filename wildcards, these checks may cause wanted files to be rejected.
-+This option disables these checks at the expense of fully trusting that
-+the server will not send unexpected filenames.
- .It Fl v
- Verbose mode.
- Causes
-diff --git a/scp.c b/scp.c
-index 1971c80cd..035037bcc 100644
---- a/scp.c
-+++ b/scp.c
-@@ -94,6 +94,7 @@
- #include <dirent.h>
- #include <errno.h>
- #include <fcntl.h>
-+#include <fnmatch.h>
- #include <limits.h>
- #include <locale.h>
- #include <pwd.h>
-@@ -383,14 +384,14 @@ void verifydir(char *);
- struct passwd *pwd;
- uid_t userid;
- int errs, remin, remout;
--int pflag, iamremote, iamrecursive, targetshouldbedirectory;
-+int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory;
- 
- #define        CMDNEEDS        64
- char cmd[CMDNEEDS];            /* must hold "rcp -r -p -d\0" */
- 
- int response(void);
- void rsource(char *, struct stat *);
--void sink(int, char *[]);
-+void sink(int, char *[], const char *);
- void source(int, char *[]);
- void tolocal(int, char *[]);
- void toremote(int, char *[]);
-@@ -429,8 +430,9 @@ main(int argc, char **argv)
-        addargs(&args, "-oRemoteCommand=none");
-        addargs(&args, "-oRequestTTY=no");
- 
--       fflag = tflag = 0;
--       while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1)
-+       fflag = Tflag = tflag = 0;
-+       while ((ch = getopt(argc, argv,
-+           "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) {
-                switch (ch) {
-                /* User-visible flags. */
-                case '1':
-@@ -509,9 +511,13 @@ main(int argc, char **argv)
-                        setmode(0, O_BINARY);
- #endif
-                        break;
-+               case 'T':
-+                       Tflag = 1;
-+                       break;
-                default:
-                        usage();
-                }
-+       }
-        argc -= optind;
-        argv += optind;
- 
-@@ -542,7 +548,7 @@ main(int argc, char **argv)
-        }
-        if (tflag) {
-                /* Receive data. */
--               sink(argc, argv);
-+               sink(argc, argv, NULL);
-                exit(errs != 0);
-        }
-        if (argc < 2)
-@@ -800,7 +806,7 @@ tolocal(int argc, char **argv)
-                        continue;
-                }
-                free(bp);
--               sink(1, argv + argc - 1);
-+               sink(1, argv + argc - 1, src);
-                (void) close(remin);
-                remin = remout = -1;
-        }
-@@ -976,7 +982,7 @@ rsource(char *name, struct stat *statp)
-         (sizeof(type) != 4 && sizeof(type) != 8))
- 
- void
--sink(int argc, char **argv)
-+sink(int argc, char **argv, const char *src)
- {
-        static BUF buffer;
-        struct stat stb;
-@@ -992,6 +998,7 @@ sink(int argc, char **argv)
-        unsigned long long ull;
-        int setimes, targisdir, wrerrno = 0;
-        char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048];
-+       char *src_copy = NULL, *restrict_pattern = NULL;
-        struct timeval tv[2];
- 
- #define        atime   tv[0]
-@@ -1016,6 +1023,17 @@ sink(int argc, char **argv)
-        (void) atomicio(vwrite, remout, "", 1);
-        if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode))
-                targisdir = 1;
-+       if (src != NULL && !iamrecursive && !Tflag) {
-+               /*
-+                * Prepare to try to restrict incoming filenames to match
-+                * the requested destination file glob.
-+                */
-+               if ((src_copy = strdup(src)) == NULL)
-+                       fatal("strdup failed");
-+               if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) {
-+                       *restrict_pattern++ = '\0';
-+               }
-+       }
-        for (first = 1;; first = 0) {
-                cp = buf;
-                if (atomicio(read, remin, cp, 1) != 1)
-@@ -1120,6 +1138,9 @@ sink(int argc, char **argv)
-                        run_err("error: unexpected filename: %s", cp);
-                        exit(1);
-                }
-+               if (restrict_pattern != NULL &&
-+                   fnmatch(restrict_pattern, cp, 0) != 0)
-+                       SCREWUP("filename does not match request");
-                if (targisdir) {
-                        static char *namebuf;
-                        static size_t cursize;
-@@ -1157,7 +1178,7 @@ sink(int argc, char **argv)
-                                        goto bad;
-                        }
-                        vect[0] = xstrdup(np);
--                       sink(1, vect);
-+                       sink(1, vect, src);
-                        if (setimes) {
-                                setimes = 0;
-                                if (utimes(vect[0], tv) < 0)
diff --git a/debian/patches/conch-old-privkey-format.patch b/debian/patches/conch-old-privkey-format.patch
index 90bb3e995..40fe32898 100644
--- a/debian/patches/conch-old-privkey-format.patch
+++ b/debian/patches/conch-old-privkey-format.patch
@@ -1,4 +1,4 @@
-From 1d2a55436d4b556269f42ad5f7e16608b5a8ed74 Mon Sep 17 00:00:00 2001
+From 9c01e0ae9889c05bfe68b2f1f1c5e5019e63ff0b Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Thu, 30 Aug 2018 00:58:56 +0100
 Subject: Work around conch interoperability failure
@@ -18,7 +18,7 @@ Patch-Name: conch-old-privkey-format.patch
  3 files changed, 16 insertions(+), 3 deletions(-)
 
 diff --git a/regress/Makefile b/regress/Makefile
-index 647b4a049..6e462a4f6 100644
+index 925edf71a..6fdfcc8ca 100644
 --- a/regress/Makefile
 +++ b/regress/Makefile
 @@ -110,8 +110,9 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \
@@ -47,10 +47,10 @@ index 199d863a0..c7df19fd4 100644
             127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY}
         if [ $? -ne 0 ]; then
 diff --git a/regress/test-exec.sh b/regress/test-exec.sh
-index 40d46e3cd..1bbd47f25 100644
+index b8e2009de..08338121b 100644
 --- a/regress/test-exec.sh
 +++ b/regress/test-exec.sh
-@@ -504,6 +504,18 @@ REGRESS_INTEROP_CONCH=no
+@@ -500,6 +500,18 @@ REGRESS_INTEROP_CONCH=no
  if test -x "$CONCH" ; then
         REGRESS_INTEROP_CONCH=yes
  fi
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 7963b03ed..61e58e553 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
-From a18385c6866da4d69f46b64626ae5d60b4cf4a66 Mon Sep 17 00:00:00 2001
+From 085c44daefaee16df97e1b2a0967b2140cc86de0 Mon Sep 17 00:00:00 2001
 From: Kees Cook <kees@debian.org>
 Date: Sun, 9 Feb 2014 16:10:06 +0000
 Subject: Add DebianBanner server configuration option
@@ -8,21 +8,60 @@ initial protocol handshake, for those scared by package-versioning.patch.
 
 Bug-Debian: http://bugs.debian.org/562048
 Forwarded: not-needed
-Last-Update: 2018-10-19
+Last-Update: 2019-06-05
 
 Patch-Name: debian-banner.patch
 ---
+ kex.c         | 5 +++--
+ kex.h         | 2 +-
  servconf.c    | 9 +++++++++
  servconf.h    | 2 ++
+ sshconnect.c  | 2 +-
  sshd.c        | 3 ++-
  sshd_config.5 | 5 +++++
- 4 files changed, 18 insertions(+), 1 deletion(-)
+ 7 files changed, 23 insertions(+), 5 deletions(-)
 
+diff --git a/kex.c b/kex.c
+index be354206d..bbb7a2340 100644
+--- a/kex.c
++++ b/kex.c
+@@ -1168,7 +1168,7 @@ send_error(struct ssh *ssh, char *msg)
+  */
+ int
+ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
+-    const char *version_addendum)
++    int debian_banner, const char *version_addendum)
+ {
+        int remote_major, remote_minor, mismatch;
+        size_t len, i, n;
+@@ -1186,7 +1186,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
+        if (version_addendum != NULL && *version_addendum == '\0')
+                version_addendum = NULL;
+        if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
+-          PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
++          PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
++           debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM,
+            version_addendum == NULL ? "" : " ",
+            version_addendum == NULL ? "" : version_addendum)) != 0) {
+                error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
+diff --git a/kex.h b/kex.h
+index 2d5f1d4ed..39f67bbc1 100644
+--- a/kex.h
++++ b/kex.h
+@@ -195,7 +195,7 @@ char        *kex_names_cat(const char *, const char *);
+ int     kex_assemble_names(char **, const char *, const char *);
+ int     kex_gss_names_valid(const char *);
+ 
+-int     kex_exchange_identification(struct ssh *, int, const char *);
++int     kex_exchange_identification(struct ssh *, int, int, const char *);
+ 
+ struct kex *kex_new(void);
+ int     kex_ready(struct ssh *, char *[PROPOSAL_MAX]);
 diff --git a/servconf.c b/servconf.c
-index 6caf1db38..c5dd617ef 100644
+index c01e0690e..8d2bced52 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -182,6 +182,7 @@ initialize_server_options(ServerOptions *options)
+@@ -184,6 +184,7 @@ initialize_server_options(ServerOptions *options)
         options->fingerprint_hash = -1;
         options->disable_forwarding = -1;
         options->expose_userauth_info = -1;
@@ -30,7 +69,7 @@ index 6caf1db38..c5dd617ef 100644
  }
  
  /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
-@@ -417,6 +418,8 @@ fill_default_server_options(ServerOptions *options)
+@@ -437,6 +438,8 @@ fill_default_server_options(ServerOptions *options)
                 options->disable_forwarding = 0;
         if (options->expose_userauth_info == -1)
                 options->expose_userauth_info = 0;
@@ -39,7 +78,7 @@ index 6caf1db38..c5dd617ef 100644
  
         assemble_algorithms(options);
  
-@@ -504,6 +507,7 @@ typedef enum {
+@@ -523,6 +526,7 @@ typedef enum {
         sStreamLocalBindMask, sStreamLocalBindUnlink,
         sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
         sExposeAuthInfo, sRDomain,
@@ -47,7 +86,7 @@ index 6caf1db38..c5dd617ef 100644
         sDeprecated, sIgnore, sUnsupported
  } ServerOpCodes;
  
-@@ -661,6 +665,7 @@ static struct {
+@@ -682,6 +686,7 @@ static struct {
         { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL },
         { "rdomain", sRDomain, SSHCFG_ALL },
         { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL },
@@ -55,7 +94,7 @@ index 6caf1db38..c5dd617ef 100644
         { NULL, sBadOption, 0 }
  };
  
-@@ -2173,6 +2178,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -2211,6 +2216,10 @@ process_server_config_line(ServerOptions *options, char *line,
                         *charptr = xstrdup(arg);
                 break;
  
@@ -67,10 +106,10 @@ index 6caf1db38..c5dd617ef 100644
         case sIgnore:
         case sUnsupported:
 diff --git a/servconf.h b/servconf.h
-index 3b76da816..4e3c54042 100644
+index a476d5220..986093ffa 100644
 --- a/servconf.h
 +++ b/servconf.h
-@@ -212,6 +212,8 @@ typedef struct {
+@@ -214,6 +214,8 @@ typedef struct {
         int     fingerprint_hash;
         int     expose_userauth_info;
         u_int64_t timing_secret;
@@ -79,22 +118,35 @@ index 3b76da816..4e3c54042 100644
  }       ServerOptions;
  
  /* Information about the incoming connection as used by Match */
+diff --git a/sshconnect.c b/sshconnect.c
+index 0b6f6af4b..1183ffe0e 100644
+--- a/sshconnect.c
++++ b/sshconnect.c
+@@ -1287,7 +1287,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost,
+        lowercase(host);
+ 
+        /* Exchange protocol version identification strings with the server. */
+-       if (kex_exchange_identification(ssh, timeout_ms, NULL) != 0)
++       if (kex_exchange_identification(ssh, timeout_ms, 1, NULL) != 0)
+                cleanup_exit(255); /* error already logged */
+ 
+        /* Put the connection into non-blocking mode. */
 diff --git a/sshd.c b/sshd.c
-index 9481272fc..d7e77d343 100644
+index e3e96426e..1e7ece588 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -384,7 +384,8 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-        char remote_version[256];       /* Must be at least as big as buf. */
+@@ -2160,7 +2160,8 @@ main(int ac, char **av)
+        if (!debug_flag)
+                alarm(options.login_grace_time);
  
-        xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-+           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
-+           options.debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM,
-            *options.version_addendum == '\0' ? "" : " ",
-            options.version_addendum);
+-       if (kex_exchange_identification(ssh, -1, options.version_addendum) != 0)
++       if (kex_exchange_identification(ssh, -1, options.debian_banner,
++           options.version_addendum) != 0)
+                cleanup_exit(255); /* error already logged */
  
+        ssh_packet_set_nonblocking(ssh);
 diff --git a/sshd_config.5 b/sshd_config.5
-index e7e55dd71..37e6be38f 100644
+index 2ef671d1b..addea54a0 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
 @@ -543,6 +543,11 @@ or
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 4866d52ad..0d47f6706 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
-From a433d9baa031d7136a8cf3e3807ebff83a3a8634 Mon Sep 17 00:00:00 2001
+From ebd590550bb09fe129b103994d53143788683d05 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:18 +0000
 Subject: Various Debian-specific configuration changes
@@ -39,10 +39,10 @@ Patch-Name: debian-config.patch
  6 files changed, 77 insertions(+), 9 deletions(-)
 
 diff --git a/readconf.c b/readconf.c
-index 6b01f20d2..661b8bf40 100644
+index cd60007f8..f35bde6e6 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -2000,7 +2000,7 @@ fill_default_options(Options * options)
+@@ -2028,7 +2028,7 @@ fill_default_options(Options * options)
         if (options->forward_x11 == -1)
                 options->forward_x11 = 0;
         if (options->forward_x11_trusted == -1)
@@ -52,10 +52,10 @@ index 6b01f20d2..661b8bf40 100644
                 options->forward_x11_timeout = 1200;
         /*
 diff --git a/ssh.1 b/ssh.1
-index ad1ed0f86..1bcc8edab 100644
+index 8d2b08a29..4e298cb56 100644
 --- a/ssh.1
 +++ b/ssh.1
-@@ -782,6 +782,16 @@ directive in
+@@ -795,6 +795,16 @@ directive in
  .Xr ssh_config 5
  for more information.
  .Pp
@@ -72,7 +72,7 @@ index ad1ed0f86..1bcc8edab 100644
  .It Fl x
  Disables X11 forwarding.
  .Pp
-@@ -790,6 +800,17 @@ Enables trusted X11 forwarding.
+@@ -803,6 +813,17 @@ Enables trusted X11 forwarding.
  Trusted X11 forwardings are not subjected to the X11 SECURITY extension
  controls.
  .Pp
@@ -91,7 +91,7 @@ index ad1ed0f86..1bcc8edab 100644
  Send log information using the
  .Xr syslog 3
 diff --git a/ssh_config b/ssh_config
-index bcb9f153d..1b676fb2c 100644
+index 1ff999b68..6dd6ecf87 100644
 --- a/ssh_config
 +++ b/ssh_config
 @@ -17,9 +17,10 @@
@@ -106,7 +106,7 @@ index bcb9f153d..1b676fb2c 100644
  #   PasswordAuthentication yes
  #   HostbasedAuthentication no
  #   GSSAPIAuthentication no
-@@ -46,3 +47,6 @@
+@@ -45,3 +46,6 @@
  #   VisualHostKey no
  #   ProxyCommand ssh -q -W %h:%p gateway.example.com
  #   RekeyLimit 1G 1h
@@ -114,7 +114,7 @@ index bcb9f153d..1b676fb2c 100644
 +    HashKnownHosts yes
 +    GSSAPIAuthentication yes
 diff --git a/ssh_config.5 b/ssh_config.5
-index a91355726..1a8e24bd1 100644
+index 39535c4f8..a27631ae9 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
 @@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
@@ -140,7 +140,7 @@ index a91355726..1a8e24bd1 100644
  The file contains keyword-argument pairs, one per line.
  Lines starting with
  .Ql #
-@@ -699,11 +715,12 @@ elapsed.
+@@ -717,11 +733,12 @@ elapsed.
  .It Cm ForwardX11Trusted
  If this option is set to
  .Cm yes ,
@@ -204,7 +204,7 @@ index 2c48105f8..ed8272f6d 100644
  # Example of overriding settings on a per-user basis
  #Match User anoncvs
 diff --git a/sshd_config.5 b/sshd_config.5
-index 23f71fd1d..ba50a30f1 100644
+index f995e4ab0..c0c4ebd66 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
 @@ -56,6 +56,28 @@ Arguments may optionally be enclosed in double quotes
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index e2acdf1a2..6879e11ba 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -1,4 +1,4 @@
-From 0ee33d93c5c7a5fbb8b027aa24e7c9668125fda9 Mon Sep 17 00:00:00 2001
+From 13a16baaf467fae5d507cdb17e3bc753639bca4f Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:01 +0000
 Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index c6bc43299..60ded7c30 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
-From 1d0c41a7e0b2426733ddb598248d0488c9c00a8b Mon Sep 17 00:00:00 2001
+From 099b0bdc57b9a21842c457d83ff9488fa814c9c4 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:11 +0000
 Subject: Document that HashKnownHosts may break tab-completion
@@ -13,10 +13,10 @@ Patch-Name: doc-hash-tab-completion.patch
  1 file changed, 3 insertions(+)
 
 diff --git a/ssh_config.5 b/ssh_config.5
-index 7d55fa820..a91355726 100644
+index bd1e9311d..39535c4f8 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -793,6 +793,9 @@ Note that existing names and addresses in known hosts files
+@@ -836,6 +836,9 @@ Note that existing names and addresses in known hosts files
  will not be converted automatically,
  but may be manually hashed using
  .Xr ssh-keygen 1 .
diff --git a/debian/patches/fix-key-type-check.patch b/debian/patches/fix-key-type-check.patch
deleted file mode 100644
index 846df5768..000000000
--- a/debian/patches/fix-key-type-check.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 5e021158aa22cc64da4fca1618ee0bfd2d031049 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Fri, 16 Nov 2018 02:43:56 +0000
-Subject: upstream: fix bug in HostbasedAcceptedKeyTypes and
-
-PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types were
-specified, then authentication would always fail for RSA keys as the monitor
-checks only the base key (not the signature algorithm) type against
-*AcceptedKeyTypes. bz#2746; reported by Jakub Jelen; ok dtucker
-
-OpenBSD-Commit-ID: 117bc3dc54578dbdb515a1d3732988cb5b00461b
-
-Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=cd9467318b56e6e93ff9575c906ff8350af9b8a2
-Last-Update: 2019-02-28
-
-Patch-Name: fix-key-type-check.patch
----
- monitor.c | 39 ++++++++++++++++++++++++++++++++++-----
- 1 file changed, 34 insertions(+), 5 deletions(-)
-
-diff --git a/monitor.c b/monitor.c
-index 08fddabd7..037d6d333 100644
---- a/monitor.c
-+++ b/monitor.c
-@@ -1,4 +1,4 @@
--/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */
-+/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
- /*
-  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
-  * Copyright 2002 Markus Friedl <markus@openbsd.org>
-@@ -892,6 +892,35 @@ mm_answer_authrole(int sock, struct sshbuf *m)
-        return (0);
- }
- 
-+/*
-+ * Check that the key type appears in the supplied pattern list, ignoring
-+ * mismatches in the signature algorithm. (Signature algorithm checks are
-+ * performed in the unprivileged authentication code).
-+ * Returns 1 on success, 0 otherwise.
-+ */
-+static int
-+key_base_type_match(const char *method, const struct sshkey *key,
-+    const char *list)
-+{
-+       char *s, *l, *ol = xstrdup(list);
-+       int found = 0;
-+
-+       l = ol;
-+       for ((s = strsep(&l, ",")); s && *s != '\0'; (s = strsep(&l, ","))) {
-+               if (sshkey_type_from_name(s) == key->type) {
-+                       found = 1;
-+                       break;
-+               }
-+       }
-+       if (!found) {
-+               error("%s key type %s is not in permitted list %s", method,
-+                   sshkey_ssh_name(key), list);
-+       }
-+
-+       free(ol);
-+       return found;
-+}
-+
- int
- mm_answer_authpassword(int sock, struct sshbuf *m)
- {
-@@ -1197,8 +1226,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
-                                break;
-                        if (auth2_key_already_used(authctxt, key))
-                                break;
--                       if (match_pattern_list(sshkey_ssh_name(key),
--                           options.pubkey_key_types, 0) != 1)
-+                       if (!key_base_type_match(auth_method, key,
-+                           options.pubkey_key_types))
-                                break;
-                        allowed = user_key_allowed(ssh, authctxt->pw, key,
-                            pubkey_auth_attempt, &opts);
-@@ -1209,8 +1238,8 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
-                                break;
-                        if (auth2_key_already_used(authctxt, key))
-                                break;
--                       if (match_pattern_list(sshkey_ssh_name(key),
--                           options.hostbased_key_types, 0) != 1)
-+                       if (!key_base_type_match(auth_method, key,
-+                           options.hostbased_key_types))
-                                break;
-                        allowed = hostbased_key_allowed(authctxt->pw,
-                            cuser, chost, key);
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index b6d4f1239..35f3327df 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
-From df56506f727e37c13346259bdcd5975e257a259d Mon Sep 17 00:00:00 2001
+From 601332e5cc1198d6dabddc8168249a81c5dc822a Mon Sep 17 00:00:00 2001
 From: Vincent Untz <vuntz@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:16 +0000
 Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index f62bf6672..45d131d27 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -1,4 +1,4 @@
-From 72b1d308e6400194ef6e4e7dd45bfa48fa39b5e6 Mon Sep 17 00:00:00 2001
+From 7ce79be85036c4b36937f1b1ba85f6094068412c Mon Sep 17 00:00:00 2001
 From: Simon Wilkinson <simon@sxw.org.uk>
 Date: Sun, 9 Feb 2014 16:09:48 +0000
 Subject: GSSAPI key exchange support
@@ -16,185 +16,69 @@ have it merged into the main openssh package rather than having separate
 -krb5 packages (as we used to have).  It seems to have a generally good
 security history.
 
+Origin: other, https://github.com/openssh-gsskex/openssh-gsskex/commits/debian/master
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
-Last-Updated: 2018-10-20
+Last-Updated: 2019-06-05
 
 Patch-Name: gssapi.patch
 ---
- ChangeLog.gssapi | 113 ++++++++++++++++
- Makefile.in      |   3 +-
- auth-krb5.c      |  17 ++-
- auth.c           |  96 +------------
- auth2-gss.c      |  54 +++++++-
- auth2.c          |   2 +
- canohost.c       |  93 +++++++++++++
- canohost.h       |   3 +
- clientloop.c     |  15 ++-
- config.h.in      |   6 +
- configure.ac     |  24 ++++
- gss-genr.c       | 280 +++++++++++++++++++++++++++++++++++++-
- gss-serv-krb5.c  |  85 +++++++++++-
- gss-serv.c       | 184 +++++++++++++++++++++++--
- kex.c            |  19 +++
- kex.h            |  14 ++
- kexgssc.c        | 341 +++++++++++++++++++++++++++++++++++++++++++++++
- kexgsss.c        | 300 +++++++++++++++++++++++++++++++++++++++++
- monitor.c        | 122 +++++++++++++++--
- monitor.h        |   3 +
- monitor_wrap.c   |  53 +++++++-
- monitor_wrap.h   |   4 +-
- opacket.c        |   2 +-
- opacket.h        |   2 +-
- readconf.c       |  43 ++++++
- readconf.h       |   5 +
- servconf.c       |  26 ++++
- servconf.h       |   2 +
- ssh-gss.h        |  41 +++++-
- ssh_config       |   2 +
- ssh_config.5     |  32 +++++
- sshconnect2.c    | 133 +++++++++++++++++-
- sshd.c           | 110 +++++++++++++++
- sshd_config      |   2 +
- sshd_config.5    |  10 ++
- sshkey.c         |   3 +-
- sshkey.h         |   1 +
- 37 files changed, 2099 insertions(+), 146 deletions(-)
- create mode 100644 ChangeLog.gssapi
+ Makefile.in     |   3 +-
+ auth-krb5.c     |  17 +-
+ auth.c          |  96 +-------
+ auth2-gss.c     |  56 ++++-
+ auth2.c         |   2 +
+ canohost.c      |  93 ++++++++
+ canohost.h      |   3 +
+ clientloop.c    |  15 +-
+ configure.ac    |  24 ++
+ gss-genr.c      | 300 +++++++++++++++++++++++-
+ gss-serv-krb5.c |  85 ++++++-
+ gss-serv.c      | 186 +++++++++++++--
+ hmac.c          |   1 +
+ kex.c           |  66 +++++-
+ kex.h           |  29 +++
+ kexdh.c         |  10 +
+ kexgen.c        |   2 +-
+ kexgssc.c       | 606 ++++++++++++++++++++++++++++++++++++++++++++++++
+ kexgsss.c       | 474 +++++++++++++++++++++++++++++++++++++
+ mac.c           |   1 +
+ monitor.c       | 139 ++++++++++-
+ monitor.h       |   2 +
+ monitor_wrap.c  |  57 ++++-
+ monitor_wrap.h  |   4 +-
+ readconf.c      |  70 ++++++
+ readconf.h      |   6 +
+ servconf.c      |  47 ++++
+ servconf.h      |   3 +
+ session.c       |  10 +-
+ ssh-gss.h       |  50 +++-
+ ssh.1           |   8 +
+ ssh.c           |   4 +-
+ ssh_config      |   2 +
+ ssh_config.5    |  57 +++++
+ sshconnect2.c   | 140 ++++++++++-
+ sshd.c          | 120 +++++++++-
+ sshd_config     |   2 +
+ sshd_config.5   |  30 +++
+ sshkey.c        |   3 +-
+ sshkey.h        |   1 +
+ 40 files changed, 2664 insertions(+), 160 deletions(-)
  create mode 100644 kexgssc.c
  create mode 100644 kexgsss.c
 
-diff --git a/ChangeLog.gssapi b/ChangeLog.gssapi
-new file mode 100644
-index 000000000..f117a336a
---- /dev/null
-+++ b/ChangeLog.gssapi
-@@ -0,0 +1,113 @@
-+20110101
-+  - Finally update for OpenSSH 5.6p1
-+  - Add GSSAPIServerIdentity option from Jim Basney
-+ 
-+20100308
-+  - [ Makefile.in, key.c, key.h ]
-+    Updates for OpenSSH 5.4p1
-+  - [ servconf.c ]
-+    Include GSSAPI options in the sshd -T configuration dump, and flag
-+    some older configuration options as being unsupported. Thanks to Colin 
-+    Watson.
-+  -
-+
-+20100124
-+  - [ sshconnect2.c ]
-+    Adapt to deal with additional element in Authmethod structure. Thanks to
-+    Colin Watson
-+
-+20090615
-+  - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c
-+      sshd.c ]
-+    Fix issues identified by Greg Hudson following a code review
-+       Check return value of gss_indicate_mechs
-+       Protect GSSAPI calls in monitor, so they can only be used if enabled
-+       Check return values of bignum functions in key exchange
-+       Use BN_clear_free to clear other side's DH value
-+       Make ssh_gssapi_id_kex more robust
-+       Only configure kex table pointers if GSSAPI is enabled
-+       Don't leak mechanism list, or gss mechanism list
-+       Cast data.length before printing
-+       If serverkey isn't provided, use an empty string, rather than NULL
-+
-+20090201
-+  - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h
-+      ssh_config.5 sshconnet2.c ]
-+    Add support for the GSSAPIClientIdentity option, which allows the user
-+    to specify which GSSAPI identity to use to contact a given server
-+
-+20080404
-+  - [ gss-serv.c ]
-+    Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow
-+    been omitted from a previous version of this patch. Reported by Borislav
-+    Stoichkov
-+
-+20070317
-+  - [ gss-serv-krb5.c ]
-+    Remove C99ism, where new_ccname was being declared in the middle of a 
-+    function
-+
-+20061220
-+  - [ servconf.c ]
-+    Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and 
-+    documented, behaviour. Reported by Dan Watson.
-+
-+20060910
-+  - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c
-+      ssh-gss.h ]
-+    add support for gss-group14-sha1 key exchange mechanisms
-+  - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ]
-+    Add GSSAPIStrictAcceptorCheck option to allow the disabling of
-+    acceptor principal checking on multi-homed machines.
-+    <Bugzilla #928>
-+  - [ sshd_config ssh_config ]
-+    Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample
-+    configuration files
-+  - [ kexgss.c kegsss.c sshconnect2.c sshd.c ]
-+    Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf()
-+    Limit length of error messages displayed by client
-+
-+20060909
-+  - [ gss-genr.c gss-serv.c ]
-+    move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server
-+    only, where they belong 
-+    <Bugzilla #1225>
-+
-+20060829
-+  - [ gss-serv-krb5.c ]
-+    Fix CCAPI credentials cache name when creating KRB5CCNAME environment 
-+    variable
-+
-+20060828
-+  - [ gss-genr.c ]
-+    Avoid Heimdal context freeing problem
-+    <Fixed upstream 20060829>
-+
-+20060818
-+  - [ gss-genr.c ssh-gss.h sshconnect2.c ]
-+    Make sure that SPENGO is disabled 
-+    <Bugzilla #1218 - Fixed upstream 20060818>
-+
-+20060421
-+  - [ gssgenr.c, sshconnect2.c ]
-+    a few type changes (signed versus unsigned, int versus size_t) to
-+    fix compiler errors/warnings 
-+    (from jbasney AT ncsa.uiuc.edu)
-+  - [ kexgssc.c, sshconnect2.c ]
-+    fix uninitialized variable warnings
-+    (from jbasney AT ncsa.uiuc.edu)
-+  - [ gssgenr.c ]
-+    pass oid to gss_display_status (helpful when using GSSAPI mechglue)
-+    (from jbasney AT ncsa.uiuc.edu)
-+    <Bugzilla #1220 >
-+  - [ gss-serv-krb5.c ]
-+    #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H
-+    (from jbasney AT ncsa.uiuc.edu)
-+    <Fixed upstream 20060304>
-+  - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c 
-+    add client-side GssapiKeyExchange option
-+    (from jbasney AT ncsa.uiuc.edu)
-+  - [ sshconnect2.c ]
-+    add support for GssapiTrustDns option for gssapi-with-mic
-+    (from jbasney AT ncsa.uiuc.edu)
-+    <gssapi-with-mic support is Bugzilla #1008>
 diff --git a/Makefile.in b/Makefile.in
-index 126b2c742..70050ffb6 100644
+index 6f001bb36..c31821acc 100644
 --- a/Makefile.in
 +++ b/Makefile.in
 @@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
         kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
-        kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
-        kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
+        kexgexc.o kexgexs.o \
+        sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \
 +       kexgssc.o \
         platform-pledge.o platform-tracing.o platform-misc.o
  
- SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
-@@ -113,7 +114,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
+ 
+@@ -114,7 +115,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
         auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
         auth2-none.o auth2-passwd.o auth2-pubkey.o \
         monitor.o monitor_wrap.o auth-krb5.o \
@@ -255,7 +139,7 @@ index 3096f1c8e..204752e1b 100644
         return (krb5_cc_resolve(ctx, ccname, ccache));
  }
 diff --git a/auth.c b/auth.c
-index 3ca3762cc..d8e6b4a3d 100644
+index 8696f258e..f7a23afba 100644
 --- a/auth.c
 +++ b/auth.c
 @@ -399,7 +399,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
@@ -268,7 +152,7 @@ index 3ca3762cc..d8e6b4a3d 100644
                         return 1;
                 break;
         case PERMIT_FORCED_ONLY:
-@@ -737,99 +738,6 @@ fakepw(void)
+@@ -723,99 +724,6 @@ fakepw(void)
         return (&fake);
  }
  
@@ -369,7 +253,7 @@ index 3ca3762cc..d8e6b4a3d 100644
   * Return the canonical name of the host in the other side of the current
   * connection.  The host name is cached, so it is efficient to call this
 diff --git a/auth2-gss.c b/auth2-gss.c
-index 9351e0428..1f12bb113 100644
+index 9351e0428..d6446c0cf 100644
 --- a/auth2-gss.c
 +++ b/auth2-gss.c
 @@ -1,7 +1,7 @@
@@ -381,11 +265,11 @@ index 9351e0428..1f12bb113 100644
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -54,6 +54,46 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
+@@ -54,6 +54,48 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
  static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh);
  static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
  
-+/* 
++/*
 + * The 'gssapi_keyex' userauth mechanism.
 + */
 +static int
@@ -393,7 +277,7 @@ index 9351e0428..1f12bb113 100644
 +{
 +       Authctxt *authctxt = ssh->authctxt;
 +       int r, authenticated = 0;
-+       struct sshbuf *b;
++       struct sshbuf *b = NULL;
 +       gss_buffer_desc mic, gssbuf;
 +       u_char *p;
 +       size_t len;
@@ -401,8 +285,10 @@ index 9351e0428..1f12bb113 100644
 +       if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
 +           (r = sshpkt_get_end(ssh)) != 0)
 +               fatal("%s: %s", __func__, ssh_err(r));
++
 +       if ((b = sshbuf_new()) == NULL)
 +               fatal("%s: sshbuf_new failed", __func__);
++
 +       mic.value = p;
 +       mic.length = len;
 +
@@ -414,11 +300,11 @@ index 9351e0428..1f12bb113 100644
 +       gssbuf.length = sshbuf_len(b);
 +
 +       /* gss_kex_context is NULL with privsep, so we can't check it here */
-+       if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
++       if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
 +           &gssbuf, &mic))))
 +               authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
-+                   authctxt->pw));
-+       
++                   authctxt->pw, 1));
++
 +       sshbuf_free(b);
 +       free(mic.value);
 +
@@ -428,27 +314,27 @@ index 9351e0428..1f12bb113 100644
  /*
   * We only support those mechanisms that we know about (ie ones that we know
   * how to check local user kuserok and the like)
-@@ -260,7 +300,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
+@@ -260,7 +302,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
         if ((r = sshpkt_get_end(ssh)) != 0)
                 fatal("%s: %s", __func__, ssh_err(r));
  
 -       authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
 +       authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
-+           authctxt->pw));
++           authctxt->pw, 1));
  
         if ((!use_privsep || mm_is_monitor()) &&
             (displayname = ssh_gssapi_displayname()) != NULL)
-@@ -306,7 +347,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
+@@ -306,7 +349,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
         gssbuf.length = sshbuf_len(b);
  
         if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
 -               authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
-+               authenticated = 
-+                   PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
++               authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
++                   authctxt->pw, 0));
         else
                 logit("GSSAPI MIC check failed");
  
-@@ -326,6 +368,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
+@@ -326,6 +370,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
         return 0;
  }
  
@@ -462,10 +348,10 @@ index 9351e0428..1f12bb113 100644
         "gssapi-with-mic",
         userauth_gssapi,
 diff --git a/auth2.c b/auth2.c
-index 4d19957a6..a77742819 100644
+index 16ae1a363..7417eafa4 100644
 --- a/auth2.c
 +++ b/auth2.c
-@@ -74,6 +74,7 @@ extern Authmethod method_passwd;
+@@ -75,6 +75,7 @@ extern Authmethod method_passwd;
  extern Authmethod method_kbdint;
  extern Authmethod method_hostbased;
  #ifdef GSSAPI
@@ -473,7 +359,7 @@ index 4d19957a6..a77742819 100644
  extern Authmethod method_gssapi;
  #endif
  
-@@ -81,6 +82,7 @@ Authmethod *authmethods[] = {
+@@ -82,6 +83,7 @@ Authmethod *authmethods[] = {
         &method_none,
         &method_pubkey,
  #ifdef GSSAPI
@@ -600,7 +486,7 @@ index 26d62855a..0cadc9f18 100644
  int             get_peer_port(int);
  char           *get_local_ipaddr(int);
 diff --git a/clientloop.c b/clientloop.c
-index 8d312cdaa..1464634b0 100644
+index 086c0dfe8..9b90c64f3 100644
 --- a/clientloop.c
 +++ b/clientloop.c
 @@ -112,6 +112,10 @@
@@ -614,7 +500,7 @@ index 8d312cdaa..1464634b0 100644
  /* import options */
  extern Options options;
  
-@@ -1370,9 +1374,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
+@@ -1374,9 +1378,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                         break;
  
                 /* Do channel operations unless rekeying in progress. */
@@ -632,37 +518,13 @@ index 8d312cdaa..1464634b0 100644
 +               }
 +
                 /* Buffer input from the connection.  */
-                client_process_net_input(readset);
- 
-diff --git a/config.h.in b/config.h.in
-index 91b65db8f..209760c7c 100644
---- a/config.h.in
-+++ b/config.h.in
-@@ -1845,6 +1845,9 @@
- /* Use btmp to log bad logins */
- #undef USE_BTMP
- 
-+/* platform uses an in-memory credentials cache */
-+#undef USE_CCAPI
-+
- /* Use libedit for sftp */
- #undef USE_LIBEDIT
- 
-@@ -1860,6 +1863,9 @@
- /* Use PIPES instead of a socketpair() */
- #undef USE_PIPES
- 
-+/* platform has the Security Authorization Session API */
-+#undef USE_SECURITY_SESSION_API
-+
- /* Define if you have Solaris privileges */
- #undef USE_SOLARIS_PRIVS
+                client_process_net_input(ssh, readset);
  
 diff --git a/configure.ac b/configure.ac
-index 7379ab358..023e7cc55 100644
+index 30be6c182..2869f7042 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+@@ -665,6 +665,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
             [Use tunnel device compatibility to OpenBSD])
         AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
             [Prepend the address family to IP tunnel traffic])
@@ -670,7 +532,7 @@ index 7379ab358..023e7cc55 100644
 +       AC_TRY_COMPILE([#include <Security/AuthSession.h>],
 +               [SessionCreate(0, 0);],
 +               [ac_cv_use_security_session_api="yes"
-+                AC_DEFINE([USE_SECURITY_SESSION_API], [1], 
++                AC_DEFINE([USE_SECURITY_SESSION_API], [1],
 +                       [platform has the Security Authorization Session API])
 +                LIBS="$LIBS -framework Security"
 +                AC_MSG_RESULT([yes])],
@@ -681,7 +543,7 @@ index 7379ab358..023e7cc55 100644
 +               [#include <Kerberos/Kerberos.h>],
 +               [cc_context_t c;
 +                (void) cc_initialize (&c, 0, NULL, NULL);],
-+               [AC_DEFINE([USE_CCAPI], [1], 
++               [AC_DEFINE([USE_CCAPI], [1],
 +                       [platform uses an in-memory credentials cache])
 +                LIBS="$LIBS -framework Security"
 +                AC_MSG_RESULT([yes])
@@ -694,7 +556,7 @@ index 7379ab358..023e7cc55 100644
         AC_CHECK_DECL([AU_IPv4], [],
             AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records])
 diff --git a/gss-genr.c b/gss-genr.c
-index d56257b4a..491e62cee 100644
+index d56257b4a..763a63ffa 100644
 --- a/gss-genr.c
 +++ b/gss-genr.c
 @@ -1,7 +1,7 @@
@@ -706,16 +568,15 @@ index d56257b4a..491e62cee 100644
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -39,14 +39,37 @@
- #include "xmalloc.h"
- #include "ssherr.h"
+@@ -41,12 +41,36 @@
  #include "sshbuf.h"
-+#include "sshkey.h"
  #include "log.h"
  #include "ssh2.h"
 +#include "cipher.h"
++#include "sshkey.h"
 +#include "kex.h"
 +#include "digest.h"
++#include "packet.h"
  
  #include "ssh-gss.h"
  
@@ -736,7 +597,7 @@ index d56257b4a..491e62cee 100644
 +
 +static ssh_gss_kex_mapping *gss_enc2oid = NULL;
 +
-+int 
++int
 +ssh_gssapi_oid_table_ok(void) {
 +       return (gss_enc2oid != NULL);
 +}
@@ -744,10 +605,25 @@ index d56257b4a..491e62cee 100644
  /* sshbuf_get for gss_buffer_desc */
  int
  ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
-@@ -62,6 +85,143 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
+@@ -62,6 +86,162 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
         return 0;
  }
  
++/* sshpkt_get of gss_buffer_desc */
++int
++ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *ssh, gss_buffer_desc *g)
++{
++       int r;
++       u_char *p;
++       size_t len;
++
++       if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
++               return r;
++       g->value = p;
++       g->length = len;
++       return 0;
++}
++
 +/*
 + * Return a list of the gss-group1-sha1 mechanisms supported by this program
 + *
@@ -756,27 +632,30 @@ index d56257b4a..491e62cee 100644
 + */
 +
 +char *
-+ssh_gssapi_client_mechanisms(const char *host, const char *client) {
-+       gss_OID_set gss_supported;
++ssh_gssapi_client_mechanisms(const char *host, const char *client,
++    const char *kex) {
++       gss_OID_set gss_supported = NULL;
 +       OM_uint32 min_status;
 +
 +       if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported)))
 +               return NULL;
 +
-+       return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
-+           host, client));
++       return ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
++           host, client, kex);
 +}
 +
 +char *
 +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
-+    const char *host, const char *client) {
-+       struct sshbuf *buf;
++    const char *host, const char *client, const char *kex) {
++       struct sshbuf *buf = NULL;
 +       size_t i;
-+       int r, oidpos, enclen;
++       int r = SSH_ERR_ALLOC_FAIL;
++       int oidpos, enclen;
 +       char *mechs, *encoded;
 +       u_char digest[SSH_DIGEST_MAX_LENGTH];
 +       char deroid[2];
-+       struct ssh_digest_ctx *md;
++       struct ssh_digest_ctx *md = NULL;
++       char *s, *cp, *p;
 +
 +       if (gss_enc2oid != NULL) {
 +               for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
@@ -791,6 +670,7 @@ index d56257b4a..491e62cee 100644
 +               fatal("%s: sshbuf_new failed", __func__);
 +
 +       oidpos = 0;
++       s = cp = xstrdup(kex);
 +       for (i = 0; i < gss_supported->count; i++) {
 +               if (gss_supported->elements[i].length < 128 &&
 +                   (*check)(NULL, &(gss_supported->elements[i]), host, client)) {
@@ -799,12 +679,15 @@ index d56257b4a..491e62cee 100644
 +                       deroid[1] = gss_supported->elements[i].length;
 +
 +                       if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
-+                           ssh_digest_update(md, deroid, 2) != 0 ||
-+                           ssh_digest_update(md,
-+                           gss_supported->elements[i].elements,
-+                           gss_supported->elements[i].length) != 0 ||
-+                           ssh_digest_final(md, digest, sizeof(digest)) != 0)
-+                               fatal("%s: digest failed", __func__);
++                           (r = ssh_digest_update(md, deroid, 2)) != 0 ||
++                           (r = ssh_digest_update(md,
++                               gss_supported->elements[i].elements,
++                               gss_supported->elements[i].length)) != 0 ||
++                           (r = ssh_digest_final(md, digest, sizeof(digest))) != 0)
++                               fatal("%s: digest failed: %s", __func__,
++                                   ssh_err(r));
++                       ssh_digest_free(md);
++                       md = NULL;
 +
 +                       encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5)
 +                           * 2);
@@ -812,69 +695,66 @@ index d56257b4a..491e62cee 100644
 +                           ssh_digest_bytes(SSH_DIGEST_MD5), encoded,
 +                           ssh_digest_bytes(SSH_DIGEST_MD5) * 2);
 +
-+                       if (oidpos != 0) {
-+                               if ((r = sshbuf_put_u8(buf, ',')) != 0)
-+                                       fatal("%s: buffer error: %s",
++                       cp = strncpy(s, kex, strlen(kex));
++                       for ((p = strsep(&cp, ",")); p && *p != '\0';
++                               (p = strsep(&cp, ","))) {
++                               if (sshbuf_len(buf) != 0 &&
++                                   (r = sshbuf_put_u8(buf, ',')) != 0)
++                                       fatal("%s: sshbuf_put_u8 error: %s",
++                                           __func__, ssh_err(r));
++                               if ((r = sshbuf_put(buf, p, strlen(p))) != 0 ||
++                                   (r = sshbuf_put(buf, encoded, enclen)) != 0)
++                                       fatal("%s: sshbuf_put error: %s",
 +                                           __func__, ssh_err(r));
 +                       }
 +
-+                       if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID,
-+                           sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 ||
-+                           (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-+                           (r = sshbuf_put_u8(buf, ',')) != 0 ||
-+                           (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID,
-+                           sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 ||
-+                           (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-+                           (r = sshbuf_put_u8(buf, ',')) != 0 ||
-+                           (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID,
-+                           sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 ||
-+                           (r = sshbuf_put(buf, encoded, enclen)) != 0)
-+                               fatal("%s: buffer error: %s",
-+                                   __func__, ssh_err(r));
-+
 +                       gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
 +                       gss_enc2oid[oidpos].encoded = encoded;
 +                       oidpos++;
 +               }
 +       }
++       free(s);
 +       gss_enc2oid[oidpos].oid = NULL;
 +       gss_enc2oid[oidpos].encoded = NULL;
 +
 +       if ((mechs = sshbuf_dup_string(buf)) == NULL)
 +               fatal("%s: sshbuf_dup_string failed", __func__);
 +
++       sshbuf_free(buf);
++
 +       if (strlen(mechs) == 0) {
 +               free(mechs);
 +               mechs = NULL;
 +       }
-+       
++
 +       return (mechs);
 +}
 +
 +gss_OID
 +ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) {
 +       int i = 0;
-+       
-+       switch (kex_type) {
-+       case KEX_GSS_GRP1_SHA1:
-+               if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID))
-+                       return GSS_C_NO_OID;
-+               name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
-+               break;
-+       case KEX_GSS_GRP14_SHA1:
-+               if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID))
-+                       return GSS_C_NO_OID;
-+               name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
-+               break;
-+       case KEX_GSS_GEX_SHA1:
-+               if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID))
-+                       return GSS_C_NO_OID;
-+               name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
++
++#define SKIP_KEX_NAME(type) \
++       case type: \
++               if (strlen(name) < sizeof(type##_ID)) \
++                       return GSS_C_NO_OID; \
++               name += sizeof(type##_ID) - 1; \
 +               break;
++
++       switch (kex_type) {
++       SKIP_KEX_NAME(KEX_GSS_GRP1_SHA1)
++       SKIP_KEX_NAME(KEX_GSS_GRP14_SHA1)
++       SKIP_KEX_NAME(KEX_GSS_GRP14_SHA256)
++       SKIP_KEX_NAME(KEX_GSS_GRP16_SHA512)
++       SKIP_KEX_NAME(KEX_GSS_GEX_SHA1)
++       SKIP_KEX_NAME(KEX_GSS_NISTP256_SHA256)
++       SKIP_KEX_NAME(KEX_GSS_C25519_SHA256)
 +       default:
 +               return GSS_C_NO_OID;
 +       }
 +
++#undef SKIP_KEX_NAME
++
 +       while (gss_enc2oid[i].encoded != NULL &&
 +           strcmp(name, gss_enc2oid[i].encoded) != 0)
 +               i++;
@@ -888,7 +768,7 @@ index d56257b4a..491e62cee 100644
  /* Check that the OID in a data stream matches that in the context */
  int
  ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
-@@ -218,7 +378,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
+@@ -218,7 +398,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
         }
  
         ctx->major = gss_init_sec_context(&ctx->minor,
@@ -897,7 +777,7 @@ index d56257b4a..491e62cee 100644
             GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
             0, NULL, recv_tok, NULL, send_tok, flags, NULL);
  
-@@ -247,9 +407,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
+@@ -247,9 +427,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
         return (ctx->major);
  }
  
@@ -919,8 +799,8 @@ index d56257b4a..491e62cee 100644
 +           GSS_C_NT_USER_NAME, &gssname);
 +
 +       if (!ctx->major)
-+               ctx->major = gss_acquire_cred(&ctx->minor, 
-+                   gssname, 0, oidset, GSS_C_INITIATE, 
++               ctx->major = gss_acquire_cred(&ctx->minor,
++                   gssname, 0, oidset, GSS_C_INITIATE,
 +                   &ctx->client_creds, NULL, NULL);
 +
 +       gss_release_name(&status, &gssname);
@@ -935,13 +815,13 @@ index d56257b4a..491e62cee 100644
  OM_uint32
  ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
  {
-+       if (ctx == NULL) 
++       if (ctx == NULL)
 +               return -1;
 +
         if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
             GSS_C_QOP_DEFAULT, buffer, hash)))
                 ssh_gssapi_error(ctx);
-@@ -257,6 +451,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
+@@ -257,6 +471,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
         return (ctx->major);
  }
  
@@ -961,12 +841,12 @@ index d56257b4a..491e62cee 100644
  void
  ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
      const char *context)
-@@ -273,11 +480,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
+@@ -273,11 +500,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
  }
  
  int
 -ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
-+ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, 
++ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host,
 +    const char *client)
  {
         gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
@@ -979,7 +859,7 @@ index d56257b4a..491e62cee 100644
  
         /* RFC 4462 says we MUST NOT do SPNEGO */
         if (oid->length == spnego_oid.length && 
-@@ -287,6 +499,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
+@@ -287,6 +519,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
         ssh_gssapi_build_ctx(ctx);
         ssh_gssapi_set_oid(*ctx, oid);
         major = ssh_gssapi_import_name(*ctx, host);
@@ -990,12 +870,12 @@ index d56257b4a..491e62cee 100644
         if (!GSS_ERROR(major)) {
                 major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
                     NULL);
-@@ -296,10 +512,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
+@@ -296,10 +532,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
                             GSS_C_NO_BUFFER);
         }
  
 -       if (GSS_ERROR(major)) 
-+       if (GSS_ERROR(major) || intctx != NULL) 
++       if (GSS_ERROR(major) || intctx != NULL)
                 ssh_gssapi_delete_ctx(ctx);
  
         return (!GSS_ERROR(major));
@@ -1010,7 +890,7 @@ index d56257b4a..491e62cee 100644
 +       static OM_uint32 last_call = 0;
 +       OM_uint32 lifetime, now, major, minor;
 +       int equal;
-+       
++
 +       now = time(NULL);
 +
 +       if (ctxt) {
@@ -1038,8 +918,8 @@ index d56257b4a..491e62cee 100644
 +
 +       if (saved_mech == GSS_C_NO_OID)
 +               return 0;
-+       
-+       major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, 
++
++       major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
 +           &name, &lifetime, NULL, NULL);
 +       if (major == GSS_S_CREDENTIALS_EXPIRED)
 +               return 0;
@@ -1059,7 +939,7 @@ index d56257b4a..491e62cee 100644
 +
  #endif /* GSSAPI */
 diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
-index a151bc1e4..90f8692f5 100644
+index a151bc1e4..ef9beb67c 100644
 --- a/gss-serv-krb5.c
 +++ b/gss-serv-krb5.c
 @@ -1,7 +1,7 @@
@@ -1107,7 +987,7 @@ index a151bc1e4..90f8692f5 100644
  }
  
 +int
-+ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, 
++ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store,
 +    ssh_gssapi_client *client)
 +{
 +       krb5_ccache ccache = NULL;
@@ -1116,14 +996,14 @@ index a151bc1e4..90f8692f5 100644
 +       krb5_error_code problem;
 +       OM_uint32 maj_status, min_status;
 +
-+       if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) {
++       if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) {
 +                logit("krb5_cc_resolve(): %.100s",
 +                    krb5_get_err_text(krb_context, problem));
 +                return 0;
-+               }
-+       
++       }
++
 +       /* Find out who the principal in this cache is */
-+       if ((problem = krb5_cc_get_principal(krb_context, ccache, 
++       if ((problem = krb5_cc_get_principal(krb_context, ccache,
 +           &principal))) {
 +               logit("krb5_cc_get_principal(): %.100s",
 +                   krb5_get_err_text(krb_context, problem));
@@ -1185,7 +1065,7 @@ index a151bc1e4..90f8692f5 100644
  
  #endif /* KRB5 */
 diff --git a/gss-serv.c b/gss-serv.c
-index ab3a15f0f..6c087a1b1 100644
+index ab3a15f0f..1d47870e7 100644
 --- a/gss-serv.c
 +++ b/gss-serv.c
 @@ -1,7 +1,7 @@
@@ -1197,7 +1077,7 @@ index ab3a15f0f..6c087a1b1 100644
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -44,17 +44,22 @@
+@@ -44,17 +44,19 @@
  #include "session.h"
  #include "misc.h"
  #include "servconf.h"
@@ -1205,16 +1085,14 @@ index ab3a15f0f..6c087a1b1 100644
  
  #include "ssh-gss.h"
 +#include "monitor_wrap.h"
-+
-+extern ServerOptions options;
  
  extern ServerOptions options;
  
  static ssh_gssapi_client gssapi_client =
-     { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
+-    { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
 -    GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}};
-+    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL,
-+    {NULL, NULL, NULL, NULL, NULL}, 0, 0};
++    { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL,
++    GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0};
  
  ssh_gssapi_mech gssapi_null_mech =
 -    { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL};
@@ -1222,7 +1100,7 @@ index ab3a15f0f..6c087a1b1 100644
  
  #ifdef KRB5
  extern ssh_gssapi_mech gssapi_kerberos_mech;
-@@ -140,6 +145,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+@@ -140,6 +142,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
         return (ssh_gssapi_acquire_cred(*ctx));
  }
  
@@ -1232,7 +1110,8 @@ index ab3a15f0f..6c087a1b1 100644
 +       if (supported_oids == NULL)
 +               ssh_gssapi_prepare_supported_oids();
 +       return (ssh_gssapi_kex_mechs(supported_oids,
-+           &ssh_gssapi_server_check_mech, NULL, NULL));
++           &ssh_gssapi_server_check_mech, NULL, NULL,
++           options.gss_kex_algorithms));
 +}
 +
 +/* Unprivileged */
@@ -1241,7 +1120,7 @@ index ab3a15f0f..6c087a1b1 100644
 +    const char *dummy) {
 +       Gssctxt *ctx = NULL;
 +       int res;
-+ 
++
 +       res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid)));
 +       ssh_gssapi_delete_ctx(&ctx);
 +
@@ -1251,7 +1130,7 @@ index ab3a15f0f..6c087a1b1 100644
  /* Unprivileged */
  void
  ssh_gssapi_supported_oids(gss_OID_set *oidset)
-@@ -150,7 +177,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
+@@ -150,7 +175,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
         gss_OID_set supported;
  
         gss_create_empty_oid_set(&min_status, oidset);
@@ -1262,7 +1141,7 @@ index ab3a15f0f..6c087a1b1 100644
  
         while (supported_mechs[i]->name != NULL) {
                 if (GSS_ERROR(gss_test_oid_set_member(&min_status,
-@@ -276,8 +305,48 @@ OM_uint32
+@@ -276,8 +303,48 @@ OM_uint32
  ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
  {
         int i = 0;
@@ -1278,21 +1157,21 @@ index ab3a15f0f..6c087a1b1 100644
 +                       return GSS_S_COMPLETE;
 +               }
 +
-+               if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, 
-+                   ctx->client_creds, ctx->oid, &new_name, 
++               if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor,
++                   ctx->client_creds, ctx->oid, &new_name,
 +                   NULL, NULL, NULL))) {
 +                       ssh_gssapi_error(ctx);
 +                       return (ctx->major);
 +               }
 +
-+               ctx->major = gss_compare_name(&ctx->minor, client->name, 
++               ctx->major = gss_compare_name(&ctx->minor, client->name,
 +                   new_name, &equal);
 +
 +               if (GSS_ERROR(ctx->major)) {
 +                       ssh_gssapi_error(ctx);
 +                       return (ctx->major);
 +               }
-+ 
++
 +               if (!equal) {
 +                       debug("Rekeyed credentials have different name");
 +                       return GSS_S_COMPLETE;
@@ -1305,14 +1184,14 @@ index ab3a15f0f..6c087a1b1 100644
 +               gss_release_cred(&ctx->minor, &client->creds);
 +               client->name = new_name;
 +               client->creds = ctx->client_creds;
-+               ctx->client_creds = GSS_C_NO_CREDENTIAL;
++               ctx->client_creds = GSS_C_NO_CREDENTIAL;
 +               client->updated = 1;
 +               return GSS_S_COMPLETE;
 +       }
  
         client->mech = NULL;
  
-@@ -292,6 +361,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
+@@ -292,6 +359,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
         if (client->mech == NULL)
                 return GSS_S_FAILURE;
  
@@ -1326,7 +1205,7 @@ index ab3a15f0f..6c087a1b1 100644
         if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
             &client->displayname, NULL))) {
                 ssh_gssapi_error(ctx);
-@@ -309,6 +385,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
+@@ -309,6 +383,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
                 return (ctx->major);
         }
  
@@ -1335,16 +1214,20 @@ index ab3a15f0f..6c087a1b1 100644
         /* We can't copy this structure, so we just move the pointer to it */
         client->creds = ctx->client_creds;
         ctx->client_creds = GSS_C_NO_CREDENTIAL;
-@@ -356,7 +434,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
+@@ -356,19 +432,23 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
  
  /* Privileged */
  int
 -ssh_gssapi_userok(char *user)
-+ssh_gssapi_userok(char *user, struct passwd *pw)
++ssh_gssapi_userok(char *user, struct passwd *pw, int kex)
  {
         OM_uint32 lmin;
  
-@@ -366,9 +444,11 @@ ssh_gssapi_userok(char *user)
++       (void) kex; /* used in privilege separation */
++
+        if (gssapi_client.exportedname.length == 0 ||
+            gssapi_client.exportedname.value == NULL) {
+                debug("No suitable client data");
                 return 0;
         }
         if (gssapi_client.mech && gssapi_client.mech->userok)
@@ -1365,7 +1248,7 @@ index ab3a15f0f..6c087a1b1 100644
 -/* Privileged */
 -OM_uint32
 -ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
-+/* These bits are only used for rekeying. The unpriviledged child is running 
++/* These bits are only used for rekeying. The unpriviledged child is running
 + * as the user, the monitor is root.
 + *
 + * In the child, we want to :
@@ -1376,7 +1259,7 @@ index ab3a15f0f..6c087a1b1 100644
 +/* Stuff for PAM */
 +
 +#ifdef USE_PAM
-+static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, 
++static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg,
 +    struct pam_response **resp, void *data)
  {
 -       ctx->major = gss_verify_mic(&ctx->minor, ctx->context,
@@ -1389,18 +1272,18 @@ index ab3a15f0f..6c087a1b1 100644
 +void
 +ssh_gssapi_rekey_creds(void) {
 +       int ok;
-+       int ret;
 +#ifdef USE_PAM
++       int ret;
 +       pam_handle_t *pamh = NULL;
 +       struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL};
 +       char *envstr;
 +#endif
 +
-+       if (gssapi_client.store.filename == NULL && 
++       if (gssapi_client.store.filename == NULL &&
 +           gssapi_client.store.envval == NULL &&
 +           gssapi_client.store.envvar == NULL)
 +               return;
-+ 
++
 +       ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store));
 +
 +       if (!ok)
@@ -1423,7 +1306,7 @@ index ab3a15f0f..6c087a1b1 100644
 +       if (ret)
 +               return;
 +
-+       xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, 
++       xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar,
 +           gssapi_client.store.envval);
 +
 +       ret = pam_putenv(pamh, envstr);
@@ -1433,7 +1316,7 @@ index ab3a15f0f..6c087a1b1 100644
 +#endif
 +}
 +
-+int 
++int
 +ssh_gssapi_update_creds(ssh_gssapi_ccache *store) {
 +       int ok = 0;
 +
@@ -1455,11 +1338,29 @@ index ab3a15f0f..6c087a1b1 100644
  }
  
  /* Privileged */
+diff --git a/hmac.c b/hmac.c
+index 1c879640c..a29f32c5c 100644
+--- a/hmac.c
++++ b/hmac.c
+@@ -19,6 +19,7 @@
+ 
+ #include <sys/types.h>
+ #include <string.h>
++#include <stdlib.h>
+ 
+ #include "sshbuf.h"
+ #include "digest.h"
 diff --git a/kex.c b/kex.c
-index 25f9f66f6..fb5bfaea5 100644
+index 34808b5c3..a2a4794e8 100644
 --- a/kex.c
 +++ b/kex.c
-@@ -54,6 +54,10 @@
+@@ -55,11 +55,16 @@
+ #include "misc.h"
+ #include "dispatch.h"
+ #include "monitor.h"
++#include "xmalloc.h"
+ 
+ #include "ssherr.h"
  #include "sshbuf.h"
  #include "digest.h"
  
@@ -1470,57 +1371,129 @@ index 25f9f66f6..fb5bfaea5 100644
  /* prototype */
  static int kex_choose_conf(struct ssh *);
  static int kex_input_newkeys(int, u_int32_t, struct ssh *);
-@@ -105,6 +109,14 @@ static const struct kexalg kexalgs[] = {
+@@ -113,15 +118,28 @@ static const struct kexalg kexalgs[] = {
  #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
         { NULL, -1, -1, -1},
  };
-+static const struct kexalg kexalg_prefixes[] = {
++static const struct kexalg gss_kexalgs[] = {
 +#ifdef GSSAPI
 +       { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
 +       { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
 +       { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
++       { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },
++       { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 },
++       { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256,
++           NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
++       { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
 +#endif
 +       { NULL, -1, -1, -1 },
 +};
  
- char *
- kex_alg_list(char sep)
-@@ -137,6 +149,10 @@ kex_alg_by_name(const char *name)
+-char *
+-kex_alg_list(char sep)
++static char *
++kex_alg_list_internal(char sep, const struct kexalg *algs)
+ {
+        char *ret = NULL, *tmp;
+        size_t nlen, rlen = 0;
+        const struct kexalg *k;
+ 
+-       for (k = kexalgs; k->name != NULL; k++) {
++       for (k = algs; k->name != NULL; k++) {
+                if (ret != NULL)
+                        ret[rlen++] = sep;
+                nlen = strlen(k->name);
+@@ -136,6 +154,18 @@ kex_alg_list(char sep)
+        return ret;
+ }
+ 
++char *
++kex_alg_list(char sep)
++{
++       return kex_alg_list_internal(sep, kexalgs);
++}
++
++char *
++kex_gss_alg_list(char sep)
++{
++       return kex_alg_list_internal(sep, gss_kexalgs);
++}
++
+ static const struct kexalg *
+ kex_alg_by_name(const char *name)
+ {
+@@ -145,6 +175,10 @@ kex_alg_by_name(const char *name)
                 if (strcmp(k->name, name) == 0)
                         return k;
         }
-+       for (k = kexalg_prefixes; k->name != NULL; k++) {
++       for (k = gss_kexalgs; k->name != NULL; k++) {
 +               if (strncmp(k->name, name, strlen(k->name)) == 0)
 +                       return k;
 +       }
         return NULL;
  }
  
-@@ -653,6 +669,9 @@ kex_free(struct kex *kex)
-        sshbuf_free(kex->peer);
-        sshbuf_free(kex->my);
+@@ -301,6 +335,29 @@ kex_assemble_names(char **listp, const char *def, const char *all)
+        return r;
+ }
+ 
++/* Validate GSS KEX method name list */
++int
++kex_gss_names_valid(const char *names)
++{
++       char *s, *cp, *p;
++
++       if (names == NULL || *names == '\0')
++               return 0;
++       s = cp = xstrdup(names);
++       for ((p = strsep(&cp, ",")); p && *p != '\0';
++           (p = strsep(&cp, ","))) {
++               if (strncmp(p, "gss-", 4) != 0
++                 || kex_alg_by_name(p) == NULL) {
++                       error("Unsupported KEX algorithm \"%.100s\"", p);
++                       free(s);
++                       return 0;
++               }
++       }
++       debug3("gss kex names ok: [%s]", names);
++       free(s);
++       return 1;
++}
++
+ /* put algorithm proposal into buffer */
+ int
+ kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX])
+@@ -657,6 +714,9 @@ kex_free(struct kex *kex)
+        sshbuf_free(kex->server_version);
+        sshbuf_free(kex->client_pub);
         free(kex->session_id);
 +#ifdef GSSAPI
 +       free(kex->gss_host);
 +#endif /* GSSAPI */
-        free(kex->client_version_string);
-        free(kex->server_version_string);
         free(kex->failed_choice);
+        free(kex->hostkey_alg);
+        free(kex->name);
 diff --git a/kex.h b/kex.h
-index 593de1208..4e5ead839 100644
+index 6d446d1cc..2d5f1d4ed 100644
 --- a/kex.h
 +++ b/kex.h
-@@ -100,6 +100,9 @@ enum kex_exchange {
-        KEX_DH_GEX_SHA256,
+@@ -103,6 +103,15 @@ enum kex_exchange {
         KEX_ECDH_SHA2,
         KEX_C25519_SHA256,
+        KEX_KEM_SNTRUP4591761X25519_SHA512,
++#ifdef GSSAPI
 +       KEX_GSS_GRP1_SHA1,
 +       KEX_GSS_GRP14_SHA1,
++       KEX_GSS_GRP14_SHA256,
++       KEX_GSS_GRP16_SHA512,
 +       KEX_GSS_GEX_SHA1,
++       KEX_GSS_NISTP256_SHA256,
++       KEX_GSS_C25519_SHA256,
++#endif
         KEX_MAX
  };
  
-@@ -148,6 +151,12 @@ struct kex {
+@@ -154,6 +163,12 @@ struct kex {
         u_int   flags;
         int     hash_alg;
         int     ec_nid;
@@ -1530,27 +1503,93 @@ index 593de1208..4e5ead839 100644
 +       char    *gss_host;
 +       char    *gss_client;
 +#endif
-        char    *client_version_string;
-        char    *server_version_string;
         char    *failed_choice;
-@@ -198,6 +207,11 @@ int         kexecdh_server(struct ssh *);
- int     kexc25519_client(struct ssh *);
- int     kexc25519_server(struct ssh *);
- 
-+#ifdef GSSAPI
+        int     (*verify_host_key)(struct sshkey *, struct ssh *);
+        struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
+@@ -175,8 +190,10 @@ struct kex {
+ 
+ int     kex_names_valid(const char *);
+ char   *kex_alg_list(char);
++char   *kex_gss_alg_list(char);
+ char   *kex_names_cat(const char *, const char *);
+ int     kex_assemble_names(char **, const char *, const char *);
++int     kex_gss_names_valid(const char *);
+ 
+ int     kex_exchange_identification(struct ssh *, int, const char *);
+ 
+@@ -203,6 +220,12 @@ int         kexgex_client(struct ssh *);
+ int     kexgex_server(struct ssh *);
+ int     kex_gen_client(struct ssh *);
+ int     kex_gen_server(struct ssh *);
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
++int     kexgssgex_client(struct ssh *);
++int     kexgssgex_server(struct ssh *);
 +int     kexgss_client(struct ssh *);
 +int     kexgss_server(struct ssh *);
 +#endif
-+
- int     kex_dh_hash(int, const char *, const char *,
-     const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
-     const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
+ 
+ int     kex_dh_keypair(struct kex *);
+ int     kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
+@@ -235,6 +258,12 @@ int         kexgex_hash(int, const struct sshbuf *, const struct sshbuf *,
+     const BIGNUM *, const u_char *, size_t,
+     u_char *, size_t *);
+ 
++int     kex_gen_hash(int hash_alg, const struct sshbuf *client_version,
++    const struct sshbuf *server_version, const struct sshbuf *client_kexinit,
++    const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob,
++    const struct sshbuf *client_pub, const struct sshbuf *server_pub,
++    const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen);
++
+ void   kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
+        __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
+        __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
+diff --git a/kexdh.c b/kexdh.c
+index 67133e339..edaa46762 100644
+--- a/kexdh.c
++++ b/kexdh.c
+@@ -48,13 +48,23 @@ kex_dh_keygen(struct kex *kex)
+ {
+        switch (kex->kex_type) {
+        case KEX_DH_GRP1_SHA1:
++#ifdef GSSAPI
++       case KEX_GSS_GRP1_SHA1:
++#endif
+                kex->dh = dh_new_group1();
+                break;
+        case KEX_DH_GRP14_SHA1:
+        case KEX_DH_GRP14_SHA256:
++#ifdef GSSAPI
++       case KEX_GSS_GRP14_SHA1:
++       case KEX_GSS_GRP14_SHA256:
++#endif
+                kex->dh = dh_new_group14();
+                break;
+        case KEX_DH_GRP16_SHA512:
++#ifdef GSSAPI
++       case KEX_GSS_GRP16_SHA512:
++#endif
+                kex->dh = dh_new_group16();
+                break;
+        case KEX_DH_GRP18_SHA512:
+diff --git a/kexgen.c b/kexgen.c
+index 2abbb9ef6..569dc83f3 100644
+--- a/kexgen.c
++++ b/kexgen.c
+@@ -43,7 +43,7 @@
+ static int input_kex_gen_init(int, u_int32_t, struct ssh *);
+ static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh);
+ 
+-static int
++int
+ kex_gen_hash(
+     int hash_alg,
+     const struct sshbuf *client_version,
 diff --git a/kexgssc.c b/kexgssc.c
 new file mode 100644
-index 000000000..3c8ae08dd
+index 000000000..f6e1405eb
 --- /dev/null
 +++ b/kexgssc.c
-@@ -0,0 +1,341 @@
+@@ -0,0 +1,606 @@
 +/*
 + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
 + *
@@ -1577,7 +1616,7 @@ index 000000000..3c8ae08dd
 +
 +#include "includes.h"
 +
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +
 +#include "includes.h"
 +
@@ -1596,113 +1635,88 @@ index 000000000..3c8ae08dd
 +#include "packet.h"
 +#include "dh.h"
 +#include "digest.h"
++#include "ssherr.h"
 +
 +#include "ssh-gss.h"
 +
 +int
-+kexgss_client(struct ssh *ssh) {
-+       gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
-+       gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
++kexgss_client(struct ssh *ssh)
++{
++       struct kex *kex = ssh->kex;
++       gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER,
++           recv_tok = GSS_C_EMPTY_BUFFER,
++           gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr;
 +       Gssctxt *ctxt;
 +       OM_uint32 maj_status, min_status, ret_flags;
-+       u_int klen, kout, slen = 0, strlen;
-+       DH *dh; 
-+       BIGNUM *dh_server_pub = NULL;
-+       BIGNUM *shared_secret = NULL;
-+       const BIGNUM *pub_key, *dh_p, *dh_g;
-+       BIGNUM *p = NULL;
-+       BIGNUM *g = NULL;       
-+       u_char *kbuf;
-+       u_char *serverhostkey = NULL;
-+       u_char *empty = "";
-+       char *msg;
++       struct sshbuf *server_blob = NULL;
++       struct sshbuf *shared_secret = NULL;
++       struct sshbuf *server_host_key_blob = NULL;
++       struct sshbuf *empty = NULL;
++       u_char *msg;
 +       int type = 0;
 +       int first = 1;
-+       int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
 +       u_char hash[SSH_DIGEST_MAX_LENGTH];
 +       size_t hashlen;
++       u_char c;
++       int r;
 +
-+       /* Initialise our GSSAPI world */       
++       /* Initialise our GSSAPI world */
 +       ssh_gssapi_build_ctx(&ctxt);
-+       if (ssh_gssapi_id_kex(ctxt, ssh->kex->name, ssh->kex->kex_type) 
++       if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type)
 +           == GSS_C_NO_OID)
 +               fatal("Couldn't identify host exchange");
 +
-+       if (ssh_gssapi_import_name(ctxt, ssh->kex->gss_host))
++       if (ssh_gssapi_import_name(ctxt, kex->gss_host))
 +               fatal("Couldn't import hostname");
 +
-+       if (ssh->kex->gss_client && 
-+           ssh_gssapi_client_identity(ctxt, ssh->kex->gss_client))
++       if (kex->gss_client &&
++           ssh_gssapi_client_identity(ctxt, kex->gss_client))
 +               fatal("Couldn't acquire client credentials");
 +
-+       switch (ssh->kex->kex_type) {
++       /* Step 1 */
++       switch (kex->kex_type) {
 +       case KEX_GSS_GRP1_SHA1:
-+               dh = dh_new_group1();
-+               break;
 +       case KEX_GSS_GRP14_SHA1:
-+               dh = dh_new_group14();
++       case KEX_GSS_GRP14_SHA256:
++       case KEX_GSS_GRP16_SHA512:
++               r = kex_dh_keypair(kex);
++               break;
++       case KEX_GSS_NISTP256_SHA256:
++               r = kex_ecdh_keypair(kex);
 +               break;
-+       case KEX_GSS_GEX_SHA1:
-+               debug("Doing group exchange\n");
-+               nbits = dh_estimate(ssh->kex->we_need * 8);
-+               packet_start(SSH2_MSG_KEXGSS_GROUPREQ);
-+               packet_put_int(min);
-+               packet_put_int(nbits);
-+               packet_put_int(max);
-+
-+               packet_send();
-+
-+               packet_read_expect(SSH2_MSG_KEXGSS_GROUP);
-+
-+               if ((p = BN_new()) == NULL)
-+                       fatal("BN_new() failed");
-+               packet_get_bignum2(p);
-+               if ((g = BN_new()) == NULL)
-+                       fatal("BN_new() failed");
-+               packet_get_bignum2(g);
-+               packet_check_eom();
-+
-+               if (BN_num_bits(p) < min || BN_num_bits(p) > max)
-+                       fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
-+                           min, BN_num_bits(p), max);
-+
-+               dh = dh_new_group(g, p);
++       case KEX_GSS_C25519_SHA256:
++               r = kex_c25519_keypair(kex);
 +               break;
 +       default:
-+               fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
++               fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
 +       }
-+       
-+       /* Step 1 - e is dh->pub_key */
-+       dh_gen_key(dh, ssh->kex->we_need * 8);
-+       DH_get0_key(dh, &pub_key, NULL);
-+       DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
-+
-+       /* This is f, we initialise it now to make life easier */
-+       dh_server_pub = BN_new();
-+       if (dh_server_pub == NULL)
-+               fatal("dh_server_pub == NULL");
++       if (r != 0)
++               return r;
 +
 +       token_ptr = GSS_C_NO_BUFFER;
-+                        
++
 +       do {
 +               debug("Calling gss_init_sec_context");
-+               
++
 +               maj_status = ssh_gssapi_init_ctx(ctxt,
-+                   ssh->kex->gss_deleg_creds, token_ptr, &send_tok,
++                   kex->gss_deleg_creds, token_ptr, &send_tok,
 +                   &ret_flags);
 +
 +               if (GSS_ERROR(maj_status)) {
++                       /* XXX Useles code: Missing send? */
 +                       if (send_tok.length != 0) {
-+                               packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-+                               packet_put_string(send_tok.value,
-+                                   send_tok.length);
++                               if ((r = sshpkt_start(ssh,
++                                       SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                                   (r = sshpkt_put_string(ssh, send_tok.value,
++                                       send_tok.length)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
 +                       }
 +                       fatal("gss_init_context failed");
 +               }
 +
 +               /* If we've got an old receive buffer get rid of it */
 +               if (token_ptr != GSS_C_NO_BUFFER)
-+                       free(recv_tok.value);
++                       gss_release_buffer(&min_status, &recv_tok);
 +
 +               if (maj_status == GSS_S_COMPLETE) {
 +                       /* If mutual state flag is not true, kex fails */
@@ -1714,75 +1728,90 @@ index 000000000..3c8ae08dd
 +                               fatal("Integrity check failed");
 +               }
 +
-+               /* 
++               /*
 +                * If we have data to send, then the last message that we
-+                * received cannot have been a 'complete'. 
++                * received cannot have been a 'complete'.
 +                */
 +               if (send_tok.length != 0) {
 +                       if (first) {
-+                               packet_start(SSH2_MSG_KEXGSS_INIT);
-+                               packet_put_string(send_tok.value,
-+                                   send_tok.length);
-+                               packet_put_bignum2(pub_key);
++                               if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 ||
++                                   (r = sshpkt_put_string(ssh, send_tok.value,
++                                       send_tok.length)) != 0 ||
++                                   (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0)
++                                       fatal("failed to construct packet: %s", ssh_err(r));
 +                               first = 0;
 +                       } else {
-+                               packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-+                               packet_put_string(send_tok.value,
-+                                   send_tok.length);
++                               if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                                   (r = sshpkt_put_string(ssh, send_tok.value,
++                                       send_tok.length)) != 0)
++                                       fatal("failed to construct packet: %s", ssh_err(r));
 +                       }
-+                       packet_send();
++                       if ((r = sshpkt_send(ssh)) != 0)
++                               fatal("failed to send packet: %s", ssh_err(r));
 +                       gss_release_buffer(&min_status, &send_tok);
 +
 +                       /* If we've sent them data, they should reply */
-+                       do {    
-+                               type = packet_read();
++                       do {
++                               type = ssh_packet_read(ssh);
 +                               if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
 +                                       debug("Received KEXGSS_HOSTKEY");
-+                                       if (serverhostkey)
++                                       if (server_host_key_blob)
 +                                               fatal("Server host key received more than once");
-+                                       serverhostkey = 
-+                                           packet_get_string(&slen);
++                                       if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
++                                               fatal("Failed to read server host key: %s", ssh_err(r));
 +                               }
 +                       } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
 +
 +                       switch (type) {
 +                       case SSH2_MSG_KEXGSS_CONTINUE:
 +                               debug("Received GSSAPI_CONTINUE");
-+                               if (maj_status == GSS_S_COMPLETE) 
++                               if (maj_status == GSS_S_COMPLETE)
 +                                       fatal("GSSAPI Continue received from server when complete");
-+                               recv_tok.value = packet_get_string(&strlen);
-+                               recv_tok.length = strlen; 
++                               if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                                       &recv_tok)) != 0 ||
++                                   (r = sshpkt_get_end(ssh)) != 0)
++                                       fatal("Failed to read token: %s", ssh_err(r));
 +                               break;
 +                       case SSH2_MSG_KEXGSS_COMPLETE:
 +                               debug("Received GSSAPI_COMPLETE");
-+                               packet_get_bignum2(dh_server_pub);
-+                               msg_tok.value =  packet_get_string(&strlen);
-+                               msg_tok.length = strlen; 
++                               if (msg_tok.value != NULL)
++                                       fatal("Received GSSAPI_COMPLETE twice?");
++                               if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
++                                   (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                                       &msg_tok)) != 0)
++                                       fatal("Failed to read message: %s", ssh_err(r));
 +
 +                               /* Is there a token included? */
-+                               if (packet_get_char()) {
-+                                       recv_tok.value=
-+                                           packet_get_string(&strlen);
-+                                       recv_tok.length = strlen;
++                               if ((r = sshpkt_get_u8(ssh, &c)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                               if (c) {
++                                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(
++                                           ssh, &recv_tok)) != 0)
++                                               fatal("Failed to read token: %s", ssh_err(r));
 +                                       /* If we're already complete - protocol error */
 +                                       if (maj_status == GSS_S_COMPLETE)
-+                                               packet_disconnect("Protocol error: received token when complete");
-+                                       } else {
-+                                               /* No token included */
-+                                               if (maj_status != GSS_S_COMPLETE)
-+                                                       packet_disconnect("Protocol error: did not receive final token");
++                                               sshpkt_disconnect(ssh, "Protocol error: received token when complete");
++                               } else {
++                                       /* No token included */
++                                       if (maj_status != GSS_S_COMPLETE)
++                                               sshpkt_disconnect(ssh, "Protocol error: did not receive final token");
++                               }
++                               if ((r = sshpkt_get_end(ssh)) != 0) {
++                                       fatal("Expecting end of packet.");
 +                               }
 +                               break;
 +                       case SSH2_MSG_KEXGSS_ERROR:
 +                               debug("Received Error");
-+                               maj_status = packet_get_int();
-+                               min_status = packet_get_int();
-+                               msg = packet_get_string(NULL);
-+                               (void) packet_get_string_ptr(NULL);
-+                               fatal("GSSAPI Error: \n%.400s",msg);
++                               if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 ||
++                                   (r = sshpkt_get_u32(ssh, &min_status)) != 0 ||
++                                   (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 ||
++                                   (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */
++                                   (r = sshpkt_get_end(ssh)) != 0)
++                                       fatal("sshpkt_get failed: %s", ssh_err(r));
++                               fatal("GSSAPI Error: \n%.400s", msg);
 +                       default:
-+                               packet_disconnect("Protocol error: didn't expect packet type %d",
-+                               type);
++                               sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d",
++                                   type);
 +                       }
 +                       token_ptr = &recv_tok;
 +               } else {
@@ -1792,93 +1821,358 @@ index 000000000..3c8ae08dd
 +               }
 +       } while (maj_status & GSS_S_CONTINUE_NEEDED);
 +
-+       /* 
-+        * We _must_ have received a COMPLETE message in reply from the 
-+        * server, which will have set dh_server_pub and msg_tok 
++       /*
++        * We _must_ have received a COMPLETE message in reply from the
++        * server, which will have set server_blob and msg_tok
 +        */
 +
 +       if (type != SSH2_MSG_KEXGSS_COMPLETE)
 +               fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it");
 +
-+       /* Check f in range [1, p-1] */
-+       if (!dh_pub_is_valid(dh, dh_server_pub))
-+               packet_disconnect("bad server public DH value");
-+
-+       /* compute K=f^x mod p */
-+       klen = DH_size(dh);
-+       kbuf = xmalloc(klen);
-+       kout = DH_compute_key(kbuf, dh_server_pub, dh);
-+       if (kout < 0)
-+               fatal("DH_compute_key: failed");
-+
-+       shared_secret = BN_new();
-+       if (shared_secret == NULL)
-+               fatal("kexgss_client: BN_new failed");
-+
-+       if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
-+               fatal("kexdh_client: BN_bin2bn failed");
-+
-+       memset(kbuf, 0, klen);
-+       free(kbuf);
-+
-+       hashlen = sizeof(hash);
-+       switch (ssh->kex->kex_type) {
++       /* compute shared secret */
++       switch (kex->kex_type) {
 +       case KEX_GSS_GRP1_SHA1:
 +       case KEX_GSS_GRP14_SHA1:
-+               kex_dh_hash(
-+                   ssh->kex->hash_alg,
-+                   ssh->kex->client_version_string,
-+                   ssh->kex->server_version_string,
-+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   (serverhostkey ? serverhostkey : empty), slen,
-+                   pub_key,            /* e */
-+                   dh_server_pub,      /* f */
-+                   shared_secret,      /* K */
-+                   hash, &hashlen
-+               );
++       case KEX_GSS_GRP14_SHA256:
++       case KEX_GSS_GRP16_SHA512:
++               r = kex_dh_dec(kex, server_blob, &shared_secret);
++               break;
++       case KEX_GSS_C25519_SHA256:
++               if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80)
++                       fatal("The received key has MSB of last octet set!");
++               r = kex_c25519_dec(kex, server_blob, &shared_secret);
 +               break;
-+       case KEX_GSS_GEX_SHA1:
-+               kexgex_hash(
-+                   ssh->kex->hash_alg,
-+                   ssh->kex->client_version_string,
-+                   ssh->kex->server_version_string,
-+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   (serverhostkey ? serverhostkey : empty), slen,
-+                   min, nbits, max,
-+                   dh_p, dh_g,
-+                   pub_key,
-+                   dh_server_pub,
-+                   shared_secret,
-+                   hash, &hashlen
-+               );
++       case KEX_GSS_NISTP256_SHA256:
++               if (sshbuf_len(server_blob) != 65)
++                       fatal("The received NIST-P256 key did not match"
++                           "expected length (expected 65, got %zu)", sshbuf_len(server_blob));
++
++               if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED)
++                       fatal("The received NIST-P256 key does not have first octet 0x04");
++
++               r = kex_ecdh_dec(kex, server_blob, &shared_secret);
 +               break;
 +       default:
-+               fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
++               r = SSH_ERR_INVALID_ARGUMENT;
++               break;
++       }
++       if (r != 0)
++               goto out;
++
++       if ((empty = sshbuf_new()) == NULL) {
++               r = SSH_ERR_ALLOC_FAIL;
++               goto out;
 +       }
 +
++       hashlen = sizeof(hash);
++       if ((r = kex_gen_hash(
++           kex->hash_alg,
++           kex->client_version,
++           kex->server_version,
++           kex->my,
++           kex->peer,
++           (server_host_key_blob ? server_host_key_blob : empty),
++           kex->client_pub,
++           server_blob,
++           shared_secret,
++           hash, &hashlen)) != 0)
++               fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
++
 +       gssbuf.value = hash;
 +       gssbuf.length = hashlen;
 +
 +       /* Verify that the hash matches the MIC we just got. */
 +       if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
-+               packet_disconnect("Hash's MIC didn't verify");
++               sshpkt_disconnect(ssh, "Hash's MIC didn't verify");
 +
-+       free(msg_tok.value);
++       gss_release_buffer(&min_status, &msg_tok);
 +
-+       DH_free(dh);
-+       free(serverhostkey);
-+       BN_clear_free(dh_server_pub);
++       if (kex->gss_deleg_creds)
++               ssh_gssapi_credentials_updated(ctxt);
++
++       if (gss_kex_context == NULL)
++               gss_kex_context = ctxt;
++       else
++               ssh_gssapi_delete_ctx(&ctxt);
++
++       if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
++               r = kex_send_newkeys(ssh);
++
++out:
++       explicit_bzero(hash, sizeof(hash));
++       explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
++       sshbuf_free(empty);
++       sshbuf_free(server_host_key_blob);
++       sshbuf_free(server_blob);
++       sshbuf_free(shared_secret);
++       sshbuf_free(kex->client_pub);
++       kex->client_pub = NULL;
++       return r;
++}
++
++int
++kexgssgex_client(struct ssh *ssh)
++{
++       struct kex *kex = ssh->kex;
++       gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER,
++           recv_tok = GSS_C_EMPTY_BUFFER, gssbuf,
++            msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr;
++       Gssctxt *ctxt;
++       OM_uint32 maj_status, min_status, ret_flags;
++       struct sshbuf *shared_secret = NULL;
++       BIGNUM *p = NULL;
++       BIGNUM *g = NULL;
++       struct sshbuf *buf = NULL;
++       struct sshbuf *server_host_key_blob = NULL;
++       struct sshbuf *server_blob = NULL;
++       BIGNUM *dh_server_pub = NULL;
++       u_char *msg;
++       int type = 0;
++       int first = 1;
++       u_char hash[SSH_DIGEST_MAX_LENGTH];
++       size_t hashlen;
++       const BIGNUM *pub_key, *dh_p, *dh_g;
++       int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
++       struct sshbuf *empty = NULL;
++       u_char c;
++       int r;
++
++       /* Initialise our GSSAPI world */
++       ssh_gssapi_build_ctx(&ctxt);
++       if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type)
++           == GSS_C_NO_OID)
++               fatal("Couldn't identify host exchange");
++
++       if (ssh_gssapi_import_name(ctxt, kex->gss_host))
++               fatal("Couldn't import hostname");
++
++       if (kex->gss_client &&
++           ssh_gssapi_client_identity(ctxt, kex->gss_client))
++               fatal("Couldn't acquire client credentials");
++
++       debug("Doing group exchange");
++       nbits = dh_estimate(kex->dh_need * 8);
++
++       kex->min = DH_GRP_MIN;
++       kex->max = DH_GRP_MAX;
++       kex->nbits = nbits;
++       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 ||
++           (r = sshpkt_put_u32(ssh, min)) != 0 ||
++           (r = sshpkt_put_u32(ssh, nbits)) != 0 ||
++           (r = sshpkt_put_u32(ssh, max)) != 0 ||
++           (r = sshpkt_send(ssh)) != 0)
++               fatal("Failed to construct a packet: %s", ssh_err(r));
++
++       if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0)
++               fatal("Error: %s", ssh_err(r));
++
++       if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 ||
++           (r = sshpkt_get_bignum2(ssh, &g)) != 0 ||
++           (r = sshpkt_get_end(ssh)) != 0)
++               fatal("shpkt_get_bignum2 failed: %s", ssh_err(r));
++
++       if (BN_num_bits(p) < min || BN_num_bits(p) > max)
++               fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
++                   min, BN_num_bits(p), max);
++
++       if ((kex->dh = dh_new_group(g, p)) == NULL)
++               fatal("dn_new_group() failed");
++       p = g = NULL; /* belong to kex->dh now */
++
++       if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
++               goto out;
++       DH_get0_key(kex->dh, &pub_key, NULL);
++
++       token_ptr = GSS_C_NO_BUFFER;
++
++       do {
++               /* Step 2 - call GSS_Init_sec_context() */
++               debug("Calling gss_init_sec_context");
++
++               maj_status = ssh_gssapi_init_ctx(ctxt,
++                   kex->gss_deleg_creds, token_ptr, &send_tok,
++                   &ret_flags);
++
++               if (GSS_ERROR(maj_status)) {
++                       /* XXX Useles code: Missing send? */
++                       if (send_tok.length != 0) {
++                               if ((r = sshpkt_start(ssh,
++                                       SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                                   (r = sshpkt_put_string(ssh, send_tok.value,
++                                       send_tok.length)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                       }
++                       fatal("gss_init_context failed");
++               }
++
++               /* If we've got an old receive buffer get rid of it */
++               if (token_ptr != GSS_C_NO_BUFFER)
++                       gss_release_buffer(&min_status, &recv_tok);
++
++               if (maj_status == GSS_S_COMPLETE) {
++                       /* If mutual state flag is not true, kex fails */
++                       if (!(ret_flags & GSS_C_MUTUAL_FLAG))
++                               fatal("Mutual authentication failed");
++
++                       /* If integ avail flag is not true kex fails */
++                       if (!(ret_flags & GSS_C_INTEG_FLAG))
++                               fatal("Integrity check failed");
++               }
++
++               /*
++                * If we have data to send, then the last message that we
++                * received cannot have been a 'complete'.
++                */
++               if (send_tok.length != 0) {
++                       if (first) {
++                               if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 ||
++                                   (r = sshpkt_put_string(ssh, send_tok.value,
++                                       send_tok.length)) != 0 ||
++                                   (r = sshpkt_put_bignum2(ssh, pub_key)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                               first = 0;
++                       } else {
++                               if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                                   (r = sshpkt_put_string(ssh,send_tok.value,
++                                       send_tok.length)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                       }
++                       if ((r = sshpkt_send(ssh)) != 0)
++                               fatal("sshpkt_send failed: %s", ssh_err(r));
++                       gss_release_buffer(&min_status, &send_tok);
++
++                       /* If we've sent them data, they should reply */
++                       do {
++                               type = ssh_packet_read(ssh);
++                               if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
++                                       debug("Received KEXGSS_HOSTKEY");
++                                       if (server_host_key_blob)
++                                               fatal("Server host key received more than once");
++                                       if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
++                                               fatal("sshpkt failed: %s", ssh_err(r));
++                               }
++                       } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
++
++                       switch (type) {
++                       case SSH2_MSG_KEXGSS_CONTINUE:
++                               debug("Received GSSAPI_CONTINUE");
++                               if (maj_status == GSS_S_COMPLETE)
++                                       fatal("GSSAPI Continue received from server when complete");
++                               if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                                       &recv_tok)) != 0 ||
++                                   (r = sshpkt_get_end(ssh)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                               break;
++                       case SSH2_MSG_KEXGSS_COMPLETE:
++                               debug("Received GSSAPI_COMPLETE");
++                               if (msg_tok.value != NULL)
++                                       fatal("Received GSSAPI_COMPLETE twice?");
++                               if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
++                                   (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                                       &msg_tok)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++
++                               /* Is there a token included? */
++                               if ((r = sshpkt_get_u8(ssh, &c)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                               if (c) {
++                                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(
++                                               ssh, &recv_tok)) != 0 ||
++                                           (r = sshpkt_get_end(ssh)) != 0)
++                                               fatal("sshpkt failed: %s", ssh_err(r));
++                                       /* If we're already complete - protocol error */
++                                       if (maj_status == GSS_S_COMPLETE)
++                                               sshpkt_disconnect(ssh, "Protocol error: received token when complete");
++                               } else {
++                                       /* No token included */
++                                       if (maj_status != GSS_S_COMPLETE)
++                                               sshpkt_disconnect(ssh, "Protocol error: did not receive final token");
++                               }
++                               break;
++                       case SSH2_MSG_KEXGSS_ERROR:
++                               debug("Received Error");
++                               if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 ||
++                                   (r = sshpkt_get_u32(ssh, &min_status)) != 0 ||
++                                   (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 ||
++                                   (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */
++                                   (r = sshpkt_get_end(ssh)) != 0)
++                                       fatal("sshpkt failed: %s", ssh_err(r));
++                               fatal("GSSAPI Error: \n%.400s", msg);
++                       default:
++                               sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d",
++                                   type);
++                       }
++                       token_ptr = &recv_tok;
++               } else {
++                       /* No data, and not complete */
++                       if (maj_status != GSS_S_COMPLETE)
++                               fatal("Not complete, and no token output");
++               }
++       } while (maj_status & GSS_S_CONTINUE_NEEDED);
++
++       /*
++        * We _must_ have received a COMPLETE message in reply from the
++        * server, which will have set dh_server_pub and msg_tok
++        */
++
++       if (type != SSH2_MSG_KEXGSS_COMPLETE)
++               fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it");
++
++       /* 7. C verifies that the key Q_S is valid */
++       /* 8. C computes shared secret */
++       if ((buf = sshbuf_new()) == NULL ||
++           (r = sshbuf_put_stringb(buf, server_blob)) != 0 ||
++           (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0)
++               goto out;
++       sshbuf_free(buf);
++       buf = NULL;
++
++       if ((shared_secret = sshbuf_new()) == NULL) {
++               r = SSH_ERR_ALLOC_FAIL;
++               goto out;
++       }
++
++       if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0)
++               goto out;
++       if ((empty = sshbuf_new()) == NULL) {
++               r = SSH_ERR_ALLOC_FAIL;
++               goto out;
++       }
++
++       DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
++       hashlen = sizeof(hash);
++       if ((r = kexgex_hash(
++           kex->hash_alg,
++           kex->client_version,
++           kex->server_version,
++           kex->my,
++           kex->peer,
++           (server_host_key_blob ? server_host_key_blob : empty),
++           kex->min, kex->nbits, kex->max,
++           dh_p, dh_g,
++           pub_key,
++           dh_server_pub,
++           sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
++           hash, &hashlen)) != 0)
++               fatal("Failed to calculate hash: %s", ssh_err(r));
++
++       gssbuf.value = hash;
++       gssbuf.length = hashlen;
++
++       /* Verify that the hash matches the MIC we just got. */
++       if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
++               sshpkt_disconnect(ssh, "Hash's MIC didn't verify");
++
++       gss_release_buffer(&min_status, &msg_tok);
 +
 +       /* save session id */
-+       if (ssh->kex->session_id == NULL) {
-+               ssh->kex->session_id_len = hashlen;
-+               ssh->kex->session_id = xmalloc(ssh->kex->session_id_len);
-+               memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len);
++       if (kex->session_id == NULL) {
++               kex->session_id_len = hashlen;
++               kex->session_id = xmalloc(kex->session_id_len);
++               memcpy(kex->session_id, hash, kex->session_id_len);
 +       }
 +
-+       if (ssh->kex->gss_deleg_creds)
++       if (kex->gss_deleg_creds)
 +               ssh_gssapi_credentials_updated(ctxt);
 +
 +       if (gss_kex_context == NULL)
@@ -1886,18 +2180,28 @@ index 000000000..3c8ae08dd
 +       else
 +               ssh_gssapi_delete_ctx(&ctxt);
 +
-+       kex_derive_keys_bn(ssh, hash, hashlen, shared_secret);
-+       BN_clear_free(shared_secret);
-+       return kex_send_newkeys(ssh);
++       /* Finally derive the keys and send them */
++       if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
++               r = kex_send_newkeys(ssh);
++out:
++       sshbuf_free(buf);
++       sshbuf_free(server_blob);
++       sshbuf_free(empty);
++       explicit_bzero(hash, sizeof(hash));
++       DH_free(kex->dh);
++       kex->dh = NULL;
++       BN_clear_free(dh_server_pub);
++       sshbuf_free(shared_secret);
++       sshbuf_free(server_host_key_blob);
++       return r;
 +}
-+
-+#endif /* GSSAPI */
++#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
 diff --git a/kexgsss.c b/kexgsss.c
 new file mode 100644
-index 000000000..18070f1d7
+index 000000000..60bc02deb
 --- /dev/null
 +++ b/kexgsss.c
-@@ -0,0 +1,300 @@
+@@ -0,0 +1,474 @@
 +/*
 + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
 + *
@@ -1924,7 +2228,7 @@ index 000000000..18070f1d7
 +
 +#include "includes.h"
 +
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +
 +#include <string.h>
 +
@@ -1942,40 +2246,41 @@ index 000000000..18070f1d7
 +#include "dh.h"
 +#include "ssh-gss.h"
 +#include "monitor_wrap.h"
-+#include "misc.h"
++#include "misc.h"      /* servconf.h needs misc.h for struct ForwardOptions */
 +#include "servconf.h"
++#include "ssh-gss.h"
 +#include "digest.h"
++#include "ssherr.h"
 +
 +extern ServerOptions options;
 +
 +int
 +kexgss_server(struct ssh *ssh)
 +{
++       struct kex *kex = ssh->kex;
 +       OM_uint32 maj_status, min_status;
-+       
-+       /* 
++
++       /*
 +        * Some GSSAPI implementations use the input value of ret_flags (an
-+        * output variable) as a means of triggering mechanism specific 
-+        * features. Initializing it to zero avoids inadvertently 
-+        * activating this non-standard behaviour.
++        * output variable) as a means of triggering mechanism specific
++        * features. Initializing it to zero avoids inadvertently
++        * activating this non-standard behaviour.
 +        */
 +
 +       OM_uint32 ret_flags = 0;
 +       gss_buffer_desc gssbuf, recv_tok, msg_tok;
 +       gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
 +       Gssctxt *ctxt = NULL;
-+       u_int slen, klen, kout;
-+       u_char *kbuf;
-+       DH *dh;
-+       int min = -1, max = -1, nbits = -1;
-+       const BIGNUM *pub_key, *dh_p, *dh_g;
-+       BIGNUM *shared_secret = NULL;
-+       BIGNUM *dh_client_pub = NULL;
++       struct sshbuf *shared_secret = NULL;
++       struct sshbuf *client_pubkey = NULL;
++       struct sshbuf *server_pubkey = NULL;
++       struct sshbuf *empty = sshbuf_new();
 +       int type = 0;
 +       gss_OID oid;
 +       char *mechs;
 +       u_char hash[SSH_DIGEST_MAX_LENGTH];
 +       size_t hashlen;
++       int r;
 +
 +       /* Initialise GSSAPI */
 +
@@ -1988,8 +2293,8 @@ index 000000000..18070f1d7
 +               free(mechs);
 +       }
 +
-+       debug2("%s: Identifying %s", __func__, ssh->kex->name);
-+       oid = ssh_gssapi_id_kex(NULL, ssh->kex->name, ssh->kex->kex_type);
++       debug2("%s: Identifying %s", __func__, kex->name);
++       oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
 +       if (oid == GSS_C_NO_OID)
 +          fatal("Unknown gssapi mechanism");
 +
@@ -1998,94 +2303,82 @@ index 000000000..18070f1d7
 +       if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
 +               fatal("Unable to acquire credentials for the server");
 +
-+       switch (ssh->kex->kex_type) {
-+       case KEX_GSS_GRP1_SHA1:
-+               dh = dh_new_group1();
-+               break;
-+       case KEX_GSS_GRP14_SHA1:
-+               dh = dh_new_group14();
-+               break;
-+       case KEX_GSS_GEX_SHA1:
-+               debug("Doing group exchange");
-+               packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
-+               min = packet_get_int();
-+               nbits = packet_get_int();
-+               max = packet_get_int();
-+               packet_check_eom();
-+               if (max < min || nbits < min || max < nbits)
-+                       fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
-+                           min, nbits, max);
-+               dh = PRIVSEP(choose_dh(MAX(DH_GRP_MIN, min),
-+                   nbits, MIN(DH_GRP_MAX, max)));
-+               if (dh == NULL)
-+                       packet_disconnect("Protocol error: no matching group found");
-+               DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
-+
-+               packet_start(SSH2_MSG_KEXGSS_GROUP);
-+               packet_put_bignum2(dh_p);
-+               packet_put_bignum2(dh_g);
-+               packet_send();
-+
-+               packet_write_wait();
-+               break;
-+       default:
-+               fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
-+       }
-+
-+       dh_gen_key(dh, ssh->kex->we_need * 8);
-+
 +       do {
-+               debug("Wait SSH2_MSG_GSSAPI_INIT");
-+               type = packet_read();
++               debug("Wait SSH2_MSG_KEXGSS_INIT");
++               type = ssh_packet_read(ssh);
 +               switch(type) {
 +               case SSH2_MSG_KEXGSS_INIT:
-+                       if (dh_client_pub != NULL) 
++                       if (client_pubkey != NULL)
 +                               fatal("Received KEXGSS_INIT after initialising");
-+                       recv_tok.value = packet_get_string(&slen);
-+                       recv_tok.length = slen; 
-+
-+                       if ((dh_client_pub = BN_new()) == NULL)
-+                               fatal("dh_client_pub == NULL");
-+
-+                       packet_get_bignum2(dh_client_pub);
++                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                               &recv_tok)) != 0 ||
++                           (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 ||
++                           (r = sshpkt_get_end(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
++
++                       switch (kex->kex_type) {
++                       case KEX_GSS_GRP1_SHA1:
++                       case KEX_GSS_GRP14_SHA1:
++                       case KEX_GSS_GRP14_SHA256:
++                       case KEX_GSS_GRP16_SHA512:
++                               r = kex_dh_enc(kex, client_pubkey, &server_pubkey,
++                                   &shared_secret);
++                               break;
++                       case KEX_GSS_NISTP256_SHA256:
++                               r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey,
++                                   &shared_secret);
++                               break;
++                       case KEX_GSS_C25519_SHA256:
++                               r = kex_c25519_enc(kex, client_pubkey, &server_pubkey,
++                                   &shared_secret);
++                               break;
++                       default:
++                               fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
++                       }
++                       if (r != 0)
++                               goto out;
 +
 +                       /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
 +                       break;
 +               case SSH2_MSG_KEXGSS_CONTINUE:
-+                       recv_tok.value = packet_get_string(&slen);
-+                       recv_tok.length = slen; 
++                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                               &recv_tok)) != 0 ||
++                           (r = sshpkt_get_end(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
 +                       break;
 +               default:
-+                       packet_disconnect(
++                       sshpkt_disconnect(ssh,
 +                           "Protocol error: didn't expect packet type %d",
 +                           type);
 +               }
 +
-+               maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, 
++               maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok,
 +                   &send_tok, &ret_flags));
 +
-+               free(recv_tok.value);
++               gss_release_buffer(&min_status, &recv_tok);
 +
 +               if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
 +                       fatal("Zero length token output when incomplete");
 +
-+               if (dh_client_pub == NULL)
++               if (client_pubkey == NULL)
 +                       fatal("No client public key");
-+               
++
 +               if (maj_status & GSS_S_CONTINUE_NEEDED) {
 +                       debug("Sending GSSAPI_CONTINUE");
-+                       packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-+                       packet_put_string(send_tok.value, send_tok.length);
-+                       packet_send();
++                       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                           (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
++                           (r = sshpkt_send(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
 +                       gss_release_buffer(&min_status, &send_tok);
 +               }
 +       } while (maj_status & GSS_S_CONTINUE_NEEDED);
 +
 +       if (GSS_ERROR(maj_status)) {
 +               if (send_tok.length > 0) {
-+                       packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-+                       packet_put_string(send_tok.value, send_tok.length);
-+                       packet_send();
++                       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                           (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
++                           (r = sshpkt_send(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
 +               }
 +               fatal("accept_ctx died");
 +       }
@@ -2095,123 +2388,320 @@ index 000000000..18070f1d7
 +
 +       if (!(ret_flags & GSS_C_INTEG_FLAG))
 +               fatal("Integrity flag wasn't set");
-+       
-+       if (!dh_pub_is_valid(dh, dh_client_pub))
-+               packet_disconnect("bad client public DH value");
 +
-+       klen = DH_size(dh);
-+       kbuf = xmalloc(klen); 
-+       kout = DH_compute_key(kbuf, dh_client_pub, dh);
-+       if (kout < 0)
-+               fatal("DH_compute_key: failed");
++       hashlen = sizeof(hash);
++       if ((r = kex_gen_hash(
++           kex->hash_alg,
++           kex->client_version,
++           kex->server_version,
++           kex->peer,
++           kex->my,
++           empty,
++           client_pubkey,
++           server_pubkey,
++           shared_secret,
++           hash, &hashlen)) != 0)
++               goto out;
 +
-+       shared_secret = BN_new();
-+       if (shared_secret == NULL)
-+               fatal("kexgss_server: BN_new failed");
++       gssbuf.value = hash;
++       gssbuf.length = hashlen;
 +
-+       if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
-+               fatal("kexgss_server: BN_bin2bn failed");
++       if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
++               fatal("Couldn't get MIC");
 +
-+       memset(kbuf, 0, klen);
-+       free(kbuf);
++       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 ||
++           (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 ||
++           (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0)
++               fatal("sshpkt failed: %s", ssh_err(r));
 +
-+       DH_get0_key(dh, &pub_key, NULL);
-+       DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
++       if (send_tok.length != 0) {
++               if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */
++                   (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0)
++                       fatal("sshpkt failed: %s", ssh_err(r));
++       } else {
++               if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */
++                       fatal("sshpkt failed: %s", ssh_err(r));
++       }
++       if ((r = sshpkt_send(ssh)) != 0)
++               fatal("sshpkt_send failed: %s", ssh_err(r));
 +
-+       hashlen = sizeof(hash);
-+       switch (ssh->kex->kex_type) {
-+       case KEX_GSS_GRP1_SHA1:
-+       case KEX_GSS_GRP14_SHA1:
-+               kex_dh_hash(
-+                   ssh->kex->hash_alg,
-+                   ssh->kex->client_version_string, ssh->kex->server_version_string,
-+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   NULL, 0, /* Change this if we start sending host keys */
-+                   dh_client_pub, pub_key, shared_secret,
-+                   hash, &hashlen
-+               );
-+               break;
-+       case KEX_GSS_GEX_SHA1:
-+               kexgex_hash(
-+                   ssh->kex->hash_alg,
-+                   ssh->kex->client_version_string, ssh->kex->server_version_string,
-+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   NULL, 0,
-+                   min, nbits, max,
-+                   dh_p, dh_g,
-+                   dh_client_pub,
-+                   pub_key,
-+                   shared_secret,
-+                   hash, &hashlen
-+               );
-+               break;
-+       default:
-+               fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
++       gss_release_buffer(&min_status, &send_tok);
++       gss_release_buffer(&min_status, &msg_tok);
++
++       if (gss_kex_context == NULL)
++               gss_kex_context = ctxt;
++       else
++               ssh_gssapi_delete_ctx(&ctxt);
++
++       if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
++               r = kex_send_newkeys(ssh);
++
++       /* If this was a rekey, then save out any delegated credentials we
++        * just exchanged.  */
++       if (options.gss_store_rekey)
++               ssh_gssapi_rekey_creds();
++out:
++       sshbuf_free(empty);
++       explicit_bzero(hash, sizeof(hash));
++       sshbuf_free(shared_secret);
++       sshbuf_free(client_pubkey);
++       sshbuf_free(server_pubkey);
++       return r;
++}
++
++int
++kexgssgex_server(struct ssh *ssh)
++{
++       struct kex *kex = ssh->kex;
++       OM_uint32 maj_status, min_status;
++
++       /*
++        * Some GSSAPI implementations use the input value of ret_flags (an
++        * output variable) as a means of triggering mechanism specific
++        * features. Initializing it to zero avoids inadvertently
++        * activating this non-standard behaviour.
++        */
++
++       OM_uint32 ret_flags = 0;
++       gss_buffer_desc gssbuf, recv_tok, msg_tok;
++       gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
++       Gssctxt *ctxt = NULL;
++       struct sshbuf *shared_secret = NULL;
++       int type = 0;
++       gss_OID oid;
++       char *mechs;
++       u_char hash[SSH_DIGEST_MAX_LENGTH];
++       size_t hashlen;
++       BIGNUM *dh_client_pub = NULL;
++       const BIGNUM *pub_key, *dh_p, *dh_g;
++       int min = -1, max = -1, nbits = -1;
++       int cmin = -1, cmax = -1; /* client proposal */
++       struct sshbuf *empty = sshbuf_new();
++       int r;
++
++       /* Initialise GSSAPI */
++
++       /* If we're rekeying, privsep means that some of the private structures
++        * in the GSSAPI code are no longer available. This kludges them back
++        * into life
++        */
++       if (!ssh_gssapi_oid_table_ok())
++               if ((mechs = ssh_gssapi_server_mechanisms()))
++                       free(mechs);
++
++       debug2("%s: Identifying %s", __func__, kex->name);
++       oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
++       if (oid == GSS_C_NO_OID)
++          fatal("Unknown gssapi mechanism");
++
++       debug2("%s: Acquiring credentials", __func__);
++
++       if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
++               fatal("Unable to acquire credentials for the server");
++
++       /* 5. S generates an ephemeral key pair (do the allocations early) */
++       debug("Doing group exchange");
++       ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ);
++       /* store client proposal to provide valid signature */
++       if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 ||
++           (r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
++           (r = sshpkt_get_u32(ssh, &cmax)) != 0 ||
++           (r = sshpkt_get_end(ssh)) != 0)
++               fatal("sshpkt failed: %s", ssh_err(r));
++       kex->nbits = nbits;
++       kex->min = cmin;
++       kex->max = cmax;
++       min = MAX(DH_GRP_MIN, cmin);
++       max = MIN(DH_GRP_MAX, cmax);
++       nbits = MAXIMUM(DH_GRP_MIN, nbits);
++       nbits = MINIMUM(DH_GRP_MAX, nbits);
++       if (max < min || nbits < min || max < nbits)
++               fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
++                   min, nbits, max);
++       kex->dh = PRIVSEP(choose_dh(min, nbits, max));
++       if (kex->dh == NULL) {
++               sshpkt_disconnect(ssh, "Protocol error: no matching group found");
++               fatal("Protocol error: no matching group found");
 +       }
 +
-+       BN_clear_free(dh_client_pub);
++       DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
++       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 ||
++           (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 ||
++           (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 ||
++           (r = sshpkt_send(ssh)) != 0)
++               fatal("sshpkt failed: %s", ssh_err(r));
++
++       if ((r = ssh_packet_write_wait(ssh)) != 0)
++               fatal("ssh_packet_write_wait: %s", ssh_err(r));
++
++       /* Compute our exchange value in parallel with the client */
++       if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
++               goto out;
++
++       do {
++               debug("Wait SSH2_MSG_GSSAPI_INIT");
++               type = ssh_packet_read(ssh);
++               switch(type) {
++               case SSH2_MSG_KEXGSS_INIT:
++                       if (dh_client_pub != NULL)
++                               fatal("Received KEXGSS_INIT after initialising");
++                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                               &recv_tok)) != 0 ||
++                           (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||
++                           (r = sshpkt_get_end(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
++
++                       /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
++                       break;
++               case SSH2_MSG_KEXGSS_CONTINUE:
++                       if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
++                               &recv_tok)) != 0 ||
++                           (r = sshpkt_get_end(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
++                       break;
++               default:
++                       sshpkt_disconnect(ssh,
++                           "Protocol error: didn't expect packet type %d",
++                           type);
++               }
++
++               maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok,
++                   &send_tok, &ret_flags));
++
++               gss_release_buffer(&min_status, &recv_tok);
++
++               if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
++                       fatal("Zero length token output when incomplete");
++
++               if (dh_client_pub == NULL)
++                       fatal("No client public key");
++
++               if (maj_status & GSS_S_CONTINUE_NEEDED) {
++                       debug("Sending GSSAPI_CONTINUE");
++                       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                           (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
++                           (r = sshpkt_send(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
++                       gss_release_buffer(&min_status, &send_tok);
++               }
++       } while (maj_status & GSS_S_CONTINUE_NEEDED);
++
++       if (GSS_ERROR(maj_status)) {
++               if (send_tok.length > 0) {
++                       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
++                           (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
++                           (r = sshpkt_send(ssh)) != 0)
++                               fatal("sshpkt failed: %s", ssh_err(r));
++               }
++               fatal("accept_ctx died");
++       }
 +
-+       if (ssh->kex->session_id == NULL) {
-+               ssh->kex->session_id_len = hashlen;
-+               ssh->kex->session_id = xmalloc(ssh->kex->session_id_len);
-+               memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len);
++       if (!(ret_flags & GSS_C_MUTUAL_FLAG))
++               fatal("Mutual Authentication flag wasn't set");
++
++       if (!(ret_flags & GSS_C_INTEG_FLAG))
++               fatal("Integrity flag wasn't set");
++
++       /* calculate shared secret */
++       if ((shared_secret = sshbuf_new()) == NULL) {
++               r = SSH_ERR_ALLOC_FAIL;
++               goto out;
 +       }
++       if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0)
++               goto out;
++
++       DH_get0_key(kex->dh, &pub_key, NULL);
++       DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
++       hashlen = sizeof(hash);
++       if ((r = kexgex_hash(
++           kex->hash_alg,
++           kex->client_version,
++           kex->server_version,
++           kex->peer,
++           kex->my,
++           empty,
++           cmin, nbits, cmax,
++           dh_p, dh_g,
++           dh_client_pub,
++           pub_key,
++           sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
++           hash, &hashlen)) != 0)
++               fatal("kexgex_hash failed: %s", ssh_err(r));
 +
 +       gssbuf.value = hash;
 +       gssbuf.length = hashlen;
 +
-+       if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok))))
++       if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
 +               fatal("Couldn't get MIC");
 +
-+       packet_start(SSH2_MSG_KEXGSS_COMPLETE);
-+       packet_put_bignum2(pub_key);
-+       packet_put_string(msg_tok.value,msg_tok.length);
++       if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 ||
++           (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
++           (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0)
++               fatal("sshpkt failed: %s", ssh_err(r));
 +
 +       if (send_tok.length != 0) {
-+               packet_put_char(1); /* true */
-+               packet_put_string(send_tok.value, send_tok.length);
++               if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */
++                   (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0)
++                       fatal("sshpkt failed: %s", ssh_err(r));
 +       } else {
-+               packet_put_char(0); /* false */
++               if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */
++                       fatal("sshpkt failed: %s", ssh_err(r));
 +       }
-+       packet_send();
++       if ((r = sshpkt_send(ssh)) != 0)
++               fatal("sshpkt failed: %s", ssh_err(r));
 +
 +       gss_release_buffer(&min_status, &send_tok);
 +       gss_release_buffer(&min_status, &msg_tok);
 +
 +       if (gss_kex_context == NULL)
 +               gss_kex_context = ctxt;
-+       else 
++       else
 +               ssh_gssapi_delete_ctx(&ctxt);
 +
-+       DH_free(dh);
-+
-+       kex_derive_keys_bn(ssh, hash, hashlen, shared_secret);
-+       BN_clear_free(shared_secret);
-+       kex_send_newkeys(ssh);
++       /* Finally derive the keys and send them */
++       if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
++               r = kex_send_newkeys(ssh);
 +
 +       /* If this was a rekey, then save out any delegated credentials we
 +        * just exchanged.  */
 +       if (options.gss_store_rekey)
 +               ssh_gssapi_rekey_creds();
-+       return 0;
++out:
++       sshbuf_free(empty);
++       explicit_bzero(hash, sizeof(hash));
++       DH_free(kex->dh);
++       kex->dh = NULL;
++       BN_clear_free(dh_client_pub);
++       sshbuf_free(shared_secret);
++       return r;
 +}
-+#endif /* GSSAPI */
++#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
+diff --git a/mac.c b/mac.c
+index 51dc11d76..3d11eba62 100644
+--- a/mac.c
++++ b/mac.c
+@@ -29,6 +29,7 @@
+ 
+ #include <string.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ 
+ #include "digest.h"
+ #include "hmac.h"
 diff --git a/monitor.c b/monitor.c
-index 531b2993a..eabc1e89b 100644
+index 60e529444..0766d6ef5 100644
 --- a/monitor.c
 +++ b/monitor.c
-@@ -145,6 +145,8 @@ int mm_answer_gss_setup_ctx(int, struct sshbuf *);
- int mm_answer_gss_accept_ctx(int, struct sshbuf *);
- int mm_answer_gss_userok(int, struct sshbuf *);
- int mm_answer_gss_checkmic(int, struct sshbuf *);
-+int mm_answer_gss_sign(int, struct sshbuf *);
-+int mm_answer_gss_updatecreds(int, struct sshbuf *);
+@@ -147,6 +147,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
+ int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *);
+ int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *);
+ int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *);
++int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *);
++int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *);
  #endif
  
  #ifdef SSH_AUDIT_EVENTS
-@@ -215,11 +217,18 @@ struct mon_table mon_dispatch_proto20[] = {
+@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] = {
      {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
      {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok},
      {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic},
@@ -2230,7 +2720,7 @@ index 531b2993a..eabc1e89b 100644
  #ifdef WITH_OPENSSL
      {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
  #endif
-@@ -289,6 +298,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
+@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
         /* Permit requests for moduli and signatures */
         monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
         monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@@ -2241,32 +2731,36 @@ index 531b2993a..eabc1e89b 100644
  
         /* The first few requests do not require asynchronous access */
         while (!authenticated) {
-@@ -401,6 +414,10 @@ monitor_child_postauth(struct monitor *pmonitor)
+@@ -405,6 +418,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
         monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
         monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
         monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
 +#ifdef GSSAPI
 +       /* and for the GSSAPI key exchange */
 +       monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
-+#endif         
++#endif
  
         if (auth_opts->permit_pty_flag) {
                 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
-@@ -1666,6 +1683,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
+@@ -1687,6 +1704,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
+ # ifdef OPENSSL_HAS_ECC
+                kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
  # endif
- #endif /* WITH_OPENSSL */
-                kex->kex[KEX_C25519_SHA256] = kexc25519_server;
-+#ifdef GSSAPI
++# ifdef GSSAPI
 +               if (options.gss_keyex) {
 +                       kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
 +                       kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
-+                       kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
++                       kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
++                       kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
++                       kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
++                       kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
++                       kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
 +               }
-+#endif
-                kex->load_host_public_key=&get_hostkey_public_by_type;
-                kex->load_host_private_key=&get_hostkey_private_by_type;
-                kex->host_key_index=&get_hostkey_index;
-@@ -1756,8 +1780,8 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
++# endif
+ #endif /* WITH_OPENSSL */
+                kex->kex[KEX_C25519_SHA256] = kex_gen_server;
+                kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
+@@ -1780,8 +1808,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
         u_char *p;
         int r;
  
@@ -2277,7 +2771,7 @@ index 531b2993a..eabc1e89b 100644
  
         if ((r = sshbuf_get_string(m, &p, &len)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1789,8 +1813,8 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
+@@ -1813,8 +1841,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
         OM_uint32 flags = 0; /* GSI needs this */
         int r;
  
@@ -2288,7 +2782,7 @@ index 531b2993a..eabc1e89b 100644
  
         if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1810,6 +1834,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
+@@ -1834,6 +1862,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -2296,7 +2790,7 @@ index 531b2993a..eabc1e89b 100644
         }
         return (0);
  }
-@@ -1821,8 +1846,8 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
+@@ -1845,8 +1874,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
         OM_uint32 ret;
         int r;
  
@@ -2307,8 +2801,12 @@ index 531b2993a..eabc1e89b 100644
  
         if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
             (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
-@@ -1851,10 +1876,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
-        int r, authenticated;
+@@ -1872,13 +1901,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
+ int
+ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
+ {
+-       int r, authenticated;
++       int r, authenticated, kex;
         const char *displayname;
  
 -       if (!options.gss_authentication)
@@ -2317,24 +2815,40 @@ index 531b2993a..eabc1e89b 100644
 +               fatal("%s: GSSAPI not enabled", __func__);
  
 -       authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
-+       authenticated = authctxt->valid && 
-+           ssh_gssapi_userok(authctxt->user, authctxt->pw);
++       if ((r = sshbuf_get_u32(m, &kex)) != 0)
++               fatal("%s: buffer error: %s", __func__, ssh_err(r));
++
++       authenticated = authctxt->valid &&
++           ssh_gssapi_userok(authctxt->user, authctxt->pw, kex);
  
         sshbuf_reset(m);
         if ((r = sshbuf_put_u32(m, authenticated)) != 0)
-@@ -1871,5 +1897,83 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
+@@ -1887,7 +1920,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
+        debug3("%s: sending result %d", __func__, authenticated);
+        mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
+ 
+-       auth_method = "gssapi-with-mic";
++       if (kex) {
++               auth_method = "gssapi-keyex";
++       } else {
++               auth_method = "gssapi-with-mic";
++       }
+ 
+        if ((displayname = ssh_gssapi_displayname()) != NULL)
+                auth2_record_info(authctxt, "%s", displayname);
+@@ -1895,5 +1932,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
         /* Monitor loop will terminate if authenticated */
         return (authenticated);
  }
 +
-+int 
-+mm_answer_gss_sign(int socket, struct sshbuf *m)
++int
++mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m)
 +{
 +       gss_buffer_desc data;
 +       gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
 +       OM_uint32 major, minor;
 +       size_t len;
-+       u_char *p;
++       u_char *p = NULL;
 +       int r;
 +
 +       if (!options.gss_authentication && !options.gss_keyex)
@@ -2344,8 +2858,9 @@ index 531b2993a..eabc1e89b 100644
 +               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +       data.value = p;
 +       data.length = len;
-+       if (data.length != 20) 
-+               fatal("%s: data length incorrect: %d", __func__, 
++       /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */
++       if (data.length != 20 && data.length != 32 && data.length != 64)
++               fatal("%s: data length incorrect: %d", __func__,
 +                   (int) data.length);
 +
 +       /* Save the session ID on the first time around */
@@ -2359,6 +2874,7 @@ index 531b2993a..eabc1e89b 100644
 +       free(data.value);
 +
 +       sshbuf_reset(m);
++
 +       if ((r = sshbuf_put_u32(m, major)) != 0 ||
 +           (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
 +               fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -2369,7 +2885,7 @@ index 531b2993a..eabc1e89b 100644
 +
 +       /* Turn on getpwnam permissions */
 +       monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
-+       
++
 +       /* And credential updating, for when rekeying */
 +       monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
 +
@@ -2377,16 +2893,16 @@ index 531b2993a..eabc1e89b 100644
 +}
 +
 +int
-+mm_answer_gss_updatecreds(int socket, struct sshbuf *m) {
++mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) {
 +       ssh_gssapi_ccache store;
 +       int r, ok;
 +
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 +
-+       if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 ||
-+           (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 ||
-+           (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0)
++       if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 ||
++           (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 ||
++           (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0)
 +               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
 +       ok = ssh_gssapi_update_creds(&store);
@@ -2407,33 +2923,40 @@ index 531b2993a..eabc1e89b 100644
  #endif /* GSSAPI */
  
 diff --git a/monitor.h b/monitor.h
-index 16047299f..44fbed589 100644
+index 683e5e071..2b1a2d590 100644
 --- a/monitor.h
 +++ b/monitor.h
-@@ -63,6 +63,9 @@ enum monitor_reqtype {
+@@ -63,6 +63,8 @@ enum monitor_reqtype {
         MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
         MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
  
 +       MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151,
 +       MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153,
-+
  };
  
- struct monitor {
+ struct ssh;
 diff --git a/monitor_wrap.c b/monitor_wrap.c
-index 732fb3476..1865a122a 100644
+index 186e8f022..8e4c1c1f8 100644
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
+@@ -978,13 +978,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
  }
  
  int
 -mm_ssh_gssapi_userok(char *user)
-+mm_ssh_gssapi_userok(char *user, struct passwd *pw)
++mm_ssh_gssapi_userok(char *user, struct passwd *pw, int kex)
  {
         struct sshbuf *m;
         int r, authenticated = 0;
-@@ -1003,4 +1003,55 @@ mm_ssh_gssapi_userok(char *user)
+ 
+        if ((m = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
++       if ((r = sshbuf_put_u32(m, kex)) != 0)
++               fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ 
+        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);
+        mm_request_receive_expect(pmonitor->m_recvfd,
+@@ -997,4 +999,57 @@ mm_ssh_gssapi_userok(char *user)
         debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
         return (authenticated);
  }
@@ -2459,7 +2982,7 @@ index 732fb3476..1865a122a 100644
 +
 +       sshbuf_free(m);
 +
-+       return(major);
++       return (major);
 +}
 +
 +int
@@ -2470,6 +2993,7 @@ index 732fb3476..1865a122a 100644
 +
 +       if ((m = sshbuf_new()) == NULL)
 +               fatal("%s: sshbuf_new failed", __func__);
++
 +       if ((r = sshbuf_put_cstring(m,
 +           store->filename ? store->filename : "")) != 0 ||
 +           (r = sshbuf_put_cstring(m,
@@ -2483,6 +3007,7 @@ index 732fb3476..1865a122a 100644
 +
 +       if ((r = sshbuf_get_u32(m, &ok)) != 0)
 +               fatal("%s: buffer error: %s", __func__, ssh_err(r));
++
 +       sshbuf_free(m);
 +
 +       return (ok);
@@ -2490,61 +3015,43 @@ index 732fb3476..1865a122a 100644
 +
  #endif /* GSSAPI */
 diff --git a/monitor_wrap.h b/monitor_wrap.h
-index 644da081d..7f93144ff 100644
+index fdebb3aa4..69164a8c0 100644
 --- a/monitor_wrap.h
 +++ b/monitor_wrap.h
-@@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
+@@ -61,8 +61,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
  OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
  OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
     gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
 -int mm_ssh_gssapi_userok(char *user);
-+int mm_ssh_gssapi_userok(char *user, struct passwd *);
++int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex);
  OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
 +OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
 +int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *);
  #endif
  
  #ifdef USE_PAM
-diff --git a/opacket.c b/opacket.c
-index e637d7a71..7672c0b59 100644
---- a/opacket.c
-+++ b/opacket.c
-@@ -80,7 +80,7 @@ ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len)
- 
- #ifdef WITH_OPENSSL
- void
--ssh_packet_put_bignum2(struct ssh *ssh, BIGNUM * value)
-+ssh_packet_put_bignum2(struct ssh *ssh, const BIGNUM * value)
- {
-        int r;
- 
-diff --git a/opacket.h b/opacket.h
-index f92fe586e..1cf66a2d3 100644
---- a/opacket.h
-+++ b/opacket.h
-@@ -7,7 +7,7 @@ void     ssh_packet_start(struct ssh *, u_char);
- void     ssh_packet_put_char(struct ssh *, int ch);
- void     ssh_packet_put_int(struct ssh *, u_int value);
- void     ssh_packet_put_int64(struct ssh *, u_int64_t value);
--void     ssh_packet_put_bignum2(struct ssh *, BIGNUM * value);
-+void     ssh_packet_put_bignum2(struct ssh *, const BIGNUM * value);
- void     ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *);
- void     ssh_packet_put_string(struct ssh *, const void *buf, u_int len);
- void     ssh_packet_put_cstring(struct ssh *, const char *str);
 diff --git a/readconf.c b/readconf.c
-index 433811521..36bc5e59a 100644
+index ec497e79f..4d699e5f1 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -161,6 +161,8 @@ typedef enum {
+@@ -67,6 +67,7 @@
+ #include "uidswap.h"
+ #include "myproposal.h"
+ #include "digest.h"
++#include "ssh-gss.h"
+ 
+ /* Format of the configuration file:
+ 
+@@ -162,6 +163,8 @@ typedef enum {
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
         oAddressFamily, oGssAuthentication, oGssDelegateCreds,
 +       oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
-+       oGssServerIdentity, 
++       oGssServerIdentity, oGssKexAlgorithms,
         oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
         oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
         oHashKnownHosts,
-@@ -201,10 +203,20 @@ static struct {
+@@ -202,10 +205,22 @@ static struct {
         /* Sometimes-unsupported options */
  #if defined(GSSAPI)
         { "gssapiauthentication", oGssAuthentication },
@@ -2554,6 +3061,7 @@ index 433811521..36bc5e59a 100644
 +       { "gssapiclientidentity", oGssClientIdentity },
 +       { "gssapiserveridentity", oGssServerIdentity },
 +       { "gssapirenewalforcesrekey", oGssRenewalRekey },
++       { "gssapikexalgorithms", oGssKexAlgorithms },
  # else
         { "gssapiauthentication", oUnsupported },
 +       { "gssapikeyexchange", oUnsupported },
@@ -2562,10 +3070,11 @@ index 433811521..36bc5e59a 100644
 +       { "gssapiclientidentity", oUnsupported },
 +       { "gssapiserveridentity", oUnsupported },
 +       { "gssapirenewalforcesrekey", oUnsupported },
++       { "gssapikexalgorithms", oUnsupported },
  #endif
  #ifdef ENABLE_PKCS11
-        { "smartcarddevice", oPKCS11Provider },
-@@ -974,10 +986,30 @@ parse_time:
+        { "pkcs11provider", oPKCS11Provider },
+@@ -983,10 +998,42 @@ parse_time:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2593,10 +3102,22 @@ index 433811521..36bc5e59a 100644
 +               intptr = &options->gss_renewal_rekey;
 +               goto parse_flag;
 +
++       case oGssKexAlgorithms:
++               arg = strdelim(&s);
++               if (!arg || *arg == '\0')
++                       fatal("%.200s line %d: Missing argument.",
++                           filename, linenum);
++               if (!kex_gss_names_valid(arg))
++                       fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.",
++                           filename, linenum, arg ? arg : "<NONE>");
++               if (*activep && options->gss_kex_algorithms == NULL)
++                       options->gss_kex_algorithms = xstrdup(arg);
++               break;
++
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
-@@ -1842,7 +1874,12 @@ initialize_options(Options * options)
+@@ -1854,7 +1901,13 @@ initialize_options(Options * options)
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
         options->gss_authentication = -1;
@@ -2606,10 +3127,11 @@ index 433811521..36bc5e59a 100644
 +       options->gss_renewal_rekey = -1;
 +       options->gss_client_identity = NULL;
 +       options->gss_server_identity = NULL;
++       options->gss_kex_algorithms = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
-@@ -1988,8 +2025,14 @@ fill_default_options(Options * options)
+@@ -2000,8 +2053,18 @@ fill_default_options(Options * options)
                 options->challenge_response_authentication = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2621,14 +3143,33 @@ index 433811521..36bc5e59a 100644
 +               options->gss_trust_dns = 0;
 +       if (options->gss_renewal_rekey == -1)
 +               options->gss_renewal_rekey = 0;
++#ifdef GSSAPI
++       if (options->gss_kex_algorithms == NULL)
++               options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX);
++#endif
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
+@@ -2616,7 +2679,14 @@ dump_client_config(Options *o, const char *host)
+        dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports);
+ #ifdef GSSAPI
+        dump_cfg_fmtint(oGssAuthentication, o->gss_authentication);
++       dump_cfg_fmtint(oGssKeyEx, o->gss_keyex);
+        dump_cfg_fmtint(oGssDelegateCreds, o->gss_deleg_creds);
++       dump_cfg_fmtint(oGssTrustDns, o->gss_trust_dns);
++       dump_cfg_fmtint(oGssRenewalRekey, o->gss_renewal_rekey);
++       dump_cfg_string(oGssClientIdentity, o->gss_client_identity);
++       dump_cfg_string(oGssServerIdentity, o->gss_server_identity);
++       dump_cfg_string(oGssKexAlgorithms, o->gss_kex_algorithms ?
++           o->gss_kex_algorithms : GSS_KEX_DEFAULT_KEX);
+ #endif /* GSSAPI */
+        dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts);
+        dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication);
 diff --git a/readconf.h b/readconf.h
-index fc7e38251..8e4900d01 100644
+index 8e36bf32a..0bff6d80a 100644
 --- a/readconf.h
 +++ b/readconf.h
-@@ -40,7 +40,12 @@ typedef struct {
+@@ -40,7 +40,13 @@ typedef struct {
         int     challenge_response_authentication;
                                         /* Try S/Key or TIS, authentication. */
         int     gss_authentication;     /* Try GSS authentication */
@@ -2638,14 +3179,23 @@ index fc7e38251..8e4900d01 100644
 +       int     gss_renewal_rekey;      /* Credential renewal forces rekey */
 +       char    *gss_client_identity;   /* Principal to initiate GSSAPI with */
 +       char    *gss_server_identity;   /* GSSAPI target principal */
++       char    *gss_kex_algorithms;    /* GSSAPI kex methods to be offered by client. */
         int     password_authentication;        /* Try password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
 diff --git a/servconf.c b/servconf.c
-index 932d363bb..4668b8a45 100644
+index ffac5d2c7..ffdad31e7 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -124,8 +124,10 @@ initialize_server_options(ServerOptions *options)
+@@ -64,6 +64,7 @@
+ #include "auth.h"
+ #include "myproposal.h"
+ #include "digest.h"
++#include "ssh-gss.h"
+ 
+ static void add_listen_addr(ServerOptions *, const char *,
+     const char *, int);
+@@ -124,8 +125,11 @@ initialize_server_options(ServerOptions *options)
         options->kerberos_ticket_cleanup = -1;
         options->kerberos_get_afs_token = -1;
         options->gss_authentication=-1;
@@ -2653,10 +3203,11 @@ index 932d363bb..4668b8a45 100644
         options->gss_cleanup_creds = -1;
         options->gss_strict_acceptor = -1;
 +       options->gss_store_rekey = -1;
++       options->gss_kex_algorithms = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
-@@ -337,10 +339,14 @@ fill_default_server_options(ServerOptions *options)
+@@ -351,10 +355,18 @@ fill_default_server_options(ServerOptions *options)
                 options->kerberos_get_afs_token = 0;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2668,18 +3219,22 @@ index 932d363bb..4668b8a45 100644
                 options->gss_strict_acceptor = 1;
 +       if (options->gss_store_rekey == -1)
 +               options->gss_store_rekey = 0;
++#ifdef GSSAPI
++       if (options->gss_kex_algorithms == NULL)
++               options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX);
++#endif
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
-@@ -485,6 +491,7 @@ typedef enum {
+@@ -498,6 +510,7 @@ typedef enum {
         sHostKeyAlgorithms,
         sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
         sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
-+       sGssKeyEx, sGssStoreRekey,
++       sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey,
         sAcceptEnv, sSetEnv, sPermitTunnel,
         sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
         sUsePrivilegeSeparation, sAllowAgentForwarding,
-@@ -559,12 +566,20 @@ static struct {
+@@ -572,12 +585,22 @@ static struct {
  #ifdef GSSAPI
         { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
         { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -2687,6 +3242,7 @@ index 932d363bb..4668b8a45 100644
         { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
 +       { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
 +       { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL },
++       { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL },
  #else
         { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
         { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
@@ -2694,13 +3250,14 @@ index 932d363bb..4668b8a45 100644
         { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL },
++       { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL },
  #endif
 +       { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL },
         { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
         { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
         { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
-@@ -1468,6 +1483,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1485,6 +1508,10 @@ process_server_config_line(ServerOptions *options, char *line,
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2711,7 +3268,7 @@ index 932d363bb..4668b8a45 100644
         case sGssCleanupCreds:
                 intptr = &options->gss_cleanup_creds;
                 goto parse_flag;
-@@ -1476,6 +1495,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1493,6 +1520,22 @@ process_server_config_line(ServerOptions *options, char *line,
                 intptr = &options->gss_strict_acceptor;
                 goto parse_flag;
  
@@ -2719,25 +3276,37 @@ index 932d363bb..4668b8a45 100644
 +               intptr = &options->gss_store_rekey;
 +               goto parse_flag;
 +
++       case sGssKexAlgorithms:
++               arg = strdelim(&cp);
++               if (!arg || *arg == '\0')
++                       fatal("%.200s line %d: Missing argument.",
++                           filename, linenum);
++               if (!kex_gss_names_valid(arg))
++                       fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.",
++                           filename, linenum, arg ? arg : "<NONE>");
++               if (*activep && options->gss_kex_algorithms == NULL)
++                       options->gss_kex_algorithms = xstrdup(arg);
++               break;
++
         case sPasswordAuthentication:
                 intptr = &options->password_authentication;
                 goto parse_flag;
-@@ -2560,7 +2583,10 @@ dump_config(ServerOptions *o)
- #endif
+@@ -2579,6 +2622,10 @@ dump_config(ServerOptions *o)
  #ifdef GSSAPI
         dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
-+       dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
         dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
++       dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
 +       dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor);
 +       dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
++       dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms);
  #endif
         dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
         dump_cfg_fmtint(sKbdInteractiveAuthentication,
 diff --git a/servconf.h b/servconf.h
-index 0175e00e8..3b76da816 100644
+index 54e0a8d8d..a476d5220 100644
 --- a/servconf.h
 +++ b/servconf.h
-@@ -125,8 +125,10 @@ typedef struct {
+@@ -126,8 +126,11 @@ typedef struct {
         int     kerberos_get_afs_token;         /* If true, try to get AFS token if
                                                  * authenticated with Kerberos. */
         int     gss_authentication;     /* If true, permit GSSAPI authentication */
@@ -2745,11 +3314,38 @@ index 0175e00e8..3b76da816 100644
         int     gss_cleanup_creds;      /* If true, destroy cred cache on logout */
         int     gss_strict_acceptor;    /* If true, restrict the GSSAPI acceptor name */
 +       int     gss_store_rekey;
++       char   *gss_kex_algorithms;     /* GSSAPI kex methods to be offered by client. */
         int     password_authentication;        /* If true, permit password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* If true, permit */
+diff --git a/session.c b/session.c
+index ac06b08e9..ac3d9d19d 100644
+--- a/session.c
++++ b/session.c
+@@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
+ 
+ #ifdef KRB5
+        if (options.kerberos_ticket_cleanup &&
+-           authctxt->krb5_ctx)
++           authctxt->krb5_ctx) {
++               temporarily_use_uid(authctxt->pw);
+                krb5_cleanup_proc(authctxt);
++               restore_uid();
++       }
+ #endif
+ 
+ #ifdef GSSAPI
+-       if (options.gss_cleanup_creds)
++       if (options.gss_cleanup_creds) {
++               temporarily_use_uid(authctxt->pw);
+                ssh_gssapi_cleanup_creds();
++               restore_uid();
++       }
+ #endif
+ 
+        /* remove agent socket */
 diff --git a/ssh-gss.h b/ssh-gss.h
-index 36180d07a..350ce7882 100644
+index 36180d07a..70dd36658 100644
 --- a/ssh-gss.h
 +++ b/ssh-gss.h
 @@ -1,6 +1,6 @@
@@ -2760,7 +3356,7 @@ index 36180d07a..350ce7882 100644
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -61,10 +61,22 @@
+@@ -61,10 +61,30 @@
  
  #define SSH_GSS_OIDTYPE 0x06
  
@@ -2773,7 +3369,15 @@ index 36180d07a..350ce7882 100644
 +#define SSH2_MSG_KEXGSS_GROUP                          41
 +#define KEX_GSS_GRP1_SHA1_ID                           "gss-group1-sha1-"
 +#define KEX_GSS_GRP14_SHA1_ID                          "gss-group14-sha1-"
++#define KEX_GSS_GRP14_SHA256_ID                        "gss-group14-sha256-"
++#define KEX_GSS_GRP16_SHA512_ID                        "gss-group16-sha512-"
 +#define KEX_GSS_GEX_SHA1_ID                            "gss-gex-sha1-"
++#define KEX_GSS_NISTP256_SHA256_ID                     "gss-nistp256-sha256-"
++#define KEX_GSS_C25519_SHA256_ID                       "gss-curve25519-sha256-"
++
++#define        GSS_KEX_DEFAULT_KEX \
++       KEX_GSS_GEX_SHA1_ID "," \
++       KEX_GSS_GRP14_SHA1_ID
 +
  typedef struct {
         char *filename;
@@ -2783,7 +3387,7 @@ index 36180d07a..350ce7882 100644
         void *data;
  } ssh_gssapi_ccache;
  
-@@ -72,8 +84,11 @@ typedef struct {
+@@ -72,8 +92,11 @@ typedef struct {
         gss_buffer_desc displayname;
         gss_buffer_desc exportedname;
         gss_cred_id_t creds;
@@ -2795,7 +3399,7 @@ index 36180d07a..350ce7882 100644
  } ssh_gssapi_client;
  
  typedef struct ssh_gssapi_mech_struct {
-@@ -84,6 +99,7 @@ typedef struct ssh_gssapi_mech_struct {
+@@ -84,6 +107,7 @@ typedef struct ssh_gssapi_mech_struct {
         int (*userok) (ssh_gssapi_client *, char *);
         int (*localname) (ssh_gssapi_client *, char **);
         void (*storecreds) (ssh_gssapi_client *);
@@ -2803,7 +3407,7 @@ index 36180d07a..350ce7882 100644
  } ssh_gssapi_mech;
  
  typedef struct {
-@@ -94,10 +110,11 @@ typedef struct {
+@@ -94,10 +118,11 @@ typedef struct {
         gss_OID         oid; /* client */
         gss_cred_id_t   creds; /* server */
         gss_name_t      client; /* server */
@@ -2816,7 +3420,15 @@ index 36180d07a..350ce7882 100644
  
  int  ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
  void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
-@@ -123,17 +140,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **);
+@@ -109,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *);
+ 
+ struct sshbuf;
+ int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *);
++int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *);
+ 
+ OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
+ OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
+@@ -123,17 +149,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **);
  OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
  void ssh_gssapi_buildmic(struct sshbuf *, const char *,
      const char *, const char *);
@@ -2826,17 +3438,17 @@ index 36180d07a..350ce7882 100644
 +int ssh_gssapi_credentials_updated(Gssctxt *);
  
  /* In the server */
-+typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, 
++typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *,
 +    const char *);
-+char *ssh_gssapi_client_mechanisms(const char *, const char *);
++char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *);
 +char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *,
-+    const char *);
++    const char *, const char *);
 +gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int);
-+int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, 
++int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *,
 +    const char *);
  OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
 -int ssh_gssapi_userok(char *name);
-+int ssh_gssapi_userok(char *name, struct passwd *);
++int ssh_gssapi_userok(char *name, struct passwd *, int kex);
  OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
  void ssh_gssapi_do_child(char ***, u_int *);
  void ssh_gssapi_cleanup_creds(void);
@@ -2852,8 +3464,57 @@ index 36180d07a..350ce7882 100644
  #endif /* GSSAPI */
  
  #endif /* _SSH_GSS_H */
+diff --git a/ssh.1 b/ssh.1
+index 9480eba8d..a1c7d2305 100644
+--- a/ssh.1
++++ b/ssh.1
+@@ -497,7 +497,13 @@ For full details of the options listed below, and their possible values, see
+ .It GatewayPorts
+ .It GlobalKnownHostsFile
+ .It GSSAPIAuthentication
++.It GSSAPIKeyExchange
++.It GSSAPIClientIdentity
+ .It GSSAPIDelegateCredentials
++.It GSSAPIKexAlgorithms
++.It GSSAPIRenewalForcesRekey
++.It GSSAPIServerIdentity
++.It GSSAPITrustDns
+ .It HashKnownHosts
+ .It Host
+ .It HostbasedAuthentication
+@@ -573,6 +579,8 @@ flag),
+ (supported message integrity codes),
+ .Ar kex
+ (key exchange algorithms),
++.Ar kex-gss
++(GSSAPI key exchange algorithms),
+ .Ar key
+ (key types),
+ .Ar key-cert
+diff --git a/ssh.c b/ssh.c
+index 91e7c3511..42be7d88f 100644
+--- a/ssh.c
++++ b/ssh.c
+@@ -736,6 +736,8 @@ main(int ac, char **av)
+                                cp = mac_alg_list('\n');
+                        else if (strcmp(optarg, "kex") == 0)
+                                cp = kex_alg_list('\n');
++                       else if (strcmp(optarg, "kex-gss") == 0)
++                               cp = kex_gss_alg_list('\n');
+                        else if (strcmp(optarg, "key") == 0)
+                                cp = sshkey_alg_list(0, 0, 0, '\n');
+                        else if (strcmp(optarg, "key-cert") == 0)
+@@ -748,7 +750,7 @@ main(int ac, char **av)
+                                cp = xstrdup("2");
+                        else if (strcmp(optarg, "help") == 0) {
+                                cp = xstrdup(
+-                                   "cipher\ncipher-auth\nkex\nkey\n"
++                                   "cipher\ncipher-auth\nkex\nkex-gss\nkey\n"
+                                    "key-cert\nkey-plain\nmac\n"
+                                    "protocol-version\nsig");
+                        }
 diff --git a/ssh_config b/ssh_config
-index c12f5ef52..bcb9f153d 100644
+index 5e8ef548b..1ff999b68 100644
 --- a/ssh_config
 +++ b/ssh_config
 @@ -24,6 +24,8 @@
@@ -2866,61 +3527,95 @@ index c12f5ef52..bcb9f153d 100644
  #   CheckHostIP yes
  #   AddressFamily any
 diff --git a/ssh_config.5 b/ssh_config.5
-index 4d5b01d3e..16c79368a 100644
+index 412629637..c3c8b274a 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -736,10 +736,42 @@ The default is
+@@ -754,10 +754,67 @@ The default is
  Specifies whether user authentication based on GSSAPI is allowed.
  The default is
  .Cm no .
-+.It Cm GSSAPIKeyExchange
-+Specifies whether key exchange based on GSSAPI may be used. When using
-+GSSAPI key exchange the server need not have a host key.
-+The default is
-+.Cm no .
 +.It Cm GSSAPIClientIdentity
-+If set, specifies the GSSAPI client identity that ssh should use when 
-+connecting to the server. The default is unset, which means that the default 
++If set, specifies the GSSAPI client identity that ssh should use when
++connecting to the server. The default is unset, which means that the default
 +identity will be used.
-+.It Cm GSSAPIServerIdentity
-+If set, specifies the GSSAPI server identity that ssh should expect when 
-+connecting to the server. The default is unset, which means that the
-+expected GSSAPI server identity will be determined from the target
-+hostname.
  .It Cm GSSAPIDelegateCredentials
  Forward (delegate) credentials to the server.
  The default is
  .Cm no .
++.It Cm GSSAPIKeyExchange
++Specifies whether key exchange based on GSSAPI may be used. When using
++GSSAPI key exchange the server need not have a host key.
++The default is
++.Dq no .
 +.It Cm GSSAPIRenewalForcesRekey
-+If set to 
-+.Cm yes
++If set to
++.Dq yes
 +then renewal of the client's GSSAPI credentials will force the rekeying of the
-+ssh connection. With a compatible server, this can delegate the renewed 
++ssh connection. With a compatible server, this will delegate the renewed
 +credentials to a session on the server.
++.Pp
++Checks are made to ensure that credentials are only propagated when the new
++credentials match the old ones on the originating client and where the
++receiving server still has the old set in its cache.
++.Pp
 +The default is
-+.Cm no .
++.Dq no .
++.Pp
++For this to work
++.Cm GSSAPIKeyExchange
++needs to be enabled in the server and also used by the client.
++.It Cm GSSAPIServerIdentity
++If set, specifies the GSSAPI server identity that ssh should expect when
++connecting to the server. The default is unset, which means that the
++expected GSSAPI server identity will be determined from the target
++hostname.
 +.It Cm GSSAPITrustDns
-+Set to 
-+.Cm yes
++Set to
++.Dq yes
 +to indicate that the DNS is trusted to securely canonicalize
-+the name of the host being connected to. If 
-+.Cm no ,
++the name of the host being connected to. If
++.Dq no ,
 +the hostname entered on the
 +command line will be passed untouched to the GSSAPI library.
 +The default is
-+.Cm no .
++.Dq no .
++.It Cm GSSAPIKexAlgorithms
++The list of key exchange algorithms that are offered for GSSAPI
++key exchange. Possible values are
++.Bd -literal -offset 3n
++gss-gex-sha1-,
++gss-group1-sha1-,
++gss-group14-sha1-,
++gss-group14-sha256-,
++gss-group16-sha512-,
++gss-nistp256-sha256-,
++gss-curve25519-sha256-
++.Ed
++.Pp
++The default is
++.Dq gss-gex-sha1-,gss-group14-sha1- .
++This option only applies to protocol version 2 connections using GSSAPI.
  .It Cm HashKnownHosts
  Indicates that
  .Xr ssh 1
 diff --git a/sshconnect2.c b/sshconnect2.c
-index 1675f3935..8c872a4fb 100644
+index dffee90b1..4020371ae 100644
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
-@@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
-        struct kex *kex;
+@@ -78,8 +78,6 @@
+ #endif
+ 
+ /* import */
+-extern char *client_version_string;
+-extern char *server_version_string;
+ extern Options options;
+ 
+ /*
+@@ -161,6 +159,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+        char *s, *all_key;
         int r;
  
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +       char *orig = NULL, *gss = NULL;
 +       char *gss_host = NULL;
 +#endif
@@ -2928,11 +3623,11 @@ index 1675f3935..8c872a4fb 100644
         xxx_host = host;
         xxx_hostaddr = hostaddr;
  
-@@ -194,6 +199,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
+@@ -193,6 +196,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
                     order_hostkeyalgs(host, hostaddr, port));
         }
  
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +       if (options.gss_keyex) {
 +               /* Add the GSSAPI mechanisms currently supported on this
 +                * client to the key exchange algorithm proposal */
@@ -2941,19 +3636,19 @@ index 1675f3935..8c872a4fb 100644
 +               if (options.gss_server_identity)
 +                       gss_host = xstrdup(options.gss_server_identity);
 +               else if (options.gss_trust_dns)
-+                       gss_host = remote_hostname(active_state);
++                       gss_host = remote_hostname(ssh);
 +               else
 +                       gss_host = xstrdup(host);
 +
 +               gss = ssh_gssapi_client_mechanisms(gss_host,
-+                   options.gss_client_identity);
++                   options.gss_client_identity, options.gss_kex_algorithms);
 +               if (gss) {
 +                       debug("Offering GSSAPI proposal: %s", gss);
 +                       xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
 +                           "%s,%s", gss, orig);
 +
-+                       /* If we've got GSSAPI algorithms, then we also
-+                        * support the 'null' hostkey, as a last resort */
++                       /* If we've got GSSAPI algorithms, then we also support the
++                        * 'null' hostkey, as a last resort */
 +                       orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
 +                       xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
 +                           "%s,null", orig);
@@ -2962,38 +3657,43 @@ index 1675f3935..8c872a4fb 100644
 +#endif
 +
         if (options.rekey_limit || options.rekey_interval)
-                packet_set_rekey_limits(options.rekey_limit,
+                ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
                     options.rekey_interval);
-@@ -215,15 +249,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
+@@ -211,16 +243,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+ # ifdef OPENSSL_HAS_ECC
+        ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
  # endif
- #endif
-        kex->kex[KEX_C25519_SHA256] = kexc25519_client;
-+#ifdef GSSAPI
++# ifdef GSSAPI
 +       if (options.gss_keyex) {
-+               kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
-+               kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
-+               kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client;
++               ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client;
++               ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client;
 +       }
-+#endif
-        kex->client_version_string=client_version_string;
-        kex->server_version_string=server_version_string;
-        kex->verify_host_key=&verify_host_key_callback;
++# endif
+ #endif
+        ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
+        ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client;
+        ssh->kex->verify_host_key=&verify_host_key_callback;
  
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +       if (options.gss_keyex) {
-+               kex->gss_deleg_creds = options.gss_deleg_creds;
-+               kex->gss_trust_dns = options.gss_trust_dns;
-+               kex->gss_client = options.gss_client_identity;
-+               kex->gss_host = gss_host;
++               ssh->kex->gss_deleg_creds = options.gss_deleg_creds;
++               ssh->kex->gss_trust_dns = options.gss_trust_dns;
++               ssh->kex->gss_client = options.gss_client_identity;
++               ssh->kex->gss_host = gss_host;
 +       }
 +#endif
 +
-        ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done);
+        ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done);
  
         /* remove ext-info from the KEX proposals for rekeying */
         myproposal[PROPOSAL_KEX_ALGS] =
             compat_kex_proposal(options.kex_algorithms);
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +       /* repair myproposal after it was crumpled by the */
 +       /* ext-info removal above */
 +       if (gss) {
@@ -3003,82 +3703,83 @@ index 1675f3935..8c872a4fb 100644
 +               free(gss);
 +       }
 +#endif
-        if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
+        if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0)
                 fatal("kex_prop2buf: %s", ssh_err(r));
  
-@@ -314,6 +374,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *);
- int    input_gssapi_hash(int type, u_int32_t, struct ssh *);
- int    input_gssapi_error(int, u_int32_t, struct ssh *);
- int    input_gssapi_errtok(int, u_int32_t, struct ssh *);
-+int    userauth_gsskeyex(Authctxt *authctxt);
+@@ -317,6 +379,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *);
+ static int input_gssapi_token(int type, u_int32_t, struct ssh *);
+ static int input_gssapi_error(int, u_int32_t, struct ssh *);
+ static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
++static int userauth_gsskeyex(struct ssh *);
  #endif
  
- void   userauth(Authctxt *, char *);
-@@ -330,6 +391,11 @@ static char *authmethods_get(void);
+ void   userauth(struct ssh *, char *);
+@@ -333,6 +396,11 @@ static char *authmethods_get(void);
  
  Authmethod authmethods[] = {
  #ifdef GSSAPI
 +       {"gssapi-keyex",
 +               userauth_gsskeyex,
 +               NULL,
-+               &options.gss_authentication,
++               &options.gss_keyex,
 +               NULL},
         {"gssapi-with-mic",
                 userauth_gssapi,
-                NULL,
-@@ -686,25 +752,40 @@ userauth_gssapi(Authctxt *authctxt)
-        static u_int mech = 0;
+                userauth_gssapi_cleanup,
+@@ -698,12 +766,25 @@ userauth_gssapi(struct ssh *ssh)
         OM_uint32 min;
         int r, ok = 0;
+        gss_OID mech = NULL;
 +       char *gss_host;
 +
 +       if (options.gss_server_identity)
 +               gss_host = xstrdup(options.gss_server_identity);
 +       else if (options.gss_trust_dns)
-+               gss_host = remote_hostname(active_state);
++               gss_host = remote_hostname(ssh);
 +       else
 +               gss_host = xstrdup(authctxt->host);
  
         /* Try one GSSAPI method at a time, rather than sending them all at
          * once. */
  
-        if (gss_supported == NULL)
--               gss_indicate_mechs(&min, &gss_supported);
-+               if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) {
-+                       gss_supported = NULL;
+        if (authctxt->gss_supported_mechs == NULL)
+-               gss_indicate_mechs(&min, &authctxt->gss_supported_mechs);
++               if (GSS_ERROR(gss_indicate_mechs(&min,
++                   &authctxt->gss_supported_mechs))) {
++                       authctxt->gss_supported_mechs = NULL;
 +                       free(gss_host);
 +                       return 0;
 +               }
  
-        /* Check to see if the mechanism is usable before we offer it */
-        while (mech < gss_supported->count && !ok) {
+        /* Check to see whether the mechanism is usable before we offer it */
+        while (authctxt->mech_tried < authctxt->gss_supported_mechs->count &&
+@@ -712,13 +793,15 @@ userauth_gssapi(struct ssh *ssh)
+                    elements[authctxt->mech_tried];
                 /* My DER encoding requires length<128 */
-                if (gss_supported->elements[mech].length < 128 &&
-                    ssh_gssapi_check_mechanism(&gssctxt,
--                   &gss_supported->elements[mech], authctxt->host)) {
-+                   &gss_supported->elements[mech], gss_host,
-+                    options.gss_client_identity)) {
+                if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
+-                   mech, authctxt->host)) {
++                   mech, gss_host, options.gss_client_identity)) {
                         ok = 1; /* Mechanism works */
                 } else {
-                        mech++;
+                        authctxt->mech_tried++;
                 }
         }
  
 +       free(gss_host);
 +
-        if (!ok)
+        if (!ok || mech == NULL)
                 return 0;
  
-@@ -935,6 +1016,54 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
+@@ -958,6 +1041,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
         free(lang);
         return r;
  }
 +
 +int
-+userauth_gsskeyex(Authctxt *authctxt)
++userauth_gsskeyex(struct ssh *ssh)
 +{
-+       struct ssh *ssh = active_state; /* XXX */
-+       struct sshbuf *b;
++       struct sshbuf *b = NULL;
++       Authctxt *authctxt = ssh->authctxt;
 +       gss_buffer_desc gssbuf;
 +       gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
 +       OM_uint32 ms;
@@ -3089,12 +3790,13 @@ index 1675f3935..8c872a4fb 100644
 +               return (0);
 +
 +       if (gss_kex_context == NULL) {
-+               debug("No valid Key exchange context"); 
++               debug("No valid Key exchange context");
 +               return (0);
 +       }
 +
 +       if ((b = sshbuf_new()) == NULL)
 +               fatal("%s: sshbuf_new failed", __func__);
++
 +       ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
 +           "gssapi-keyex");
 +
@@ -3123,9 +3825,9 @@ index 1675f3935..8c872a4fb 100644
 +
  #endif /* GSSAPI */
  
- int
+ static int
 diff --git a/sshd.c b/sshd.c
-index ba26287ba..539a000fd 100644
+index cbd3bce91..98680721b 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -123,6 +123,10 @@
@@ -3139,21 +3841,28 @@ index ba26287ba..539a000fd 100644
  /* Re-exec fds */
  #define REEXEC_DEVCRYPTO_RESERVED_FD   (STDERR_FILENO + 1)
  #define REEXEC_STARTUP_PIPE_FD         (STDERR_FILENO + 2)
-@@ -1810,10 +1814,13 @@ main(int ac, char **av)
+@@ -796,8 +800,8 @@ notify_hostkeys(struct ssh *ssh)
+        }
+        debug3("%s: sent %u hostkeys", __func__, nkeys);
+        if (nkeys == 0)
+-               fatal("%s: no hostkeys", __func__);
+-       if ((r = sshpkt_send(ssh)) != 0)
++               debug3("%s: no hostkeys", __func__);
++       else if ((r = sshpkt_send(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: send", __func__);
+        sshbuf_free(buf);
+ }
+@@ -1769,7 +1773,8 @@ main(int ac, char **av)
                 free(fp);
         }
         accumulate_host_timing_secret(cfg, NULL);
-+#ifndef GSSAPI
+-       if (!sensitive_data.have_ssh2_key) {
 +       /* The GSSAPI key exchange can run without a host key */
-        if (!sensitive_data.have_ssh2_key) {
++       if (!sensitive_data.have_ssh2_key && !options.gss_keyex) {
                 logit("sshd: no hostkeys available -- exiting.");
                 exit(1);
         }
-+#endif
- 
-        /*
-         * Load certificates. They are stored in an array at identical
-@@ -2104,6 +2111,60 @@ main(int ac, char **av)
+@@ -2064,6 +2069,60 @@ main(int ac, char **av)
             rdomain == NULL ? "" : "\"");
         free(laddr);
  
@@ -3214,18 +3923,18 @@ index ba26287ba..539a000fd 100644
         /*
          * We don't want to listen forever unless the other side
          * successfully authenticates itself.  So we set up an alarm which is
-@@ -2287,6 +2348,48 @@ do_ssh2_kex(void)
+@@ -2260,6 +2319,48 @@ do_ssh2_kex(struct ssh *ssh)
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
             list_hostkey_types());
  
-+#ifdef GSSAPI
++#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +       {
 +       char *orig;
 +       char *gss = NULL;
 +       char *newstr = NULL;
 +       orig = myproposal[PROPOSAL_KEX_ALGS];
 +
-+       /* 
++       /*
 +        * If we don't have a host key, then there's no point advertising
 +        * the other key exchange algorithms
 +        */
@@ -3245,10 +3954,10 @@ index ba26287ba..539a000fd 100644
 +       else if (orig)
 +               newstr = orig;
 +
-+       /* 
++       /*
 +        * If we've got GSSAPI mechanisms, then we've got the 'null' host
 +        * key alg, but we can't tell people about it unless its the only
-+        * host key algorithm we support
++        * host key algorithm we support
 +        */
 +       if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
 +               myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
@@ -3261,22 +3970,28 @@ index ba26287ba..539a000fd 100644
 +#endif
 +
         /* start key exchange */
-        if ((r = kex_setup(active_state, myproposal)) != 0)
+        if ((r = kex_setup(ssh, myproposal)) != 0)
                 fatal("kex_setup: %s", ssh_err(r));
-@@ -2304,6 +2407,13 @@ do_ssh2_kex(void)
+@@ -2275,7 +2376,18 @@ do_ssh2_kex(struct ssh *ssh)
+ # ifdef OPENSSL_HAS_ECC
+        kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
  # endif
- #endif
-        kex->kex[KEX_C25519_SHA256] = kexc25519_server;
-+#ifdef GSSAPI
+-#endif
++# ifdef GSSAPI
 +       if (options.gss_keyex) {
 +               kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
 +               kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
-+               kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
++               kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
++               kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
++               kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
++               kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
++               kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
 +       }
-+#endif
-        kex->server = 1;
-        kex->client_version_string=client_version_string;
-        kex->server_version_string=server_version_string;
++# endif
++#endif /* WITH_OPENSSL */
+        kex->kex[KEX_C25519_SHA256] = kex_gen_server;
+        kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
+        kex->load_host_public_key=&get_hostkey_public_by_type;
 diff --git a/sshd_config b/sshd_config
 index 19b7c91a1..2c48105f8 100644
 --- a/sshd_config
@@ -3291,35 +4006,55 @@ index 19b7c91a1..2c48105f8 100644
  # Set this to 'yes' to enable PAM authentication, account processing,
  # and session processing. If this is enabled, PAM authentication will
 diff --git a/sshd_config.5 b/sshd_config.5
-index c6484370b..985eef5a2 100644
+index b224f2929..2baa6622b 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -648,6 +648,11 @@ The default is
- Specifies whether user authentication based on GSSAPI is allowed.
+@@ -653,6 +653,11 @@ Specifies whether to automatically destroy the user's credentials cache
+ on logout.
  The default is
- .Cm no .
+ .Cm yes .
 +.It Cm GSSAPIKeyExchange
 +Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange
 +doesn't rely on ssh keys to verify host identity.
 +The default is
 +.Cm no .
- .It Cm GSSAPICleanupCredentials
- Specifies whether to automatically destroy the user's credentials cache
- on logout.
-@@ -667,6 +672,11 @@ machine's default store.
+ .It Cm GSSAPIStrictAcceptorCheck
+ Determines whether to be strict about the identity of the GSSAPI acceptor
+ a client authenticates against.
+@@ -667,6 +672,31 @@ machine's default store.
  This facility is provided to assist with operation on multi homed machines.
  The default is
  .Cm yes .
 +.It Cm GSSAPIStoreCredentialsOnRekey
-+Controls whether the user's GSSAPI credentials should be updated following a 
-+successful connection rekeying. This option can be used to accepted renewed 
++Controls whether the user's GSSAPI credentials should be updated following a
++successful connection rekeying. This option can be used to accepted renewed
 +or updated credentials from a compatible client. The default is
-+.Cm no .
++.Dq no .
++.Pp
++For this to work
++.Cm GSSAPIKeyExchange
++needs to be enabled in the server and also used by the client.
++.It Cm GSSAPIKexAlgorithms
++The list of key exchange algorithms that are accepted by GSSAPI
++key exchange. Possible values are
++.Bd -literal -offset 3n
++gss-gex-sha1-,
++gss-group1-sha1-,
++gss-group14-sha1-,
++gss-group14-sha256-,
++gss-group16-sha512-,
++gss-nistp256-sha256-,
++gss-curve25519-sha256-
++.Ed
++.Pp
++The default is
++.Dq gss-gex-sha1-,gss-group14-sha1- .
++This option only applies to protocol version 2 connections using GSSAPI.
  .It Cm HostbasedAcceptedKeyTypes
  Specifies the key types that will be accepted for hostbased authentication
  as a list of comma-separated patterns.
 diff --git a/sshkey.c b/sshkey.c
-index 6555c5ef8..a85c185fc 100644
+index ad1957762..789cd61ef 100644
 --- a/sshkey.c
 +++ b/sshkey.c
 @@ -135,6 +135,7 @@ static const struct keytype keytypes[] = {
@@ -3340,10 +4075,10 @@ index 6555c5ef8..a85c185fc 100644
                 if (!include_sigonly && kt->sigonly)
                         continue;
 diff --git a/sshkey.h b/sshkey.h
-index f6a007fdf..f54deb0c0 100644
+index a91e60436..c11106c93 100644
 --- a/sshkey.h
 +++ b/sshkey.h
-@@ -64,6 +64,7 @@ enum sshkey_types {
+@@ -65,6 +65,7 @@ enum sshkey_types {
         KEY_ED25519_CERT,
         KEY_XMSS,
         KEY_XMSS_CERT,
diff --git a/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch b/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch
deleted file mode 100644
index 767dbf2b5..000000000
--- a/debian/patches/have-progressmeter-force-update-at-beginning-and-end-transfer.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From 2a8f710447442e9a03e71c022859112ec2d77d17 Mon Sep 17 00:00:00 2001
-From: "dtucker@openbsd.org" <dtucker@openbsd.org>
-Date: Thu, 24 Jan 2019 16:52:17 +0000
-Subject: upstream: Have progressmeter force an update at the beginning and
-
-end of each transfer.  Fixes the problem recently introduces where very quick
-transfers do not display the progressmeter at all.  Spotted by naddy@
-
-OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a
-
-Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb
-Last-Update: 2019-02-08
-
-Patch-Name: have-progressmeter-force-update-at-beginning-and-end-transfer.patch
----
- progressmeter.c | 13 +++++--------
- progressmeter.h |  4 ++--
- scp.c           |  2 +-
- sftp-client.c   |  2 +-
- 4 files changed, 9 insertions(+), 12 deletions(-)
-
-diff --git a/progressmeter.c b/progressmeter.c
-index add462dde..e385c1254 100644
---- a/progressmeter.c
-+++ b/progressmeter.c
-@@ -1,4 +1,4 @@
--/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */
-+/* $OpenBSD: progressmeter.c,v 1.47 2019/01/24 16:52:17 dtucker Exp $ */
- /*
-  * Copyright (c) 2003 Nils Nordman.  All rights reserved.
-  *
-@@ -59,9 +59,6 @@ static void format_rate(char *, int, off_t);
- static void sig_winch(int);
- static void setscreensize(void);
- 
--/* updates the progressmeter to reflect the current state of the transfer */
--void refresh_progress_meter(void);
--
- /* signal handler for updating the progress meter */
- static void sig_alarm(int);
- 
-@@ -120,7 +117,7 @@ format_size(char *buf, int size, off_t bytes)
- }
- 
- void
--refresh_progress_meter(void)
-+refresh_progress_meter(int force_update)
- {
-        char buf[MAX_WINSIZE + 1];
-        off_t transferred;
-@@ -131,7 +128,7 @@ refresh_progress_meter(void)
-        int hours, minutes, seconds;
-        int file_len;
- 
--       if ((!alarm_fired && !win_resized) || !can_output())
-+       if ((!force_update && !alarm_fired && !win_resized) || !can_output())
-                return;
-        alarm_fired = 0;
- 
-@@ -254,7 +251,7 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr)
-        bytes_per_second = 0;
- 
-        setscreensize();
--       refresh_progress_meter();
-+       refresh_progress_meter(1);
- 
-        signal(SIGALRM, sig_alarm);
-        signal(SIGWINCH, sig_winch);
-@@ -271,7 +268,7 @@ stop_progress_meter(void)
- 
-        /* Ensure we complete the progress */
-        if (cur_pos != end_pos)
--               refresh_progress_meter();
-+               refresh_progress_meter(1);
- 
-        atomicio(vwrite, STDOUT_FILENO, "\n", 1);
- }
-diff --git a/progressmeter.h b/progressmeter.h
-index 8f6678060..1703ea75b 100644
---- a/progressmeter.h
-+++ b/progressmeter.h
-@@ -1,4 +1,4 @@
--/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */
-+/* $OpenBSD: progressmeter.h,v 1.5 2019/01/24 16:52:17 dtucker Exp $ */
- /*
-  * Copyright (c) 2002 Nils Nordman.  All rights reserved.
-  *
-@@ -24,5 +24,5 @@
-  */
- 
- void   start_progress_meter(const char *, off_t, off_t *);
--void   refresh_progress_meter(void);
-+void   refresh_progress_meter(int);
- void   stop_progress_meter(void);
-diff --git a/scp.c b/scp.c
-index 80308573c..1971c80cd 100644
---- a/scp.c
-+++ b/scp.c
-@@ -593,7 +593,7 @@ scpio(void *_cnt, size_t s)
-        off_t *cnt = (off_t *)_cnt;
- 
-        *cnt += s;
--       refresh_progress_meter();
-+       refresh_progress_meter(0);
-        if (limit_kbps > 0)
-                bandwidth_limit(&bwlimit, s);
-        return 0;
-diff --git a/sftp-client.c b/sftp-client.c
-index 2bc698f86..cf2887a40 100644
---- a/sftp-client.c
-+++ b/sftp-client.c
-@@ -101,7 +101,7 @@ sftpio(void *_bwlimit, size_t amount)
- {
-        struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit;
- 
--       refresh_progress_meter();
-+       refresh_progress_meter(0);
-        if (bwlimit != NULL)
-                bandwidth_limit(bwlimit, amount);
-        return 0;
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 4207302c3..fbfe6a1fb 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -1,4 +1,4 @@
-From 7ba31c6ff505278fb9f33b695605ca3a093caba2 Mon Sep 17 00:00:00 2001
+From 4d8dd12bab7bbc954815d7953a0c86ce1687bd34 Mon Sep 17 00:00:00 2001
 From: Richard Kettlewell <rjk@greenend.org.uk>
 Date: Sun, 9 Feb 2014 16:09:52 +0000
 Subject: Various keepalive extensions
@@ -26,10 +26,10 @@ Patch-Name: keepalive-extensions.patch
  3 files changed, 34 insertions(+), 4 deletions(-)
 
 diff --git a/readconf.c b/readconf.c
-index 5e655e924..052d4b1ac 100644
+index 29f3bd98d..3d0b6ff90 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -175,6 +175,7 @@ typedef enum {
+@@ -177,6 +177,7 @@ typedef enum {
         oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
         oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes,
         oPubkeyAcceptedKeyTypes, oCASignatureAlgorithms, oProxyJump,
@@ -37,7 +37,7 @@ index 5e655e924..052d4b1ac 100644
         oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
  } OpCodes;
  
-@@ -322,6 +323,8 @@ static struct {
+@@ -326,6 +327,8 @@ static struct {
         { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },
         { "ignoreunknown", oIgnoreUnknown },
         { "proxyjump", oProxyJump },
@@ -46,7 +46,7 @@ index 5e655e924..052d4b1ac 100644
  
         { NULL, oBadOption }
  };
-@@ -1415,6 +1418,8 @@ parse_keytypes:
+@@ -1440,6 +1443,8 @@ parse_keytypes:
                 goto parse_flag;
  
         case oServerAliveInterval:
@@ -55,7 +55,7 @@ index 5e655e924..052d4b1ac 100644
                 intptr = &options->server_alive_interval;
                 goto parse_time;
  
-@@ -2101,8 +2106,13 @@ fill_default_options(Options * options)
+@@ -2133,8 +2138,13 @@ fill_default_options(Options * options)
                 options->rekey_interval = 0;
         if (options->verify_host_key_dns == -1)
                 options->verify_host_key_dns = 0;
@@ -72,10 +72,10 @@ index 5e655e924..052d4b1ac 100644
                 options->server_alive_count_max = 3;
         if (options->control_master == -1)
 diff --git a/ssh_config.5 b/ssh_config.5
-index 16c79368a..54e143c93 100644
+index c3c8b274a..250c92d04 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -247,8 +247,12 @@ Valid arguments are
+@@ -265,8 +265,12 @@ Valid arguments are
  If set to
  .Cm yes ,
  passphrase/password querying will be disabled.
@@ -89,7 +89,7 @@ index 16c79368a..54e143c93 100644
  The argument must be
  .Cm yes
  or
-@@ -1485,7 +1489,14 @@ from the server,
+@@ -1535,7 +1539,14 @@ from the server,
  will send a message through the encrypted
  channel to request a response from the server.
  The default
@@ -105,7 +105,7 @@ index 16c79368a..54e143c93 100644
  .It Cm SetEnv
  Directly specify one or more environment variables and their contents to
  be sent to the server.
-@@ -1565,6 +1576,12 @@ Specifies whether the system should send TCP keepalive messages to the
+@@ -1615,6 +1626,12 @@ Specifies whether the system should send TCP keepalive messages to the
  other side.
  If they are sent, death of the connection or crash of one
  of the machines will be properly noticed.
@@ -119,10 +119,10 @@ index 16c79368a..54e143c93 100644
  connections will die if the route is down temporarily, and some people
  find it annoying.
 diff --git a/sshd_config.5 b/sshd_config.5
-index 985eef5a2..e7e55dd71 100644
+index 2baa6622b..2ef671d1b 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -1577,6 +1577,9 @@ This avoids infinitely hanging sessions.
+@@ -1597,6 +1597,9 @@ This avoids infinitely hanging sessions.
  .Pp
  To disable TCP keepalive messages, the value should be set to
  .Cm no .
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index 75ed46db7..21e8d7947 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -1,4 +1,4 @@
-From bb8bb2621914ad600202e38d5b9b4f4544b191e5 Mon Sep 17 00:00:00 2001
+From 15b7cc25dea4efdef7fdd129d0e3d1a091afd67b Mon Sep 17 00:00:00 2001
 From: Scott Moser <smoser@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:03 +0000
 Subject: Mention ssh-keygen in ssh fingerprint changed warning
@@ -14,10 +14,10 @@ Patch-Name: mention-ssh-keygen-on-keychange.patch
  1 file changed, 8 insertions(+), 1 deletion(-)
 
 diff --git a/sshconnect.c b/sshconnect.c
-index 700ea6c3c..158e8146f 100644
+index 103d84e38..0b6f6af4b 100644
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -1121,9 +1121,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
+@@ -986,9 +986,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                         error("%s. This could either mean that", key_msg);
                         error("DNS SPOOFING is happening or the IP address for the host");
                         error("and its host key have changed at the same time.");
@@ -32,7 +32,7 @@ index 700ea6c3c..158e8146f 100644
                 }
                 /* The host key has changed. */
                 warn_changed_key(host_key);
-@@ -1132,6 +1136,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
+@@ -997,6 +1001,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                 error("Offending %s key in %s:%lu",
                     sshkey_type(host_found->key),
                     host_found->file, host_found->line);
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index 3b2e05e58..dcc672726 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
-From 690051b3aa4ff72af57e4a82d640858357eef820 Mon Sep 17 00:00:00 2001
+From 1f61e987ccec2a2af15044196c1a6730959ead98 Mon Sep 17 00:00:00 2001
 From: Kurt Roeckx <kurt@roeckx.be>
 Date: Sun, 9 Feb 2014 16:10:14 +0000
 Subject: Don't check the status field of the OpenSSL version
@@ -23,7 +23,7 @@ Patch-Name: no-openssl-version-status.patch
  2 files changed, 4 insertions(+), 3 deletions(-)
 
 diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
-index 8b4a36274..ea0b0c9fb 100644
+index a37ca61bf..c1749210d 100644
 --- a/openbsd-compat/openssl-compat.c
 +++ b/openbsd-compat/openssl-compat.c
 @@ -34,7 +34,7 @@
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index cdb905b2e..e46967c72 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
-From 96c85e746d4f94c7d2748a200e5817ad8a987918 Mon Sep 17 00:00:00 2001
+From 47beec5c944ea9add7d267110fc9dcf15e7b8932 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:09 +0000
 Subject: Adjust various OpenBSD-specific references in manual pages
@@ -44,10 +44,10 @@ index ef0de0850..149846c8c 100644
  .Sh SEE ALSO
  .Xr ssh-keygen 1 ,
 diff --git a/ssh-keygen.1 b/ssh-keygen.1
-index bfa2eb5f3..da6b5ed76 100644
+index 124456577..9b877b860 100644
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
-@@ -176,9 +176,7 @@ key in
+@@ -178,9 +178,7 @@ key in
  .Pa ~/.ssh/id_ed25519
  or
  .Pa ~/.ssh/id_rsa .
@@ -58,7 +58,7 @@ index bfa2eb5f3..da6b5ed76 100644
  .Pp
  Normally this program generates the key and asks for a file in which
  to store the private key.
-@@ -229,9 +227,7 @@ If
+@@ -243,9 +241,7 @@ If
  .Fl f
  has also been specified, its argument is used as a prefix to the
  default path for the resulting host key files.
@@ -69,7 +69,7 @@ index bfa2eb5f3..da6b5ed76 100644
  .It Fl a Ar rounds
  When saving a private key this option specifies the number of KDF
  (key derivation function) rounds used.
-@@ -677,7 +673,7 @@ option.
+@@ -703,7 +699,7 @@ option.
  Valid generator values are 2, 3, and 5.
  .Pp
  Screened DH groups may be installed in
@@ -78,7 +78,7 @@ index bfa2eb5f3..da6b5ed76 100644
  It is important that this file contains moduli of a range of bit lengths and
  that both ends of a connection share common moduli.
  .Sh CERTIFICATES
-@@ -877,7 +873,7 @@ on all machines
+@@ -903,7 +899,7 @@ on all machines
  where the user wishes to log in using public key authentication.
  There is no need to keep the contents of this file secret.
  .Pp
@@ -88,10 +88,10 @@ index bfa2eb5f3..da6b5ed76 100644
  The file format is described in
  .Xr moduli 5 .
 diff --git a/ssh.1 b/ssh.1
-index 81f29af43..5dfad6daa 100644
+index 64ead5f57..e4aeae7b4 100644
 --- a/ssh.1
 +++ b/ssh.1
-@@ -860,6 +860,10 @@ implements public key authentication protocol automatically,
+@@ -873,6 +873,10 @@ implements public key authentication protocol automatically,
  using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
  The HISTORY section of
  .Xr ssl 8
@@ -133,7 +133,7 @@ index 57a7fd66b..4abc01d66 100644
  .Xr sshd_config 5 ,
  .Xr inetd 8 ,
 diff --git a/sshd_config.5 b/sshd_config.5
-index 37e6be38f..23f71fd1d 100644
+index addea54a0..f995e4ab0 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
 @@ -395,8 +395,7 @@ Certificates signed using other algorithms will not be accepted for
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index 809c78846..0d2be82dc 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -1,4 +1,4 @@
-From b258a00bedcf29200b394c671c6deb1e53157f32 Mon Sep 17 00:00:00 2001
+From 85e700a732e9a308eeee67f5a284e19fd6befbb8 Mon Sep 17 00:00:00 2001
 From: Matthew Vernon <matthew@debian.org>
 Date: Sun, 9 Feb 2014 16:10:05 +0000
 Subject: Include the Debian version in our identification
@@ -9,47 +9,33 @@ generally just try attacks rather than bothering to scan for
 vulnerable-looking version strings.  (However, see debian-banner.patch.)
 
 Forwarded: not-needed
-Last-Update: 2017-10-04
+Last-Update: 2019-06-05
 
 Patch-Name: package-versioning.patch
 ---
- sshconnect.c | 2 +-
- sshd.c       | 2 +-
- version.h    | 7 ++++++-
- 3 files changed, 8 insertions(+), 3 deletions(-)
+ kex.c     | 2 +-
+ version.h | 7 ++++++-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
 
-diff --git a/sshconnect.c b/sshconnect.c
-index 158e8146f..b9418e277 100644
---- a/sshconnect.c
-+++ b/sshconnect.c
-@@ -609,7 +609,7 @@ send_client_banner(int connection_out, int minor1)
- {
-        /* Send our own protocol version identification. */
-        xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
--           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
-+           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
-        if (atomicio(vwrite, connection_out, client_version_string,
-            strlen(client_version_string)) != strlen(client_version_string))
-                fatal("write: %.100s", strerror(errno));
-diff --git a/sshd.c b/sshd.c
-index 2bc6679e5..9481272fc 100644
---- a/sshd.c
-+++ b/sshd.c
-@@ -384,7 +384,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-        char remote_version[256];       /* Must be at least as big as buf. */
- 
-        xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
--           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
-+           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
-            *options.version_addendum == '\0' ? "" : " ",
-            options.version_addendum);
- 
+diff --git a/kex.c b/kex.c
+index a2a4794e8..be354206d 100644
+--- a/kex.c
++++ b/kex.c
+@@ -1186,7 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
+        if (version_addendum != NULL && *version_addendum == '\0')
+                version_addendum = NULL;
+        if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
+-          PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
++          PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
+            version_addendum == NULL ? "" : " ",
+            version_addendum == NULL ? "" : version_addendum)) != 0) {
+                error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
 diff --git a/version.h b/version.h
-index 422dfbc3a..5e1ce0426 100644
+index 806ead9a6..599c859e6 100644
 --- a/version.h
 +++ b/version.h
 @@ -3,4 +3,9 @@
- #define SSH_VERSION    "OpenSSH_7.9"
+ #define SSH_VERSION    "OpenSSH_8.0"
  
  #define SSH_PORTABLE   "p1"
 -#define SSH_RELEASE    SSH_VERSION SSH_PORTABLE
diff --git a/debian/patches/request-rsa-sha2-cert-signatures.patch b/debian/patches/request-rsa-sha2-cert-signatures.patch
deleted file mode 100644
index 2c876be31..000000000
--- a/debian/patches/request-rsa-sha2-cert-signatures.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From d94226d4fcefbc398c5583e12b5d07ca33884ba4 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Thu, 27 Dec 2018 23:02:11 +0000
-Subject: upstream: Request RSA-SHA2 signatures for
-
-rsa-sha2-{256|512}-cert-v01@openssh.com cert algorithms; ok markus@
-
-OpenBSD-Commit-ID: afc6f7ca216ccd821656d1c911d2a3deed685033
-
-Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=f429c1b2ef631f2855e51a790cf71761d752bbca
-Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2944
-Bug-Debian: https://bugs.debian.org/923419
-Last-Update: 2019-02-28
-
-Patch-Name: request-rsa-sha2-cert-signatures.patch
----
- authfd.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/authfd.c b/authfd.c
-index ecdd869ab..62cbf8c19 100644
---- a/authfd.c
-+++ b/authfd.c
-@@ -327,10 +327,12 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
- static u_int
- agent_encode_alg(const struct sshkey *key, const char *alg)
- {
--       if (alg != NULL && key->type == KEY_RSA) {
--               if (strcmp(alg, "rsa-sha2-256") == 0)
-+       if (alg != NULL && sshkey_type_plain(key->type) == KEY_RSA) {
-+               if (strcmp(alg, "rsa-sha2-256") == 0 ||
-+                   strcmp(alg, "rsa-sha2-256-cert-v01@openssh.com") == 0)
-                        return SSH_AGENT_RSA_SHA2_256;
--               else if (strcmp(alg, "rsa-sha2-512") == 0)
-+               if (strcmp(alg, "rsa-sha2-512") == 0 ||
-+                   strcmp(alg, "rsa-sha2-512-cert-v01@openssh.com") == 0)
-                        return SSH_AGENT_RSA_SHA2_512;
-        }
-        return 0;
diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch
index fcb1ac7e3..574923e1c 100644
--- a/debian/patches/restore-authorized_keys2.patch
+++ b/debian/patches/restore-authorized_keys2.patch
@@ -1,4 +1,4 @@
-From cebe4b82b280810172877a7f3d489c506c9a0691 Mon Sep 17 00:00:00 2001
+From 1af6147744892b18e2239c085abe87f5408cbaae Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 5 Mar 2017 02:02:11 +0000
 Subject: Restore reading authorized_keys2 by default
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch
index fdc6cf18a..0472ea7d0 100644
--- a/debian/patches/restore-tcp-wrappers.patch
+++ b/debian/patches/restore-tcp-wrappers.patch
@@ -1,4 +1,4 @@
-From 389e16d0109d8c49a761cd7c267438b05c9ab984 Mon Sep 17 00:00:00 2001
+From 0f9f44654708e4fde2f52c52f717d061b5e458fa Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Tue, 7 Oct 2014 13:22:41 +0100
 Subject: Restore TCP wrappers support
@@ -18,7 +18,7 @@ but it at least probably doesn't involve dropping this feature shortly
 before a freeze.
 
 Forwarded: not-needed
-Last-Update: 2018-08-24
+Last-Update: 2019-06-05
 
 Patch-Name: restore-tcp-wrappers.patch
 ---
@@ -28,10 +28,10 @@ Patch-Name: restore-tcp-wrappers.patch
  3 files changed, 89 insertions(+)
 
 diff --git a/configure.ac b/configure.ac
-index 023e7cc55..917300b43 100644
+index 2869f7042..ce16e7758 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -1517,6 +1517,62 @@ else
+@@ -1518,6 +1518,62 @@ else
         AC_MSG_RESULT([no])
  fi
  
@@ -94,7 +94,7 @@ index 023e7cc55..917300b43 100644
  # Check whether user wants to use ldns
  LDNS_MSG="no"
  AC_ARG_WITH(ldns,
-@@ -5329,6 +5385,7 @@ echo "                       PAM support: $PAM_MSG"
+@@ -5269,6 +5325,7 @@ echo "                       PAM support: $PAM_MSG"
  echo "                   OSF SIA support: $SIA_MSG"
  echo "                 KerberosV support: $KRB5_MSG"
  echo "                   SELinux support: $SELINUX_MSG"
@@ -128,7 +128,7 @@ index fb133c14b..57a7fd66b 100644
  .Xr moduli 5 ,
  .Xr sshd_config 5 ,
 diff --git a/sshd.c b/sshd.c
-index 539a000fd..673db87f6 100644
+index 98680721b..46870d3b5 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -127,6 +127,13 @@
@@ -145,7 +145,7 @@ index 539a000fd..673db87f6 100644
  /* Re-exec fds */
  #define REEXEC_DEVCRYPTO_RESERVED_FD   (STDERR_FILENO + 1)
  #define REEXEC_STARTUP_PIPE_FD         (STDERR_FILENO + 2)
-@@ -2099,6 +2106,24 @@ main(int ac, char **av)
+@@ -2057,6 +2064,24 @@ main(int ac, char **av)
  #ifdef SSH_AUDIT_EVENTS
         audit_connection_from(remote_ip, remote_port);
  #endif
@@ -153,7 +153,7 @@ index 539a000fd..673db87f6 100644
 +       allow_severity = options.log_facility|LOG_INFO;
 +       deny_severity = options.log_facility|LOG_WARNING;
 +       /* Check whether logins are denied from this host. */
-+       if (packet_connection_is_on_socket()) {
++       if (ssh_packet_connection_is_on_socket(ssh)) {
 +               struct request_info req;
 +
 +               request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0);
diff --git a/debian/patches/revert-ipqos-defaults.patch b/debian/patches/revert-ipqos-defaults.patch
index a329b9be1..d0b02d792 100644
--- a/debian/patches/revert-ipqos-defaults.patch
+++ b/debian/patches/revert-ipqos-defaults.patch
@@ -1,4 +1,4 @@
-From 6b56cd57db9061296231f14d537f1ebaf25e8877 Mon Sep 17 00:00:00 2001
+From 7d50f9e5be88179325983a1f58c9d51bb58f025a Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Mon, 8 Apr 2019 10:46:29 +0100
 Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP
@@ -24,10 +24,10 @@ Patch-Name: revert-ipqos-defaults.patch
  4 files changed, 8 insertions(+), 12 deletions(-)
 
 diff --git a/readconf.c b/readconf.c
-index 661b8bf40..6d046f063 100644
+index f35bde6e6..2ba312441 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -2133,9 +2133,9 @@ fill_default_options(Options * options)
+@@ -2165,9 +2165,9 @@ fill_default_options(Options * options)
         if (options->visual_host_key == -1)
                 options->visual_host_key = 0;
         if (options->ip_qos_interactive == -1)
@@ -40,10 +40,10 @@ index 661b8bf40..6d046f063 100644
                 options->request_tty = REQUEST_TTY_AUTO;
         if (options->proxy_use_fdpass == -1)
 diff --git a/servconf.c b/servconf.c
-index c5dd617ef..bf2669147 100644
+index 8d2bced52..365e6ff1e 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -403,9 +403,9 @@ fill_default_server_options(ServerOptions *options)
+@@ -423,9 +423,9 @@ fill_default_server_options(ServerOptions *options)
         if (options->permit_tun == -1)
                 options->permit_tun = SSH_TUNMODE_NO;
         if (options->ip_qos_interactive == -1)
@@ -56,10 +56,10 @@ index c5dd617ef..bf2669147 100644
                 options->version_addendum = xstrdup("");
         if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
 diff --git a/ssh_config.5 b/ssh_config.5
-index 1a8e24bd1..f6c1b3b33 100644
+index a27631ae9..a9f6d906f 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1055,11 +1055,9 @@ If one argument is specified, it is used as the packet class unconditionally.
+@@ -1098,11 +1098,9 @@ If one argument is specified, it is used as the packet class unconditionally.
  If two values are specified, the first is automatically selected for
  interactive sessions and the second for non-interactive sessions.
  The default is
@@ -74,10 +74,10 @@ index 1a8e24bd1..f6c1b3b33 100644
  .It Cm KbdInteractiveAuthentication
  Specifies whether to use keyboard-interactive authentication.
 diff --git a/sshd_config.5 b/sshd_config.5
-index ba50a30f1..03f813e72 100644
+index c0c4ebd66..e5380f5dc 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -866,11 +866,9 @@ If one argument is specified, it is used as the packet class unconditionally.
+@@ -886,11 +886,9 @@ If one argument is specified, it is used as the packet class unconditionally.
  If two values are specified, the first is automatically selected for
  interactive sessions and the second for non-interactive sessions.
  The default is
diff --git a/debian/patches/sanitize-scp-filenames-via-snmprintf.patch b/debian/patches/sanitize-scp-filenames-via-snmprintf.patch
deleted file mode 100644
index e58b8b1bd..000000000
--- a/debian/patches/sanitize-scp-filenames-via-snmprintf.patch
+++ /dev/null
@@ -1,276 +0,0 @@
-From 11b88754cadcad0ba79b4ffcc127223248dccb54 Mon Sep 17 00:00:00 2001
-From: "dtucker@openbsd.org" <dtucker@openbsd.org>
-Date: Wed, 23 Jan 2019 08:01:46 +0000
-Subject: upstream: Sanitize scp filenames via snmprintf. To do this we move
-
-the progressmeter formatting outside of signal handler context and have the
-atomicio callback called for EINTR too.  bz#2434 with contributions from djm
-and jjelen at redhat.com, ok djm@
-
-OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8
-
-CVE-2019-6109
-
-Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=8976f1c4b2721c26e878151f52bdf346dfe2d54c
-Bug-Debian: https://bugs.debian.org/793412
-Last-Update: 2019-02-08
-
-Patch-Name: sanitize-scp-filenames-via-snmprintf.patch
----
- atomicio.c      | 20 ++++++++++++++-----
- progressmeter.c | 53 ++++++++++++++++++++++---------------------------
- progressmeter.h |  3 ++-
- scp.c           |  1 +
- sftp-client.c   | 16 ++++++++-------
- 5 files changed, 51 insertions(+), 42 deletions(-)
-
-diff --git a/atomicio.c b/atomicio.c
-index f854a06f5..d91bd7621 100644
---- a/atomicio.c
-+++ b/atomicio.c
-@@ -1,4 +1,4 @@
--/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */
-+/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */
- /*
-  * Copyright (c) 2006 Damien Miller. All rights reserved.
-  * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved.
-@@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n,
-                res = (f) (fd, s + pos, n - pos);
-                switch (res) {
-                case -1:
--                       if (errno == EINTR)
-+                       if (errno == EINTR) {
-+                               /* possible SIGALARM, update callback */
-+                               if (cb != NULL && cb(cb_arg, 0) == -1) {
-+                                       errno = EINTR;
-+                                       return pos;
-+                               }
-                                continue;
--                       if (errno == EAGAIN || errno == EWOULDBLOCK) {
-+                       } else if (errno == EAGAIN || errno == EWOULDBLOCK) {
- #ifndef BROKEN_READ_COMPARISON
-                                (void)poll(&pfd, 1, -1);
- #endif
-@@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd,
-                res = (f) (fd, iov, iovcnt);
-                switch (res) {
-                case -1:
--                       if (errno == EINTR)
-+                       if (errno == EINTR) {
-+                               /* possible SIGALARM, update callback */
-+                               if (cb != NULL && cb(cb_arg, 0) == -1) {
-+                                       errno = EINTR;
-+                                       return pos;
-+                               }
-                                continue;
--                       if (errno == EAGAIN || errno == EWOULDBLOCK) {
-+                       } else if (errno == EAGAIN || errno == EWOULDBLOCK) {
- #ifndef BROKEN_READV_COMPARISON
-                                (void)poll(&pfd, 1, -1);
- #endif
-diff --git a/progressmeter.c b/progressmeter.c
-index fe9bf52e4..add462dde 100644
---- a/progressmeter.c
-+++ b/progressmeter.c
-@@ -1,4 +1,4 @@
--/* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */
-+/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */
- /*
-  * Copyright (c) 2003 Nils Nordman.  All rights reserved.
-  *
-@@ -31,6 +31,7 @@
- 
- #include <errno.h>
- #include <signal.h>
-+#include <stdarg.h>
- #include <stdio.h>
- #include <string.h>
- #include <time.h>
-@@ -39,6 +40,7 @@
- #include "progressmeter.h"
- #include "atomicio.h"
- #include "misc.h"
-+#include "utf8.h"
- 
- #define DEFAULT_WINSIZE 80
- #define MAX_WINSIZE 512
-@@ -61,7 +63,7 @@ static void setscreensize(void);
- void refresh_progress_meter(void);
- 
- /* signal handler for updating the progress meter */
--static void update_progress_meter(int);
-+static void sig_alarm(int);
- 
- static double start;           /* start progress */
- static double last_update;     /* last progress update */
-@@ -74,6 +76,7 @@ static long stalled;          /* how long we have been stalled */
- static int bytes_per_second;   /* current speed in bytes per second */
- static int win_size;           /* terminal window size */
- static volatile sig_atomic_t win_resized; /* for window resizing */
-+static volatile sig_atomic_t alarm_fired;
- 
- /* units for format_size */
- static const char unit[] = " KMGT";
-@@ -126,9 +129,17 @@ refresh_progress_meter(void)
-        off_t bytes_left;
-        int cur_speed;
-        int hours, minutes, seconds;
--       int i, len;
-        int file_len;
- 
-+       if ((!alarm_fired && !win_resized) || !can_output())
-+               return;
-+       alarm_fired = 0;
-+
-+       if (win_resized) {
-+               setscreensize();
-+               win_resized = 0;
-+       }
-+
-        transferred = *counter - (cur_pos ? cur_pos : start_pos);
-        cur_pos = *counter;
-        now = monotime_double();
-@@ -158,16 +169,11 @@ refresh_progress_meter(void)
- 
-        /* filename */
-        buf[0] = '\0';
--       file_len = win_size - 35;
-+       file_len = win_size - 36;
-        if (file_len > 0) {
--               len = snprintf(buf, file_len + 1, "\r%s", file);
--               if (len < 0)
--                       len = 0;
--               if (len >= file_len + 1)
--                       len = file_len;
--               for (i = len; i < file_len; i++)
--                       buf[i] = ' ';
--               buf[file_len] = '\0';
-+               buf[0] = '\r';
-+               snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s",
-+                   file_len * -1, file);
-        }
- 
-        /* percent of transfer done */
-@@ -228,22 +234,11 @@ refresh_progress_meter(void)
- 
- /*ARGSUSED*/
- static void
--update_progress_meter(int ignore)
-+sig_alarm(int ignore)
- {
--       int save_errno;
--
--       save_errno = errno;
--
--       if (win_resized) {
--               setscreensize();
--               win_resized = 0;
--       }
--       if (can_output())
--               refresh_progress_meter();
--
--       signal(SIGALRM, update_progress_meter);
-+       signal(SIGALRM, sig_alarm);
-+       alarm_fired = 1;
-        alarm(UPDATE_INTERVAL);
--       errno = save_errno;
- }
- 
- void
-@@ -259,10 +254,9 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr)
-        bytes_per_second = 0;
- 
-        setscreensize();
--       if (can_output())
--               refresh_progress_meter();
-+       refresh_progress_meter();
- 
--       signal(SIGALRM, update_progress_meter);
-+       signal(SIGALRM, sig_alarm);
-        signal(SIGWINCH, sig_winch);
-        alarm(UPDATE_INTERVAL);
- }
-@@ -286,6 +280,7 @@ stop_progress_meter(void)
- static void
- sig_winch(int sig)
- {
-+       signal(SIGWINCH, sig_winch);
-        win_resized = 1;
- }
- 
-diff --git a/progressmeter.h b/progressmeter.h
-index bf179dca6..8f6678060 100644
---- a/progressmeter.h
-+++ b/progressmeter.h
-@@ -1,4 +1,4 @@
--/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */
-+/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */
- /*
-  * Copyright (c) 2002 Nils Nordman.  All rights reserved.
-  *
-@@ -24,4 +24,5 @@
-  */
- 
- void   start_progress_meter(const char *, off_t, off_t *);
-+void   refresh_progress_meter(void);
- void   stop_progress_meter(void);
-diff --git a/scp.c b/scp.c
-index 7163d33dc..80308573c 100644
---- a/scp.c
-+++ b/scp.c
-@@ -593,6 +593,7 @@ scpio(void *_cnt, size_t s)
-        off_t *cnt = (off_t *)_cnt;
- 
-        *cnt += s;
-+       refresh_progress_meter();
-        if (limit_kbps > 0)
-                bandwidth_limit(&bwlimit, s);
-        return 0;
-diff --git a/sftp-client.c b/sftp-client.c
-index 4986d6d8d..2bc698f86 100644
---- a/sftp-client.c
-+++ b/sftp-client.c
-@@ -101,7 +101,9 @@ sftpio(void *_bwlimit, size_t amount)
- {
-        struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit;
- 
--       bandwidth_limit(bwlimit, amount);
-+       refresh_progress_meter();
-+       if (bwlimit != NULL)
-+               bandwidth_limit(bwlimit, amount);
-        return 0;
- }
- 
-@@ -121,8 +123,8 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m)
-        iov[1].iov_base = (u_char *)sshbuf_ptr(m);
-        iov[1].iov_len = sshbuf_len(m);
- 
--       if (atomiciov6(writev, conn->fd_out, iov, 2,
--           conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) !=
-+       if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio,
-+           conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) !=
-            sshbuf_len(m) + sizeof(mlen))
-                fatal("Couldn't send packet: %s", strerror(errno));
- 
-@@ -138,8 +140,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial)
- 
-        if ((r = sshbuf_reserve(m, 4, &p)) != 0)
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
--       if (atomicio6(read, conn->fd_in, p, 4,
--           conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) {
-+       if (atomicio6(read, conn->fd_in, p, 4, sftpio,
-+           conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) {
-                if (errno == EPIPE || errno == ECONNRESET)
-                        fatal("Connection closed");
-                else
-@@ -157,8 +159,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial)
- 
-        if ((r = sshbuf_reserve(m, msg_len, &p)) != 0)
-                fatal("%s: buffer error: %s", __func__, ssh_err(r));
--       if (atomicio6(read, conn->fd_in, p, msg_len,
--           conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in)
-+       if (atomicio6(read, conn->fd_in, p, msg_len, sftpio,
-+           conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL)
-            != msg_len) {
-                if (errno == EPIPE)
-                        fatal("Connection closed");
diff --git a/debian/patches/scp-disallow-dot-or-empty-filename.patch b/debian/patches/scp-disallow-dot-or-empty-filename.patch
deleted file mode 100644
index 716f2ffa8..000000000
--- a/debian/patches/scp-disallow-dot-or-empty-filename.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From dee21e97428e69d30e2d15c71f3e7cc08bf8e4f8 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Fri, 16 Nov 2018 03:03:10 +0000
-Subject: upstream: disallow empty incoming filename or ones that refer to the
-
-current directory; based on report/patch from Harry Sintonen
-
-OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9
-
-Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=6010c0303a422a9c5fa8860c061bf7105eb7f8b2
-Bug-Debian: https://bugs.debian.org/919101
-Last-Update: 2019-01-12
-
-Patch-Name: scp-disallow-dot-or-empty-filename.patch
----
- scp.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/scp.c b/scp.c
-index ed2864250..7163d33dc 100644
---- a/scp.c
-+++ b/scp.c
-@@ -1114,7 +1114,8 @@ sink(int argc, char **argv)
-                        SCREWUP("size out of range");
-                size = (off_t)ull;
- 
--               if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
-+               if (*cp == '\0' || strchr(cp, '/') != NULL ||
-+                   strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
-                        run_err("error: unexpected filename: %s", cp);
-                        exit(1);
-                }
diff --git a/debian/patches/scp-handle-braces.patch b/debian/patches/scp-handle-braces.patch
deleted file mode 100644
index 0cbdcfdc0..000000000
--- a/debian/patches/scp-handle-braces.patch
+++ /dev/null
@@ -1,353 +0,0 @@
-From 7a3fa37583d4abf128f7f4c6eb1e7ffc90115eab Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Sun, 10 Feb 2019 11:15:52 +0000
-Subject: upstream: when checking that filenames sent by the server side
-
-match what the client requested, be prepared to handle shell-style brace
-alternations, e.g. "{foo,bar}".
-
-"looks good to me" millert@ + in snaps for the last week courtesy
-deraadt@
-
-OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e
-
-Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=3d896c157c722bc47adca51a58dca859225b5874
-Bug-Debian: https://bugs.debian.org/923486
-Last-Update: 2019-03-01
-
-Patch-Name: scp-handle-braces.patch
----
- scp.c | 280 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---
- 1 file changed, 269 insertions(+), 11 deletions(-)
-
-diff --git a/scp.c b/scp.c
-index 035037bcc..3888baab0 100644
---- a/scp.c
-+++ b/scp.c
-@@ -635,6 +635,253 @@ parse_scp_uri(const char *uri, char **userp, char **hostp, int *portp,
-        return r;
- }
- 
-+/* Appends a string to an array; returns 0 on success, -1 on alloc failure */
-+static int
-+append(char *cp, char ***ap, size_t *np)
-+{
-+       char **tmp;
-+
-+       if ((tmp = reallocarray(*ap, *np + 1, sizeof(*tmp))) == NULL)
-+               return -1;
-+       tmp[(*np)] = cp;
-+       (*np)++;
-+       *ap = tmp;
-+       return 0;
-+}
-+
-+/*
-+ * Finds the start and end of the first brace pair in the pattern.
-+ * returns 0 on success or -1 for invalid patterns.
-+ */
-+static int
-+find_brace(const char *pattern, int *startp, int *endp)
-+{
-+       int i;
-+       int in_bracket, brace_level;
-+
-+       *startp = *endp = -1;
-+       in_bracket = brace_level = 0;
-+       for (i = 0; i < INT_MAX && *endp < 0 && pattern[i] != '\0'; i++) {
-+               switch (pattern[i]) {
-+               case '\\':
-+                       /* skip next character */
-+                       if (pattern[i + 1] != '\0')
-+                               i++;
-+                       break;
-+               case '[':
-+                       in_bracket = 1;
-+                       break;
-+               case ']':
-+                       in_bracket = 0;
-+                       break;
-+               case '{':
-+                       if (in_bracket)
-+                               break;
-+                       if (pattern[i + 1] == '}') {
-+                               /* Protect a single {}, for find(1), like csh */
-+                               i++; /* skip */
-+                               break;
-+                       }
-+                       if (*startp == -1)
-+                               *startp = i;
-+                       brace_level++;
-+                       break;
-+               case '}':
-+                       if (in_bracket)
-+                               break;
-+                       if (*startp < 0) {
-+                               /* Unbalanced brace */
-+                               return -1;
-+                       }
-+                       if (--brace_level <= 0)
-+                               *endp = i;
-+                       break;
-+               }
-+       }
-+       /* unbalanced brackets/braces */
-+       if (*endp < 0 && (*startp >= 0 || in_bracket))
-+               return -1;
-+       return 0;
-+}
-+
-+/*
-+ * Assembles and records a successfully-expanded pattern, returns -1 on
-+ * alloc failure.
-+ */
-+static int
-+emit_expansion(const char *pattern, int brace_start, int brace_end,
-+    int sel_start, int sel_end, char ***patternsp, size_t *npatternsp)
-+{
-+       char *cp;
-+       int o = 0, tail_len = strlen(pattern + brace_end + 1);
-+
-+       if ((cp = malloc(brace_start + (sel_end - sel_start) +
-+           tail_len + 1)) == NULL)
-+               return -1;
-+
-+       /* Pattern before initial brace */
-+       if (brace_start > 0) {
-+               memcpy(cp, pattern, brace_start);
-+               o = brace_start;
-+       }
-+       /* Current braced selection */
-+       if (sel_end - sel_start > 0) {
-+               memcpy(cp + o, pattern + sel_start,
-+                   sel_end - sel_start);
-+               o += sel_end - sel_start;
-+       }
-+       /* Remainder of pattern after closing brace */
-+       if (tail_len > 0) {
-+               memcpy(cp + o, pattern + brace_end + 1, tail_len);
-+               o += tail_len;
-+       }
-+       cp[o] = '\0';
-+       if (append(cp, patternsp, npatternsp) != 0) {
-+               free(cp);
-+               return -1;
-+       }
-+       return 0;
-+}
-+
-+/*
-+ * Expand the first encountered brace in pattern, appending the expanded
-+ * patterns it yielded to the *patternsp array.
-+ *
-+ * Returns 0 on success or -1 on allocation failure.
-+ *
-+ * Signals whether expansion was performed via *expanded and whether
-+ * pattern was invalid via *invalid.
-+ */
-+static int
-+brace_expand_one(const char *pattern, char ***patternsp, size_t *npatternsp,
-+    int *expanded, int *invalid)
-+{
-+       int i;
-+       int in_bracket, brace_start, brace_end, brace_level;
-+       int sel_start, sel_end;
-+
-+       *invalid = *expanded = 0;
-+
-+       if (find_brace(pattern, &brace_start, &brace_end) != 0) {
-+               *invalid = 1;
-+               return 0;
-+       } else if (brace_start == -1)
-+               return 0;
-+
-+       in_bracket = brace_level = 0;
-+       for (i = sel_start = brace_start + 1; i < brace_end; i++) {
-+               switch (pattern[i]) {
-+               case '{':
-+                       if (in_bracket)
-+                               break;
-+                       brace_level++;
-+                       break;
-+               case '}':
-+                       if (in_bracket)
-+                               break;
-+                       brace_level--;
-+                       break;
-+               case '[':
-+                       in_bracket = 1;
-+                       break;
-+               case ']':
-+                       in_bracket = 0;
-+                       break;
-+               case '\\':
-+                       if (i < brace_end - 1)
-+                               i++; /* skip */
-+                       break;
-+               }
-+               if (pattern[i] == ',' || i == brace_end - 1) {
-+                       if (in_bracket || brace_level > 0)
-+                               continue;
-+                       /* End of a selection, emit an expanded pattern */
-+
-+                       /* Adjust end index for last selection */
-+                       sel_end = (i == brace_end - 1) ? brace_end : i;
-+                       if (emit_expansion(pattern, brace_start, brace_end,
-+                           sel_start, sel_end, patternsp, npatternsp) != 0)
-+                               return -1;
-+                       /* move on to the next selection */
-+                       sel_start = i + 1;
-+                       continue;
-+               }
-+       }
-+       if (in_bracket || brace_level > 0) {
-+               *invalid = 1;
-+               return 0;
-+       }
-+       /* success */
-+       *expanded = 1;
-+       return 0;
-+}
-+
-+/* Expand braces from pattern. Returns 0 on success, -1 on failure */
-+static int
-+brace_expand(const char *pattern, char ***patternsp, size_t *npatternsp)
-+{
-+       char *cp, *cp2, **active = NULL, **done = NULL;
-+       size_t i, nactive = 0, ndone = 0;
-+       int ret = -1, invalid = 0, expanded = 0;
-+
-+       *patternsp = NULL;
-+       *npatternsp = 0;
-+
-+       /* Start the worklist with the original pattern */
-+       if ((cp = strdup(pattern)) == NULL)
-+               return -1;
-+       if (append(cp, &active, &nactive) != 0) {
-+               free(cp);
-+               return -1;
-+       }
-+       while (nactive > 0) {
-+               cp = active[nactive - 1];
-+               nactive--;
-+               if (brace_expand_one(cp, &active, &nactive,
-+                   &expanded, &invalid) == -1) {
-+                       free(cp);
-+                       goto fail;
-+               }
-+               if (invalid)
-+                       fatal("%s: invalid brace pattern \"%s\"", __func__, cp);
-+               if (expanded) {
-+                       /*
-+                        * Current entry expanded to new entries on the
-+                        * active list; discard the progenitor pattern.
-+                        */
-+                       free(cp);
-+                       continue;
-+               }
-+               /*
-+                * Pattern did not expand; append the finename component to
-+                * the completed list
-+                */
-+               if ((cp2 = strrchr(cp, '/')) != NULL)
-+                       *cp2++ = '\0';
-+               else
-+                       cp2 = cp;
-+               if (append(xstrdup(cp2), &done, &ndone) != 0) {
-+                       free(cp);
-+                       goto fail;
-+               }
-+               free(cp);
-+       }
-+       /* success */
-+       *patternsp = done;
-+       *npatternsp = ndone;
-+       done = NULL;
-+       ndone = 0;
-+       ret = 0;
-+ fail:
-+       for (i = 0; i < nactive; i++)
-+               free(active[i]);
-+       free(active);
-+       for (i = 0; i < ndone; i++)
-+               free(done[i]);
-+       free(done);
-+       return ret;
-+}
-+
- void
- toremote(int argc, char **argv)
- {
-@@ -998,7 +1245,8 @@ sink(int argc, char **argv, const char *src)
-        unsigned long long ull;
-        int setimes, targisdir, wrerrno = 0;
-        char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048];
--       char *src_copy = NULL, *restrict_pattern = NULL;
-+       char **patterns = NULL;
-+       size_t n, npatterns = 0;
-        struct timeval tv[2];
- 
- #define        atime   tv[0]
-@@ -1028,16 +1276,13 @@ sink(int argc, char **argv, const char *src)
-                 * Prepare to try to restrict incoming filenames to match
-                 * the requested destination file glob.
-                 */
--               if ((src_copy = strdup(src)) == NULL)
--                       fatal("strdup failed");
--               if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) {
--                       *restrict_pattern++ = '\0';
--               }
-+               if (brace_expand(src, &patterns, &npatterns) != 0)
-+                       fatal("%s: could not expand pattern", __func__);
-        }
-        for (first = 1;; first = 0) {
-                cp = buf;
-                if (atomicio(read, remin, cp, 1) != 1)
--                       return;
-+                       goto done;
-                if (*cp++ == '\n')
-                        SCREWUP("unexpected <newline>");
-                do {
-@@ -1063,7 +1308,7 @@ sink(int argc, char **argv, const char *src)
-                }
-                if (buf[0] == 'E') {
-                        (void) atomicio(vwrite, remout, "", 1);
--                       return;
-+                       goto done;
-                }
-                if (ch == '\n')
-                        *--cp = 0;
-@@ -1138,9 +1383,14 @@ sink(int argc, char **argv, const char *src)
-                        run_err("error: unexpected filename: %s", cp);
-                        exit(1);
-                }
--               if (restrict_pattern != NULL &&
--                   fnmatch(restrict_pattern, cp, 0) != 0)
--                       SCREWUP("filename does not match request");
-+               if (npatterns > 0) {
-+                       for (n = 0; n < npatterns; n++) {
-+                               if (fnmatch(patterns[n], cp, 0) == 0)
-+                                       break;
-+                       }
-+                       if (n >= npatterns)
-+                               SCREWUP("filename does not match request");
-+               }
-                if (targisdir) {
-                        static char *namebuf;
-                        static size_t cursize;
-@@ -1299,7 +1549,15 @@ bad:                     run_err("%s: %s", np, strerror(errno));
-                        break;
-                }
-        }
-+done:
-+       for (n = 0; n < npatterns; n++)
-+               free(patterns[n]);
-+       free(patterns);
-+       return;
- screwup:
-+       for (n = 0; n < npatterns; n++)
-+               free(patterns[n]);
-+       free(patterns);
-        run_err("protocol error: %s", why);
-        exit(1);
- }
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index d054b2a82..29cf5603f 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -1,4 +1,4 @@
-From eefdc7046766b52e39f1b6eafcde22c1e013ce9f Mon Sep 17 00:00:00 2001
+From 76a51e544a6a6a674ff1dddf4bb6da05d9cce774 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:09:59 +0000
 Subject: Adjust scp quoting in verbose mode
@@ -17,10 +17,10 @@ Patch-Name: scp-quoting.patch
  1 file changed, 10 insertions(+), 2 deletions(-)
 
 diff --git a/scp.c b/scp.c
-index 60682c687..ed2864250 100644
+index 80bc0e8b1..a2dc410bd 100644
 --- a/scp.c
 +++ b/scp.c
-@@ -198,8 +198,16 @@ do_local_cmd(arglist *a)
+@@ -199,8 +199,16 @@ do_local_cmd(arglist *a)
  
         if (verbose_mode) {
                 fprintf(stderr, "Executing:");
diff --git a/debian/patches/seccomp-s390-flock-ipc.patch b/debian/patches/seccomp-s390-flock-ipc.patch
index e864427bd..ad00d1220 100644
--- a/debian/patches/seccomp-s390-flock-ipc.patch
+++ b/debian/patches/seccomp-s390-flock-ipc.patch
@@ -1,4 +1,4 @@
-From 690939ba320d93e6f3ab5266bea94d8fb06c8bae Mon Sep 17 00:00:00 2001
+From 9fa2ceb14b6e7e5e902cff416bc9ad3963be9883 Mon Sep 17 00:00:00 2001
 From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
 Date: Tue, 9 May 2017 10:53:04 -0300
 Subject: Allow flock and ipc syscall for s390 architecture
diff --git a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
index ecbe1d142..fcd7285bd 100644
--- a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
+++ b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
@@ -1,4 +1,4 @@
-From 9ce189b9f22890421b7f8d3f49a39186d3ce3e14 Mon Sep 17 00:00:00 2001
+From 9d4508c5c1d6466c662befcb26aff09f41966102 Mon Sep 17 00:00:00 2001
 From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
 Date: Tue, 9 May 2017 13:33:30 -0300
 Subject: Enable specific ioctl call for EP11 crypto card (s390)
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index 269a87c76..5ab339ac9 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
-From cf3f6ac19812e4d32874304b3854b055831c2124 Mon Sep 17 00:00:00 2001
+From 21e3ff3ab4791d3c94bd775da66cde29797fcb36 Mon Sep 17 00:00:00 2001
 From: Manoj Srivastava <srivasta@debian.org>
 Date: Sun, 9 Feb 2014 16:09:49 +0000
 Subject: Handle SELinux authorisation roles
@@ -9,7 +9,7 @@ SELinux maintainer, so we'll keep it until we have something better.
 
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
 Bug-Debian: http://bugs.debian.org/394795
-Last-Update: 2018-08-24
+Last-Update: 2019-06-05
 
 Patch-Name: selinux-role.patch
 ---
@@ -31,7 +31,7 @@ Patch-Name: selinux-role.patch
  15 files changed, 99 insertions(+), 32 deletions(-)
 
 diff --git a/auth.h b/auth.h
-index 977562f0a..90802a5eb 100644
+index bf393e755..8f13bdf48 100644
 --- a/auth.h
 +++ b/auth.h
 @@ -65,6 +65,7 @@ struct Authctxt {
@@ -43,19 +43,19 @@ index 977562f0a..90802a5eb 100644
         /* Method lists for multiple authentication */
         char            **auth_methods; /* modified from server config */
 diff --git a/auth2.c b/auth2.c
-index a77742819..3035926ba 100644
+index 7417eafa4..d60e7f1f2 100644
 --- a/auth2.c
 +++ b/auth2.c
-@@ -257,7 +257,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
+@@ -267,7 +267,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
  {
         Authctxt *authctxt = ssh->authctxt;
         Authmethod *m = NULL;
--       char *user, *service, *method, *style = NULL;
-+       char *user, *service, *method, *style = NULL, *role = NULL;
-        int authenticated = 0;
+-       char *user = NULL, *service = NULL, *method = NULL, *style = NULL;
++       char *user = NULL, *service = NULL, *method = NULL, *style = NULL, *role = NULL;
+        int r, authenticated = 0;
         double tstart = monotime_double();
  
-@@ -270,8 +270,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
+@@ -281,8 +281,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
         debug("userauth-request for user %s service %s method %s", user, service, method);
         debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
  
@@ -69,7 +69,7 @@ index a77742819..3035926ba 100644
  
         if (authctxt->attempt++ == 0) {
                 /* setup auth context */
-@@ -298,8 +303,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
+@@ -309,8 +314,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                     use_privsep ? " [net]" : "");
                 authctxt->service = xstrdup(service);
                 authctxt->style = style ? xstrdup(style) : NULL;
@@ -77,22 +77,22 @@ index a77742819..3035926ba 100644
                 if (use_privsep)
 -                       mm_inform_authserv(service, style);
 +                       mm_inform_authserv(service, style, role);
-                userauth_banner();
+                userauth_banner(ssh);
                 if (auth2_setup_methods_lists(authctxt) != 0)
-                        packet_disconnect("no authentication methods enabled");
+                        ssh_packet_disconnect(ssh,
 diff --git a/monitor.c b/monitor.c
-index eabc1e89b..08fddabd7 100644
+index 0766d6ef5..5f84e880d 100644
 --- a/monitor.c
 +++ b/monitor.c
-@@ -117,6 +117,7 @@ int mm_answer_sign(int, struct sshbuf *);
- int mm_answer_pwnamallow(int, struct sshbuf *);
- int mm_answer_auth2_read_banner(int, struct sshbuf *);
- int mm_answer_authserv(int, struct sshbuf *);
-+int mm_answer_authrole(int, struct sshbuf *);
- int mm_answer_authpassword(int, struct sshbuf *);
- int mm_answer_bsdauthquery(int, struct sshbuf *);
- int mm_answer_bsdauthrespond(int, struct sshbuf *);
-@@ -193,6 +194,7 @@ struct mon_table mon_dispatch_proto20[] = {
+@@ -117,6 +117,7 @@ int mm_answer_sign(struct ssh *, int, struct sshbuf *);
+ int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *);
+ int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *);
+ int mm_answer_authserv(struct ssh *, int, struct sshbuf *);
++int mm_answer_authrole(struct ssh *, int, struct sshbuf *);
+ int mm_answer_authpassword(struct ssh *, int, struct sshbuf *);
+ int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *);
+ int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *);
+@@ -197,6 +198,7 @@ struct mon_table mon_dispatch_proto20[] = {
      {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
      {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
      {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
@@ -100,7 +100,7 @@ index eabc1e89b..08fddabd7 100644
      {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
      {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
  #ifdef USE_PAM
-@@ -817,6 +819,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
+@@ -819,6 +821,7 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m)
  
         /* Allow service/style information on the auth context */
         monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@@ -108,7 +108,7 @@ index eabc1e89b..08fddabd7 100644
         monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
  
  #ifdef USE_PAM
-@@ -850,16 +853,42 @@ mm_answer_authserv(int sock, struct sshbuf *m)
+@@ -852,16 +855,42 @@ mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m)
         monitor_permit_authentications(1);
  
         if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 ||
@@ -135,7 +135,7 @@ index eabc1e89b..08fddabd7 100644
 +}
 +
 +int
-+mm_answer_authrole(int sock, struct sshbuf *m)
++mm_answer_authrole(struct ssh *ssh, int sock, struct sshbuf *m)
 +{
 +       int r;
 +
@@ -154,7 +154,7 @@ index eabc1e89b..08fddabd7 100644
         return (0);
  }
  
-@@ -1501,7 +1530,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
+@@ -1528,7 +1557,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
         res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
         if (res == 0)
                 goto error;
@@ -164,23 +164,23 @@ index eabc1e89b..08fddabd7 100644
         if ((r = sshbuf_put_u32(m, 1)) != 0 ||
             (r = sshbuf_put_cstring(m, s->tty)) != 0)
 diff --git a/monitor.h b/monitor.h
-index 44fbed589..8f65e684d 100644
+index 2b1a2d590..4d87284aa 100644
 --- a/monitor.h
 +++ b/monitor.h
-@@ -66,6 +66,8 @@ enum monitor_reqtype {
+@@ -65,6 +65,8 @@ enum monitor_reqtype {
+ 
         MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151,
         MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153,
- 
-+       MONITOR_REQ_AUTHROLE = 154,
 +
++       MONITOR_REQ_AUTHROLE = 154,
  };
  
- struct monitor {
+ struct ssh;
 diff --git a/monitor_wrap.c b/monitor_wrap.c
-index 1865a122a..fd4d7eb3b 100644
+index 8e4c1c1f8..6b3a6251c 100644
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -369,10 +369,10 @@ mm_auth2_read_banner(void)
+@@ -364,10 +364,10 @@ mm_auth2_read_banner(void)
         return (banner);
  }
  
@@ -193,7 +193,7 @@ index 1865a122a..fd4d7eb3b 100644
  {
         struct sshbuf *m;
         int r;
-@@ -382,7 +382,8 @@ mm_inform_authserv(char *service, char *style)
+@@ -377,7 +377,8 @@ mm_inform_authserv(char *service, char *style)
         if ((m = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
         if ((r = sshbuf_put_cstring(m, service)) != 0 ||
@@ -203,7 +203,7 @@ index 1865a122a..fd4d7eb3b 100644
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
  
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m);
-@@ -390,6 +391,26 @@ mm_inform_authserv(char *service, char *style)
+@@ -385,6 +386,26 @@ mm_inform_authserv(char *service, char *style)
         sshbuf_free(m);
  }
  
@@ -231,17 +231,17 @@ index 1865a122a..fd4d7eb3b 100644
  int
  mm_auth_password(struct ssh *ssh, char *password)
 diff --git a/monitor_wrap.h b/monitor_wrap.h
-index 7f93144ff..79e78cc90 100644
+index 69164a8c0..3d0e32d48 100644
 --- a/monitor_wrap.h
 +++ b/monitor_wrap.h
-@@ -43,7 +43,8 @@ int mm_is_monitor(void);
+@@ -44,7 +44,8 @@ int mm_is_monitor(void);
  DH *mm_choose_dh(int, int, int);
- int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t,
-     const char *, u_int compat);
+ int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *,
+     const u_char *, size_t, const char *, u_int compat);
 -void mm_inform_authserv(char *, char *);
 +void mm_inform_authserv(char *, char *, char *);
 +void mm_inform_authrole(char *);
- struct passwd *mm_getpwnamallow(const char *);
+ struct passwd *mm_getpwnamallow(struct ssh *, const char *);
  char *mm_auth2_read_banner(void);
  int mm_auth_password(struct ssh *, char *);
 diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
@@ -363,10 +363,10 @@ index ea4f9c584..60d72ffe7 100644
  char *platform_krb5_get_principal_name(const char *);
  int platform_sys_dir_uid(uid_t);
 diff --git a/session.c b/session.c
-index 2d0958d11..19f38637e 100644
+index ac3d9d19d..d87ea4d44 100644
 --- a/session.c
 +++ b/session.c
-@@ -1380,7 +1380,7 @@ safely_chroot(const char *path, uid_t uid)
+@@ -1356,7 +1356,7 @@ safely_chroot(const char *path, uid_t uid)
  
  /* Set login name, uid, gid, and groups. */
  void
@@ -375,7 +375,7 @@ index 2d0958d11..19f38637e 100644
  {
         char uidstr[32], *chroot_path, *tmp;
  
-@@ -1408,7 +1408,7 @@ do_setusercontext(struct passwd *pw)
+@@ -1384,7 +1384,7 @@ do_setusercontext(struct passwd *pw)
                 endgrent();
  #endif
  
@@ -384,7 +384,7 @@ index 2d0958d11..19f38637e 100644
  
                 if (!in_chroot && options.chroot_directory != NULL &&
                     strcasecmp(options.chroot_directory, "none") != 0) {
-@@ -1547,7 +1547,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1525,7 +1525,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
  
         /* Force a password change */
         if (s->authctxt->force_pwchange) {
@@ -393,7 +393,7 @@ index 2d0958d11..19f38637e 100644
                 child_close_fds(ssh);
                 do_pwchange(s);
                 exit(1);
-@@ -1565,7 +1565,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1543,7 +1543,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
         /* When PAM is enabled we rely on it to do the nologin check */
         if (!options.use_pam)
                 do_nologin(pw);
@@ -402,8 +402,8 @@ index 2d0958d11..19f38637e 100644
         /*
          * PAM session modules in do_setusercontext may have
          * generated messages, so if this in an interactive
-@@ -1955,7 +1955,7 @@ session_pty_req(struct ssh *ssh, Session *s)
-        ssh_tty_parse_modes(ssh, s->ttyfd);
+@@ -1942,7 +1942,7 @@ session_pty_req(struct ssh *ssh, Session *s)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
  
         if (!use_privsep)
 -               pty_setowner(s->pw, s->tty);
@@ -425,10 +425,10 @@ index ce59dabd9..675c91146 100644
  const char     *session_get_remote_name_or_ip(struct ssh *, u_int, int);
  
 diff --git a/sshd.c b/sshd.c
-index 673db87f6..2bc6679e5 100644
+index 46870d3b5..e3e96426e 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -683,7 +683,7 @@ privsep_postauth(Authctxt *authctxt)
+@@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
         reseed_prngs();
  
         /* Drop privileges */
diff --git a/debian/patches/series b/debian/patches/series
index b0da97283..6304f537a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -24,11 +24,4 @@ restore-authorized_keys2.patch
 seccomp-s390-flock-ipc.patch
 seccomp-s390-ioctl-ep11-crypto.patch
 conch-old-privkey-format.patch
-scp-disallow-dot-or-empty-filename.patch
-sanitize-scp-filenames-via-snmprintf.patch
-have-progressmeter-force-update-at-beginning-and-end-transfer.patch
-check-filenames-in-scp-client.patch
-fix-key-type-check.patch
-request-rsa-sha2-cert-signatures.patch
-scp-handle-braces.patch
 revert-ipqos-defaults.patch
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index ad574e829..2224eeead 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -1,4 +1,4 @@
-From cabad6b7182cd6eaa8b760718200a316e7f578ed Mon Sep 17 00:00:00 2001
+From b019e32a0ee7a79c0a08cb1199229d03b16934a7 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:00 +0000
 Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand
@@ -16,10 +16,10 @@ Patch-Name: shell-path.patch
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/sshconnect.c b/sshconnect.c
-index 6d819279e..700ea6c3c 100644
+index fdcdcd855..103d84e38 100644
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -229,7 +229,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
+@@ -257,7 +257,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
                 /* Execute the proxy command.  Note that we gave up any
                    extra privileges above. */
                 signal(SIGPIPE, SIG_DFL);
@@ -28,7 +28,7 @@ index 6d819279e..700ea6c3c 100644
                 perror(argv[0]);
                 exit(1);
         }
-@@ -1534,7 +1534,7 @@ ssh_local_cmd(const char *args)
+@@ -1382,7 +1382,7 @@ ssh_local_cmd(const char *args)
         if (pid == 0) {
                 signal(SIGPIPE, SIG_DFL);
                 debug3("Executing %s -c \"%s\"", shell, args);
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index ed6ef3d46..e94e48a03 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
-From 6d4521d39a852dc5627187c045c933f4e1cb4601 Mon Sep 17 00:00:00 2001
+From 9e040aefaefa40bcbe5dcdc0f9f03555cf8fe2d0 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:13 +0000
 Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index bb1e10973..a5aa9259a 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
-From d1064c2689df8d0894a68ac9671d14ab125bc91b Mon Sep 17 00:00:00 2001
+From 23b4cc85184891ad61bb98045629400e48d946dd Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:10 +0000
 Subject: ssh(1): Refer to ssh-argv0(1)
@@ -18,10 +18,10 @@ Patch-Name: ssh-argv0.patch
  1 file changed, 1 insertion(+)
 
 diff --git a/ssh.1 b/ssh.1
-index 5dfad6daa..ad1ed0f86 100644
+index e4aeae7b4..8d2b08a29 100644
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1585,6 +1585,7 @@ if an error occurred.
+@@ -1584,6 +1584,7 @@ if an error occurred.
  .Xr sftp 1 ,
  .Xr ssh-add 1 ,
  .Xr ssh-agent 1 ,
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
index ca3e090bd..8adc301fc 100644
--- a/debian/patches/ssh-vulnkey-compat.patch
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -1,4 +1,4 @@
-From eccbd3637a2b8544fdcfdd5d1a00a9dfdac62aeb Mon Sep 17 00:00:00 2001
+From 0138f331a73d692f4543477ce7f64f9ede7d6b08 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:09:50 +0000
 Subject: Accept obsolete ssh-vulnkey configuration options
@@ -17,10 +17,10 @@ Patch-Name: ssh-vulnkey-compat.patch
  2 files changed, 2 insertions(+)
 
 diff --git a/readconf.c b/readconf.c
-index 36bc5e59a..5e655e924 100644
+index 4d699e5f1..29f3bd98d 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -190,6 +190,7 @@ static struct {
+@@ -192,6 +192,7 @@ static struct {
         { "fallbacktorsh", oDeprecated },
         { "globalknownhostsfile2", oDeprecated },
         { "rhostsauthentication", oDeprecated },
@@ -29,10 +29,10 @@ index 36bc5e59a..5e655e924 100644
         { "useroaming", oDeprecated },
         { "usersh", oDeprecated },
 diff --git a/servconf.c b/servconf.c
-index 4668b8a45..6caf1db38 100644
+index ffdad31e7..c01e0690e 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -600,6 +600,7 @@ static struct {
+@@ -621,6 +621,7 @@ static struct {
         { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
         { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
         { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 3093a41fb..aa7968090 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -1,4 +1,4 @@
-From e755ec70d62bfb9b02159123f4e870b00010be77 Mon Sep 17 00:00:00 2001
+From 0646a0cd5ea893cf822113d4f10c501540c18e40 Mon Sep 17 00:00:00 2001
 From: Jonathan David Amery <jdamery@ysolde.ucam.org>
 Date: Sun, 9 Feb 2014 16:09:54 +0000
 Subject: "LogLevel SILENT" compatibility
@@ -33,10 +33,10 @@ index d9c2d136c..1749af6d1 100644
         { "FATAL",      SYSLOG_LEVEL_FATAL },
         { "ERROR",      SYSLOG_LEVEL_ERROR },
 diff --git a/ssh.c b/ssh.c
-index 0777c31e4..3140fed4c 100644
+index 42be7d88f..86f143341 100644
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1258,7 +1258,7 @@ main(int ac, char **av)
+@@ -1265,7 +1265,7 @@ main(int ac, char **av)
         /* Do not allocate a tty if stdin is not a tty. */
         if ((!isatty(fileno(stdin)) || stdin_null_flag) &&
             options.request_tty != REQUEST_TTY_FORCE) {
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch
index c5dee41ad..51c7e32de 100644
--- a/debian/patches/systemd-readiness.patch
+++ b/debian/patches/systemd-readiness.patch
@@ -1,4 +1,4 @@
-From da34947128351bee9d2530574432190548f5be58 Mon Sep 17 00:00:00 2001
+From a88f67584ef5889d95c04b0294e92c11ed4904cd Mon Sep 17 00:00:00 2001
 From: Michael Biebl <biebl@debian.org>
 Date: Mon, 21 Dec 2015 16:08:47 +0000
 Subject: Add systemd readiness notification support
@@ -14,10 +14,10 @@ Patch-Name: systemd-readiness.patch
  2 files changed, 33 insertions(+)
 
 diff --git a/configure.ac b/configure.ac
-index 917300b43..8a5db4cb5 100644
+index ce16e7758..de140f578 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4586,6 +4586,29 @@ AC_ARG_WITH([kerberos5],
+@@ -4526,6 +4526,29 @@ AC_ARG_WITH([kerberos5],
  AC_SUBST([GSSLIBS])
  AC_SUBST([K5LIBS])
  
@@ -47,7 +47,7 @@ index 917300b43..8a5db4cb5 100644
  # Looking for programs, paths and files
  
  PRIVSEP_PATH=/var/empty
-@@ -5392,6 +5415,7 @@ echo "                   libldns support: $LDNS_MSG"
+@@ -5332,6 +5355,7 @@ echo "                   libldns support: $LDNS_MSG"
  echo "  Solaris process contract support: $SPC_MSG"
  echo "           Solaris project support: $SP_MSG"
  echo "         Solaris privilege support: $SPP_MSG"
@@ -56,7 +56,7 @@ index 917300b43..8a5db4cb5 100644
  echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
  echo "                  BSD Auth support: $BSD_AUTH_MSG"
 diff --git a/sshd.c b/sshd.c
-index d7e77d343..a1c3970b3 100644
+index 1e7ece588..48162b629 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -85,6 +85,10 @@
@@ -70,7 +70,7 @@ index d7e77d343..a1c3970b3 100644
  #include "xmalloc.h"
  #include "ssh.h"
  #include "ssh2.h"
-@@ -1990,6 +1994,11 @@ main(int ac, char **av)
+@@ -1946,6 +1950,11 @@ main(int ac, char **av)
                         }
                 }
  
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index bc2390e06..899c60123 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
-From 7b931d36ad36a93d2b1811858ca29408ec44ecae Mon Sep 17 00:00:00 2001
+From e04a43bd5798ba43d910493d179438845e96f631 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:09:58 +0000
 Subject: Allow harmless group-writability
@@ -13,7 +13,7 @@ default.
 
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
-Last-Update: 2017-10-04
+Last-Update: 2019-06-05
 
 Patch-Name: user-group-modes.patch
 ---
@@ -51,7 +51,7 @@ index 57296e1f6..546aa0495 100644
                             pw->pw_name, buf);
                         auth_debug_add("Bad file modes for %.200s", buf);
 diff --git a/auth.c b/auth.c
-index d8e6b4a3d..9d1d453f1 100644
+index f7a23afba..8ffd77662 100644
 --- a/auth.c
 +++ b/auth.c
 @@ -473,8 +473,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host,
@@ -65,10 +65,10 @@ index d8e6b4a3d..9d1d453f1 100644
                             "bad owner or modes for %.200s",
                             pw->pw_name, user_hostfile);
 diff --git a/misc.c b/misc.c
-index bdc06fdb3..5159e6692 100644
+index 009e02bc5..634b5060a 100644
 --- a/misc.c
 +++ b/misc.c
-@@ -58,8 +58,9 @@
+@@ -59,8 +59,9 @@
  #include <netdb.h>
  #ifdef HAVE_PATHS_H
  # include <paths.h>
@@ -79,7 +79,7 @@ index bdc06fdb3..5159e6692 100644
  #ifdef SSH_TUN_OPENBSD
  #include <net/if.h>
  #endif
-@@ -1028,6 +1029,55 @@ percent_expand(const char *string, ...)
+@@ -1103,6 +1104,55 @@ percent_expand(const char *string, ...)
  #undef EXPAND_MAX_KEYS
  }
  
@@ -135,7 +135,7 @@ index bdc06fdb3..5159e6692 100644
  int
  tun_open(int tun, int mode, char **ifname)
  {
-@@ -1786,8 +1836,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -1860,8 +1910,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
                 snprintf(err, errlen, "%s is not a regular file", buf);
                 return -1;
         }
@@ -145,7 +145,7 @@ index bdc06fdb3..5159e6692 100644
                 snprintf(err, errlen, "bad ownership or modes for file %s",
                     buf);
                 return -1;
-@@ -1802,8 +1851,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -1876,8 +1925,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
                 strlcpy(buf, cp, sizeof(buf));
  
                 if (stat(buf, &st) < 0 ||
@@ -156,10 +156,10 @@ index bdc06fdb3..5159e6692 100644
                             "bad ownership or modes for directory %s", buf);
                         return -1;
 diff --git a/misc.h b/misc.h
-index 31b207a8d..aaf966e65 100644
+index 5b4325aba..a4bdee187 100644
 --- a/misc.h
 +++ b/misc.h
-@@ -168,6 +168,8 @@ int  safe_path_fd(int, const char *, struct passwd *,
+@@ -175,6 +175,8 @@ int  safe_path_fd(int, const char *, struct passwd *,
  char   *read_passphrase(const char *, int);
  int     ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
  
@@ -169,10 +169,10 @@ index 31b207a8d..aaf966e65 100644
  #define MAXIMUM(a, b)  (((a) > (b)) ? (a) : (b))
  #define ROUNDUP(x, y)   ((((x)+((y)-1))/(y))*(y))
 diff --git a/readconf.c b/readconf.c
-index 052d4b1ac..6b01f20d2 100644
+index 3d0b6ff90..cd60007f8 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1820,8 +1820,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
+@@ -1846,8 +1846,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
  
                 if (fstat(fileno(f), &sb) == -1)
                         fatal("fstat %s: %s", filename, strerror(errno));
@@ -183,10 +183,10 @@ index 052d4b1ac..6b01f20d2 100644
         }
  
 diff --git a/ssh.1 b/ssh.1
-index 7760c3075..81f29af43 100644
+index a1c7d2305..64ead5f57 100644
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1485,6 +1485,8 @@ The file format and configuration options are described in
+@@ -1484,6 +1484,8 @@ The file format and configuration options are described in
  .Xr ssh_config 5 .
  Because of the potential for abuse, this file must have strict permissions:
  read/write for the user, and not writable by others.
@@ -196,13 +196,13 @@ index 7760c3075..81f29af43 100644
  .It Pa ~/.ssh/environment
  Contains additional definitions for environment variables; see
 diff --git a/ssh_config.5 b/ssh_config.5
-index 54e143c93..7d55fa820 100644
+index 250c92d04..bd1e9311d 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1835,6 +1835,8 @@ The format of this file is described above.
+@@ -1885,6 +1885,8 @@ The format of this file is described above.
  This file is used by the SSH client.
  Because of the potential for abuse, this file must have strict permissions:
- read/write for the user, and not accessible by others.
+ read/write for the user, and not writable by others.
 +It may be group-writable provided that the group in question contains only
 +the user.
  .It Pa /etc/ssh/ssh_config
diff --git a/dh.c b/dh.c
index 657b32da3..a98d39ed5 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.68 2018/09/17 15:40:14 millert Exp $ */
+/* $OpenBSD: dh.c,v 1.69 2018/11/09 02:56:22 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *
@@ -406,7 +406,7 @@ dh_new_group16(void)
 DH *
 dh_new_group18(void)
 {
-        static char *gen = "2", *group16 =
+        static char *gen = "2", *group18 =
             "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
             "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
             "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
@@ -451,7 +451,7 @@ dh_new_group18(void)
             "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71"
             "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF";
 
-        return (dh_new_group_asc(gen, group16));
+        return (dh_new_group_asc(gen, group18));
 }
 
 /* Select fallback group used by DH-GEX if moduli file cannot be read. */
diff --git a/dh.h b/dh.h
index 344b29e35..adb643a75 100644
--- a/dh.h
+++ b/dh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.h,v 1.15 2016/05/02 10:26:04 djm Exp $ */
+/* $OpenBSD: dh.h,v 1.17 2019/01/20 01:12:40 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
@@ -48,7 +48,7 @@ u_int	 dh_estimate(int);
 
 /*
  * Max value from RFC4419.
- * Miniumum increased in light of DH precomputation attacks.
+ * Min value from RFC8270.
  */
 #define DH_GRP_MIN      2048
 #define DH_GRP_MAX      8192
diff --git a/dispatch.c b/dispatch.c
index 0b3ea614e..6e4c501e0 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dispatch.c,v 1.31 2017/05/31 07:00:13 markus Exp $ */
+/* $OpenBSD: dispatch.c,v 1.32 2019/01/19 21:33:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -47,7 +47,7 @@ dispatch_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
             (r = sshpkt_put_u32(ssh, seq)) != 0 ||
             (r = sshpkt_send(ssh)) != 0 ||
             (r = ssh_packet_write_wait(ssh)) != 0)
-                sshpkt_fatal(ssh, __func__, r);
+                sshpkt_fatal(ssh, r, "%s", __func__);
         return 0;
 }
 
@@ -131,5 +131,5 @@ ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done)
         int r;
 
         if ((r = ssh_dispatch_run(ssh, mode, done)) != 0)
-                sshpkt_fatal(ssh, __func__, r);
+                sshpkt_fatal(ssh, r, "%s", __func__);
 }
diff --git a/dispatch.h b/dispatch.h
index 17a6f3db6..a22d7749f 100644
--- a/dispatch.h
+++ b/dispatch.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dispatch.h,v 1.14 2017/05/31 07:00:13 markus Exp $ */
+/* $OpenBSD: dispatch.h,v 1.15 2019/01/19 21:45:31 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -46,11 +46,4 @@ void	ssh_dispatch_range(struct ssh *, u_int, u_int, dispatch_fn *);
 int     ssh_dispatch_run(struct ssh *, int, volatile sig_atomic_t *);
 void    ssh_dispatch_run_fatal(struct ssh *, int, volatile sig_atomic_t *);
 
-#define dispatch_init(dflt) \
-        ssh_dispatch_init(active_state, (dflt))
-#define dispatch_range(from, to, fn) \
-        ssh_dispatch_range(active_state, (from), (to), (fn))
-#define dispatch_set(type, fn) \
-        ssh_dispatch_set(active_state, (type), (fn))
-
 #endif
diff --git a/entropy.c b/entropy.c
index c178c00cf..31a7f1c3e 100644
--- a/entropy.c
+++ b/entropy.c
@@ -24,6 +24,8 @@
 
 #include "includes.h"
 
+#define RANDOM_SEED_SIZE 48
+
 #ifdef WITH_OPENSSL
 
 #include <sys/types.h>
@@ -64,8 +66,6 @@
  */
 #ifndef OPENSSL_PRNG_ONLY
 
-#define RANDOM_SEED_SIZE 48
-
 /*
  * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon
  * listening either on 'tcp_port', or via Unix domain socket at *
@@ -216,35 +216,46 @@ rexec_recv_rng_seed(struct sshbuf *m)
 void
 seed_rng(void)
 {
-#ifndef OPENSSL_PRNG_ONLY
         unsigned char buf[RANDOM_SEED_SIZE];
-#endif
-        if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay()))
+
+        /* Initialise libcrypto */
+        ssh_libcrypto_init();
+
+        if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,
+            OpenSSL_version_num()))
                 fatal("OpenSSL version mismatch. Built against %lx, you "
-                    "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
+                    "have %lx", (u_long)OPENSSL_VERSION_NUMBER,
+                    OpenSSL_version_num());
 
 #ifndef OPENSSL_PRNG_ONLY
-        if (RAND_status() == 1) {
+        if (RAND_status() == 1)
                 debug3("RNG is ready, skipping seeding");
-                return;
+        else {
+                if (seed_from_prngd(buf, sizeof(buf)) == -1)
+                        fatal("Could not obtain seed from PRNGd");
+                RAND_add(buf, sizeof(buf), sizeof(buf));
         }
-
-        if (seed_from_prngd(buf, sizeof(buf)) == -1)
-                fatal("Could not obtain seed from PRNGd");
-        RAND_add(buf, sizeof(buf), sizeof(buf));
-        memset(buf, '\0', sizeof(buf));
-
 #endif /* OPENSSL_PRNG_ONLY */
+
         if (RAND_status() != 1)
                 fatal("PRNG is not seeded");
+
+        /* Ensure arc4random() is primed */
+        arc4random_buf(buf, sizeof(buf));
+        explicit_bzero(buf, sizeof(buf));
 }
 
 #else /* WITH_OPENSSL */
 
-/* Handled in arc4random() */
+/* Acutal initialisation is handled in arc4random() */
 void
 seed_rng(void)
 {
+        unsigned char buf[RANDOM_SEED_SIZE];
+
+        /* Ensure arc4random() is primed */
+        arc4random_buf(buf, sizeof(buf));
+        explicit_bzero(buf, sizeof(buf));
 }
 
 #endif /* WITH_OPENSSL */
diff --git a/groupaccess.c b/groupaccess.c
index 9e4d25521..80d301915 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: groupaccess.c,v 1.16 2015/05/04 06:10:48 djm Exp $ */
+/* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
  *
@@ -103,7 +103,8 @@ ga_match_pattern_list(const char *group_pattern)
         int i, found = 0;
 
         for (i = 0; i < ngroups; i++) {
-                switch (match_pattern_list(groups_byname[i], group_pattern, 0)) {
+                switch (match_usergroup_pattern_list(groups_byname[i],
+                    group_pattern)) {
                 case -1:
                         return 0;       /* Negated match wins */
                 case 0:
diff --git a/gss-genr.c b/gss-genr.c
index 491e62cee..763a63ffa 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -39,12 +39,13 @@
 #include "xmalloc.h"
 #include "ssherr.h"
 #include "sshbuf.h"
-#include "sshkey.h"
 #include "log.h"
 #include "ssh2.h"
 #include "cipher.h"
+#include "sshkey.h"
 #include "kex.h"
 #include "digest.h"
+#include "packet.h"
 
 #include "ssh-gss.h"
 
@@ -65,7 +66,7 @@ Gssctxt *gss_kex_context = NULL;
 
 static ssh_gss_kex_mapping *gss_enc2oid = NULL;
 
-int 
+int
 ssh_gssapi_oid_table_ok(void) {
         return (gss_enc2oid != NULL);
 }
@@ -85,6 +86,21 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
         return 0;
 }
 
+/* sshpkt_get of gss_buffer_desc */
+int
+ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *ssh, gss_buffer_desc *g)
+{
+        int r;
+        u_char *p;
+        size_t len;
+
+        if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
+                return r;
+        g->value = p;
+        g->length = len;
+        return 0;
+}
+
 /*
  * Return a list of the gss-group1-sha1 mechanisms supported by this program
  *
@@ -93,27 +109,30 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
  */
 
 char *
-ssh_gssapi_client_mechanisms(const char *host, const char *client) {
-        gss_OID_set gss_supported;
+ssh_gssapi_client_mechanisms(const char *host, const char *client,
+    const char *kex) {
+        gss_OID_set gss_supported = NULL;
         OM_uint32 min_status;
 
         if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported)))
                 return NULL;
 
-        return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
-            host, client));
+        return ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism,
+            host, client, kex);
 }
 
 char *
 ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
-    const char *host, const char *client) {
-        struct sshbuf *buf;
+    const char *host, const char *client, const char *kex) {
+        struct sshbuf *buf = NULL;
         size_t i;
-        int r, oidpos, enclen;
+        int r = SSH_ERR_ALLOC_FAIL;
+        int oidpos, enclen;
         char *mechs, *encoded;
         u_char digest[SSH_DIGEST_MAX_LENGTH];
         char deroid[2];
-        struct ssh_digest_ctx *md;
+        struct ssh_digest_ctx *md = NULL;
+        char *s, *cp, *p;
 
         if (gss_enc2oid != NULL) {
                 for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
@@ -128,6 +147,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
                 fatal("%s: sshbuf_new failed", __func__);
 
         oidpos = 0;
+        s = cp = xstrdup(kex);
         for (i = 0; i < gss_supported->count; i++) {
                 if (gss_supported->elements[i].length < 128 &&
                     (*check)(NULL, &(gss_supported->elements[i]), host, client)) {
@@ -136,12 +156,15 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
                         deroid[1] = gss_supported->elements[i].length;
 
                         if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL ||
-                            ssh_digest_update(md, deroid, 2) != 0 ||
-                            ssh_digest_update(md,
-                            gss_supported->elements[i].elements,
-                            gss_supported->elements[i].length) != 0 ||
-                            ssh_digest_final(md, digest, sizeof(digest)) != 0)
-                                fatal("%s: digest failed", __func__);
+                            (r = ssh_digest_update(md, deroid, 2)) != 0 ||
+                            (r = ssh_digest_update(md,
+                                gss_supported->elements[i].elements,
+                                gss_supported->elements[i].length)) != 0 ||
+                            (r = ssh_digest_final(md, digest, sizeof(digest))) != 0)
+                                fatal("%s: digest failed: %s", __func__,
+                                    ssh_err(r));
+                        ssh_digest_free(md);
+                        md = NULL;
 
                         encoded = xmalloc(ssh_digest_bytes(SSH_DIGEST_MD5)
                             * 2);
@@ -149,69 +172,66 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
                             ssh_digest_bytes(SSH_DIGEST_MD5), encoded,
                             ssh_digest_bytes(SSH_DIGEST_MD5) * 2);
 
-                        if (oidpos != 0) {
-                                if ((r = sshbuf_put_u8(buf, ',')) != 0)
-                                        fatal("%s: buffer error: %s",
+                        cp = strncpy(s, kex, strlen(kex));
+                        for ((p = strsep(&cp, ",")); p && *p != '\0';
+                                (p = strsep(&cp, ","))) {
+                                if (sshbuf_len(buf) != 0 &&
+                                    (r = sshbuf_put_u8(buf, ',')) != 0)
+                                        fatal("%s: sshbuf_put_u8 error: %s",
+                                            __func__, ssh_err(r));
+                                if ((r = sshbuf_put(buf, p, strlen(p))) != 0 ||
+                                    (r = sshbuf_put(buf, encoded, enclen)) != 0)
+                                        fatal("%s: sshbuf_put error: %s",
                                             __func__, ssh_err(r));
                         }
 
-                        if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID,
-                            sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 ||
-                            (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-                            (r = sshbuf_put_u8(buf, ',')) != 0 ||
-                            (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID,
-                            sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 ||
-                            (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-                            (r = sshbuf_put_u8(buf, ',')) != 0 ||
-                            (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID,
-                            sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 ||
-                            (r = sshbuf_put(buf, encoded, enclen)) != 0)
-                                fatal("%s: buffer error: %s",
-                                    __func__, ssh_err(r));
-
                         gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
                         gss_enc2oid[oidpos].encoded = encoded;
                         oidpos++;
                 }
         }
+        free(s);
         gss_enc2oid[oidpos].oid = NULL;
         gss_enc2oid[oidpos].encoded = NULL;
 
         if ((mechs = sshbuf_dup_string(buf)) == NULL)
                 fatal("%s: sshbuf_dup_string failed", __func__);
 
+        sshbuf_free(buf);
+
         if (strlen(mechs) == 0) {
                 free(mechs);
                 mechs = NULL;
         }
-        
+
         return (mechs);
 }
 
 gss_OID
 ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) {
         int i = 0;
-        
-        switch (kex_type) {
-        case KEX_GSS_GRP1_SHA1:
-                if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID))
-                        return GSS_C_NO_OID;
-                name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1;
-                break;
-        case KEX_GSS_GRP14_SHA1:
-                if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID))
-                        return GSS_C_NO_OID;
-                name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1;
-                break;
-        case KEX_GSS_GEX_SHA1:
-                if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID))
-                        return GSS_C_NO_OID;
-                name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1;
+
+#define SKIP_KEX_NAME(type) \
+        case type: \
+                if (strlen(name) < sizeof(type##_ID)) \
+                        return GSS_C_NO_OID; \
+                name += sizeof(type##_ID) - 1; \
                 break;
+
+        switch (kex_type) {
+        SKIP_KEX_NAME(KEX_GSS_GRP1_SHA1)
+        SKIP_KEX_NAME(KEX_GSS_GRP14_SHA1)
+        SKIP_KEX_NAME(KEX_GSS_GRP14_SHA256)
+        SKIP_KEX_NAME(KEX_GSS_GRP16_SHA512)
+        SKIP_KEX_NAME(KEX_GSS_GEX_SHA1)
+        SKIP_KEX_NAME(KEX_GSS_NISTP256_SHA256)
+        SKIP_KEX_NAME(KEX_GSS_C25519_SHA256)
         default:
                 return GSS_C_NO_OID;
         }
 
+#undef SKIP_KEX_NAME
+
         while (gss_enc2oid[i].encoded != NULL &&
             strcmp(name, gss_enc2oid[i].encoded) != 0)
                 i++;
@@ -425,8 +445,8 @@ ssh_gssapi_client_identity(Gssctxt *ctx, const char *name)
             GSS_C_NT_USER_NAME, &gssname);
 
         if (!ctx->major)
-                ctx->major = gss_acquire_cred(&ctx->minor, 
-                    gssname, 0, oidset, GSS_C_INITIATE, 
+                ctx->major = gss_acquire_cred(&ctx->minor,
+                    gssname, 0, oidset, GSS_C_INITIATE,
                     &ctx->client_creds, NULL, NULL);
 
         gss_release_name(&status, &gssname);
@@ -441,7 +461,7 @@ ssh_gssapi_client_identity(Gssctxt *ctx, const char *name)
 OM_uint32
 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
 {
-        if (ctx == NULL) 
+        if (ctx == NULL)
                 return -1;
 
         if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
@@ -480,7 +500,7 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
 }
 
 int
-ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, 
+ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host,
     const char *client)
 {
         gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
@@ -512,7 +532,7 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host,
                             GSS_C_NO_BUFFER);
         }
 
-        if (GSS_ERROR(major) || intctx != NULL) 
+        if (GSS_ERROR(major) || intctx != NULL)
                 ssh_gssapi_delete_ctx(ctx);
 
         return (!GSS_ERROR(major));
@@ -527,7 +547,7 @@ ssh_gssapi_credentials_updated(Gssctxt *ctxt) {
         static OM_uint32 last_call = 0;
         OM_uint32 lifetime, now, major, minor;
         int equal;
-        
+
         now = time(NULL);
 
         if (ctxt) {
@@ -555,8 +575,8 @@ ssh_gssapi_credentials_updated(Gssctxt *ctxt) {
 
         if (saved_mech == GSS_C_NO_OID)
                 return 0;
-        
-        major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, 
+
+        major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL,
             &name, &lifetime, NULL, NULL);
         if (major == GSS_S_CREDENTIALS_EXPIRED)
                 return 0;
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index 90f8692f5..ef9beb67c 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c
@@ -202,7 +202,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
 }
 
 int
-ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, 
+ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store,
     ssh_gssapi_client *client)
 {
         krb5_ccache ccache = NULL;
@@ -211,14 +211,14 @@ ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store,
         krb5_error_code problem;
         OM_uint32 maj_status, min_status;
 
-        if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) {
+        if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) {
                 logit("krb5_cc_resolve(): %.100s",
                     krb5_get_err_text(krb_context, problem));
                 return 0;
-        }
-        
+        }
+
         /* Find out who the principal in this cache is */
-        if ((problem = krb5_cc_get_principal(krb_context, ccache, 
+        if ((problem = krb5_cc_get_principal(krb_context, ccache,
             &principal))) {
                 logit("krb5_cc_get_principal(): %.100s",
                     krb5_get_err_text(krb_context, problem));
diff --git a/gss-serv.c b/gss-serv.c
index 6c087a1b1..1d47870e7 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -51,12 +51,9 @@
 
 extern ServerOptions options;
 
-extern ServerOptions options;
-
 static ssh_gssapi_client gssapi_client =
-    { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
-    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL,
-    {NULL, NULL, NULL, NULL, NULL}, 0, 0};
+    { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, GSS_C_NO_CREDENTIAL,
+    GSS_C_NO_NAME, NULL, {NULL, NULL, NULL, NULL, NULL}, 0, 0};
 
 ssh_gssapi_mech gssapi_null_mech =
     { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL};
@@ -151,7 +148,8 @@ ssh_gssapi_server_mechanisms(void) {
         if (supported_oids == NULL)
                 ssh_gssapi_prepare_supported_oids();
         return (ssh_gssapi_kex_mechs(supported_oids,
-            &ssh_gssapi_server_check_mech, NULL, NULL));
+            &ssh_gssapi_server_check_mech, NULL, NULL,
+            options.gss_kex_algorithms));
 }
 
 /* Unprivileged */
@@ -160,7 +158,7 @@ ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data,
     const char *dummy) {
         Gssctxt *ctx = NULL;
         int res;
- 
+
         res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid)));
         ssh_gssapi_delete_ctx(&ctx);
 
@@ -317,21 +315,21 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
                         return GSS_S_COMPLETE;
                 }
 
-                if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, 
-                    ctx->client_creds, ctx->oid, &new_name, 
+                if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor,
+                    ctx->client_creds, ctx->oid, &new_name,
                     NULL, NULL, NULL))) {
                         ssh_gssapi_error(ctx);
                         return (ctx->major);
                 }
 
-                ctx->major = gss_compare_name(&ctx->minor, client->name, 
+                ctx->major = gss_compare_name(&ctx->minor, client->name,
                     new_name, &equal);
 
                 if (GSS_ERROR(ctx->major)) {
                         ssh_gssapi_error(ctx);
                         return (ctx->major);
                 }
- 
+
                 if (!equal) {
                         debug("Rekeyed credentials have different name");
                         return GSS_S_COMPLETE;
@@ -343,7 +341,7 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
                 gss_release_cred(&ctx->minor, &client->creds);
                 client->name = new_name;
                 client->creds = ctx->client_creds;
-                ctx->client_creds = GSS_C_NO_CREDENTIAL;
+                ctx->client_creds = GSS_C_NO_CREDENTIAL;
                 client->updated = 1;
                 return GSS_S_COMPLETE;
         }
@@ -434,10 +432,12 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
 
 /* Privileged */
 int
-ssh_gssapi_userok(char *user, struct passwd *pw)
+ssh_gssapi_userok(char *user, struct passwd *pw, int kex)
 {
         OM_uint32 lmin;
 
+        (void) kex; /* used in privilege separation */
+
         if (gssapi_client.exportedname.length == 0 ||
             gssapi_client.exportedname.value == NULL) {
                 debug("No suitable client data");
@@ -462,7 +462,7 @@ ssh_gssapi_userok(char *user, struct passwd *pw)
         return (0);
 }
 
-/* These bits are only used for rekeying. The unpriviledged child is running 
+/* These bits are only used for rekeying. The unpriviledged child is running
  * as the user, the monitor is root.
  *
  * In the child, we want to :
@@ -473,7 +473,7 @@ ssh_gssapi_userok(char *user, struct passwd *pw)
 /* Stuff for PAM */
 
 #ifdef USE_PAM
-static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, 
+static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg,
     struct pam_response **resp, void *data)
 {
         return (PAM_CONV_ERR);
@@ -483,18 +483,18 @@ static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg,
 void
 ssh_gssapi_rekey_creds(void) {
         int ok;
-        int ret;
 #ifdef USE_PAM
+        int ret;
         pam_handle_t *pamh = NULL;
         struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL};
         char *envstr;
 #endif
 
-        if (gssapi_client.store.filename == NULL && 
+        if (gssapi_client.store.filename == NULL &&
             gssapi_client.store.envval == NULL &&
             gssapi_client.store.envvar == NULL)
                 return;
- 
+
         ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store));
 
         if (!ok)
@@ -517,7 +517,7 @@ ssh_gssapi_rekey_creds(void) {
         if (ret)
                 return;
 
-        xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, 
+        xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar,
             gssapi_client.store.envval);
 
         ret = pam_putenv(pamh, envstr);
@@ -527,7 +527,7 @@ ssh_gssapi_rekey_creds(void) {
 #endif
 }
 
-int 
+int
 ssh_gssapi_update_creds(ssh_gssapi_ccache *store) {
         int ok = 0;
 
diff --git a/hmac.c b/hmac.c
index 1c879640c..a29f32c5c 100644
--- a/hmac.c
+++ b/hmac.c
@@ -19,6 +19,7 @@
 
 #include <sys/types.h>
 #include <string.h>
+#include <stdlib.h>
 
 #include "sshbuf.h"
 #include "digest.h"
diff --git a/kex.c b/kex.c
index fb5bfaea5..bbb7a2340 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
+/* $OpenBSD: kex.c,v 1.150 2019/01/21 12:08:13 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -25,19 +25,25 @@
 
 #include "includes.h"
 
-
+#include <sys/types.h>
+#include <errno.h>
 #include <signal.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+#include <poll.h>
 
 #ifdef WITH_OPENSSL
 #include <openssl/crypto.h>
 #include <openssl/dh.h>
 #endif
 
+#include "ssh.h"
 #include "ssh2.h"
+#include "atomicio.h"
+#include "version.h"
 #include "packet.h"
 #include "compat.h"
 #include "cipher.h"
@@ -49,6 +55,7 @@
 #include "misc.h"
 #include "dispatch.h"
 #include "monitor.h"
+#include "xmalloc.h"
 
 #include "ssherr.h"
 #include "sshbuf.h"
@@ -106,26 +113,33 @@ static const struct kexalg kexalgs[] = {
 #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
         { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
         { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
+        { KEX_SNTRUP4591761X25519_SHA512, KEX_KEM_SNTRUP4591761X25519_SHA512, 0,
+            SSH_DIGEST_SHA512 },
 #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
         { NULL, -1, -1, -1},
 };
-static const struct kexalg kexalg_prefixes[] = {
+static const struct kexalg gss_kexalgs[] = {
 #ifdef GSSAPI
         { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
         { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
         { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
+        { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 },
+        { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 },
+        { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256,
+            NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+        { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
 #endif
         { NULL, -1, -1, -1 },
 };
 
-char *
-kex_alg_list(char sep)
+static char *
+kex_alg_list_internal(char sep, const struct kexalg *algs)
 {
         char *ret = NULL, *tmp;
         size_t nlen, rlen = 0;
         const struct kexalg *k;
 
-        for (k = kexalgs; k->name != NULL; k++) {
+        for (k = algs; k->name != NULL; k++) {
                 if (ret != NULL)
                         ret[rlen++] = sep;
                 nlen = strlen(k->name);
@@ -140,6 +154,18 @@ kex_alg_list(char sep)
         return ret;
 }
 
+char *
+kex_alg_list(char sep)
+{
+        return kex_alg_list_internal(sep, kexalgs);
+}
+
+char *
+kex_gss_alg_list(char sep)
+{
+        return kex_alg_list_internal(sep, gss_kexalgs);
+}
+
 static const struct kexalg *
 kex_alg_by_name(const char *name)
 {
@@ -149,7 +175,7 @@ kex_alg_by_name(const char *name)
                 if (strcmp(k->name, name) == 0)
                         return k;
         }
-        for (k = kexalg_prefixes; k->name != NULL; k++) {
+        for (k = gss_kexalgs; k->name != NULL; k++) {
                 if (strncmp(k->name, name, strlen(k->name)) == 0)
                         return k;
         }
@@ -309,6 +335,29 @@ kex_assemble_names(char **listp, const char *def, const char *all)
         return r;
 }
 
+/* Validate GSS KEX method name list */
+int
+kex_gss_names_valid(const char *names)
+{
+        char *s, *cp, *p;
+
+        if (names == NULL || *names == '\0')
+                return 0;
+        s = cp = xstrdup(names);
+        for ((p = strsep(&cp, ",")); p && *p != '\0';
+            (p = strsep(&cp, ","))) {
+                if (strncmp(p, "gss-", 4) != 0
+                  || kex_alg_by_name(p) == NULL) {
+                        error("Unsupported KEX algorithm \"%.100s\"", p);
+                        free(s);
+                        return 0;
+                }
+        }
+        debug3("gss kex names ok: [%s]", names);
+        free(s);
+        return 1;
+}
+
 /* put algorithm proposal into buffer */
 int
 kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX])
@@ -503,6 +552,7 @@ kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh)
         if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
                 return r;
         kex->done = 1;
+        kex->flags &= ~KEX_INITIAL;
         sshbuf_reset(kex->peer);
         /* sshbuf_reset(kex->my); */
         kex->flags &= ~KEX_INIT_SENT;
@@ -593,31 +643,20 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
         return SSH_ERR_INTERNAL_ERROR;
 }
 
-int
-kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)
+struct kex *
+kex_new(void)
 {
         struct kex *kex;
-        int r;
 
-        *kexp = NULL;
-        if ((kex = calloc(1, sizeof(*kex))) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((kex->peer = sshbuf_new()) == NULL ||
-            (kex->my = sshbuf_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = kex_prop2buf(kex->my, proposal)) != 0)
-                goto out;
-        kex->done = 0;
-        kex_reset_dispatch(ssh);
-        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
-        r = 0;
-        *kexp = kex;
- out:
-        if (r != 0)
+        if ((kex = calloc(1, sizeof(*kex))) == NULL ||
+            (kex->peer = sshbuf_new()) == NULL ||
+            (kex->my = sshbuf_new()) == NULL ||
+            (kex->client_version = sshbuf_new()) == NULL ||
+            (kex->server_version = sshbuf_new()) == NULL) {
                 kex_free(kex);
-        return r;
+                return NULL;
+        }
+        return kex;
 }
 
 void
@@ -656,6 +695,9 @@ kex_free(struct kex *kex)
 {
         u_int mode;
 
+        if (kex == NULL)
+                return;
+
 #ifdef WITH_OPENSSL
         DH_free(kex->dh);
 #ifdef OPENSSL_HAS_ECC
@@ -668,12 +710,13 @@ kex_free(struct kex *kex)
         }
         sshbuf_free(kex->peer);
         sshbuf_free(kex->my);
+        sshbuf_free(kex->client_version);
+        sshbuf_free(kex->server_version);
+        sshbuf_free(kex->client_pub);
         free(kex->session_id);
 #ifdef GSSAPI
         free(kex->gss_host);
 #endif /* GSSAPI */
-        free(kex->client_version_string);
-        free(kex->server_version_string);
         free(kex->failed_choice);
         free(kex->hostkey_alg);
         free(kex->name);
@@ -681,11 +724,24 @@ kex_free(struct kex *kex)
 }
 
 int
+kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
+{
+        int r;
+
+        if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0)
+                return r;
+        ssh->kex->flags = KEX_INITIAL;
+        kex_reset_dispatch(ssh);
+        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
+        return 0;
+}
+
+int
 kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
 {
         int r;
 
-        if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0)
+        if ((r = kex_ready(ssh, proposal)) != 0)
                 return r;
         if ((r = kex_send_kexinit(ssh)) != 0) {         /* we start */
                 kex_free(ssh->kex);
@@ -858,7 +914,7 @@ kex_choose_conf(struct ssh *ssh)
         }
 
         /* Check whether client supports ext_info_c */
-        if (kex->server) {
+        if (kex->server && (kex->flags & KEX_INITIAL)) {
                 char *ext;
 
                 ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
@@ -1016,6 +1072,14 @@ kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,
         u_int i, j, mode, ctos;
         int r;
 
+        /* save initial hash as session id */
+        if (kex->session_id == NULL) {
+                kex->session_id_len = hashlen;
+                kex->session_id = malloc(kex->session_id_len);
+                if (kex->session_id == NULL)
+                        return SSH_ERR_ALLOC_FAIL;
+                memcpy(kex->session_id, hash, kex->session_id_len);
+        }
         for (i = 0; i < NKEYS; i++) {
                 if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen,
                     shared_secret, &keys[i])) != 0) {
@@ -1034,29 +1098,277 @@ kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,
         return 0;
 }
 
-#ifdef WITH_OPENSSL
 int
-kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
-    const BIGNUM *secret)
+kex_load_hostkey(struct ssh *ssh, struct sshkey **prvp, struct sshkey **pubp)
 {
-        struct sshbuf *shared_secret;
-        int r;
+        struct kex *kex = ssh->kex;
 
-        if ((shared_secret = sshbuf_new()) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_bignum2(shared_secret, secret)) == 0)
-                r = kex_derive_keys(ssh, hash, hashlen, shared_secret);
-        sshbuf_free(shared_secret);
-        return r;
+        *pubp = NULL;
+        *prvp = NULL;
+        if (kex->load_host_public_key == NULL ||
+            kex->load_host_private_key == NULL)
+                return SSH_ERR_INVALID_ARGUMENT;
+        *pubp = kex->load_host_public_key(kex->hostkey_type,
+            kex->hostkey_nid, ssh);
+        *prvp = kex->load_host_private_key(kex->hostkey_type,
+            kex->hostkey_nid, ssh);
+        if (*pubp == NULL)
+                return SSH_ERR_NO_HOSTKEY_LOADED;
+        return 0;
 }
-#endif
 
+int
+kex_verify_host_key(struct ssh *ssh, struct sshkey *server_host_key)
+{
+        struct kex *kex = ssh->kex;
+
+        if (kex->verify_host_key == NULL)
+                return SSH_ERR_INVALID_ARGUMENT;
+        if (server_host_key->type != kex->hostkey_type ||
+            (kex->hostkey_type == KEY_ECDSA &&
+            server_host_key->ecdsa_nid != kex->hostkey_nid))
+                return SSH_ERR_KEY_TYPE_MISMATCH;
+        if (kex->verify_host_key(server_host_key, ssh) == -1)
+                return  SSH_ERR_SIGNATURE_INVALID;
+        return 0;
+}
 
 #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
 void
-dump_digest(char *msg, u_char *digest, int len)
+dump_digest(const char *msg, const u_char *digest, int len)
 {
         fprintf(stderr, "%s\n", msg);
         sshbuf_dump_data(digest, len, stderr);
 }
 #endif
+
+/*
+ * Send a plaintext error message to the peer, suffixed by \r\n.
+ * Only used during banner exchange, and there only for the server.
+ */
+static void
+send_error(struct ssh *ssh, char *msg)
+{
+        char *crnl = "\r\n";
+
+        if (!ssh->kex->server)
+                return;
+
+        if (atomicio(vwrite, ssh_packet_get_connection_out(ssh),
+            msg, strlen(msg)) != strlen(msg) ||
+            atomicio(vwrite, ssh_packet_get_connection_out(ssh),
+            crnl, strlen(crnl)) != strlen(crnl))
+                error("%s: write: %.100s", __func__, strerror(errno));
+}
+
+/*
+ * Sends our identification string and waits for the peer's. Will block for
+ * up to timeout_ms (or indefinitely if timeout_ms <= 0).
+ * Returns on 0 success or a ssherr.h code on failure.
+ */
+int
+kex_exchange_identification(struct ssh *ssh, int timeout_ms,
+    int debian_banner, const char *version_addendum)
+{
+        int remote_major, remote_minor, mismatch;
+        size_t len, i, n;
+        int r, expect_nl;
+        u_char c;
+        struct sshbuf *our_version = ssh->kex->server ?
+            ssh->kex->server_version : ssh->kex->client_version;
+        struct sshbuf *peer_version = ssh->kex->server ?
+            ssh->kex->client_version : ssh->kex->server_version;
+        char *our_version_string = NULL, *peer_version_string = NULL;
+        char *cp, *remote_version = NULL;
+
+        /* Prepare and send our banner */
+        sshbuf_reset(our_version);
+        if (version_addendum != NULL && *version_addendum == '\0')
+                version_addendum = NULL;
+        if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
+           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
+            debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM,
+            version_addendum == NULL ? "" : " ",
+            version_addendum == NULL ? "" : version_addendum)) != 0) {
+                error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
+                goto out;
+        }
+
+        if (atomicio(vwrite, ssh_packet_get_connection_out(ssh),
+            sshbuf_mutable_ptr(our_version),
+            sshbuf_len(our_version)) != sshbuf_len(our_version)) {
+                error("%s: write: %.100s", __func__, strerror(errno));
+                r = SSH_ERR_SYSTEM_ERROR;
+                goto out;
+        }
+        if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */
+                error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r));
+                goto out;
+        }
+        our_version_string = sshbuf_dup_string(our_version);
+        if (our_version_string == NULL) {
+                error("%s: sshbuf_dup_string failed", __func__);
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        debug("Local version string %.100s", our_version_string);
+
+        /* Read other side's version identification. */
+        for (n = 0; ; n++) {
+                if (n >= SSH_MAX_PRE_BANNER_LINES) {
+                        send_error(ssh, "No SSH identification string "
+                            "received.");
+                        error("%s: No SSH version received in first %u lines "
+                            "from server", __func__, SSH_MAX_PRE_BANNER_LINES);
+                        r = SSH_ERR_INVALID_FORMAT;
+                        goto out;
+                }
+                sshbuf_reset(peer_version);
+                expect_nl = 0;
+                for (i = 0; ; i++) {
+                        if (timeout_ms > 0) {
+                                r = waitrfd(ssh_packet_get_connection_in(ssh),
+                                    &timeout_ms);
+                                if (r == -1 && errno == ETIMEDOUT) {
+                                        send_error(ssh, "Timed out waiting "
+                                            "for SSH identification string.");
+                                        error("Connection timed out during "
+                                            "banner exchange");
+                                        r = SSH_ERR_CONN_TIMEOUT;
+                                        goto out;
+                                } else if (r == -1) {
+                                        error("%s: %s",
+                                            __func__, strerror(errno));
+                                        r = SSH_ERR_SYSTEM_ERROR;
+                                        goto out;
+                                }
+                        }
+
+                        len = atomicio(read, ssh_packet_get_connection_in(ssh),
+                            &c, 1);
+                        if (len != 1 && errno == EPIPE) {
+                                error("%s: Connection closed by remote host",
+                                    __func__);
+                                r = SSH_ERR_CONN_CLOSED;
+                                goto out;
+                        } else if (len != 1) {
+                                error("%s: read: %.100s",
+                                    __func__, strerror(errno));
+                                r = SSH_ERR_SYSTEM_ERROR;
+                                goto out;
+                        }
+                        if (c == '\r') {
+                                expect_nl = 1;
+                                continue;
+                        }
+                        if (c == '\n')
+                                break;
+                        if (c == '\0' || expect_nl) {
+                                error("%s: banner line contains invalid "
+                                    "characters", __func__);
+                                goto invalid;
+                        }
+                        if ((r = sshbuf_put_u8(peer_version, c)) != 0) {
+                                error("%s: sshbuf_put: %s",
+                                    __func__, ssh_err(r));
+                                goto out;
+                        }
+                        if (sshbuf_len(peer_version) > SSH_MAX_BANNER_LEN) {
+                                error("%s: banner line too long", __func__);
+                                goto invalid;
+                        }
+                }
+                /* Is this an actual protocol banner? */
+                if (sshbuf_len(peer_version) > 4 &&
+                    memcmp(sshbuf_ptr(peer_version), "SSH-", 4) == 0)
+                        break;
+                /* If not, then just log the line and continue */
+                if ((cp = sshbuf_dup_string(peer_version)) == NULL) {
+                        error("%s: sshbuf_dup_string failed", __func__);
+                        r = SSH_ERR_ALLOC_FAIL;
+                        goto out;
+                }
+                /* Do not accept lines before the SSH ident from a client */
+                if (ssh->kex->server) {
+                        error("%s: client sent invalid protocol identifier "
+                            "\"%.256s\"", __func__, cp);
+                        free(cp);
+                        goto invalid;
+                }
+                debug("%s: banner line %zu: %s", __func__, n, cp);
+                free(cp);
+        }
+        peer_version_string = sshbuf_dup_string(peer_version);
+        if (peer_version_string == NULL)
+                error("%s: sshbuf_dup_string failed", __func__);
+        /* XXX must be same size for sscanf */
+        if ((remote_version = calloc(1, sshbuf_len(peer_version))) == NULL) {
+                error("%s: calloc failed", __func__);
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+
+        /*
+         * Check that the versions match.  In future this might accept
+         * several versions and set appropriate flags to handle them.
+         */
+        if (sscanf(peer_version_string, "SSH-%d.%d-%[^\n]\n",
+            &remote_major, &remote_minor, remote_version) != 3) {
+                error("Bad remote protocol version identification: '%.100s'",
+                    peer_version_string);
+ invalid:
+                send_error(ssh, "Invalid SSH identification string.");
+                r = SSH_ERR_INVALID_FORMAT;
+                goto out;
+        }
+        debug("Remote protocol version %d.%d, remote software version %.100s",
+            remote_major, remote_minor, remote_version);
+        ssh->compat = compat_datafellows(remote_version);
+
+        mismatch = 0;
+        switch (remote_major) {
+        case 2:
+                break;
+        case 1:
+                if (remote_minor != 99)
+                        mismatch = 1;
+                break;
+        default:
+                mismatch = 1;
+                break;
+        }
+        if (mismatch) {
+                error("Protocol major versions differ: %d vs. %d",
+                    PROTOCOL_MAJOR_2, remote_major);
+                send_error(ssh, "Protocol major versions differ.");
+                r = SSH_ERR_NO_PROTOCOL_VERSION;
+                goto out;
+        }
+
+        if (ssh->kex->server && (ssh->compat & SSH_BUG_PROBE) != 0) {
+                logit("probed from %s port %d with %s.  Don't panic.",
+                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
+                    peer_version_string);
+                r = SSH_ERR_CONN_CLOSED; /* XXX */
+                goto out;
+        }
+        if (ssh->kex->server && (ssh->compat & SSH_BUG_SCANNER) != 0) {
+                logit("scanned from %s port %d with %s.  Don't panic.",
+                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
+                    peer_version_string);
+                r = SSH_ERR_CONN_CLOSED; /* XXX */
+                goto out;
+        }
+        if ((ssh->compat & SSH_BUG_RSASIGMD5) != 0) {
+                logit("Remote version \"%.100s\" uses unsafe RSA signature "
+                    "scheme; disabling use of RSA keys", remote_version);
+        }
+        /* success */
+        r = 0;
+ out:
+        free(our_version_string);
+        free(peer_version_string);
+        free(remote_version);
+        return r;
+}
+
diff --git a/kex.h b/kex.h
index 4e5ead839..39f67bbc1 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.91 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.107 2019/01/23 00:30:41 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -27,6 +27,7 @@
 #define KEX_H
 
 #include "mac.h"
+#include "crypto_api.h"
 
 #ifdef WITH_LEAKMALLOC
 #include "leakmalloc.h"
@@ -62,6 +63,7 @@
 #define KEX_ECDH_SHA2_NISTP521          "ecdh-sha2-nistp521"
 #define KEX_CURVE25519_SHA256           "curve25519-sha256"
 #define KEX_CURVE25519_SHA256_OLD       "curve25519-sha256@libssh.org"
+#define KEX_SNTRUP4591761X25519_SHA512  "sntrup4591761x25519-sha512@tinyssh.org"
 
 #define COMP_NONE       0
 /* pre-auth compression (COMP_ZLIB) is only supported in the client */
@@ -100,13 +102,21 @@ enum kex_exchange {
         KEX_DH_GEX_SHA256,
         KEX_ECDH_SHA2,
         KEX_C25519_SHA256,
+        KEX_KEM_SNTRUP4591761X25519_SHA512,
+#ifdef GSSAPI
         KEX_GSS_GRP1_SHA1,
         KEX_GSS_GRP14_SHA1,
+        KEX_GSS_GRP14_SHA256,
+        KEX_GSS_GRP16_SHA512,
         KEX_GSS_GEX_SHA1,
+        KEX_GSS_NISTP256_SHA256,
+        KEX_GSS_C25519_SHA256,
+#endif
         KEX_MAX
 };
 
 #define KEX_INIT_SENT   0x0001
+#define KEX_INITIAL     0x0002
 
 struct sshenc {
         char    *name;
@@ -147,6 +157,8 @@ struct kex {
         int     ext_info_c;
         struct sshbuf *my;
         struct sshbuf *peer;
+        struct sshbuf *client_version;
+        struct sshbuf *server_version;
         sig_atomic_t done;
         u_int   flags;
         int     hash_alg;
@@ -157,31 +169,36 @@ struct kex {
         char    *gss_host;
         char    *gss_client;
 #endif
-        char    *client_version_string;
-        char    *server_version_string;
         char    *failed_choice;
         int     (*verify_host_key)(struct sshkey *, struct ssh *);
         struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
         struct sshkey *(*load_host_private_key)(int, int, struct ssh *);
         int     (*host_key_index)(struct sshkey *, int, struct ssh *);
-        int     (*sign)(struct sshkey *, struct sshkey *, u_char **, size_t *,
-            const u_char *, size_t, const char *, u_int);
+        int     (*sign)(struct ssh *, struct sshkey *, struct sshkey *,
+            u_char **, size_t *, const u_char *, size_t, const char *);
         int     (*kex[KEX_MAX])(struct ssh *);
         /* kex specific state */
         DH      *dh;                    /* DH */
         u_int   min, max, nbits;        /* GEX */
         EC_KEY  *ec_client_key;         /* ECDH */
         const EC_GROUP *ec_group;       /* ECDH */
-        u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */
+        u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 + KEM */
         u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */
+        u_char sntrup4591761_client_key[crypto_kem_sntrup4591761_SECRETKEYBYTES]; /* KEM */
+        struct sshbuf *client_pub;
 };
 
 int      kex_names_valid(const char *);
 char    *kex_alg_list(char);
+char    *kex_gss_alg_list(char);
 char    *kex_names_cat(const char *, const char *);
 int      kex_assemble_names(char **, const char *, const char *);
+int      kex_gss_names_valid(const char *);
+
+int      kex_exchange_identification(struct ssh *, int, int, const char *);
 
-int      kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **);
+struct kex *kex_new(void);
+int      kex_ready(struct ssh *, char *[PROPOSAL_MAX]);
 int      kex_setup(struct ssh *, char *[PROPOSAL_MAX]);
 void     kex_free_newkeys(struct newkeys *);
 void     kex_free(struct kex *);
@@ -189,48 +206,63 @@ void	 kex_free(struct kex *);
 int      kex_buf2prop(struct sshbuf *, int *, char ***);
 int      kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]);
 void     kex_prop_free(char **);
+int      kex_load_hostkey(struct ssh *, struct sshkey **, struct sshkey **);
+int      kex_verify_host_key(struct ssh *, struct sshkey *);
 
 int      kex_send_kexinit(struct ssh *);
 int      kex_input_kexinit(int, u_int32_t, struct ssh *);
 int      kex_input_ext_info(int, u_int32_t, struct ssh *);
 int      kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *);
-int      kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *);
 int      kex_send_newkeys(struct ssh *);
 int      kex_start_rekex(struct ssh *);
 
-int      kexdh_client(struct ssh *);
-int      kexdh_server(struct ssh *);
 int      kexgex_client(struct ssh *);
 int      kexgex_server(struct ssh *);
-int      kexecdh_client(struct ssh *);
-int      kexecdh_server(struct ssh *);
-int      kexc25519_client(struct ssh *);
-int      kexc25519_server(struct ssh *);
-
-#ifdef GSSAPI
+int      kex_gen_client(struct ssh *);
+int      kex_gen_server(struct ssh *);
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
+int      kexgssgex_client(struct ssh *);
+int      kexgssgex_server(struct ssh *);
 int      kexgss_client(struct ssh *);
 int      kexgss_server(struct ssh *);
 #endif
 
-int      kex_dh_hash(int, const char *, const char *,
-    const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
-    const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
+int      kex_dh_keypair(struct kex *);
+int      kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
+    struct sshbuf **);
+int      kex_dh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+
+int      kex_ecdh_keypair(struct kex *);
+int      kex_ecdh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
+    struct sshbuf **);
+int      kex_ecdh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 
-int      kexgex_hash(int, const char *, const char *,
-    const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
+int      kex_c25519_keypair(struct kex *);
+int      kex_c25519_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
+    struct sshbuf **);
+int      kex_c25519_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+
+int      kex_kem_sntrup4591761x25519_keypair(struct kex *);
+int      kex_kem_sntrup4591761x25519_enc(struct kex *, const struct sshbuf *,
+    struct sshbuf **, struct sshbuf **);
+int      kex_kem_sntrup4591761x25519_dec(struct kex *, const struct sshbuf *,
+    struct sshbuf **);
+
+int      kex_dh_keygen(struct kex *);
+int      kex_dh_compute_key(struct kex *, BIGNUM *, struct sshbuf *);
+
+int      kexgex_hash(int, const struct sshbuf *, const struct sshbuf *,
+    const struct sshbuf *, const struct sshbuf *, const struct sshbuf *,
     int, int, int,
     const BIGNUM *, const BIGNUM *, const BIGNUM *,
-    const BIGNUM *, const BIGNUM *,
+    const BIGNUM *, const u_char *, size_t,
     u_char *, size_t *);
 
-int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *,
-    const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
-    const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *);
-
-int      kex_c25519_hash(int, const char *, const char *,
-    const u_char *, size_t, const u_char *, size_t,
-    const u_char *, size_t, const u_char *, const u_char *,
-    const u_char *, size_t, u_char *, size_t *);
+int      kex_gen_hash(int hash_alg, const struct sshbuf *client_version,
+    const struct sshbuf *server_version, const struct sshbuf *client_kexinit,
+    const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob,
+    const struct sshbuf *client_pub, const struct sshbuf *server_pub,
+    const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen);
 
 void    kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
         __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
@@ -239,9 +271,13 @@ int	kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
     const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
         __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
         __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
+int     kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE],
+    const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int)
+        __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
+        __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
 
 #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
-void    dump_digest(char *, u_char *, int);
+void    dump_digest(const char *, const u_char *, int);
 #endif
 
 #if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
diff --git a/kexc25519.c b/kexc25519.c
index 0897b8c51..f13d766d7 100644
--- a/kexc25519.c
+++ b/kexc25519.c
@@ -1,6 +1,6 @@
-/* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */
+/* $OpenBSD: kexc25519.c,v 1.17 2019/01/21 10:40:11 djm Exp $ */
 /*
- * Copyright (c) 2001, 2013 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
  * Copyright (c) 2013 Aris Adamantiadis.  All rights reserved.
  *
@@ -29,20 +29,16 @@
 
 #include <sys/types.h>
 
-#include <signal.h>
+#include <stdio.h>
 #include <string.h>
+#include <signal.h>
 
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-
-#include "sshbuf.h"
-#include "ssh2.h"
 #include "sshkey.h"
-#include "cipher.h"
 #include "kex.h"
-#include "log.h"
+#include "sshbuf.h"
 #include "digest.h"
 #include "ssherr.h"
+#include "ssh2.h"
 
 extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE],
     const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE])
@@ -60,74 +56,144 @@ kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
 }
 
 int
-kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
-    const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
+kexc25519_shared_key_ext(const u_char key[CURVE25519_SIZE],
+    const u_char pub[CURVE25519_SIZE], struct sshbuf *out, int raw)
 {
         u_char shared_key[CURVE25519_SIZE];
+        u_char zero[CURVE25519_SIZE];
         int r;
 
-        /* Check for all-zero public key */
-        explicit_bzero(shared_key, CURVE25519_SIZE);
-        if (timingsafe_bcmp(pub, shared_key, CURVE25519_SIZE) == 0)
+        crypto_scalarmult_curve25519(shared_key, key, pub);
+
+        /* Check for all-zero shared secret */
+        explicit_bzero(zero, CURVE25519_SIZE);
+        if (timingsafe_bcmp(zero, shared_key, CURVE25519_SIZE) == 0)
                 return SSH_ERR_KEY_INVALID_EC_VALUE;
 
-        crypto_scalarmult_curve25519(shared_key, key, pub);
 #ifdef DEBUG_KEXECDH
         dump_digest("shared secret", shared_key, CURVE25519_SIZE);
 #endif
-        sshbuf_reset(out);
-        r = sshbuf_put_bignum2_bytes(out, shared_key, CURVE25519_SIZE);
+        if (raw)
+                r = sshbuf_put(out, shared_key, CURVE25519_SIZE);
+        else
+                r = sshbuf_put_bignum2_bytes(out, shared_key, CURVE25519_SIZE);
         explicit_bzero(shared_key, CURVE25519_SIZE);
         return r;
 }
 
 int
-kex_c25519_hash(
-    int hash_alg,
-    const char *client_version_string,
-    const char *server_version_string,
-    const u_char *ckexinit, size_t ckexinitlen,
-    const u_char *skexinit, size_t skexinitlen,
-    const u_char *serverhostkeyblob, size_t sbloblen,
-    const u_char client_dh_pub[CURVE25519_SIZE],
-    const u_char server_dh_pub[CURVE25519_SIZE],
-    const u_char *shared_secret, size_t secretlen,
-    u_char *hash, size_t *hashlen)
+kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
+    const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
+{
+        return kexc25519_shared_key_ext(key, pub, out, 0);
+}
+
+int
+kex_c25519_keypair(struct kex *kex)
 {
-        struct sshbuf *b;
+        struct sshbuf *buf = NULL;
+        u_char *cp = NULL;
         int r;
 
-        if (*hashlen < ssh_digest_bytes(hash_alg))
-                return SSH_ERR_INVALID_ARGUMENT;
-        if ((b = sshbuf_new()) == NULL)
+        if ((buf = sshbuf_new()) == NULL)
                 return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) < 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) < 0 ||
-            /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
-            (r = sshbuf_put_u32(b, ckexinitlen+1)) < 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 ||
-            (r = sshbuf_put(b, ckexinit, ckexinitlen)) < 0 ||
-            (r = sshbuf_put_u32(b, skexinitlen+1)) < 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 ||
-            (r = sshbuf_put(b, skexinit, skexinitlen)) < 0 ||
-            (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) < 0 ||
-            (r = sshbuf_put_string(b, client_dh_pub, CURVE25519_SIZE)) < 0 ||
-            (r = sshbuf_put_string(b, server_dh_pub, CURVE25519_SIZE)) < 0 ||
-            (r = sshbuf_put(b, shared_secret, secretlen)) < 0) {
-                sshbuf_free(b);
-                return r;
+        if ((r = sshbuf_reserve(buf, CURVE25519_SIZE, &cp)) != 0)
+                goto out;
+        kexc25519_keygen(kex->c25519_client_key, cp);
+#ifdef DEBUG_KEXECDH
+        dump_digest("client public key c25519:", cp, CURVE25519_SIZE);
+#endif
+        kex->client_pub = buf;
+        buf = NULL;
+ out:
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_c25519_enc(struct kex *kex, const struct sshbuf *client_blob,
+   struct sshbuf **server_blobp, struct sshbuf **shared_secretp)
+{
+        struct sshbuf *server_blob = NULL;
+        struct sshbuf *buf = NULL;
+        const u_char *client_pub;
+        u_char *server_pub;
+        u_char server_key[CURVE25519_SIZE];
+        int r;
+
+        *server_blobp = NULL;
+        *shared_secretp = NULL;
+
+        if (sshbuf_len(client_blob) != CURVE25519_SIZE) {
+                r = SSH_ERR_SIGNATURE_INVALID;
+                goto out;
         }
-#ifdef DEBUG_KEX
-        sshbuf_dump(b, stderr);
+        client_pub = sshbuf_ptr(client_blob);
+#ifdef DEBUG_KEXECDH
+        dump_digest("client public key 25519:", client_pub, CURVE25519_SIZE);
 #endif
-        if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
-                sshbuf_free(b);
-                return SSH_ERR_LIBCRYPTO_ERROR;
+        /* allocate space for encrypted KEM key and ECDH pub key */
+        if ((server_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
         }
-        sshbuf_free(b);
-        *hashlen = ssh_digest_bytes(hash_alg);
-#ifdef DEBUG_KEX
-        dump_digest("hash", hash, *hashlen);
+        if ((r = sshbuf_reserve(server_blob, CURVE25519_SIZE, &server_pub)) != 0)
+                goto out;
+        kexc25519_keygen(server_key, server_pub);
+        /* allocate shared secret */
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 0)) < 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE);
+        dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf));
 #endif
-        return 0;
+        *server_blobp = server_blob;
+        *shared_secretp = buf;
+        server_blob = NULL;
+        buf = NULL;
+ out:
+        explicit_bzero(server_key, sizeof(server_key));
+        sshbuf_free(server_blob);
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_c25519_dec(struct kex *kex, const struct sshbuf *server_blob,
+    struct sshbuf **shared_secretp)
+{
+        struct sshbuf *buf = NULL;
+        const u_char *server_pub;
+        int r;
+
+        *shared_secretp = NULL;
+
+        if (sshbuf_len(server_blob) != CURVE25519_SIZE) {
+                r = SSH_ERR_SIGNATURE_INVALID;
+                goto out;
+        }
+        server_pub = sshbuf_ptr(server_blob);
+#ifdef DEBUG_KEXECDH
+        dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE);
+#endif
+        /* shared secret */
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub,
+            buf, 0)) < 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf));
+#endif
+        *shared_secretp = buf;
+        buf = NULL;
+ out:
+        sshbuf_free(buf);
+        return r;
 }
diff --git a/kexc25519c.c b/kexc25519c.c
deleted file mode 100644
index a8d92149c..000000000
--- a/kexc25519c.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* $OpenBSD: kexc25519c.c,v 1.9 2017/12/18 02:25:15 djm Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- * Copyright (c) 2010 Damien Miller.  All rights reserved.
- * Copyright (c) 2013 Aris Adamantiadis.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "ssh2.h"
-#include "sshbuf.h"
-#include "digest.h"
-#include "ssherr.h"
-
-static int
-input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh);
-
-int
-kexc25519_client(struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        int r;
-
-        kexc25519_keygen(kex->c25519_client_key, kex->c25519_client_pubkey);
-#ifdef DEBUG_KEXECDH
-        dump_digest("client private key:", kex->c25519_client_key,
-            sizeof(kex->c25519_client_key));
-#endif
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 ||
-            (r = sshpkt_put_string(ssh, kex->c25519_client_pubkey,
-            sizeof(kex->c25519_client_pubkey))) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                return r;
-
-        debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_c25519_reply);
-        return 0;
-}
-
-static int
-input_kex_c25519_reply(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        struct sshkey *server_host_key = NULL;
-        struct sshbuf *shared_secret = NULL;
-        u_char *server_pubkey = NULL;
-        u_char *server_host_key_blob = NULL, *signature = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t slen, pklen, sbloblen, hashlen;
-        int r;
-
-        if (kex->verify_host_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-
-        /* hostkey */
-        if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
-            &sbloblen)) != 0 ||
-            (r = sshkey_from_blob(server_host_key_blob, sbloblen,
-            &server_host_key)) != 0)
-                goto out;
-        if (server_host_key->type != kex->hostkey_type ||
-            (kex->hostkey_type == KEY_ECDSA &&
-            server_host_key->ecdsa_nid != kex->hostkey_nid)) {
-                r = SSH_ERR_KEY_TYPE_MISMATCH;
-                goto out;
-        }
-        if (kex->verify_host_key(server_host_key, ssh) == -1) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-
-        /* Q_S, server public key */
-        /* signed H */
-        if ((r = sshpkt_get_string(ssh, &server_pubkey, &pklen)) != 0 ||
-            (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-        if (pklen != CURVE25519_SIZE) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-
-#ifdef DEBUG_KEXECDH
-        dump_digest("server public key:", server_pubkey, CURVE25519_SIZE);
-#endif
-
-        if ((shared_secret = sshbuf_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = kexc25519_shared_key(kex->c25519_client_key, server_pubkey,
-            shared_secret)) < 0)
-                goto out;
-
-        /* calc and verify H */
-        hashlen = sizeof(hash);
-        if ((r = kex_c25519_hash(
-            kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            server_host_key_blob, sbloblen,
-            kex->c25519_client_pubkey,
-            server_pubkey,
-            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
-            hash, &hashlen)) < 0)
-                goto out;
-
-        if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
-            kex->hostkey_alg, ssh->compat)) != 0)
-                goto out;
-
-        /* save session id */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
-out:
-        explicit_bzero(hash, sizeof(hash));
-        explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
-        free(server_host_key_blob);
-        free(server_pubkey);
-        free(signature);
-        sshkey_free(server_host_key);
-        sshbuf_free(shared_secret);
-        return r;
-}
diff --git a/kexc25519s.c b/kexc25519s.c
deleted file mode 100644
index 0800a7a4b..000000000
--- a/kexc25519s.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: kexc25519s.c,v 1.11 2017/05/31 04:19:28 djm Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- * Copyright (c) 2010 Damien Miller.  All rights reserved.
- * Copyright (c) 2013 Aris Adamantiadis.  All rights reserved.
- *
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "digest.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "ssh2.h"
-#include "sshbuf.h"
-#include "ssherr.h"
-
-static int input_kex_c25519_init(int, u_int32_t, struct ssh *);
-
-int
-kexc25519_server(struct ssh *ssh)
-{
-        debug("expecting SSH2_MSG_KEX_ECDH_INIT");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_c25519_init);
-        return 0;
-}
-
-static int
-input_kex_c25519_init(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        struct sshkey *server_host_private, *server_host_public;
-        struct sshbuf *shared_secret = NULL;
-        u_char *server_host_key_blob = NULL, *signature = NULL;
-        u_char server_key[CURVE25519_SIZE];
-        u_char *client_pubkey = NULL;
-        u_char server_pubkey[CURVE25519_SIZE];
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t slen, pklen, sbloblen, hashlen;
-        int r;
-
-        /* generate private key */
-        kexc25519_keygen(server_key, server_pubkey);
-#ifdef DEBUG_KEXECDH
-        dump_digest("server private key:", server_key, sizeof(server_key));
-#endif
-        if (kex->load_host_public_key == NULL ||
-            kex->load_host_private_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        server_host_public = kex->load_host_public_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        server_host_private = kex->load_host_private_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        if (server_host_public == NULL) {
-                r = SSH_ERR_NO_HOSTKEY_LOADED;
-                goto out;
-        }
-
-        if ((r = sshpkt_get_string(ssh, &client_pubkey, &pklen)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-        if (pklen != CURVE25519_SIZE) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-#ifdef DEBUG_KEXECDH
-        dump_digest("client public key:", client_pubkey, CURVE25519_SIZE);
-#endif
-
-        if ((shared_secret = sshbuf_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = kexc25519_shared_key(server_key, client_pubkey,
-            shared_secret)) < 0)
-                goto out;
-
-        /* calc H */
-        if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
-            &sbloblen)) != 0)
-                goto out;
-        hashlen = sizeof(hash);
-        if ((r = kex_c25519_hash(
-            kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            server_host_key_blob, sbloblen,
-            client_pubkey,
-            server_pubkey,
-            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
-            hash, &hashlen)) < 0)
-                goto out;
-
-        /* save session id := H */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        /* sign H */
-        if ((r = kex->sign(server_host_private, server_host_public, &signature,
-             &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
-                goto out;
-
-        /* send server hostkey, ECDH pubkey 'Q_S' and signed H */
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 ||
-            (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
-            (r = sshpkt_put_string(ssh, server_pubkey, sizeof(server_pubkey))) != 0 ||
-            (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                goto out;
-
-        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
-out:
-        explicit_bzero(hash, sizeof(hash));
-        explicit_bzero(server_key, sizeof(server_key));
-        free(server_host_key_blob);
-        free(signature);
-        free(client_pubkey);
-        sshbuf_free(shared_secret);
-        return r;
-}
diff --git a/kexdh.c b/kexdh.c
index e6925b186..edaa46762 100644
--- a/kexdh.c
+++ b/kexdh.c
@@ -1,6 +1,6 @@
-/* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */
+/* $OpenBSD: kexdh.c,v 1.32 2019/01/21 10:40:11 djm Exp $ */
 /*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -30,67 +30,182 @@
 #include <sys/types.h>
 
 #include <signal.h>
-
-#include <openssl/evp.h>
+#include <stdio.h>
+#include <string.h>
 
 #include "openbsd-compat/openssl-compat.h"
+#include <openssl/dh.h>
 
-#include "ssh2.h"
 #include "sshkey.h"
-#include "cipher.h"
 #include "kex.h"
-#include "ssherr.h"
 #include "sshbuf.h"
 #include "digest.h"
+#include "ssherr.h"
+#include "dh.h"
 
 int
-kex_dh_hash(
-    int hash_alg,
-    const char *client_version_string,
-    const char *server_version_string,
-    const u_char *ckexinit, size_t ckexinitlen,
-    const u_char *skexinit, size_t skexinitlen,
-    const u_char *serverhostkeyblob, size_t sbloblen,
-    const BIGNUM *client_dh_pub,
-    const BIGNUM *server_dh_pub,
-    const BIGNUM *shared_secret,
-    u_char *hash, size_t *hashlen)
+kex_dh_keygen(struct kex *kex)
 {
-        struct sshbuf *b;
-        int r;
-
-        if (*hashlen < ssh_digest_bytes(hash_alg))
+        switch (kex->kex_type) {
+        case KEX_DH_GRP1_SHA1:
+#ifdef GSSAPI
+        case KEX_GSS_GRP1_SHA1:
+#endif
+                kex->dh = dh_new_group1();
+                break;
+        case KEX_DH_GRP14_SHA1:
+        case KEX_DH_GRP14_SHA256:
+#ifdef GSSAPI
+        case KEX_GSS_GRP14_SHA1:
+        case KEX_GSS_GRP14_SHA256:
+#endif
+                kex->dh = dh_new_group14();
+                break;
+        case KEX_DH_GRP16_SHA512:
+#ifdef GSSAPI
+        case KEX_GSS_GRP16_SHA512:
+#endif
+                kex->dh = dh_new_group16();
+                break;
+        case KEX_DH_GRP18_SHA512:
+                kex->dh = dh_new_group18();
+                break;
+        default:
                 return SSH_ERR_INVALID_ARGUMENT;
-        if ((b = sshbuf_new()) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) != 0 ||
-            /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
-            (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 ||
-            (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 ||
-            (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 ||
-            (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 ||
-            (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 ||
-            (r = sshbuf_put_bignum2(b, shared_secret)) != 0) {
-                sshbuf_free(b);
-                return r;
         }
-#ifdef DEBUG_KEX
-        sshbuf_dump(b, stderr);
+        if (kex->dh == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        return (dh_gen_key(kex->dh, kex->we_need * 8));
+}
+
+int
+kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out)
+{
+        BIGNUM *shared_secret = NULL;
+        u_char *kbuf = NULL;
+        size_t klen = 0;
+        int kout, r;
+
+#ifdef DEBUG_KEXDH
+        fprintf(stderr, "dh_pub= ");
+        BN_print_fp(stderr, dh_pub);
+        fprintf(stderr, "\n");
+        debug("bits %d", BN_num_bits(dh_pub));
+        DHparams_print_fp(stderr, kex->dh);
+        fprintf(stderr, "\n");
 #endif
-        if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
-                sshbuf_free(b);
-                return SSH_ERR_LIBCRYPTO_ERROR;
+
+        if (!dh_pub_is_valid(kex->dh, dh_pub)) {
+                r = SSH_ERR_MESSAGE_INCOMPLETE;
+                goto out;
         }
-        sshbuf_free(b);
-        *hashlen = ssh_digest_bytes(hash_alg);
-#ifdef DEBUG_KEX
-        dump_digest("hash", hash, *hashlen);
+        klen = DH_size(kex->dh);
+        if ((kbuf = malloc(klen)) == NULL ||
+            (shared_secret = BN_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((kout = DH_compute_key(kbuf, dh_pub, kex->dh)) < 0 ||
+            BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
+                r = SSH_ERR_LIBCRYPTO_ERROR;
+                goto out;
+        }
+#ifdef DEBUG_KEXDH
+        dump_digest("shared secret", kbuf, kout);
+#endif
+        r = sshbuf_put_bignum2(out, shared_secret);
+ out:
+        freezero(kbuf, klen);
+        BN_clear_free(shared_secret);
+        return r;
+}
+
+int
+kex_dh_keypair(struct kex *kex)
+{
+        const BIGNUM *pub_key;
+        struct sshbuf *buf = NULL;
+        int r;
+
+        if ((r = kex_dh_keygen(kex)) != 0)
+                return r;
+        DH_get0_key(kex->dh, &pub_key, NULL);
+        if ((buf = sshbuf_new()) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        if ((r = sshbuf_put_bignum2(buf, pub_key)) != 0 ||
+            (r = sshbuf_get_u32(buf, NULL)) != 0)
+                goto out;
+#ifdef DEBUG_KEXDH
+        DHparams_print_fp(stderr, kex->dh);
+        fprintf(stderr, "pub= ");
+        BN_print_fp(stderr, pub_key);
+        fprintf(stderr, "\n");
 #endif
-        return 0;
+        kex->client_pub = buf;
+        buf = NULL;
+ out:
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_dh_enc(struct kex *kex, const struct sshbuf *client_blob,
+    struct sshbuf **server_blobp, struct sshbuf **shared_secretp)
+{
+        const BIGNUM *pub_key;
+        struct sshbuf *server_blob = NULL;
+        int r;
+
+        *server_blobp = NULL;
+        *shared_secretp = NULL;
+
+        if ((r = kex_dh_keygen(kex)) != 0)
+                goto out;
+        DH_get0_key(kex->dh, &pub_key, NULL);
+        if ((server_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_put_bignum2(server_blob, pub_key)) != 0 ||
+            (r = sshbuf_get_u32(server_blob, NULL)) != 0)
+                goto out;
+        if ((r = kex_dh_dec(kex, client_blob, shared_secretp)) != 0)
+                goto out;
+        *server_blobp = server_blob;
+        server_blob = NULL;
+ out:
+        DH_free(kex->dh);
+        kex->dh = NULL;
+        sshbuf_free(server_blob);
+        return r;
+}
+
+int
+kex_dh_dec(struct kex *kex, const struct sshbuf *dh_blob,
+    struct sshbuf **shared_secretp)
+{
+        struct sshbuf *buf = NULL;
+        BIGNUM *dh_pub = NULL;
+        int r;
+
+        *shared_secretp = NULL;
+
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_put_stringb(buf, dh_blob)) != 0 ||
+            (r = sshbuf_get_bignum2(buf, &dh_pub)) != 0)
+                goto out;
+        sshbuf_reset(buf);
+        if ((r = kex_dh_compute_key(kex, dh_pub, buf)) != 0)
+                goto out;
+        *shared_secretp = buf;
+        buf = NULL;
+ out:
+        DH_free(kex->dh);
+        kex->dh = NULL;
+        sshbuf_free(buf);
+        return r;
 }
 #endif /* WITH_OPENSSL */
diff --git a/kexdhc.c b/kexdhc.c
deleted file mode 100644
index 8b56377ad..000000000
--- a/kexdhc.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* $OpenBSD: kexdhc.c,v 1.22 2018/02/07 02:06:51 jsing Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#ifdef WITH_OPENSSL
-
-#include <sys/types.h>
-
-#include <openssl/dh.h>
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-
-#include "openbsd-compat/openssl-compat.h"
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "digest.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "dh.h"
-#include "ssh2.h"
-#include "dispatch.h"
-#include "compat.h"
-#include "ssherr.h"
-#include "sshbuf.h"
-
-static int input_kex_dh(int, u_int32_t, struct ssh *);
-
-int
-kexdh_client(struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        int r;
-        const BIGNUM *pub_key;
-
-        /* generate and send 'e', client DH public key */
-        switch (kex->kex_type) {
-        case KEX_DH_GRP1_SHA1:
-                kex->dh = dh_new_group1();
-                break;
-        case KEX_DH_GRP14_SHA1:
-        case KEX_DH_GRP14_SHA256:
-                kex->dh = dh_new_group14();
-                break;
-        case KEX_DH_GRP16_SHA512:
-                kex->dh = dh_new_group16();
-                break;
-        case KEX_DH_GRP18_SHA512:
-                kex->dh = dh_new_group18();
-                break;
-        default:
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        if (kex->dh == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        debug("sending SSH2_MSG_KEXDH_INIT");
-        if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
-                goto out;
-        DH_get0_key(kex->dh, &pub_key, NULL);
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 ||
-            (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                goto out;
-#ifdef DEBUG_KEXDH
-        DHparams_print_fp(stderr, kex->dh);
-        fprintf(stderr, "pub= ");
-        BN_print_fp(stderr, pub_key);
-        fprintf(stderr, "\n");
-#endif
-        debug("expecting SSH2_MSG_KEXDH_REPLY");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_REPLY, &input_kex_dh);
-        r = 0;
- out:
-        return r;
-}
-
-static int
-input_kex_dh(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
-        const BIGNUM *pub_key;
-        struct sshkey *server_host_key = NULL;
-        u_char *kbuf = NULL, *server_host_key_blob = NULL, *signature = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t klen = 0, slen, sbloblen, hashlen;
-        int kout, r;
-
-        if (kex->verify_host_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        /* key, cert */
-        if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
-            &sbloblen)) != 0 ||
-            (r = sshkey_from_blob(server_host_key_blob, sbloblen,
-            &server_host_key)) != 0)
-                goto out;
-        if (server_host_key->type != kex->hostkey_type ||
-            (kex->hostkey_type == KEY_ECDSA &&
-            server_host_key->ecdsa_nid != kex->hostkey_nid)) {
-                r = SSH_ERR_KEY_TYPE_MISMATCH;
-                goto out;
-        }
-        if (kex->verify_host_key(server_host_key, ssh) == -1) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-        /* DH parameter f, server public DH key */
-        if ((dh_server_pub = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        /* signed H */
-        if ((r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0 ||
-            (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-#ifdef DEBUG_KEXDH
-        fprintf(stderr, "dh_server_pub= ");
-        BN_print_fp(stderr, dh_server_pub);
-        fprintf(stderr, "\n");
-        debug("bits %d", BN_num_bits(dh_server_pub));
-#endif
-        if (!dh_pub_is_valid(kex->dh, dh_server_pub)) {
-                sshpkt_disconnect(ssh, "bad server public DH value");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        klen = DH_size(kex->dh);
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0 ||
-            BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-#ifdef DEBUG_KEXDH
-        dump_digest("shared secret", kbuf, kout);
-#endif
-
-        /* calc and verify H */
-        DH_get0_key(kex->dh, &pub_key, NULL);
-        hashlen = sizeof(hash);
-        if ((r = kex_dh_hash(
-            kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            server_host_key_blob, sbloblen,
-            pub_key,
-            dh_server_pub,
-            shared_secret,
-            hash, &hashlen)) != 0)
-                goto out;
-
-        if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
-            kex->hostkey_alg, ssh->compat)) != 0)
-                goto out;
-
-        /* save session id */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
- out:
-        explicit_bzero(hash, sizeof(hash));
-        DH_free(kex->dh);
-        kex->dh = NULL;
-        BN_clear_free(dh_server_pub);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
-        sshkey_free(server_host_key);
-        free(server_host_key_blob);
-        free(signature);
-        return r;
-}
-#endif /* WITH_OPENSSL */
diff --git a/kexdhs.c b/kexdhs.c
deleted file mode 100644
index 337aab5be..000000000
--- a/kexdhs.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* $OpenBSD: kexdhs.c,v 1.27 2018/04/10 00:10:49 djm Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#ifdef WITH_OPENSSL
-
-#include <sys/types.h>
-
-#include <stdarg.h>
-#include <string.h>
-#include <signal.h>
-
-#include <openssl/dh.h>
-
-#include "openbsd-compat/openssl-compat.h"
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "digest.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "dh.h"
-#include "ssh2.h"
-
-#include "dispatch.h"
-#include "compat.h"
-#include "ssherr.h"
-#include "sshbuf.h"
-
-static int input_kex_dh_init(int, u_int32_t, struct ssh *);
-
-int
-kexdh_server(struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        int r;
-
-        /* generate server DH public key */
-        switch (kex->kex_type) {
-        case KEX_DH_GRP1_SHA1:
-                kex->dh = dh_new_group1();
-                break;
-        case KEX_DH_GRP14_SHA1:
-        case KEX_DH_GRP14_SHA256:
-                kex->dh = dh_new_group14();
-                break;
-        case KEX_DH_GRP16_SHA512:
-                kex->dh = dh_new_group16();
-                break;
-        case KEX_DH_GRP18_SHA512:
-                kex->dh = dh_new_group18();
-                break;
-        default:
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        if (kex->dh == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
-                goto out;
-
-        debug("expecting SSH2_MSG_KEXDH_INIT");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEXDH_INIT, &input_kex_dh_init);
-        r = 0;
- out:
-        return r;
-}
-
-int
-input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
-        const BIGNUM *pub_key;
-        struct sshkey *server_host_public, *server_host_private;
-        u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t sbloblen, slen;
-        size_t klen = 0, hashlen;
-        int kout, r;
-
-        if (kex->load_host_public_key == NULL ||
-            kex->load_host_private_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        server_host_public = kex->load_host_public_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        server_host_private = kex->load_host_private_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        if (server_host_public == NULL) {
-                r = SSH_ERR_NO_HOSTKEY_LOADED;
-                goto out;
-        }
-
-        /* key, cert */
-        if ((dh_client_pub = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        DH_get0_key(kex->dh, &pub_key, NULL);
-        if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-
-#ifdef DEBUG_KEXDH
-        fprintf(stderr, "dh_client_pub= ");
-        BN_print_fp(stderr, dh_client_pub);
-        fprintf(stderr, "\n");
-        debug("bits %d", BN_num_bits(dh_client_pub));
-        DHparams_print_fp(stderr, kex->dh);
-        fprintf(stderr, "pub= ");
-        BN_print_fp(stderr, pub_key);
-        fprintf(stderr, "\n");
-#endif
-        if (!dh_pub_is_valid(kex->dh, dh_client_pub)) {
-                sshpkt_disconnect(ssh, "bad client public DH value");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        klen = DH_size(kex->dh);
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0 ||
-            BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-#ifdef DEBUG_KEXDH
-        dump_digest("shared secret", kbuf, kout);
-#endif
-        if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
-            &sbloblen)) != 0)
-                goto out;
-        /* calc H */
-        hashlen = sizeof(hash);
-        if ((r = kex_dh_hash(
-            kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            server_host_key_blob, sbloblen,
-            dh_client_pub,
-            pub_key,
-            shared_secret,
-            hash, &hashlen)) != 0)
-                goto out;
-
-        /* save session id := H */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        /* sign H */
-        if ((r = kex->sign(server_host_private, server_host_public, &signature,
-             &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
-                goto out;
-
-        /* destroy_sensitive_data(); */
-
-        /* send server hostkey, DH pubkey 'f' and signed H */
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 ||
-            (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
-            (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||      /* f */
-            (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                goto out;
-
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
- out:
-        explicit_bzero(hash, sizeof(hash));
-        DH_free(kex->dh);
-        kex->dh = NULL;
-        BN_clear_free(dh_client_pub);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
-        free(server_host_key_blob);
-        free(signature);
-        return r;
-}
-#endif /* WITH_OPENSSL */
diff --git a/kexecdh.c b/kexecdh.c
index 2a4fec6b1..0aeab2e9b 100644
--- a/kexecdh.c
+++ b/kexecdh.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: kexecdh.c,v 1.6 2015/01/19 20:16:15 markus Exp $ */
+/* $OpenBSD: kexecdh.c,v 1.10 2019/01/21 10:40:11 djm Exp $ */
 /*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
+ * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -30,71 +30,182 @@
 
 #include <sys/types.h>
 
-#include <signal.h>
+#include <stdio.h>
 #include <string.h>
+#include <signal.h>
 
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/ec.h>
 #include <openssl/ecdh.h>
 
-#include "ssh2.h"
 #include "sshkey.h"
-#include "cipher.h"
 #include "kex.h"
 #include "sshbuf.h"
 #include "digest.h"
 #include "ssherr.h"
 
+static int
+kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key,
+    const EC_GROUP *, struct sshbuf **);
+
 int
-kex_ecdh_hash(
-    int hash_alg,
-    const EC_GROUP *ec_group,
-    const char *client_version_string,
-    const char *server_version_string,
-    const u_char *ckexinit, size_t ckexinitlen,
-    const u_char *skexinit, size_t skexinitlen,
-    const u_char *serverhostkeyblob, size_t sbloblen,
-    const EC_POINT *client_dh_pub,
-    const EC_POINT *server_dh_pub,
-    const BIGNUM *shared_secret,
-    u_char *hash, size_t *hashlen)
+kex_ecdh_keypair(struct kex *kex)
 {
-        struct sshbuf *b;
+        EC_KEY *client_key = NULL;
+        const EC_GROUP *group;
+        const EC_POINT *public_key;
+        struct sshbuf *buf = NULL;
         int r;
 
-        if (*hashlen < ssh_digest_bytes(hash_alg))
-                return SSH_ERR_INVALID_ARGUMENT;
-        if ((b = sshbuf_new()) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) != 0 ||
-            /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
-            (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 ||
-            (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 ||
-            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 ||
-            (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 ||
-            (r = sshbuf_put_ec(b, client_dh_pub, ec_group)) != 0 ||
-            (r = sshbuf_put_ec(b, server_dh_pub, ec_group)) != 0 ||
-            (r = sshbuf_put_bignum2(b, shared_secret)) != 0) {
-                sshbuf_free(b);
-                return r;
+        if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if (EC_KEY_generate_key(client_key) != 1) {
+                r = SSH_ERR_LIBCRYPTO_ERROR;
+                goto out;
+        }
+        group = EC_KEY_get0_group(client_key);
+        public_key = EC_KEY_get0_public_key(client_key);
+
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
         }
-#ifdef DEBUG_KEX
-        sshbuf_dump(b, stderr);
+        if ((r = sshbuf_put_ec(buf, public_key, group)) != 0 ||
+            (r = sshbuf_get_u32(buf, NULL)) != 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        fputs("client private key:\n", stderr);
+        sshkey_dump_ec_key(client_key);
 #endif
-        if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
-                sshbuf_free(b);
-                return SSH_ERR_LIBCRYPTO_ERROR;
+        kex->ec_client_key = client_key;
+        kex->ec_group = group;
+        client_key = NULL;      /* owned by the kex */
+        kex->client_pub = buf;
+        buf = NULL;
+ out:
+        EC_KEY_free(client_key);
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob,
+    struct sshbuf **server_blobp, struct sshbuf **shared_secretp)
+{
+        const EC_GROUP *group;
+        const EC_POINT *pub_key;
+        EC_KEY *server_key = NULL;
+        struct sshbuf *server_blob = NULL;
+        int r;
+
+        *server_blobp = NULL;
+        *shared_secretp = NULL;
+
+        if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
         }
-        sshbuf_free(b);
-        *hashlen = ssh_digest_bytes(hash_alg);
-#ifdef DEBUG_KEX
-        dump_digest("hash", hash, *hashlen);
+        if (EC_KEY_generate_key(server_key) != 1) {
+                r = SSH_ERR_LIBCRYPTO_ERROR;
+                goto out;
+        }
+        group = EC_KEY_get0_group(server_key);
+
+#ifdef DEBUG_KEXECDH
+        fputs("server private key:\n", stderr);
+        sshkey_dump_ec_key(server_key);
 #endif
-        return 0;
+        pub_key = EC_KEY_get0_public_key(server_key);
+        if ((server_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_put_ec(server_blob, pub_key, group)) != 0 ||
+            (r = sshbuf_get_u32(server_blob, NULL)) != 0)
+                goto out;
+        if ((r = kex_ecdh_dec_key_group(kex, client_blob, server_key, group,
+            shared_secretp)) != 0)
+                goto out;
+        *server_blobp = server_blob;
+        server_blob = NULL;
+ out:
+        EC_KEY_free(server_key);
+        sshbuf_free(server_blob);
+        return r;
+}
+
+static int
+kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob,
+    EC_KEY *key, const EC_GROUP *group, struct sshbuf **shared_secretp)
+{
+        struct sshbuf *buf = NULL;
+        BIGNUM *shared_secret = NULL;
+        EC_POINT *dh_pub = NULL;
+        u_char *kbuf = NULL;
+        size_t klen = 0;
+        int r;
+
+        *shared_secretp = NULL;
+
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_put_stringb(buf, ec_blob)) != 0)
+                goto out;
+        if ((dh_pub = EC_POINT_new(group)) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_get_ec(buf, dh_pub, group)) != 0) {
+                goto out;
+        }
+        sshbuf_reset(buf);
+
+#ifdef DEBUG_KEXECDH
+        fputs("public key:\n", stderr);
+        sshkey_dump_ec_point(group, dh_pub);
+#endif
+        if (sshkey_ec_validate_public(group, dh_pub) != 0) {
+                r = SSH_ERR_MESSAGE_INCOMPLETE;
+                goto out;
+        }
+        klen = (EC_GROUP_get_degree(group) + 7) / 8;
+        if ((kbuf = malloc(klen)) == NULL ||
+            (shared_secret = BN_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if (ECDH_compute_key(kbuf, klen, dh_pub, key, NULL) != (int)klen ||
+            BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
+                r = SSH_ERR_LIBCRYPTO_ERROR;
+                goto out;
+        }
+#ifdef DEBUG_KEXECDH
+        dump_digest("shared secret", kbuf, klen);
+#endif
+        if ((r = sshbuf_put_bignum2(buf, shared_secret)) != 0)
+                goto out;
+        *shared_secretp = buf;
+        buf = NULL;
+ out:
+        EC_POINT_clear_free(dh_pub);
+        BN_clear_free(shared_secret);
+        freezero(kbuf, klen);
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_ecdh_dec(struct kex *kex, const struct sshbuf *server_blob,
+    struct sshbuf **shared_secretp)
+{
+        int r;
+
+        r = kex_ecdh_dec_key_group(kex, server_blob, kex->ec_client_key,
+            kex->ec_group, shared_secretp);
+        EC_KEY_free(kex->ec_client_key);
+        kex->ec_client_key = NULL;
+        return r;
 }
 #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
diff --git a/kexecdhc.c b/kexecdhc.c
deleted file mode 100644
index ac146a362..000000000
--- a/kexecdhc.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* $OpenBSD: kexecdhc.c,v 1.13 2018/02/07 02:06:51 jsing Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- * Copyright (c) 2010 Damien Miller.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-
-#include <openssl/ecdh.h>
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "digest.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "dh.h"
-#include "ssh2.h"
-#include "dispatch.h"
-#include "compat.h"
-#include "ssherr.h"
-#include "sshbuf.h"
-
-static int input_kex_ecdh_reply(int, u_int32_t, struct ssh *);
-
-int
-kexecdh_client(struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        EC_KEY *client_key = NULL;
-        const EC_GROUP *group;
-        const EC_POINT *public_key;
-        int r;
-
-        if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if (EC_KEY_generate_key(client_key) != 1) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-        group = EC_KEY_get0_group(client_key);
-        public_key = EC_KEY_get0_public_key(client_key);
-
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 ||
-            (r = sshpkt_put_ec(ssh, public_key, group)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                goto out;
-        debug("sending SSH2_MSG_KEX_ECDH_INIT");
-
-#ifdef DEBUG_KEXECDH
-        fputs("client private key:\n", stderr);
-        sshkey_dump_ec_key(client_key);
-#endif
-        kex->ec_client_key = client_key;
-        kex->ec_group = group;
-        client_key = NULL;      /* owned by the kex */
-
-        debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_ecdh_reply);
-        r = 0;
- out:
-        EC_KEY_free(client_key);
-        return r;
-}
-
-static int
-input_kex_ecdh_reply(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        const EC_GROUP *group;
-        EC_POINT *server_public = NULL;
-        EC_KEY *client_key;
-        BIGNUM *shared_secret = NULL;
-        struct sshkey *server_host_key = NULL;
-        u_char *server_host_key_blob = NULL, *signature = NULL;
-        u_char *kbuf = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t slen, sbloblen;
-        size_t klen = 0, hashlen;
-        int r;
-
-        if (kex->verify_host_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        group = kex->ec_group;
-        client_key = kex->ec_client_key;
-
-        /* hostkey */
-        if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
-            &sbloblen)) != 0 ||
-            (r = sshkey_from_blob(server_host_key_blob, sbloblen,
-            &server_host_key)) != 0)
-                goto out;
-        if (server_host_key->type != kex->hostkey_type ||
-            (kex->hostkey_type == KEY_ECDSA &&
-            server_host_key->ecdsa_nid != kex->hostkey_nid)) {
-                r = SSH_ERR_KEY_TYPE_MISMATCH;
-                goto out;
-        }
-        if (kex->verify_host_key(server_host_key, ssh) == -1) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-
-        /* Q_S, server public key */
-        /* signed H */
-        if ((server_public = EC_POINT_new(group)) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = sshpkt_get_ec(ssh, server_public, group)) != 0 ||
-            (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-
-#ifdef DEBUG_KEXECDH
-        fputs("server public key:\n", stderr);
-        sshkey_dump_ec_point(group, server_public);
-#endif
-        if (sshkey_ec_validate_public(group, server_public) != 0) {
-                sshpkt_disconnect(ssh, "invalid server public key");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        klen = (EC_GROUP_get_degree(group) + 7) / 8;
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if (ECDH_compute_key(kbuf, klen, server_public,
-            client_key, NULL) != (int)klen ||
-            BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-
-#ifdef DEBUG_KEXECDH
-        dump_digest("shared secret", kbuf, klen);
-#endif
-        /* calc and verify H */
-        hashlen = sizeof(hash);
-        if ((r = kex_ecdh_hash(
-            kex->hash_alg,
-            group,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            server_host_key_blob, sbloblen,
-            EC_KEY_get0_public_key(client_key),
-            server_public,
-            shared_secret,
-            hash, &hashlen)) != 0)
-                goto out;
-
-        if ((r = sshkey_verify(server_host_key, signature, slen, hash,
-            hashlen, kex->hostkey_alg, ssh->compat)) != 0)
-                goto out;
-
-        /* save session id */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
- out:
-        explicit_bzero(hash, sizeof(hash));
-        EC_KEY_free(kex->ec_client_key);
-        kex->ec_client_key = NULL;
-        EC_POINT_clear_free(server_public);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
-        sshkey_free(server_host_key);
-        free(server_host_key_blob);
-        free(signature);
-        return r;
-}
-#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-
diff --git a/kexecdhs.c b/kexecdhs.c
deleted file mode 100644
index af4f30309..000000000
--- a/kexecdhs.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* $OpenBSD: kexecdhs.c,v 1.17 2018/02/07 02:06:51 jsing Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl.  All rights reserved.
- * Copyright (c) 2010 Damien Miller.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-
-#include <sys/types.h>
-#include <string.h>
-#include <signal.h>
-
-#include <openssl/ecdh.h>
-
-#include "sshkey.h"
-#include "cipher.h"
-#include "digest.h"
-#include "kex.h"
-#include "log.h"
-#include "packet.h"
-#include "ssh2.h"
-
-#include "dispatch.h"
-#include "compat.h"
-#include "ssherr.h"
-#include "sshbuf.h"
-
-static int input_kex_ecdh_init(int, u_int32_t, struct ssh *);
-
-int
-kexecdh_server(struct ssh *ssh)
-{
-        debug("expecting SSH2_MSG_KEX_ECDH_INIT");
-        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_ecdh_init);
-        return 0;
-}
-
-static int
-input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh)
-{
-        struct kex *kex = ssh->kex;
-        EC_POINT *client_public;
-        EC_KEY *server_key = NULL;
-        const EC_GROUP *group;
-        const EC_POINT *public_key;
-        BIGNUM *shared_secret = NULL;
-        struct sshkey *server_host_private, *server_host_public;
-        u_char *server_host_key_blob = NULL, *signature = NULL;
-        u_char *kbuf = NULL;
-        u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t slen, sbloblen;
-        size_t klen = 0, hashlen;
-        int r;
-
-        if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if (EC_KEY_generate_key(server_key) != 1) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-        group = EC_KEY_get0_group(server_key);
-
-#ifdef DEBUG_KEXECDH
-        fputs("server private key:\n", stderr);
-        sshkey_dump_ec_key(server_key);
-#endif
-
-        if (kex->load_host_public_key == NULL ||
-            kex->load_host_private_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        server_host_public = kex->load_host_public_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        server_host_private = kex->load_host_private_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        if (server_host_public == NULL) {
-                r = SSH_ERR_NO_HOSTKEY_LOADED;
-                goto out;
-        }
-        if ((client_public = EC_POINT_new(group)) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = sshpkt_get_ec(ssh, client_public, group)) != 0 ||
-            (r = sshpkt_get_end(ssh)) != 0)
-                goto out;
-
-#ifdef DEBUG_KEXECDH
-        fputs("client public key:\n", stderr);
-        sshkey_dump_ec_point(group, client_public);
-#endif
-        if (sshkey_ec_validate_public(group, client_public) != 0) {
-                sshpkt_disconnect(ssh, "invalid client public key");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        /* Calculate shared_secret */
-        klen = (EC_GROUP_get_degree(group) + 7) / 8;
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if (ECDH_compute_key(kbuf, klen, client_public,
-            server_key, NULL) != (int)klen ||
-            BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
-                goto out;
-        }
-
-#ifdef DEBUG_KEXECDH
-        dump_digest("shared secret", kbuf, klen);
-#endif
-        /* calc H */
-        if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
-            &sbloblen)) != 0)
-                goto out;
-        hashlen = sizeof(hash);
-        if ((r = kex_ecdh_hash(
-            kex->hash_alg,
-            group,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            server_host_key_blob, sbloblen,
-            client_public,
-            EC_KEY_get0_public_key(server_key),
-            shared_secret,
-            hash, &hashlen)) != 0)
-                goto out;
-
-        /* save session id := H */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        /* sign H */
-        if ((r = kex->sign(server_host_private, server_host_public, &signature,
-             &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
-                goto out;
-
-        /* destroy_sensitive_data(); */
-
-        public_key = EC_KEY_get0_public_key(server_key);
-        /* send server hostkey, ECDH pubkey 'Q_S' and signed H */
-        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 ||
-            (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
-            (r = sshpkt_put_ec(ssh, public_key, group)) != 0 ||
-            (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
-            (r = sshpkt_send(ssh)) != 0)
-                goto out;
-
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
-                r = kex_send_newkeys(ssh);
- out:
-        explicit_bzero(hash, sizeof(hash));
-        EC_KEY_free(kex->ec_client_key);
-        kex->ec_client_key = NULL;
-        EC_KEY_free(server_key);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
-        free(server_host_key_blob);
-        free(signature);
-        return r;
-}
-#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-
diff --git a/kexgen.c b/kexgen.c
new file mode 100644
index 000000000..569dc83f3
--- /dev/null
+++ b/kexgen.c
@@ -0,0 +1,339 @@
+/* $OpenBSD: kexgen.c,v 1.2 2019/01/23 00:30:41 djm Exp $ */
+/*
+ * Copyright (c) 2019 Markus Friedl.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <signal.h>
+
+#include "sshkey.h"
+#include "kex.h"
+#include "log.h"
+#include "packet.h"
+#include "ssh2.h"
+#include "sshbuf.h"
+#include "digest.h"
+#include "ssherr.h"
+
+static int input_kex_gen_init(int, u_int32_t, struct ssh *);
+static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh);
+
+int
+kex_gen_hash(
+    int hash_alg,
+    const struct sshbuf *client_version,
+    const struct sshbuf *server_version,
+    const struct sshbuf *client_kexinit,
+    const struct sshbuf *server_kexinit,
+    const struct sshbuf *server_host_key_blob,
+    const struct sshbuf *client_pub,
+    const struct sshbuf *server_pub,
+    const struct sshbuf *shared_secret,
+    u_char *hash, size_t *hashlen)
+{
+        struct sshbuf *b;
+        int r;
+
+        if (*hashlen < ssh_digest_bytes(hash_alg))
+                return SSH_ERR_INVALID_ARGUMENT;
+        if ((b = sshbuf_new()) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        if ((r = sshbuf_put_stringb(b, client_version)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_version)) != 0 ||
+            /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
+            (r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 ||
+            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
+            (r = sshbuf_putb(b, client_kexinit)) != 0 ||
+            (r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 ||
+            (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
+            (r = sshbuf_putb(b, server_kexinit)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 ||
+            (r = sshbuf_put_stringb(b, client_pub)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_pub)) != 0 ||
+            (r = sshbuf_putb(b, shared_secret)) != 0) {
+                sshbuf_free(b);
+                return r;
+        }
+#ifdef DEBUG_KEX
+        sshbuf_dump(b, stderr);
+#endif
+        if (ssh_digest_buffer(hash_alg, b, hash, *hashlen) != 0) {
+                sshbuf_free(b);
+                return SSH_ERR_LIBCRYPTO_ERROR;
+        }
+        sshbuf_free(b);
+        *hashlen = ssh_digest_bytes(hash_alg);
+#ifdef DEBUG_KEX
+        dump_digest("hash", hash, *hashlen);
+#endif
+        return 0;
+}
+
+int
+kex_gen_client(struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        int r;
+
+        switch (kex->kex_type) {
+#ifdef WITH_OPENSSL
+        case KEX_DH_GRP1_SHA1:
+        case KEX_DH_GRP14_SHA1:
+        case KEX_DH_GRP14_SHA256:
+        case KEX_DH_GRP16_SHA512:
+        case KEX_DH_GRP18_SHA512:
+                r = kex_dh_keypair(kex);
+                break;
+        case KEX_ECDH_SHA2:
+                r = kex_ecdh_keypair(kex);
+                break;
+#endif
+        case KEX_C25519_SHA256:
+                r = kex_c25519_keypair(kex);
+                break;
+        case KEX_KEM_SNTRUP4591761X25519_SHA512:
+                r = kex_kem_sntrup4591761x25519_keypair(kex);
+                break;
+        default:
+                r = SSH_ERR_INVALID_ARGUMENT;
+                break;
+        }
+        if (r != 0)
+                return r;
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_INIT)) != 0 ||
+            (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                return r;
+        debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
+        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_REPLY, &input_kex_gen_reply);
+        return 0;
+}
+
+static int
+input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        struct sshkey *server_host_key = NULL;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *server_blob = NULL;
+        struct sshbuf *tmp = NULL, *server_host_key_blob = NULL;
+        u_char *signature = NULL;
+        u_char hash[SSH_DIGEST_MAX_LENGTH];
+        size_t slen, hashlen;
+        int r;
+
+        /* hostkey */
+        if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
+                goto out;
+        /* sshkey_fromb() consumes its buffer, so make a copy */
+        if ((tmp = sshbuf_fromb(server_host_key_blob)) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshkey_fromb(tmp, &server_host_key)) != 0)
+                goto out;
+        if ((r = kex_verify_host_key(ssh, server_host_key)) != 0)
+                goto out;
+
+        /* Q_S, server public key */
+        /* signed H */
+        if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
+            (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                goto out;
+
+        /* compute shared secret */
+        switch (kex->kex_type) {
+#ifdef WITH_OPENSSL
+        case KEX_DH_GRP1_SHA1:
+        case KEX_DH_GRP14_SHA1:
+        case KEX_DH_GRP14_SHA256:
+        case KEX_DH_GRP16_SHA512:
+        case KEX_DH_GRP18_SHA512:
+                r = kex_dh_dec(kex, server_blob, &shared_secret);
+                break;
+        case KEX_ECDH_SHA2:
+                r = kex_ecdh_dec(kex, server_blob, &shared_secret);
+                break;
+#endif
+        case KEX_C25519_SHA256:
+                r = kex_c25519_dec(kex, server_blob, &shared_secret);
+                break;
+        case KEX_KEM_SNTRUP4591761X25519_SHA512:
+                r = kex_kem_sntrup4591761x25519_dec(kex, server_blob,
+                    &shared_secret);
+                break;
+        default:
+                r = SSH_ERR_INVALID_ARGUMENT;
+                break;
+        }
+        if (r !=0 )
+                goto out;
+
+        /* calc and verify H */
+        hashlen = sizeof(hash);
+        if ((r = kex_gen_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->my,
+            kex->peer,
+            server_host_key_blob,
+            kex->client_pub,
+            server_blob,
+            shared_secret,
+            hash, &hashlen)) != 0)
+                goto out;
+
+        if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
+            kex->hostkey_alg, ssh->compat)) != 0)
+                goto out;
+
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
+out:
+        explicit_bzero(hash, sizeof(hash));
+        explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
+        explicit_bzero(kex->sntrup4591761_client_key,
+            sizeof(kex->sntrup4591761_client_key));
+        sshbuf_free(server_host_key_blob);
+        free(signature);
+        sshbuf_free(tmp);
+        sshkey_free(server_host_key);
+        sshbuf_free(server_blob);
+        sshbuf_free(shared_secret);
+        sshbuf_free(kex->client_pub);
+        kex->client_pub = NULL;
+        return r;
+}
+
+int
+kex_gen_server(struct ssh *ssh)
+{
+        debug("expecting SSH2_MSG_KEX_ECDH_INIT");
+        ssh_dispatch_set(ssh, SSH2_MSG_KEX_ECDH_INIT, &input_kex_gen_init);
+        return 0;
+}
+
+static int
+input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        struct sshkey *server_host_private, *server_host_public;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *server_pubkey = NULL;
+        struct sshbuf *client_pubkey = NULL;
+        struct sshbuf *server_host_key_blob = NULL;
+        u_char *signature = NULL, hash[SSH_DIGEST_MAX_LENGTH];
+        size_t slen, hashlen;
+        int r;
+
+        if ((r = kex_load_hostkey(ssh, &server_host_private,
+            &server_host_public)) != 0)
+                goto out;
+
+        if ((r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                goto out;
+
+        /* compute shared secret */
+        switch (kex->kex_type) {
+#ifdef WITH_OPENSSL
+        case KEX_DH_GRP1_SHA1:
+        case KEX_DH_GRP14_SHA1:
+        case KEX_DH_GRP14_SHA256:
+        case KEX_DH_GRP16_SHA512:
+        case KEX_DH_GRP18_SHA512:
+                r = kex_dh_enc(kex, client_pubkey, &server_pubkey,
+                    &shared_secret);
+                break;
+        case KEX_ECDH_SHA2:
+                r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey,
+                    &shared_secret);
+                break;
+#endif
+        case KEX_C25519_SHA256:
+                r = kex_c25519_enc(kex, client_pubkey, &server_pubkey,
+                    &shared_secret);
+                break;
+        case KEX_KEM_SNTRUP4591761X25519_SHA512:
+                r = kex_kem_sntrup4591761x25519_enc(kex, client_pubkey,
+                    &server_pubkey, &shared_secret);
+                break;
+        default:
+                r = SSH_ERR_INVALID_ARGUMENT;
+                break;
+        }
+        if (r !=0 )
+                goto out;
+
+        /* calc H */
+        if ((server_host_key_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshkey_putb(server_host_public, server_host_key_blob)) != 0)
+                goto out;
+        hashlen = sizeof(hash);
+        if ((r = kex_gen_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->peer,
+            kex->my,
+            server_host_key_blob,
+            client_pubkey,
+            server_pubkey,
+            shared_secret,
+            hash, &hashlen)) != 0)
+                goto out;
+
+        /* sign H */
+        if ((r = kex->sign(ssh, server_host_private, server_host_public,
+             &signature, &slen, hash, hashlen, kex->hostkey_alg)) != 0)
+                goto out;
+
+        /* send server hostkey, ECDH pubkey 'Q_S' and signed H */
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_ECDH_REPLY)) != 0 ||
+            (r = sshpkt_put_stringb(ssh, server_host_key_blob)) != 0 ||
+            (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 ||
+            (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                goto out;
+
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
+out:
+        explicit_bzero(hash, sizeof(hash));
+        sshbuf_free(server_host_key_blob);
+        free(signature);
+        sshbuf_free(shared_secret);
+        sshbuf_free(client_pubkey);
+        sshbuf_free(server_pubkey);
+        return r;
+}
diff --git a/kexgex.c b/kexgex.c
index 3ca4bd370..8040a1320 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgex.c,v 1.29 2015/01/19 20:16:15 markus Exp $ */
+/* $OpenBSD: kexgex.c,v 1.32 2019/01/23 00:30:41 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -46,17 +46,17 @@
 int
 kexgex_hash(
     int hash_alg,
-    const char *client_version_string,
-    const char *server_version_string,
-    const u_char *ckexinit, size_t ckexinitlen,
-    const u_char *skexinit, size_t skexinitlen,
-    const u_char *serverhostkeyblob, size_t sbloblen,
+    const struct sshbuf *client_version,
+    const struct sshbuf *server_version,
+    const struct sshbuf *client_kexinit,
+    const struct sshbuf *server_kexinit,
+    const struct sshbuf *server_host_key_blob,
     int min, int wantbits, int max,
     const BIGNUM *prime,
     const BIGNUM *gen,
     const BIGNUM *client_dh_pub,
     const BIGNUM *server_dh_pub,
-    const BIGNUM *shared_secret,
+    const u_char *shared_secret, size_t secretlen,
     u_char *hash, size_t *hashlen)
 {
         struct sshbuf *b;
@@ -66,16 +66,16 @@ kexgex_hash(
                 return SSH_ERR_INVALID_ARGUMENT;
         if ((b = sshbuf_new()) == NULL)
                 return SSH_ERR_ALLOC_FAIL;
-        if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 ||
-            (r = sshbuf_put_cstring(b, server_version_string)) != 0 ||
+        if ((r = sshbuf_put_stringb(b, client_version)) < 0 ||
+            (r = sshbuf_put_stringb(b, server_version)) < 0 ||
             /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
-            (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 ||
+            (r = sshbuf_put_u32(b, sshbuf_len(client_kexinit) + 1)) != 0 ||
             (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, ckexinit, ckexinitlen)) != 0 ||
-            (r = sshbuf_put_u32(b, skexinitlen+1)) != 0 ||
+            (r = sshbuf_putb(b, client_kexinit)) != 0 ||
+            (r = sshbuf_put_u32(b, sshbuf_len(server_kexinit) + 1)) != 0 ||
             (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||
-            (r = sshbuf_put(b, skexinit, skexinitlen)) != 0 ||
-            (r = sshbuf_put_string(b, serverhostkeyblob, sbloblen)) != 0 ||
+            (r = sshbuf_putb(b, server_kexinit)) != 0 ||
+            (r = sshbuf_put_stringb(b, server_host_key_blob)) != 0 ||
             (min != -1 && (r = sshbuf_put_u32(b, min)) != 0) ||
             (r = sshbuf_put_u32(b, wantbits)) != 0 ||
             (max != -1 && (r = sshbuf_put_u32(b, max)) != 0) ||
@@ -83,7 +83,7 @@ kexgex_hash(
             (r = sshbuf_put_bignum2(b, gen)) != 0 ||
             (r = sshbuf_put_bignum2(b, client_dh_pub)) != 0 ||
             (r = sshbuf_put_bignum2(b, server_dh_pub)) != 0 ||
-            (r = sshbuf_put_bignum2(b, shared_secret)) != 0) {
+            (r = sshbuf_put(b, shared_secret, secretlen)) != 0) {
                 sshbuf_free(b);
                 return r;
         }
diff --git a/kexgexc.c b/kexgexc.c
index 0d07f73c7..1c65b8a18 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.27 2018/02/07 02:06:51 jsing Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.34 2019/01/23 00:30:41 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -100,13 +100,8 @@ input_kex_dh_gex_group(int type, u_int32_t seq, struct ssh *ssh)
 
         debug("got SSH2_MSG_KEX_DH_GEX_GROUP");
 
-        if ((p = BN_new()) == NULL ||
-            (g = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = sshpkt_get_bignum2(ssh, p)) != 0 ||
-            (r = sshpkt_get_bignum2(ssh, g)) != 0 ||
+        if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 ||
+            (r = sshpkt_get_bignum2(ssh, &g)) != 0 ||
             (r = sshpkt_get_end(ssh)) != 0)
                 goto out;
         if ((bits = BN_num_bits(p)) < 0 ||
@@ -148,71 +143,39 @@ static int
 input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
 {
         struct kex *kex = ssh->kex;
-        BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
+        BIGNUM *dh_server_pub = NULL;
         const BIGNUM *pub_key, *dh_p, *dh_g;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *tmp = NULL, *server_host_key_blob = NULL;
         struct sshkey *server_host_key = NULL;
-        u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL;
+        u_char *signature = NULL;
         u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t klen = 0, slen, sbloblen, hashlen;
-        int kout, r;
+        size_t slen, hashlen;
+        int r;
 
         debug("got SSH2_MSG_KEX_DH_GEX_REPLY");
-        if (kex->verify_host_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
         /* key, cert */
-        if ((r = sshpkt_get_string(ssh, &server_host_key_blob,
-            &sbloblen)) != 0 ||
-            (r = sshkey_from_blob(server_host_key_blob, sbloblen,
-            &server_host_key)) != 0)
+        if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
                 goto out;
-        if (server_host_key->type != kex->hostkey_type ||
-            (kex->hostkey_type == KEY_ECDSA &&
-            server_host_key->ecdsa_nid != kex->hostkey_nid)) {
-                r = SSH_ERR_KEY_TYPE_MISMATCH;
-                goto out;
-        }
-        if (kex->verify_host_key(server_host_key, ssh) == -1) {
-                r = SSH_ERR_SIGNATURE_INVALID;
-                goto out;
-        }
-        /* DH parameter f, server public DH key */
-        if ((dh_server_pub = BN_new()) == NULL) {
+        /* sshkey_fromb() consumes its buffer, so make a copy */
+        if ((tmp = sshbuf_fromb(server_host_key_blob)) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
-        /* signed H */
-        if ((r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0 ||
+        if ((r = sshkey_fromb(tmp, &server_host_key)) != 0 ||
+            (r = kex_verify_host_key(ssh, server_host_key)) != 0)
+                goto out;
+        /* DH parameter f, server public DH key, signed H */
+        if ((r = sshpkt_get_bignum2(ssh, &dh_server_pub)) != 0 ||
             (r = sshpkt_get_string(ssh, &signature, &slen)) != 0 ||
             (r = sshpkt_get_end(ssh)) != 0)
                 goto out;
-#ifdef DEBUG_KEXDH
-        fprintf(stderr, "dh_server_pub= ");
-        BN_print_fp(stderr, dh_server_pub);
-        fprintf(stderr, "\n");
-        debug("bits %d", BN_num_bits(dh_server_pub));
-#endif
-        if (!dh_pub_is_valid(kex->dh, dh_server_pub)) {
-                sshpkt_disconnect(ssh, "bad server public DH value");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        klen = DH_size(kex->dh);
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
+        if ((shared_secret = sshbuf_new()) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
-        if ((kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0 ||
-            BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
+        if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0)
                 goto out;
-        }
-#ifdef DEBUG_KEXDH
-        dump_digest("shared secret", kbuf, kout);
-#endif
         if (ssh->compat & SSH_OLD_DHGEX)
                 kex->min = kex->max = -1;
 
@@ -222,16 +185,16 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
         hashlen = sizeof(hash);
         if ((r = kexgex_hash(
             kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            server_host_key_blob, sbloblen,
+            kex->client_version,
+            kex->server_version,
+            kex->my,
+            kex->peer,
+            server_host_key_blob,
             kex->min, kex->nbits, kex->max,
             dh_p, dh_g,
             pub_key,
             dh_server_pub,
-            shared_secret,
+            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
             hash, &hashlen)) != 0)
                 goto out;
 
@@ -239,31 +202,17 @@ input_kex_dh_gex_reply(int type, u_int32_t seq, struct ssh *ssh)
             hashlen, kex->hostkey_alg, ssh->compat)) != 0)
                 goto out;
 
-        /* save session id */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
                 r = kex_send_newkeys(ssh);
  out:
         explicit_bzero(hash, sizeof(hash));
         DH_free(kex->dh);
         kex->dh = NULL;
         BN_clear_free(dh_server_pub);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
+        sshbuf_free(shared_secret);
         sshkey_free(server_host_key);
-        free(server_host_key_blob);
+        sshbuf_free(tmp);
+        sshbuf_free(server_host_key_blob);
         free(signature);
         return r;
 }
diff --git a/kexgexs.c b/kexgexs.c
index dc9c0bc60..8ee3aaccb 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.35 2018/10/04 00:04:41 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.42 2019/01/23 00:30:41 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -126,130 +126,78 @@ static int
 input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)
 {
         struct kex *kex = ssh->kex;
-        BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
+        BIGNUM *dh_client_pub = NULL;
         const BIGNUM *pub_key, *dh_p, *dh_g;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *server_host_key_blob = NULL;
         struct sshkey *server_host_public, *server_host_private;
-        u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL;
+        u_char *signature = NULL;
         u_char hash[SSH_DIGEST_MAX_LENGTH];
-        size_t sbloblen, slen;
-        size_t klen = 0, hashlen;
-        int kout, r;
+        size_t slen, hashlen;
+        int r;
 
-        if (kex->load_host_public_key == NULL ||
-            kex->load_host_private_key == NULL) {
-                r = SSH_ERR_INVALID_ARGUMENT;
-                goto out;
-        }
-        server_host_public = kex->load_host_public_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        server_host_private = kex->load_host_private_key(kex->hostkey_type,
-            kex->hostkey_nid, ssh);
-        if (server_host_public == NULL) {
-                r = SSH_ERR_NO_HOSTKEY_LOADED;
+        if ((r = kex_load_hostkey(ssh, &server_host_private,
+            &server_host_public)) != 0)
                 goto out;
-        }
 
         /* key, cert */
-        if ((dh_client_pub = BN_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-        if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 ||
+        if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||
             (r = sshpkt_get_end(ssh)) != 0)
                 goto out;
-
-        DH_get0_key(kex->dh, &pub_key, NULL);
-        DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
-
-#ifdef DEBUG_KEXDH
-        fprintf(stderr, "dh_client_pub= ");
-        BN_print_fp(stderr, dh_client_pub);
-        fprintf(stderr, "\n");
-        debug("bits %d", BN_num_bits(dh_client_pub));
-        DHparams_print_fp(stderr, kex->dh);
-        fprintf(stderr, "pub= ");
-        BN_print_fp(stderr, pub_key);
-        fprintf(stderr, "\n");
-#endif
-        if (!dh_pub_is_valid(kex->dh, dh_client_pub)) {
-                sshpkt_disconnect(ssh, "bad client public DH value");
-                r = SSH_ERR_MESSAGE_INCOMPLETE;
-                goto out;
-        }
-
-        klen = DH_size(kex->dh);
-        if ((kbuf = malloc(klen)) == NULL ||
-            (shared_secret = BN_new()) == NULL) {
+        if ((shared_secret = sshbuf_new()) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
-        if ((kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0 ||
-            BN_bin2bn(kbuf, kout, shared_secret) == NULL) {
-                r = SSH_ERR_LIBCRYPTO_ERROR;
+        if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0)
+                goto out;
+        if ((server_host_key_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
-#ifdef DEBUG_KEXDH
-        dump_digest("shared secret", kbuf, kout);
-#endif
-        if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
-            &sbloblen)) != 0)
+        if ((r = sshkey_putb(server_host_public, server_host_key_blob)) != 0)
                 goto out;
+
         /* calc H */
+        DH_get0_key(kex->dh, &pub_key, NULL);
+        DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
         hashlen = sizeof(hash);
         if ((r = kexgex_hash(
             kex->hash_alg,
-            kex->client_version_string,
-            kex->server_version_string,
-            sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
-            sshbuf_ptr(kex->my), sshbuf_len(kex->my),
-            server_host_key_blob, sbloblen,
+            kex->client_version,
+            kex->server_version,
+            kex->peer,
+            kex->my,
+            server_host_key_blob,
             kex->min, kex->nbits, kex->max,
             dh_p, dh_g,
             dh_client_pub,
             pub_key,
-            shared_secret,
+            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
             hash, &hashlen)) != 0)
                 goto out;
 
-        /* save session id := H */
-        if (kex->session_id == NULL) {
-                kex->session_id_len = hashlen;
-                kex->session_id = malloc(kex->session_id_len);
-                if (kex->session_id == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                memcpy(kex->session_id, hash, kex->session_id_len);
-        }
-
         /* sign H */
-        if ((r = kex->sign(server_host_private, server_host_public, &signature,
-             &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
+        if ((r = kex->sign(ssh, server_host_private, server_host_public,
+            &signature, &slen, hash, hashlen, kex->hostkey_alg)) < 0)
                 goto out;
 
-        /* destroy_sensitive_data(); */
-
         /* send server hostkey, DH pubkey 'f' and signed H */
         if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 ||
-            (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
+            (r = sshpkt_put_stringb(ssh, server_host_key_blob)) != 0 ||
             (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||     /* f */
             (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
             (r = sshpkt_send(ssh)) != 0)
                 goto out;
 
-        if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
                 r = kex_send_newkeys(ssh);
  out:
         explicit_bzero(hash, sizeof(hash));
         DH_free(kex->dh);
         kex->dh = NULL;
         BN_clear_free(dh_client_pub);
-        if (kbuf) {
-                explicit_bzero(kbuf, klen);
-                free(kbuf);
-        }
-        BN_clear_free(shared_secret);
-        free(server_host_key_blob);
+        sshbuf_free(shared_secret);
+        sshbuf_free(server_host_key_blob);
         free(signature);
         return r;
 }
diff --git a/kexgssc.c b/kexgssc.c
index 3c8ae08dd..f6e1405eb 100644
--- a/kexgssc.c
+++ b/kexgssc.c
@@ -24,7 +24,7 @@
 
 #include "includes.h"
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
 
 #include "includes.h"
 
@@ -43,113 +43,88 @@
 #include "packet.h"
 #include "dh.h"
 #include "digest.h"
+#include "ssherr.h"
 
 #include "ssh-gss.h"
 
 int
-kexgss_client(struct ssh *ssh) {
-        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
-        gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
+kexgss_client(struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER,
+            recv_tok = GSS_C_EMPTY_BUFFER,
+            gssbuf, msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr;
         Gssctxt *ctxt;
         OM_uint32 maj_status, min_status, ret_flags;
-        u_int klen, kout, slen = 0, strlen;
-        DH *dh; 
-        BIGNUM *dh_server_pub = NULL;
-        BIGNUM *shared_secret = NULL;
-        const BIGNUM *pub_key, *dh_p, *dh_g;
-        BIGNUM *p = NULL;
-        BIGNUM *g = NULL;       
-        u_char *kbuf;
-        u_char *serverhostkey = NULL;
-        u_char *empty = "";
-        char *msg;
+        struct sshbuf *server_blob = NULL;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *server_host_key_blob = NULL;
+        struct sshbuf *empty = NULL;
+        u_char *msg;
         int type = 0;
         int first = 1;
-        int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
         u_char hash[SSH_DIGEST_MAX_LENGTH];
         size_t hashlen;
+        u_char c;
+        int r;
 
-        /* Initialise our GSSAPI world */       
+        /* Initialise our GSSAPI world */
         ssh_gssapi_build_ctx(&ctxt);
-        if (ssh_gssapi_id_kex(ctxt, ssh->kex->name, ssh->kex->kex_type) 
+        if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type)
             == GSS_C_NO_OID)
                 fatal("Couldn't identify host exchange");
 
-        if (ssh_gssapi_import_name(ctxt, ssh->kex->gss_host))
+        if (ssh_gssapi_import_name(ctxt, kex->gss_host))
                 fatal("Couldn't import hostname");
 
-        if (ssh->kex->gss_client && 
-            ssh_gssapi_client_identity(ctxt, ssh->kex->gss_client))
+        if (kex->gss_client &&
+            ssh_gssapi_client_identity(ctxt, kex->gss_client))
                 fatal("Couldn't acquire client credentials");
 
-        switch (ssh->kex->kex_type) {
+        /* Step 1 */
+        switch (kex->kex_type) {
         case KEX_GSS_GRP1_SHA1:
-                dh = dh_new_group1();
-                break;
         case KEX_GSS_GRP14_SHA1:
-                dh = dh_new_group14();
+        case KEX_GSS_GRP14_SHA256:
+        case KEX_GSS_GRP16_SHA512:
+                r = kex_dh_keypair(kex);
                 break;
-        case KEX_GSS_GEX_SHA1:
-                debug("Doing group exchange\n");
-                nbits = dh_estimate(ssh->kex->we_need * 8);
-                packet_start(SSH2_MSG_KEXGSS_GROUPREQ);
-                packet_put_int(min);
-                packet_put_int(nbits);
-                packet_put_int(max);
-
-                packet_send();
-
-                packet_read_expect(SSH2_MSG_KEXGSS_GROUP);
-
-                if ((p = BN_new()) == NULL)
-                        fatal("BN_new() failed");
-                packet_get_bignum2(p);
-                if ((g = BN_new()) == NULL)
-                        fatal("BN_new() failed");
-                packet_get_bignum2(g);
-                packet_check_eom();
-
-                if (BN_num_bits(p) < min || BN_num_bits(p) > max)
-                        fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
-                            min, BN_num_bits(p), max);
-
-                dh = dh_new_group(g, p);
+        case KEX_GSS_NISTP256_SHA256:
+                r = kex_ecdh_keypair(kex);
+                break;
+        case KEX_GSS_C25519_SHA256:
+                r = kex_c25519_keypair(kex);
                 break;
         default:
-                fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
+                fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
         }
-        
-        /* Step 1 - e is dh->pub_key */
-        dh_gen_key(dh, ssh->kex->we_need * 8);
-        DH_get0_key(dh, &pub_key, NULL);
-        DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
-
-        /* This is f, we initialise it now to make life easier */
-        dh_server_pub = BN_new();
-        if (dh_server_pub == NULL)
-                fatal("dh_server_pub == NULL");
+        if (r != 0)
+                return r;
 
         token_ptr = GSS_C_NO_BUFFER;
-                         
+
         do {
                 debug("Calling gss_init_sec_context");
-                
+
                 maj_status = ssh_gssapi_init_ctx(ctxt,
-                    ssh->kex->gss_deleg_creds, token_ptr, &send_tok,
+                    kex->gss_deleg_creds, token_ptr, &send_tok,
                     &ret_flags);
 
                 if (GSS_ERROR(maj_status)) {
+                        /* XXX Useles code: Missing send? */
                         if (send_tok.length != 0) {
-                                packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-                                packet_put_string(send_tok.value,
-                                    send_tok.length);
+                                if ((r = sshpkt_start(ssh,
+                                        SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                                    (r = sshpkt_put_string(ssh, send_tok.value,
+                                        send_tok.length)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
                         }
                         fatal("gss_init_context failed");
                 }
 
                 /* If we've got an old receive buffer get rid of it */
                 if (token_ptr != GSS_C_NO_BUFFER)
-                        free(recv_tok.value);
+                        gss_release_buffer(&min_status, &recv_tok);
 
                 if (maj_status == GSS_S_COMPLETE) {
                         /* If mutual state flag is not true, kex fails */
@@ -161,75 +136,90 @@ kexgss_client(struct ssh *ssh) {
                                 fatal("Integrity check failed");
                 }
 
-                /* 
+                /*
                  * If we have data to send, then the last message that we
-                 * received cannot have been a 'complete'. 
+                 * received cannot have been a 'complete'.
                  */
                 if (send_tok.length != 0) {
                         if (first) {
-                                packet_start(SSH2_MSG_KEXGSS_INIT);
-                                packet_put_string(send_tok.value,
-                                    send_tok.length);
-                                packet_put_bignum2(pub_key);
+                                if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 ||
+                                    (r = sshpkt_put_string(ssh, send_tok.value,
+                                        send_tok.length)) != 0 ||
+                                    (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0)
+                                        fatal("failed to construct packet: %s", ssh_err(r));
                                 first = 0;
                         } else {
-                                packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-                                packet_put_string(send_tok.value,
-                                    send_tok.length);
+                                if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                                    (r = sshpkt_put_string(ssh, send_tok.value,
+                                        send_tok.length)) != 0)
+                                        fatal("failed to construct packet: %s", ssh_err(r));
                         }
-                        packet_send();
+                        if ((r = sshpkt_send(ssh)) != 0)
+                                fatal("failed to send packet: %s", ssh_err(r));
                         gss_release_buffer(&min_status, &send_tok);
 
                         /* If we've sent them data, they should reply */
-                        do {    
-                                type = packet_read();
+                        do {
+                                type = ssh_packet_read(ssh);
                                 if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
                                         debug("Received KEXGSS_HOSTKEY");
-                                        if (serverhostkey)
+                                        if (server_host_key_blob)
                                                 fatal("Server host key received more than once");
-                                        serverhostkey = 
-                                            packet_get_string(&slen);
+                                        if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
+                                                fatal("Failed to read server host key: %s", ssh_err(r));
                                 }
                         } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
 
                         switch (type) {
                         case SSH2_MSG_KEXGSS_CONTINUE:
                                 debug("Received GSSAPI_CONTINUE");
-                                if (maj_status == GSS_S_COMPLETE) 
+                                if (maj_status == GSS_S_COMPLETE)
                                         fatal("GSSAPI Continue received from server when complete");
-                                recv_tok.value = packet_get_string(&strlen);
-                                recv_tok.length = strlen; 
+                                if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                        &recv_tok)) != 0 ||
+                                    (r = sshpkt_get_end(ssh)) != 0)
+                                        fatal("Failed to read token: %s", ssh_err(r));
                                 break;
                         case SSH2_MSG_KEXGSS_COMPLETE:
                                 debug("Received GSSAPI_COMPLETE");
-                                packet_get_bignum2(dh_server_pub);
-                                msg_tok.value =  packet_get_string(&strlen);
-                                msg_tok.length = strlen; 
+                                if (msg_tok.value != NULL)
+                                        fatal("Received GSSAPI_COMPLETE twice?");
+                                if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
+                                    (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                        &msg_tok)) != 0)
+                                        fatal("Failed to read message: %s", ssh_err(r));
 
                                 /* Is there a token included? */
-                                if (packet_get_char()) {
-                                        recv_tok.value=
-                                            packet_get_string(&strlen);
-                                        recv_tok.length = strlen;
+                                if ((r = sshpkt_get_u8(ssh, &c)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                                if (c) {
+                                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(
+                                            ssh, &recv_tok)) != 0)
+                                                fatal("Failed to read token: %s", ssh_err(r));
                                         /* If we're already complete - protocol error */
                                         if (maj_status == GSS_S_COMPLETE)
-                                                packet_disconnect("Protocol error: received token when complete");
-                                        } else {
-                                                /* No token included */
-                                                if (maj_status != GSS_S_COMPLETE)
-                                                        packet_disconnect("Protocol error: did not receive final token");
+                                                sshpkt_disconnect(ssh, "Protocol error: received token when complete");
+                                } else {
+                                        /* No token included */
+                                        if (maj_status != GSS_S_COMPLETE)
+                                                sshpkt_disconnect(ssh, "Protocol error: did not receive final token");
+                                }
+                                if ((r = sshpkt_get_end(ssh)) != 0) {
+                                        fatal("Expecting end of packet.");
                                 }
                                 break;
                         case SSH2_MSG_KEXGSS_ERROR:
                                 debug("Received Error");
-                                maj_status = packet_get_int();
-                                min_status = packet_get_int();
-                                msg = packet_get_string(NULL);
-                                (void) packet_get_string_ptr(NULL);
-                                fatal("GSSAPI Error: \n%.400s",msg);
+                                if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 ||
+                                    (r = sshpkt_get_u32(ssh, &min_status)) != 0 ||
+                                    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 ||
+                                    (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */
+                                    (r = sshpkt_get_end(ssh)) != 0)
+                                        fatal("sshpkt_get failed: %s", ssh_err(r));
+                                fatal("GSSAPI Error: \n%.400s", msg);
                         default:
-                                packet_disconnect("Protocol error: didn't expect packet type %d",
-                                type);
+                                sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d",
+                                    type);
                         }
                         token_ptr = &recv_tok;
                 } else {
@@ -239,93 +229,358 @@ kexgss_client(struct ssh *ssh) {
                 }
         } while (maj_status & GSS_S_CONTINUE_NEEDED);
 
-        /* 
-         * We _must_ have received a COMPLETE message in reply from the 
-         * server, which will have set dh_server_pub and msg_tok 
+        /*
+         * We _must_ have received a COMPLETE message in reply from the
+         * server, which will have set server_blob and msg_tok
          */
 
         if (type != SSH2_MSG_KEXGSS_COMPLETE)
                 fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it");
 
-        /* Check f in range [1, p-1] */
-        if (!dh_pub_is_valid(dh, dh_server_pub))
-                packet_disconnect("bad server public DH value");
-
-        /* compute K=f^x mod p */
-        klen = DH_size(dh);
-        kbuf = xmalloc(klen);
-        kout = DH_compute_key(kbuf, dh_server_pub, dh);
-        if (kout < 0)
-                fatal("DH_compute_key: failed");
-
-        shared_secret = BN_new();
-        if (shared_secret == NULL)
-                fatal("kexgss_client: BN_new failed");
-
-        if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
-                fatal("kexdh_client: BN_bin2bn failed");
-
-        memset(kbuf, 0, klen);
-        free(kbuf);
-
-        hashlen = sizeof(hash);
-        switch (ssh->kex->kex_type) {
+        /* compute shared secret */
+        switch (kex->kex_type) {
         case KEX_GSS_GRP1_SHA1:
         case KEX_GSS_GRP14_SHA1:
-                kex_dh_hash(
-                    ssh->kex->hash_alg,
-                    ssh->kex->client_version_string,
-                    ssh->kex->server_version_string,
-                    sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-                    sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-                    (serverhostkey ? serverhostkey : empty), slen,
-                    pub_key,            /* e */
-                    dh_server_pub,      /* f */
-                    shared_secret,      /* K */
-                    hash, &hashlen
-                );
+        case KEX_GSS_GRP14_SHA256:
+        case KEX_GSS_GRP16_SHA512:
+                r = kex_dh_dec(kex, server_blob, &shared_secret);
+                break;
+        case KEX_GSS_C25519_SHA256:
+                if (sshbuf_ptr(server_blob)[sshbuf_len(server_blob)] & 0x80)
+                        fatal("The received key has MSB of last octet set!");
+                r = kex_c25519_dec(kex, server_blob, &shared_secret);
                 break;
-        case KEX_GSS_GEX_SHA1:
-                kexgex_hash(
-                    ssh->kex->hash_alg,
-                    ssh->kex->client_version_string,
-                    ssh->kex->server_version_string,
-                    sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-                    sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-                    (serverhostkey ? serverhostkey : empty), slen,
-                    min, nbits, max,
-                    dh_p, dh_g,
-                    pub_key,
-                    dh_server_pub,
-                    shared_secret,
-                    hash, &hashlen
-                );
+        case KEX_GSS_NISTP256_SHA256:
+                if (sshbuf_len(server_blob) != 65)
+                        fatal("The received NIST-P256 key did not match"
+                            "expected length (expected 65, got %zu)", sshbuf_len(server_blob));
+
+                if (sshbuf_ptr(server_blob)[0] != POINT_CONVERSION_UNCOMPRESSED)
+                        fatal("The received NIST-P256 key does not have first octet 0x04");
+
+                r = kex_ecdh_dec(kex, server_blob, &shared_secret);
                 break;
         default:
-                fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
+                r = SSH_ERR_INVALID_ARGUMENT;
+                break;
+        }
+        if (r != 0)
+                goto out;
+
+        if ((empty = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
         }
 
+        hashlen = sizeof(hash);
+        if ((r = kex_gen_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->my,
+            kex->peer,
+            (server_host_key_blob ? server_host_key_blob : empty),
+            kex->client_pub,
+            server_blob,
+            shared_secret,
+            hash, &hashlen)) != 0)
+                fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
+
         gssbuf.value = hash;
         gssbuf.length = hashlen;
 
         /* Verify that the hash matches the MIC we just got. */
         if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
-                packet_disconnect("Hash's MIC didn't verify");
+                sshpkt_disconnect(ssh, "Hash's MIC didn't verify");
 
-        free(msg_tok.value);
+        gss_release_buffer(&min_status, &msg_tok);
 
-        DH_free(dh);
-        free(serverhostkey);
-        BN_clear_free(dh_server_pub);
+        if (kex->gss_deleg_creds)
+                ssh_gssapi_credentials_updated(ctxt);
+
+        if (gss_kex_context == NULL)
+                gss_kex_context = ctxt;
+        else
+                ssh_gssapi_delete_ctx(&ctxt);
+
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
+
+out:
+        explicit_bzero(hash, sizeof(hash));
+        explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key));
+        sshbuf_free(empty);
+        sshbuf_free(server_host_key_blob);
+        sshbuf_free(server_blob);
+        sshbuf_free(shared_secret);
+        sshbuf_free(kex->client_pub);
+        kex->client_pub = NULL;
+        return r;
+}
+
+int
+kexgssgex_client(struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER,
+            recv_tok = GSS_C_EMPTY_BUFFER, gssbuf,
+            msg_tok = GSS_C_EMPTY_BUFFER, *token_ptr;
+        Gssctxt *ctxt;
+        OM_uint32 maj_status, min_status, ret_flags;
+        struct sshbuf *shared_secret = NULL;
+        BIGNUM *p = NULL;
+        BIGNUM *g = NULL;
+        struct sshbuf *buf = NULL;
+        struct sshbuf *server_host_key_blob = NULL;
+        struct sshbuf *server_blob = NULL;
+        BIGNUM *dh_server_pub = NULL;
+        u_char *msg;
+        int type = 0;
+        int first = 1;
+        u_char hash[SSH_DIGEST_MAX_LENGTH];
+        size_t hashlen;
+        const BIGNUM *pub_key, *dh_p, *dh_g;
+        int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
+        struct sshbuf *empty = NULL;
+        u_char c;
+        int r;
+
+        /* Initialise our GSSAPI world */
+        ssh_gssapi_build_ctx(&ctxt);
+        if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type)
+            == GSS_C_NO_OID)
+                fatal("Couldn't identify host exchange");
+
+        if (ssh_gssapi_import_name(ctxt, kex->gss_host))
+                fatal("Couldn't import hostname");
+
+        if (kex->gss_client &&
+            ssh_gssapi_client_identity(ctxt, kex->gss_client))
+                fatal("Couldn't acquire client credentials");
+
+        debug("Doing group exchange");
+        nbits = dh_estimate(kex->dh_need * 8);
+
+        kex->min = DH_GRP_MIN;
+        kex->max = DH_GRP_MAX;
+        kex->nbits = nbits;
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUPREQ)) != 0 ||
+            (r = sshpkt_put_u32(ssh, min)) != 0 ||
+            (r = sshpkt_put_u32(ssh, nbits)) != 0 ||
+            (r = sshpkt_put_u32(ssh, max)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                fatal("Failed to construct a packet: %s", ssh_err(r));
+
+        if ((r = ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0)
+                fatal("Error: %s", ssh_err(r));
+
+        if ((r = sshpkt_get_bignum2(ssh, &p)) != 0 ||
+            (r = sshpkt_get_bignum2(ssh, &g)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                fatal("shpkt_get_bignum2 failed: %s", ssh_err(r));
+
+        if (BN_num_bits(p) < min || BN_num_bits(p) > max)
+                fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
+                    min, BN_num_bits(p), max);
+
+        if ((kex->dh = dh_new_group(g, p)) == NULL)
+                fatal("dn_new_group() failed");
+        p = g = NULL; /* belong to kex->dh now */
+
+        if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
+                goto out;
+        DH_get0_key(kex->dh, &pub_key, NULL);
+
+        token_ptr = GSS_C_NO_BUFFER;
+
+        do {
+                /* Step 2 - call GSS_Init_sec_context() */
+                debug("Calling gss_init_sec_context");
+
+                maj_status = ssh_gssapi_init_ctx(ctxt,
+                    kex->gss_deleg_creds, token_ptr, &send_tok,
+                    &ret_flags);
+
+                if (GSS_ERROR(maj_status)) {
+                        /* XXX Useles code: Missing send? */
+                        if (send_tok.length != 0) {
+                                if ((r = sshpkt_start(ssh,
+                                        SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                                    (r = sshpkt_put_string(ssh, send_tok.value,
+                                        send_tok.length)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                        }
+                        fatal("gss_init_context failed");
+                }
+
+                /* If we've got an old receive buffer get rid of it */
+                if (token_ptr != GSS_C_NO_BUFFER)
+                        gss_release_buffer(&min_status, &recv_tok);
+
+                if (maj_status == GSS_S_COMPLETE) {
+                        /* If mutual state flag is not true, kex fails */
+                        if (!(ret_flags & GSS_C_MUTUAL_FLAG))
+                                fatal("Mutual authentication failed");
+
+                        /* If integ avail flag is not true kex fails */
+                        if (!(ret_flags & GSS_C_INTEG_FLAG))
+                                fatal("Integrity check failed");
+                }
+
+                /*
+                 * If we have data to send, then the last message that we
+                 * received cannot have been a 'complete'.
+                 */
+                if (send_tok.length != 0) {
+                        if (first) {
+                                if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_INIT)) != 0 ||
+                                    (r = sshpkt_put_string(ssh, send_tok.value,
+                                        send_tok.length)) != 0 ||
+                                    (r = sshpkt_put_bignum2(ssh, pub_key)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                                first = 0;
+                        } else {
+                                if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                                    (r = sshpkt_put_string(ssh,send_tok.value,
+                                        send_tok.length)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                        }
+                        if ((r = sshpkt_send(ssh)) != 0)
+                                fatal("sshpkt_send failed: %s", ssh_err(r));
+                        gss_release_buffer(&min_status, &send_tok);
+
+                        /* If we've sent them data, they should reply */
+                        do {
+                                type = ssh_packet_read(ssh);
+                                if (type == SSH2_MSG_KEXGSS_HOSTKEY) {
+                                        debug("Received KEXGSS_HOSTKEY");
+                                        if (server_host_key_blob)
+                                                fatal("Server host key received more than once");
+                                        if ((r = sshpkt_getb_froms(ssh, &server_host_key_blob)) != 0)
+                                                fatal("sshpkt failed: %s", ssh_err(r));
+                                }
+                        } while (type == SSH2_MSG_KEXGSS_HOSTKEY);
+
+                        switch (type) {
+                        case SSH2_MSG_KEXGSS_CONTINUE:
+                                debug("Received GSSAPI_CONTINUE");
+                                if (maj_status == GSS_S_COMPLETE)
+                                        fatal("GSSAPI Continue received from server when complete");
+                                if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                        &recv_tok)) != 0 ||
+                                    (r = sshpkt_get_end(ssh)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                                break;
+                        case SSH2_MSG_KEXGSS_COMPLETE:
+                                debug("Received GSSAPI_COMPLETE");
+                                if (msg_tok.value != NULL)
+                                        fatal("Received GSSAPI_COMPLETE twice?");
+                                if ((r = sshpkt_getb_froms(ssh, &server_blob)) != 0 ||
+                                    (r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                        &msg_tok)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+
+                                /* Is there a token included? */
+                                if ((r = sshpkt_get_u8(ssh, &c)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                                if (c) {
+                                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(
+                                                ssh, &recv_tok)) != 0 ||
+                                            (r = sshpkt_get_end(ssh)) != 0)
+                                                fatal("sshpkt failed: %s", ssh_err(r));
+                                        /* If we're already complete - protocol error */
+                                        if (maj_status == GSS_S_COMPLETE)
+                                                sshpkt_disconnect(ssh, "Protocol error: received token when complete");
+                                } else {
+                                        /* No token included */
+                                        if (maj_status != GSS_S_COMPLETE)
+                                                sshpkt_disconnect(ssh, "Protocol error: did not receive final token");
+                                }
+                                break;
+                        case SSH2_MSG_KEXGSS_ERROR:
+                                debug("Received Error");
+                                if ((r = sshpkt_get_u32(ssh, &maj_status)) != 0 ||
+                                    (r = sshpkt_get_u32(ssh, &min_status)) != 0 ||
+                                    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 ||
+                                    (r = sshpkt_get_string(ssh, NULL, NULL)) != 0 || /* lang tag */
+                                    (r = sshpkt_get_end(ssh)) != 0)
+                                        fatal("sshpkt failed: %s", ssh_err(r));
+                                fatal("GSSAPI Error: \n%.400s", msg);
+                        default:
+                                sshpkt_disconnect(ssh, "Protocol error: didn't expect packet type %d",
+                                    type);
+                        }
+                        token_ptr = &recv_tok;
+                } else {
+                        /* No data, and not complete */
+                        if (maj_status != GSS_S_COMPLETE)
+                                fatal("Not complete, and no token output");
+                }
+        } while (maj_status & GSS_S_CONTINUE_NEEDED);
+
+        /*
+         * We _must_ have received a COMPLETE message in reply from the
+         * server, which will have set dh_server_pub and msg_tok
+         */
+
+        if (type != SSH2_MSG_KEXGSS_COMPLETE)
+                fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it");
+
+        /* 7. C verifies that the key Q_S is valid */
+        /* 8. C computes shared secret */
+        if ((buf = sshbuf_new()) == NULL ||
+            (r = sshbuf_put_stringb(buf, server_blob)) != 0 ||
+            (r = sshbuf_get_bignum2(buf, &dh_server_pub)) != 0)
+                goto out;
+        sshbuf_free(buf);
+        buf = NULL;
+
+        if ((shared_secret = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+
+        if ((r = kex_dh_compute_key(kex, dh_server_pub, shared_secret)) != 0)
+                goto out;
+        if ((empty = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+
+        DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
+        hashlen = sizeof(hash);
+        if ((r = kexgex_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->my,
+            kex->peer,
+            (server_host_key_blob ? server_host_key_blob : empty),
+            kex->min, kex->nbits, kex->max,
+            dh_p, dh_g,
+            pub_key,
+            dh_server_pub,
+            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
+            hash, &hashlen)) != 0)
+                fatal("Failed to calculate hash: %s", ssh_err(r));
+
+        gssbuf.value = hash;
+        gssbuf.length = hashlen;
+
+        /* Verify that the hash matches the MIC we just got. */
+        if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
+                sshpkt_disconnect(ssh, "Hash's MIC didn't verify");
+
+        gss_release_buffer(&min_status, &msg_tok);
 
         /* save session id */
-        if (ssh->kex->session_id == NULL) {
-                ssh->kex->session_id_len = hashlen;
-                ssh->kex->session_id = xmalloc(ssh->kex->session_id_len);
-                memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len);
+        if (kex->session_id == NULL) {
+                kex->session_id_len = hashlen;
+                kex->session_id = xmalloc(kex->session_id_len);
+                memcpy(kex->session_id, hash, kex->session_id_len);
         }
 
-        if (ssh->kex->gss_deleg_creds)
+        if (kex->gss_deleg_creds)
                 ssh_gssapi_credentials_updated(ctxt);
 
         if (gss_kex_context == NULL)
@@ -333,9 +588,19 @@ kexgss_client(struct ssh *ssh) {
         else
                 ssh_gssapi_delete_ctx(&ctxt);
 
-        kex_derive_keys_bn(ssh, hash, hashlen, shared_secret);
-        BN_clear_free(shared_secret);
-        return kex_send_newkeys(ssh);
+        /* Finally derive the keys and send them */
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
+out:
+        sshbuf_free(buf);
+        sshbuf_free(server_blob);
+        sshbuf_free(empty);
+        explicit_bzero(hash, sizeof(hash));
+        DH_free(kex->dh);
+        kex->dh = NULL;
+        BN_clear_free(dh_server_pub);
+        sshbuf_free(shared_secret);
+        sshbuf_free(server_host_key_blob);
+        return r;
 }
-
-#endif /* GSSAPI */
+#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
diff --git a/kexgsss.c b/kexgsss.c
index 18070f1d7..60bc02deb 100644
--- a/kexgsss.c
+++ b/kexgsss.c
@@ -24,7 +24,7 @@
 
 #include "includes.h"
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
 
 #include <string.h>
 
@@ -42,40 +42,41 @@
 #include "dh.h"
 #include "ssh-gss.h"
 #include "monitor_wrap.h"
-#include "misc.h"
+#include "misc.h"      /* servconf.h needs misc.h for struct ForwardOptions */
 #include "servconf.h"
+#include "ssh-gss.h"
 #include "digest.h"
+#include "ssherr.h"
 
 extern ServerOptions options;
 
 int
 kexgss_server(struct ssh *ssh)
 {
+        struct kex *kex = ssh->kex;
         OM_uint32 maj_status, min_status;
-        
-        /* 
+
+        /*
          * Some GSSAPI implementations use the input value of ret_flags (an
-         * output variable) as a means of triggering mechanism specific 
-         * features. Initializing it to zero avoids inadvertently 
-         * activating this non-standard behaviour.
+         * output variable) as a means of triggering mechanism specific
+         * features. Initializing it to zero avoids inadvertently
+         * activating this non-standard behaviour.
          */
 
         OM_uint32 ret_flags = 0;
         gss_buffer_desc gssbuf, recv_tok, msg_tok;
         gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
         Gssctxt *ctxt = NULL;
-        u_int slen, klen, kout;
-        u_char *kbuf;
-        DH *dh;
-        int min = -1, max = -1, nbits = -1;
-        const BIGNUM *pub_key, *dh_p, *dh_g;
-        BIGNUM *shared_secret = NULL;
-        BIGNUM *dh_client_pub = NULL;
+        struct sshbuf *shared_secret = NULL;
+        struct sshbuf *client_pubkey = NULL;
+        struct sshbuf *server_pubkey = NULL;
+        struct sshbuf *empty = sshbuf_new();
         int type = 0;
         gss_OID oid;
         char *mechs;
         u_char hash[SSH_DIGEST_MAX_LENGTH];
         size_t hashlen;
+        int r;
 
         /* Initialise GSSAPI */
 
@@ -88,8 +89,8 @@ kexgss_server(struct ssh *ssh)
                 free(mechs);
         }
 
-        debug2("%s: Identifying %s", __func__, ssh->kex->name);
-        oid = ssh_gssapi_id_kex(NULL, ssh->kex->name, ssh->kex->kex_type);
+        debug2("%s: Identifying %s", __func__, kex->name);
+        oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
         if (oid == GSS_C_NO_OID)
            fatal("Unknown gssapi mechanism");
 
@@ -98,94 +99,82 @@ kexgss_server(struct ssh *ssh)
         if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
                 fatal("Unable to acquire credentials for the server");
 
-        switch (ssh->kex->kex_type) {
-        case KEX_GSS_GRP1_SHA1:
-                dh = dh_new_group1();
-                break;
-        case KEX_GSS_GRP14_SHA1:
-                dh = dh_new_group14();
-                break;
-        case KEX_GSS_GEX_SHA1:
-                debug("Doing group exchange");
-                packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
-                min = packet_get_int();
-                nbits = packet_get_int();
-                max = packet_get_int();
-                packet_check_eom();
-                if (max < min || nbits < min || max < nbits)
-                        fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
-                            min, nbits, max);
-                dh = PRIVSEP(choose_dh(MAX(DH_GRP_MIN, min),
-                    nbits, MIN(DH_GRP_MAX, max)));
-                if (dh == NULL)
-                        packet_disconnect("Protocol error: no matching group found");
-                DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
-
-                packet_start(SSH2_MSG_KEXGSS_GROUP);
-                packet_put_bignum2(dh_p);
-                packet_put_bignum2(dh_g);
-                packet_send();
-
-                packet_write_wait();
-                break;
-        default:
-                fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
-        }
-
-        dh_gen_key(dh, ssh->kex->we_need * 8);
-
         do {
-                debug("Wait SSH2_MSG_GSSAPI_INIT");
-                type = packet_read();
+                debug("Wait SSH2_MSG_KEXGSS_INIT");
+                type = ssh_packet_read(ssh);
                 switch(type) {
                 case SSH2_MSG_KEXGSS_INIT:
-                        if (dh_client_pub != NULL) 
+                        if (client_pubkey != NULL)
                                 fatal("Received KEXGSS_INIT after initialising");
-                        recv_tok.value = packet_get_string(&slen);
-                        recv_tok.length = slen; 
-
-                        if ((dh_client_pub = BN_new()) == NULL)
-                                fatal("dh_client_pub == NULL");
-
-                        packet_get_bignum2(dh_client_pub);
+                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                &recv_tok)) != 0 ||
+                            (r = sshpkt_getb_froms(ssh, &client_pubkey)) != 0 ||
+                            (r = sshpkt_get_end(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
+
+                        switch (kex->kex_type) {
+                        case KEX_GSS_GRP1_SHA1:
+                        case KEX_GSS_GRP14_SHA1:
+                        case KEX_GSS_GRP14_SHA256:
+                        case KEX_GSS_GRP16_SHA512:
+                                r = kex_dh_enc(kex, client_pubkey, &server_pubkey,
+                                    &shared_secret);
+                                break;
+                        case KEX_GSS_NISTP256_SHA256:
+                                r = kex_ecdh_enc(kex, client_pubkey, &server_pubkey,
+                                    &shared_secret);
+                                break;
+                        case KEX_GSS_C25519_SHA256:
+                                r = kex_c25519_enc(kex, client_pubkey, &server_pubkey,
+                                    &shared_secret);
+                                break;
+                        default:
+                                fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
+                        }
+                        if (r != 0)
+                                goto out;
 
                         /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
                         break;
                 case SSH2_MSG_KEXGSS_CONTINUE:
-                        recv_tok.value = packet_get_string(&slen);
-                        recv_tok.length = slen; 
+                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                &recv_tok)) != 0 ||
+                            (r = sshpkt_get_end(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
                         break;
                 default:
-                        packet_disconnect(
+                        sshpkt_disconnect(ssh,
                             "Protocol error: didn't expect packet type %d",
                             type);
                 }
 
-                maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, 
+                maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok,
                     &send_tok, &ret_flags));
 
-                free(recv_tok.value);
+                gss_release_buffer(&min_status, &recv_tok);
 
                 if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
                         fatal("Zero length token output when incomplete");
 
-                if (dh_client_pub == NULL)
+                if (client_pubkey == NULL)
                         fatal("No client public key");
-                
+
                 if (maj_status & GSS_S_CONTINUE_NEEDED) {
                         debug("Sending GSSAPI_CONTINUE");
-                        packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-                        packet_put_string(send_tok.value, send_tok.length);
-                        packet_send();
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                            (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
                         gss_release_buffer(&min_status, &send_tok);
                 }
         } while (maj_status & GSS_S_CONTINUE_NEEDED);
 
         if (GSS_ERROR(maj_status)) {
                 if (send_tok.length > 0) {
-                        packet_start(SSH2_MSG_KEXGSS_CONTINUE);
-                        packet_put_string(send_tok.value, send_tok.length);
-                        packet_send();
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                            (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
                 }
                 fatal("accept_ctx died");
         }
@@ -195,106 +184,291 @@ kexgss_server(struct ssh *ssh)
 
         if (!(ret_flags & GSS_C_INTEG_FLAG))
                 fatal("Integrity flag wasn't set");
-        
-        if (!dh_pub_is_valid(dh, dh_client_pub))
-                packet_disconnect("bad client public DH value");
 
-        klen = DH_size(dh);
-        kbuf = xmalloc(klen); 
-        kout = DH_compute_key(kbuf, dh_client_pub, dh);
-        if (kout < 0)
-                fatal("DH_compute_key: failed");
+        hashlen = sizeof(hash);
+        if ((r = kex_gen_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->peer,
+            kex->my,
+            empty,
+            client_pubkey,
+            server_pubkey,
+            shared_secret,
+            hash, &hashlen)) != 0)
+                goto out;
+
+        gssbuf.value = hash;
+        gssbuf.length = hashlen;
 
-        shared_secret = BN_new();
-        if (shared_secret == NULL)
-                fatal("kexgss_server: BN_new failed");
+        if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
+                fatal("Couldn't get MIC");
 
-        if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
-                fatal("kexgss_server: BN_bin2bn failed");
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 ||
+            (r = sshpkt_put_stringb(ssh, server_pubkey)) != 0 ||
+            (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0)
+                fatal("sshpkt failed: %s", ssh_err(r));
 
-        memset(kbuf, 0, klen);
-        free(kbuf);
+        if (send_tok.length != 0) {
+                if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */
+                    (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0)
+                        fatal("sshpkt failed: %s", ssh_err(r));
+        } else {
+                if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */
+                        fatal("sshpkt failed: %s", ssh_err(r));
+        }
+        if ((r = sshpkt_send(ssh)) != 0)
+                fatal("sshpkt_send failed: %s", ssh_err(r));
 
-        DH_get0_key(dh, &pub_key, NULL);
-        DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
+        gss_release_buffer(&min_status, &send_tok);
+        gss_release_buffer(&min_status, &msg_tok);
 
-        hashlen = sizeof(hash);
-        switch (ssh->kex->kex_type) {
-        case KEX_GSS_GRP1_SHA1:
-        case KEX_GSS_GRP14_SHA1:
-                kex_dh_hash(
-                    ssh->kex->hash_alg,
-                    ssh->kex->client_version_string, ssh->kex->server_version_string,
-                    sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-                    sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-                    NULL, 0, /* Change this if we start sending host keys */
-                    dh_client_pub, pub_key, shared_secret,
-                    hash, &hashlen
-                );
-                break;
-        case KEX_GSS_GEX_SHA1:
-                kexgex_hash(
-                    ssh->kex->hash_alg,
-                    ssh->kex->client_version_string, ssh->kex->server_version_string,
-                    sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-                    sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-                    NULL, 0,
-                    min, nbits, max,
-                    dh_p, dh_g,
-                    dh_client_pub,
-                    pub_key,
-                    shared_secret,
-                    hash, &hashlen
-                );
-                break;
-        default:
-                fatal("%s: Unexpected KEX type %d", __func__, ssh->kex->kex_type);
+        if (gss_kex_context == NULL)
+                gss_kex_context = ctxt;
+        else
+                ssh_gssapi_delete_ctx(&ctxt);
+
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
+
+        /* If this was a rekey, then save out any delegated credentials we
+         * just exchanged.  */
+        if (options.gss_store_rekey)
+                ssh_gssapi_rekey_creds();
+out:
+        sshbuf_free(empty);
+        explicit_bzero(hash, sizeof(hash));
+        sshbuf_free(shared_secret);
+        sshbuf_free(client_pubkey);
+        sshbuf_free(server_pubkey);
+        return r;
+}
+
+int
+kexgssgex_server(struct ssh *ssh)
+{
+        struct kex *kex = ssh->kex;
+        OM_uint32 maj_status, min_status;
+
+        /*
+         * Some GSSAPI implementations use the input value of ret_flags (an
+         * output variable) as a means of triggering mechanism specific
+         * features. Initializing it to zero avoids inadvertently
+         * activating this non-standard behaviour.
+         */
+
+        OM_uint32 ret_flags = 0;
+        gss_buffer_desc gssbuf, recv_tok, msg_tok;
+        gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
+        Gssctxt *ctxt = NULL;
+        struct sshbuf *shared_secret = NULL;
+        int type = 0;
+        gss_OID oid;
+        char *mechs;
+        u_char hash[SSH_DIGEST_MAX_LENGTH];
+        size_t hashlen;
+        BIGNUM *dh_client_pub = NULL;
+        const BIGNUM *pub_key, *dh_p, *dh_g;
+        int min = -1, max = -1, nbits = -1;
+        int cmin = -1, cmax = -1; /* client proposal */
+        struct sshbuf *empty = sshbuf_new();
+        int r;
+
+        /* Initialise GSSAPI */
+
+        /* If we're rekeying, privsep means that some of the private structures
+         * in the GSSAPI code are no longer available. This kludges them back
+         * into life
+         */
+        if (!ssh_gssapi_oid_table_ok())
+                if ((mechs = ssh_gssapi_server_mechanisms()))
+                        free(mechs);
+
+        debug2("%s: Identifying %s", __func__, kex->name);
+        oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
+        if (oid == GSS_C_NO_OID)
+           fatal("Unknown gssapi mechanism");
+
+        debug2("%s: Acquiring credentials", __func__);
+
+        if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
+                fatal("Unable to acquire credentials for the server");
+
+        /* 5. S generates an ephemeral key pair (do the allocations early) */
+        debug("Doing group exchange");
+        ssh_packet_read_expect(ssh, SSH2_MSG_KEXGSS_GROUPREQ);
+        /* store client proposal to provide valid signature */
+        if ((r = sshpkt_get_u32(ssh, &cmin)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &nbits)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &cmax)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                fatal("sshpkt failed: %s", ssh_err(r));
+        kex->nbits = nbits;
+        kex->min = cmin;
+        kex->max = cmax;
+        min = MAX(DH_GRP_MIN, cmin);
+        max = MIN(DH_GRP_MAX, cmax);
+        nbits = MAXIMUM(DH_GRP_MIN, nbits);
+        nbits = MINIMUM(DH_GRP_MAX, nbits);
+        if (max < min || nbits < min || max < nbits)
+                fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
+                    min, nbits, max);
+        kex->dh = PRIVSEP(choose_dh(min, nbits, max));
+        if (kex->dh == NULL) {
+                sshpkt_disconnect(ssh, "Protocol error: no matching group found");
+                fatal("Protocol error: no matching group found");
         }
 
-        BN_clear_free(dh_client_pub);
+        DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 ||
+            (r = sshpkt_put_bignum2(ssh, dh_p)) != 0 ||
+            (r = sshpkt_put_bignum2(ssh, dh_g)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                fatal("sshpkt failed: %s", ssh_err(r));
+
+        if ((r = ssh_packet_write_wait(ssh)) != 0)
+                fatal("ssh_packet_write_wait: %s", ssh_err(r));
+
+        /* Compute our exchange value in parallel with the client */
+        if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
+                goto out;
+
+        do {
+                debug("Wait SSH2_MSG_GSSAPI_INIT");
+                type = ssh_packet_read(ssh);
+                switch(type) {
+                case SSH2_MSG_KEXGSS_INIT:
+                        if (dh_client_pub != NULL)
+                                fatal("Received KEXGSS_INIT after initialising");
+                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                &recv_tok)) != 0 ||
+                            (r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||
+                            (r = sshpkt_get_end(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
+
+                        /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
+                        break;
+                case SSH2_MSG_KEXGSS_CONTINUE:
+                        if ((r = ssh_gssapi_sshpkt_get_buffer_desc(ssh,
+                                &recv_tok)) != 0 ||
+                            (r = sshpkt_get_end(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
+                        break;
+                default:
+                        sshpkt_disconnect(ssh,
+                            "Protocol error: didn't expect packet type %d",
+                            type);
+                }
+
+                maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok,
+                    &send_tok, &ret_flags));
 
-        if (ssh->kex->session_id == NULL) {
-                ssh->kex->session_id_len = hashlen;
-                ssh->kex->session_id = xmalloc(ssh->kex->session_id_len);
-                memcpy(ssh->kex->session_id, hash, ssh->kex->session_id_len);
+                gss_release_buffer(&min_status, &recv_tok);
+
+                if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
+                        fatal("Zero length token output when incomplete");
+
+                if (dh_client_pub == NULL)
+                        fatal("No client public key");
+
+                if (maj_status & GSS_S_CONTINUE_NEEDED) {
+                        debug("Sending GSSAPI_CONTINUE");
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                            (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
+                        gss_release_buffer(&min_status, &send_tok);
+                }
+        } while (maj_status & GSS_S_CONTINUE_NEEDED);
+
+        if (GSS_ERROR(maj_status)) {
+                if (send_tok.length > 0) {
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_CONTINUE)) != 0 ||
+                            (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0)
+                                fatal("sshpkt failed: %s", ssh_err(r));
+                }
+                fatal("accept_ctx died");
+        }
+
+        if (!(ret_flags & GSS_C_MUTUAL_FLAG))
+                fatal("Mutual Authentication flag wasn't set");
+
+        if (!(ret_flags & GSS_C_INTEG_FLAG))
+                fatal("Integrity flag wasn't set");
+
+        /* calculate shared secret */
+        if ((shared_secret = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
         }
+        if ((r = kex_dh_compute_key(kex, dh_client_pub, shared_secret)) != 0)
+                goto out;
+
+        DH_get0_key(kex->dh, &pub_key, NULL);
+        DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g);
+        hashlen = sizeof(hash);
+        if ((r = kexgex_hash(
+            kex->hash_alg,
+            kex->client_version,
+            kex->server_version,
+            kex->peer,
+            kex->my,
+            empty,
+            cmin, nbits, cmax,
+            dh_p, dh_g,
+            dh_client_pub,
+            pub_key,
+            sshbuf_ptr(shared_secret), sshbuf_len(shared_secret),
+            hash, &hashlen)) != 0)
+                fatal("kexgex_hash failed: %s", ssh_err(r));
 
         gssbuf.value = hash;
         gssbuf.length = hashlen;
 
-        if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok))))
+        if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
                 fatal("Couldn't get MIC");
 
-        packet_start(SSH2_MSG_KEXGSS_COMPLETE);
-        packet_put_bignum2(pub_key);
-        packet_put_string(msg_tok.value,msg_tok.length);
+        if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_COMPLETE)) != 0 ||
+            (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
+            (r = sshpkt_put_string(ssh, msg_tok.value, msg_tok.length)) != 0)
+                fatal("sshpkt failed: %s", ssh_err(r));
 
         if (send_tok.length != 0) {
-                packet_put_char(1); /* true */
-                packet_put_string(send_tok.value, send_tok.length);
+                if ((r = sshpkt_put_u8(ssh, 1)) != 0 || /* true */
+                    (r = sshpkt_put_string(ssh, send_tok.value, send_tok.length)) != 0)
+                        fatal("sshpkt failed: %s", ssh_err(r));
         } else {
-                packet_put_char(0); /* false */
+                if ((r = sshpkt_put_u8(ssh, 0)) != 0) /* false */
+                        fatal("sshpkt failed: %s", ssh_err(r));
         }
-        packet_send();
+        if ((r = sshpkt_send(ssh)) != 0)
+                fatal("sshpkt failed: %s", ssh_err(r));
 
         gss_release_buffer(&min_status, &send_tok);
         gss_release_buffer(&min_status, &msg_tok);
 
         if (gss_kex_context == NULL)
                 gss_kex_context = ctxt;
-        else 
+        else
                 ssh_gssapi_delete_ctx(&ctxt);
 
-        DH_free(dh);
-
-        kex_derive_keys_bn(ssh, hash, hashlen, shared_secret);
-        BN_clear_free(shared_secret);
-        kex_send_newkeys(ssh);
+        /* Finally derive the keys and send them */
+        if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0)
+                r = kex_send_newkeys(ssh);
 
         /* If this was a rekey, then save out any delegated credentials we
          * just exchanged.  */
         if (options.gss_store_rekey)
                 ssh_gssapi_rekey_creds();
-        return 0;
+out:
+        sshbuf_free(empty);
+        explicit_bzero(hash, sizeof(hash));
+        DH_free(kex->dh);
+        kex->dh = NULL;
+        BN_clear_free(dh_client_pub);
+        sshbuf_free(shared_secret);
+        return r;
 }
-#endif /* GSSAPI */
+#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
diff --git a/kexsntrup4591761x25519.c b/kexsntrup4591761x25519.c
new file mode 100644
index 000000000..3b9b664f8
--- /dev/null
+++ b/kexsntrup4591761x25519.c
@@ -0,0 +1,219 @@
+/* $OpenBSD: kexsntrup4591761x25519.c,v 1.3 2019/01/21 10:40:11 djm Exp $ */
+/*
+ * Copyright (c) 2019 Markus Friedl.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <signal.h>
+
+#include "sshkey.h"
+#include "kex.h"
+#include "sshbuf.h"
+#include "digest.h"
+#include "ssherr.h"
+
+int
+kex_kem_sntrup4591761x25519_keypair(struct kex *kex)
+{
+        struct sshbuf *buf = NULL;
+        u_char *cp = NULL;
+        size_t need;
+        int r;
+
+        if ((buf = sshbuf_new()) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        need = crypto_kem_sntrup4591761_PUBLICKEYBYTES + CURVE25519_SIZE;
+        if ((r = sshbuf_reserve(buf, need, &cp)) != 0)
+                goto out;
+        crypto_kem_sntrup4591761_keypair(cp, kex->sntrup4591761_client_key);
+#ifdef DEBUG_KEXECDH
+        dump_digest("client public key sntrup4591761:", cp,
+            crypto_kem_sntrup4591761_PUBLICKEYBYTES);
+#endif
+        cp += crypto_kem_sntrup4591761_PUBLICKEYBYTES;
+        kexc25519_keygen(kex->c25519_client_key, cp);
+#ifdef DEBUG_KEXECDH
+        dump_digest("client public key c25519:", cp, CURVE25519_SIZE);
+#endif
+        kex->client_pub = buf;
+        buf = NULL;
+ out:
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_kem_sntrup4591761x25519_enc(struct kex *kex,
+   const struct sshbuf *client_blob, struct sshbuf **server_blobp,
+   struct sshbuf **shared_secretp)
+{
+        struct sshbuf *server_blob = NULL;
+        struct sshbuf *buf = NULL;
+        const u_char *client_pub;
+        u_char *kem_key, *ciphertext, *server_pub;
+        u_char server_key[CURVE25519_SIZE];
+        u_char hash[SSH_DIGEST_MAX_LENGTH];
+        size_t need;
+        int r;
+
+        *server_blobp = NULL;
+        *shared_secretp = NULL;
+
+        /* client_blob contains both KEM and ECDH client pubkeys */
+        need = crypto_kem_sntrup4591761_PUBLICKEYBYTES + CURVE25519_SIZE;
+        if (sshbuf_len(client_blob) != need) {
+                r = SSH_ERR_SIGNATURE_INVALID;
+                goto out;
+        }
+        client_pub = sshbuf_ptr(client_blob);
+#ifdef DEBUG_KEXECDH
+        dump_digest("client public key sntrup4591761:", client_pub,
+            crypto_kem_sntrup4591761_PUBLICKEYBYTES);
+        dump_digest("client public key 25519:",
+            client_pub + crypto_kem_sntrup4591761_PUBLICKEYBYTES,
+            CURVE25519_SIZE);
+#endif
+        /* allocate buffer for concatenation of KEM key and ECDH shared key */
+        /* the buffer will be hashed and the result is the shared secret */
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_reserve(buf, crypto_kem_sntrup4591761_BYTES,
+            &kem_key)) != 0)
+                goto out;
+        /* allocate space for encrypted KEM key and ECDH pub key */
+        if ((server_blob = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        need = crypto_kem_sntrup4591761_CIPHERTEXTBYTES + CURVE25519_SIZE;
+        if ((r = sshbuf_reserve(server_blob, need, &ciphertext)) != 0)
+                goto out;
+        /* generate and encrypt KEM key with client key */
+        crypto_kem_sntrup4591761_enc(ciphertext, kem_key, client_pub);
+        /* generate ECDH key pair, store server pubkey after ciphertext */
+        server_pub = ciphertext + crypto_kem_sntrup4591761_CIPHERTEXTBYTES;
+        kexc25519_keygen(server_key, server_pub);
+        /* append ECDH shared key */
+        client_pub += crypto_kem_sntrup4591761_PUBLICKEYBYTES;
+        if ((r = kexc25519_shared_key_ext(server_key, client_pub, buf, 1)) < 0)
+                goto out;
+        if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("server public key 25519:", server_pub, CURVE25519_SIZE);
+        dump_digest("server cipher text:", ciphertext,
+            crypto_kem_sntrup4591761_CIPHERTEXTBYTES);
+        dump_digest("server kem key:", kem_key, sizeof(kem_key));
+        dump_digest("concatenation of KEM key and ECDH shared key:",
+            sshbuf_ptr(buf), sshbuf_len(buf));
+#endif
+        /* string-encoded hash is resulting shared secret */
+        sshbuf_reset(buf);
+        if ((r = sshbuf_put_string(buf, hash,
+            ssh_digest_bytes(kex->hash_alg))) != 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf));
+#endif
+        *server_blobp = server_blob;
+        *shared_secretp = buf;
+        server_blob = NULL;
+        buf = NULL;
+ out:
+        explicit_bzero(hash, sizeof(hash));
+        explicit_bzero(server_key, sizeof(server_key));
+        sshbuf_free(server_blob);
+        sshbuf_free(buf);
+        return r;
+}
+
+int
+kex_kem_sntrup4591761x25519_dec(struct kex *kex,
+    const struct sshbuf *server_blob, struct sshbuf **shared_secretp)
+{
+        struct sshbuf *buf = NULL;
+        u_char *kem_key = NULL;
+        const u_char *ciphertext, *server_pub;
+        u_char hash[SSH_DIGEST_MAX_LENGTH];
+        size_t need;
+        int r, decoded;
+
+        *shared_secretp = NULL;
+
+        need = crypto_kem_sntrup4591761_CIPHERTEXTBYTES + CURVE25519_SIZE;
+        if (sshbuf_len(server_blob) != need) {
+                r = SSH_ERR_SIGNATURE_INVALID;
+                goto out;
+        }
+        ciphertext = sshbuf_ptr(server_blob);
+        server_pub = ciphertext + crypto_kem_sntrup4591761_CIPHERTEXTBYTES;
+#ifdef DEBUG_KEXECDH
+        dump_digest("server cipher text:", ciphertext,
+            crypto_kem_sntrup4591761_CIPHERTEXTBYTES);
+        dump_digest("server public key c25519:", server_pub, CURVE25519_SIZE);
+#endif
+        /* hash concatenation of KEM key and ECDH shared key */
+        if ((buf = sshbuf_new()) == NULL) {
+                r = SSH_ERR_ALLOC_FAIL;
+                goto out;
+        }
+        if ((r = sshbuf_reserve(buf, crypto_kem_sntrup4591761_BYTES,
+            &kem_key)) != 0)
+                goto out;
+        decoded = crypto_kem_sntrup4591761_dec(kem_key, ciphertext,
+            kex->sntrup4591761_client_key);
+        if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub,
+            buf, 1)) < 0)
+                goto out;
+        if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("client kem key:", kem_key, sizeof(kem_key));
+        dump_digest("concatenation of KEM key and ECDH shared key:",
+            sshbuf_ptr(buf), sshbuf_len(buf));
+#endif
+        sshbuf_reset(buf);
+        if ((r = sshbuf_put_string(buf, hash,
+            ssh_digest_bytes(kex->hash_alg))) != 0)
+                goto out;
+#ifdef DEBUG_KEXECDH
+        dump_digest("encoded shared secret:", sshbuf_ptr(buf), sshbuf_len(buf));
+#endif
+        if (decoded != 0) {
+                r = SSH_ERR_SIGNATURE_INVALID;
+                goto out;
+        }
+        *shared_secretp = buf;
+        buf = NULL;
+ out:
+        explicit_bzero(hash, sizeof(hash));
+        sshbuf_free(buf);
+        return r;
+}
diff --git a/loginrec.c b/loginrec.c
index 9a427dec4..5f2a47797 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -467,7 +467,7 @@ login_write(struct logininfo *li)
 #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
         if (li->type == LTYPE_LOGIN &&
             !sys_auth_record_login(li->username,li->hostname,li->line,
-            &loginmsg))
+            loginmsg))
                 logit("Writing login record failed for %s", li->username);
 #endif
 #ifdef SSH_AUDIT_EVENTS
@@ -1653,7 +1653,7 @@ utmpx_get_entry(struct logininfo *li)
    */
 
 void
-record_failed_login(const char *username, const char *hostname,
+record_failed_login(struct ssh *ssh, const char *username, const char *hostname,
     const char *ttyn)
 {
         int fd;
@@ -1696,8 +1696,8 @@ record_failed_login(const char *username, const char *hostname,
         /* strncpy because we don't necessarily want nul termination */
         strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
 
-        if (packet_connection_is_on_socket() &&
-            getpeername(packet_get_connection_in(),
+        if (ssh_packet_connection_is_on_socket(ssh) &&
+            getpeername(ssh_packet_get_connection_in(ssh),
             (struct sockaddr *)&from, &fromlen) == 0) {
                 ipv64_normalise_mapped(&from, &fromlen);
                 if (from.ss_family == AF_INET) {
diff --git a/loginrec.h b/loginrec.h
index 28923e781..62cc0e78c 100644
--- a/loginrec.h
+++ b/loginrec.h
@@ -31,6 +31,8 @@
 
 #include "includes.h"
 
+struct ssh;
+
 /**
  ** you should use the login_* calls to work around platform dependencies
  **/
@@ -126,6 +128,7 @@ char *line_fullname(char *dst, const char *src, u_int dstsize);
 char *line_stripname(char *dst, const char *src, int dstsize);
 char *line_abbrevname(char *dst, const char *src, int dstsize);
 
-void record_failed_login(const char *, const char *, const char *);
+void record_failed_login(struct ssh *, const char *, const char *,
+    const char *);
 
 #endif /* _HAVE_LOGINREC_H_ */
diff --git a/mac.c b/mac.c
index 51dc11d76..3d11eba62 100644
--- a/mac.c
+++ b/mac.c
@@ -29,6 +29,7 @@
 
 #include <string.h>
 #include <stdio.h>
+#include <stdlib.h>
 
 #include "digest.h"
 #include "hmac.h"
diff --git a/match.c b/match.c
index bb3e95f67..fcf69596d 100644
--- a/match.c
+++ b/match.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */
+/* $OpenBSD: match.c,v 1.39 2019/03/06 22:14:23 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -170,6 +170,19 @@ match_pattern_list(const char *string, const char *pattern, int dolower)
         return got_positive;
 }
 
+/* Match a list representing users or groups. */
+int
+match_usergroup_pattern_list(const char *string, const char *pattern)
+{
+#ifdef HAVE_CYGWIN
+        /* Windows usernames may be Unicode and are not case sensitive */
+        return cygwin_ug_match_pattern_list(string, pattern);
+#else
+        /* Case insensitive match */
+        return match_pattern_list(string, pattern, 0);
+#endif
+}
+
 /*
  * Tries to match the host name (which must be in all lowercase) against the
  * comma-separated sequence of subpatterns (each possibly preceded by ! to
diff --git a/match.h b/match.h
index 852b1a5cb..3a8a6ecdc 100644
--- a/match.h
+++ b/match.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.h,v 1.18 2018/07/04 13:49:31 djm Exp $ */
+/* $OpenBSD: match.h,v 1.19 2019/03/06 22:14:23 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -16,6 +16,7 @@
 
 int      match_pattern(const char *, const char *);
 int      match_pattern_list(const char *, const char *, int);
+int      match_usergroup_pattern_list(const char *, const char *);
 int      match_hostname(const char *, const char *);
 int      match_host_and_ip(const char *, const char *, const char *);
 int      match_user(const char *, const char *, const char *, const char *);
diff --git a/misc.c b/misc.c
index 5159e6692..634b5060a 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.133 2018/10/05 14:26:09 naddy Exp $ */
+/* $OpenBSD: misc.c,v 1.137 2019/01/23 21:50:56 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -38,6 +38,7 @@
 #ifdef HAVE_LIBGEN_H
 # include <libgen.h>
 #endif
+#include <poll.h>
 #include <signal.h>
 #include <stdarg.h>
 #include <stdio.h>
@@ -235,6 +236,80 @@ set_rdomain(int fd, const char *name)
 #endif
 }
 
+/*
+ * Wait up to *timeoutp milliseconds for fd to be readable. Updates
+ * *timeoutp with time remaining.
+ * Returns 0 if fd ready or -1 on timeout or error (see errno).
+ */
+int
+waitrfd(int fd, int *timeoutp)
+{
+        struct pollfd pfd;
+        struct timeval t_start;
+        int oerrno, r;
+
+        monotime_tv(&t_start);
+        pfd.fd = fd;
+        pfd.events = POLLIN;
+        for (; *timeoutp >= 0;) {
+                r = poll(&pfd, 1, *timeoutp);
+                oerrno = errno;
+                ms_subtract_diff(&t_start, timeoutp);
+                errno = oerrno;
+                if (r > 0)
+                        return 0;
+                else if (r == -1 && errno != EAGAIN)
+                        return -1;
+                else if (r == 0)
+                        break;
+        }
+        /* timeout */
+        errno = ETIMEDOUT;
+        return -1;
+}
+
+/*
+ * Attempt a non-blocking connect(2) to the specified address, waiting up to
+ * *timeoutp milliseconds for the connection to complete. If the timeout is
+ * <=0, then wait indefinitely.
+ *
+ * Returns 0 on success or -1 on failure.
+ */
+int
+timeout_connect(int sockfd, const struct sockaddr *serv_addr,
+    socklen_t addrlen, int *timeoutp)
+{
+        int optval = 0;
+        socklen_t optlen = sizeof(optval);
+
+        /* No timeout: just do a blocking connect() */
+        if (timeoutp == NULL || *timeoutp <= 0)
+                return connect(sockfd, serv_addr, addrlen);
+
+        set_nonblock(sockfd);
+        if (connect(sockfd, serv_addr, addrlen) == 0) {
+                /* Succeeded already? */
+                unset_nonblock(sockfd);
+                return 0;
+        } else if (errno != EINPROGRESS)
+                return -1;
+
+        if (waitrfd(sockfd, timeoutp) == -1)
+                return -1;
+
+        /* Completed or failed */
+        if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) {
+                debug("getsockopt: %s", strerror(errno));
+                return -1;
+        }
+        if (optval != 0) {
+                errno = optval;
+                return -1;
+        }
+        unset_nonblock(sockfd);
+        return 0;
+}
+
 /* Characters considered whitespace in strsep calls. */
 #define WHITESPACE " \t\r\n"
 #define QUOTE   "\""
@@ -490,7 +565,7 @@ put_host_port(const char *host, u_short port)
  * The delimiter char, if present, is stored in delim.
  * If this is the last field, *cp is set to NULL.
  */
-static char *
+char *
 hpdelim2(char **cp, char *delim)
 {
         char *s, *old;
@@ -1385,11 +1460,11 @@ bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen)
 {
         bw->buflen = buflen;
         bw->rate = kbps;
-        bw->thresh = bw->rate;
+        bw->thresh = buflen;
         bw->lamt = 0;
         timerclear(&bw->bwstart);
         timerclear(&bw->bwend);
-}       
+}
 
 /* Callback from read/write loop to insert bandwidth-limiting delays */
 void
@@ -1398,12 +1473,11 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len)
         u_int64_t waitlen;
         struct timespec ts, rm;
 
+        bw->lamt += read_len;
         if (!timerisset(&bw->bwstart)) {
                 monotime_tv(&bw->bwstart);
                 return;
         }
-
-        bw->lamt += read_len;
         if (bw->lamt < bw->thresh)
                 return;
 
@@ -2085,3 +2159,10 @@ format_absolute_time(uint64_t t, char *buf, size_t len)
         localtime_r(&tt, &tm);
         strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm);
 }
+
+/* check if path is absolute */
+int
+path_absolute(const char *path)
+{
+        return (*path == '/') ? 1 : 0;
+}
diff --git a/misc.h b/misc.h
index aaf966e65..a4bdee187 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.75 2018/10/03 06:38:35 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.79 2019/01/23 21:50:56 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -17,6 +17,7 @@
 
 #include <sys/time.h>
 #include <sys/types.h>
+#include <sys/socket.h>
 
 /* Data structure for representing a forwarding request. */
 struct Forward {
@@ -51,9 +52,12 @@ void	 set_nodelay(int);
 int      set_reuseaddr(int);
 char    *get_rdomain(int);
 int      set_rdomain(int, const char *);
+int      waitrfd(int, int *);
+int      timeout_connect(int, const struct sockaddr *, socklen_t, int *);
 int      a2port(const char *);
 int      a2tun(const char *, int *);
 char    *put_host_port(const char *, u_short);
+char    *hpdelim2(char **, char *);
 char    *hpdelim(char **);
 char    *cleanhostname(char *);
 char    *colon(char *);
@@ -78,6 +82,7 @@ int	 valid_env_name(const char *);
 const char *atoi_err(const char *, int *);
 int      parse_absolute_time(const char *, uint64_t *);
 void     format_absolute_time(uint64_t, char *, size_t);
+int      path_absolute(const char *);
 
 void     sock_set_v6only(int);
 
@@ -134,7 +139,9 @@ void		put_u32_le(void *, u_int32_t)
 
 struct bwlimit {
         size_t buflen;
-        u_int64_t rate, thresh, lamt;
+        u_int64_t rate;         /* desired rate in kbit/s */
+        u_int64_t thresh;       /* threshold after which we'll check timers */
+        u_int64_t lamt;         /* amount written in last timer interval */
         struct timeval bwstart, bwend;
 };
 
diff --git a/moduli b/moduli
index 372c382a2..4c6947361 100644
--- a/moduli
+++ b/moduli
@@ -1,428 +1,452 @@
-#    $OpenBSD: moduli,v 1.22 2018/09/20 08:07:03 dtucker Exp $
+#    $OpenBSD: moduli,v 1.23 2018/10/31 11:20:04 dtucker Exp $
 # Time Type Tests Tries Size Generator Modulus
-20180403031539 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A591E4B57
-20180403031604 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5923D0DB
-20180403031626 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A592B11B7
-20180403031845 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A59715A73
-20180403032143 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A59CDE963
-20180403032347 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A11B463
-20180403032438 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A2BBC5F
-20180403032617 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5A6308C3
-20180403032923 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5ADA5523
-20180403033405 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5B9A6B37
-20180403033427 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5B9F8E27
-20180403033655 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C00897F
-20180403033742 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C172DBB
-20180403033837 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C33AEAB
-20180403033952 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5C5F6067
-20180403034409 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5CEE2AD7
-20180403034453 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5CFFE4F3
-20180403034601 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5D1A691B
-20180403035311 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E04B193
-20180403035645 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E75D66F
-20180403035724 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5E864847
-20180403035828 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5EA44DCF
-20180403035953 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5ECCB51B
-20180403040048 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5EE55A9F
-20180403040339 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5F4D5E6F
-20180403040523 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5F8939A3
-20180403040638 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5FB85E8B
-20180403040715 2 6 100 2047 2 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A5FCC3033
-20180403041128 2 6 100 2047 5 F78A3F3A47AFE34101F186DF022B970FB51586E65B1D1875E41D02EDDD4BDF6D6D8BA1CC296EA6A8BD7036297A0C01C636A55493E3ADEC2F1DAB9D8D7E0CCD39D7FFC9D4011C3F57A944AA1EEB1AC1784E28ACF7B6FB3AC49185F4E638B567DA6B4903CB8C6D815ED1253D512670FAF71E6BF1ED6669863B552B3BB2173A7F16262454142B7B928F91E60EED00BDFA465F2C46665BD30C1426F9B8D9611D086D6BAB672CB472E8F8E6990F623C2E7458991D982E199BB168C93F96F71974181F898D6C56C02D9DABA852E7E51CA0DC723255B49CAA122D2A6CC64F1389128A0E3298B0E155EC8A4D9BF1D1671B808DDD835015381C1F16C35A84D20A60755C57
-20180403041637 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336541B76F
-20180403041935 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365BF1D13
-20180403042035 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365E41E47
-20180403042109 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3365F700BB
-20180403042214 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336624FF2B
-20180403042419 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336687845B
-20180403042507 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3366A8266B
-20180403042626 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3366E23603
-20180403042722 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367059073
-20180403042819 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367289EC3
-20180403042928 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367519D23
-20180403042946 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336758BFC3
-20180403043032 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336774A8EB
-20180403043218 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367BAAE3F
-20180403043245 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3367C6B5CB
-20180403043522 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3368340BB3
-20180403043954 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33690CEBC3
-20180403044107 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33693DA563
-20180403044245 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B33697A63FB
-20180403044527 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B3369F3CAFF
-20180403044559 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A09E6EB
-20180403044611 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A0C4F53
-20180403044719 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A4348BF
-20180403044820 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A6E3193
-20180403044844 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336A7A9C7F
-20180403045235 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336B2E2173
-20180403045518 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336BAD847B
-20180403045629 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336BE29A4B
-20180403045953 2 6 100 2047 2 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336C865153
-20180403050042 2 6 100 2047 5 EA0303D03FF69BCABDC25DDEA6AC9CFEE8C36EF48C7F2882B65D568B0D14A7DACCF4A6E8E905727C0B982FA4D7C4E59DDAF4704D0EC767D79B13A32467C8D39F615B5268E4338DD70C6072C702CDF6F39153C472E668ABF0B85B8D08454027AA52E3227C5BA017B2558F7A611F09C7BE5E28A472FAB51C71FF7E8C758CD5205C562F3674D941EF2DEC7F3B3F49C4CE3A9DD7B4275BD537BF04A4A8E98FAA42AD0A2280CFC0D4692339EEC803B69FDC33057837FBD233DB6B78920F7049B5F9CA9CFDD98351B9E7947265439F48429306D6CAB08774F2B7427A61DA757375D26C08B99BCAFB8085E41DBA0E49D142EEC164CC3153AB3119FB76033B336CA6948F
-20180403055314 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57012EEDBB
-20180403055637 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57015FFFAB
-20180403060753 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57021C5763
-20180403061035 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570243FBBB
-20180403061925 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5702CE55A3
-20180403062241 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5702FA4263
-20180403062828 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5703495AD7
-20180403063232 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570383322F
-20180403063441 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57039D0EE7
-20180403065803 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5704F5DFCB
-20180403070250 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570535A157
-20180403071043 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5705AD5B2B
-20180403072237 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57066B3AFF
-20180403072347 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5706763D5B
-20180403072612 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570696B733
-20180403073322 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707062E2B
-20180403073825 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707547607
-20180403073948 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570762843F
-20180403074104 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57076EC3DB
-20180403074403 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570799DD63
-20180403074828 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5707D93973
-20180403075240 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570814F21B
-20180403075918 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570878D0DB
-20180403080045 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708890F47
-20180403080212 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570898D8B3
-20180403080523 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708C1E14B
-20180403080854 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708EEE0AF
-20180403081003 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5708F7F537
-20180403081710 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570961D7DB
-20180403082007 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570988E91B
-20180403082804 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570A02958B
-20180403084609 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B1FC24F
-20180403084705 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B262033
-20180403084905 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B3DD5AB
-20180403085348 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570B82B95B
-20180403090858 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570C6C2E5F
-20180403091014 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570C766563
-20180403092356 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570D49B077
-20180403092842 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570D8D7FEB
-20180403093424 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570DE274D7
-20180403093850 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570E28C2BB
-20180403094634 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570EA36EDF
-20180403094738 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570EACDABB
-20180403095906 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B570F67B813
-20180403101909 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710AFC157
-20180403102057 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710C6E1FB
-20180403102257 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5710DF2FD7
-20180403102711 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57111EFB2F
-20180403104106 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5711F3B14F
-20180403104411 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B5712188817
-20180403104503 2 6 100 3071 5 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57121EA02F
-20180403104712 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57123CDA13
-20180403104901 2 6 100 3071 2 FF8DCF143A9E3CC447F8D3D03206E386572BFAC54F4BDE233C8B1223CC9CBA99689328E35F8F83F0922A9F0AB33E7C7892E940377CE0064700ECDCC8532F0FEF888913E1894054707878511DD84455BEACCA35E8418D6CAD03111BC1842581D40E280A13055030CB35339E2A0E422DB9EC47916AD6302BE248AD5EBCCE7CF087CB2285A6B8D227DC7130ADB14163BE4D1AA779DBCD36710AA080F219B535B1887392DE9EF44116C933F5CA2234A7A82A8A48F1691A39434D70E3C3995AEE7CEAFF86DAA2326CF367B7E3C7939E4B78A00EE58E52F7BB36C8A89525CA4D44173E30AA6B40FD0B60C29F6CBC763241AC5DA16E2A9FB9B78F360EED32704B686AD6D40DAE8127C9351A2B21C140292E77592A7159000FB2AA9561DA10B2AC3167CC8E41C10CDF86E9041A3A114F42EF4AA5134C716893E81C3A7488ED5131073FC76B20358549BF1B0858B571550663DA9CF73B7B28BF9CA1FAF8EC96966D493C174B03DBCF9B5470DD9A79FB3E14A0B73B6E6C09D531886ACF60E51B57125332B3
-20180403105756 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE03762997
-20180403111214 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0468815B
-20180403111819 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE04C53C43
-20180403111907 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE04CAC50F
-20180403112635 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0540031F
-20180403113403 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE05B956F7
-20180403113943 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0619B7F3
-20180403114045 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06220B07
-20180403114120 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0622E517
-20180403115211 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06D363E7
-20180403115424 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE06F22507
-20180403115558 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE070516F3
-20180403115753 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE071E3297
-20180403115927 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0731011F
-20180403121723 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE085D2303
-20180403122312 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE08B88A7F
-20180403123158 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09563C53
-20180403123328 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0969A18F
-20180403123534 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09876D27
-20180403124247 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE09F3F4CF
-20180403124446 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0A10443F
-20180403125400 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0AA6560F
-20180403131328 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0BF05873
-20180403131708 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0C28FCF3
-20180403132618 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0CC05D43
-20180403140905 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE0FBCA05B
-20180403141813 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1054C7EF
-20180403143434 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1176152B
-20180403143933 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE11C90E93
-20180403144751 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE125A12D3
-20180403145406 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12C4F6CF
-20180403145448 2 6 100 3071 5 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12CA246F
-20180403145549 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE12D582AB
-20180403150132 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE13386F43
-20180403150512 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE1373A2CB
-20180403150605 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE137CA7DB
-20180403151404 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE140AEF53
-20180403152834 2 6 100 3071 2 D9FA0132FCCAAE8116BD22861CD21A859841BA7D566829E10ACC15A7EFEEB381774F839F7228AE3C627F5765944DCDB6866618E187903EBDB558C9186BD84D2521630A379E161FDCEC19BA02A8E4B5A3C4A66D02CA0FEB7BEB75BA3BE87F26BB99122217A4FFEB1F730B430AA0A70BA4A91EFB248DF689E95957E93B9E5D2AC13FBD3896759F77C6CBB6664BA6FEB31C4FD7BF081D4F2D800AB8D979D89A5EFB34675A904F4B332ADD7340116E7D5D4F72F7E3940A30036ACA889C27D8E2E11C0668A2E8A43DFF411FA03F0AFB420262947A60528805A7E0F4B2CC6AC0EF62CBCB807BC131A8D51E7784A13C77DB461A9FDF01C0E97EA8B7C5A13BB4A86784C2FFA34FC1EF094ACB858A919951AA55508E468CBB889EA63B606D45455AAB75883A75A813E9EC6A3A49CADB05A62C2F5CA32013A4FC73E8B5DE1C14A39539A4716B157C08C74CD99EA23AE018A89C838B6C0EAEECDFCF78A447594033ED3D63F4623BFC05C0F6701A36420D60D9C99339F9486395CBE534D66CE66AAE14BB5263
-20180403164629 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F2ACFC43
-20180403173943 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F45D568B
-20180403183028 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F603359B
-20180403183423 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F61BDC27
-20180403194550 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F877D863
-20180403202122 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445F9A0304B
-20180403210313 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FAFCEC73
-20180403213851 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FC2F80FF
-20180403215353 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FCA8B737
-20180403222440 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FDAD53EF
-20180403224035 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FE2EF2E3
-20180403224214 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D445FE343553
-20180403234157 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446002B2C0F
-20180404012449 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446038F5C77
-20180404012740 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446039F760B
-20180404013701 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44603E742CF
-20180404024209 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460610756B
-20180404034850 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446083DCDA7
-20180404035100 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446084796E3
-20180404035224 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446084ACD8B
-20180404040621 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44608BABFE3
-20180404043706 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44609B60613
-20180404044213 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D44609DB5067
-20180404050247 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460A8585C3
-20180404053546 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460B94238B
-20180404054127 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460BBC6C0B
-20180404060250 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460C67CBB7
-20180404061330 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4460CA93683
-20180404084828 2 6 100 4095 2 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D446115943A3
-20180404085435 2 6 100 4095 5 D6A36D53FE335EAC6C6F21F2963EEF44BF055FBE1D529CAC77341CADF25097607135D53FBDF5ED5B3BB2CE243834E344600627AB46C3F3952C0E59AAD95A13E0B299073FA6C02260432090C66B7DFA4C06633B8D31E7376024958AEF0B57A6A1519DC39CCFD65E33B19DA7C52C0C6DA0E5990A5DCDE9CB16C36408E6CC825FA464EC6CF3848202E6197281C8176600BEAABAB5E2C0598A97C9A5AC7606A0583DFFBD20FA424D1B62E0E5FAF7DA56C1CEB3C309C999C5B574322B8E511BA14342DAA24EA688E16B05CFC6B89696FF17BF21EC5AF75FB3A6258E6EA4CEE93B06299FC2D32441238B8EBF78124347A0E56522079641D5CB6F8858A91F9C7B1047E7CFCF6A80A0884BE39E9FB8CACE70865A022E538E80C899A43E5842C753E8332A8972249E4EAEB2C327FCD2777488CD9A1F03A242889D3F33A5C5047721605727486E3B97F3BEC6D8BF7C7B4512FB6AC8B854BD92B0ECC9F65408254BDDD8428F0F68EEF4FC61F033C56FF65C566B81994C1B92308771151DEBE7C814C608F99B784251C1CC4E5F110F5D9B9104BC8D60544FC4955204EF21F429E3D618C10F5F3A178BD71CEFD02ADF8AA5A3B79EB2038BC31467EE98AD1EA501B492EEF950B5B3E95AD0D792B585E3F6164E6B5EC52701DE13B6C7D832D339618E4C7372F8D02E48E743FB7477FDF8ED746987F72F4FFD46F1CEEA5340ABFC82D4461181EE57
-20180404093010 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B396361597
-20180404100034 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3973953BB
-20180404112136 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B399EA8DDF
-20180404112714 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39A1427A3
-20180404115040 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39AD94553
-20180404130727 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39D6ABE8B
-20180404132841 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39E19247F
-20180404140647 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B39F5CFEAB
-20180404144308 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A087B8A7
-20180404154403 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A271BD2F
-20180404155315 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A2B7E4DF
-20180404164237 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A451FC23
-20180404165126 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A494B437
-20180404172833 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A5C78E83
-20180404175448 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A6A037D3
-20180404183147 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A7D443E3
-20180404183316 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A7D883F3
-20180404190024 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3A8B7BF5F
-20180404194132 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA11DC3B
-20180404195020 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA5664E3
-20180404195123 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AA56EAF3
-20180404202233 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AB5A9C37
-20180404202802 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AB8229D3
-20180404203244 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ABA0DD8B
-20180404203913 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ABCF8F47
-20180404210704 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3ACB6CB0B
-20180404213123 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AD7FE977
-20180404223506 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3AF9772FB
-20180404225041 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B016049F
-20180404225753 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B04C3C37
-20180404230652 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B092364B
-20180404231941 2 6 100 4095 5 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B0F7D807
-20180404232637 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B127CC5B
-20180404233306 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B154E443
-20180405003707 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B373FAF3
-20180405012137 2 6 100 4095 2 C287DA1692C8760D889CABEA6A7055FADB13C9F064C87322D569B9C574001DEBA1685DA8DFFB9A11253F685A3045E2CEBA057C35DD417F717110949007702B25A37AEE60C3A1A9AA6A1667C15BBFFFF173DF27813A74959756822AB34A2BB97B2F408CC6A994ADC83F05CB8028784B859A25032D691F1DDFB1A87F47EDC289FE4452BE4E4D7B07745C1D5A901E7EF0521465DFFC1EECAB7E4F15172A90257AFFCA11B455ADD24067B20C20EDF9B5B59BDFDAE03BF0AB39A13E60515CA8ADE3273BBCA8290D3B581F92B61F1A893ABFF16255A9226638159640F7869B5C30C8FFF3C3378B14E1A5529C8DE120A9E2099388E1217BDDFCC1708F37E74BDE5D0A2DCFDC4DD27BA697C3F8238182DA7C5D02431E086067358CC9A9B4EFF7C8D7FC9F0C8C0528887A194A6D0613AEE1EEDDC7A315AC1A178E9377E488F49367573BA8EDF80FD6EDE2D256F0614AF81B8FB1B243EA7F04CA6BE0E0BE9F43525D3B6718DAA5E2FD3D20BE3F37ED402DAFD7F19C39E51A40868D3F79D45CD422A9F7454DB3FEFF205BE4C10234914FD8882B344DBFB5C2BE5B576EA94EB62C3AFCD012EE7F82F0744BE067736E9A78EF38E6F06474E025776F138AF84E4093AB36683A60D0DB5CB9F75CA7C4303059E0DDCE3A641A3278F5015FD42EAA79B72E5F0D2EFDAADE3B76B23DD4C2A39F359B3CA00F7584B729800B3E01DC3D4CD4B3B4E4FE3B
-20180405071813 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436983FC590B
-20180405072141 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436983FCDA2F
-20180405132535 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698806F173
-20180405133926 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436988262AB7
-20180405165648 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698A47BC0B
-20180405195101 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698C28BB2F
-20180405213026 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698D395FBB
-20180405220015 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698D843327
-20180405231702 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043698E544067
-20180406025336 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436990AEC063
-20180406035121 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699149227B
-20180406063935 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436992C6FC43
-20180406115213 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436995ACE13F
-20180406155248 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436997C8EA27
-20180406170431 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D595320436998593AD3
-20180406184640 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699940ADB7
-20180407000748 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699C562CCB
-20180407041558 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D59532043699EECE453
-20180407070330 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A0B1D577
-20180407100408 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A29D405B
-20180407103952 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A2F83A33
-20180407123940 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A43ACBEB
-20180407154812 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A62F48B7
-20180407170835 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A704C5AF
-20180407175007 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A76C88B7
-20180407184438 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A7F65E03
-20180407195743 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369A8B41617
-20180408071229 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369AFC7905B
-20180408075553 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B03562E7
-20180408124736 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B3416E27
-20180408125929 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369B35942B3
-20180409023705 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369BBCCDCBB
-20180409072217 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369BEB6303F
-20180409124237 2 6 100 6143 2 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C1F95DB3
-20180409150941 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C3A97BA7
-20180409162805 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C56C92A7
-20180409185627 2 6 100 6143 5 E0CFB3582CE2D136E662908DCAA4CD666F574807FFFFF04BFB357D087BD132C8B569A579EC7FEDA39DA9FDBC7A8B289953FC1793F1B5D0F13A317C5F25554892D8A4F4EE9E85B9737D1412316C8169810745D8AC420ED45AA5419137F86E811AA101CD8746EDC5AF653499CA5585851205807E7EC4A3241FDD4C302AAC131FE24B2AC3700D3D21A82EB999FD0005E810811CEB2B1279D95E028269503DBF65FB23CBFC595B12BC67EC4A77D00324909088B6FDF511ABA41732957D32CC436FB0BE95E04F46DF57EC93E4FBD8FF12E18288384CBFABB1BD58F4A047CBF1AB831B43C550515DA98CA33697ECEE8AFAC110E7DD284D531324AC21013C86CFBC9DC286B6669534D8E2D40319E9BA9DC5ACE1825354E1869614CBCB708586A9455D20FC3B724C6FBF941EAAB3FFA61647906B890D9C8F2831A59B7A9A4EB6305DAEDE94A0525C8150EA3B27FC405430B82885E8EAA64A46E2E24DA089A0008C09C5B8117F5E5F397DCAC43906067AE2C6A1B7C1D1B2D233EFF6CBC472F328053EB666EC826604ADA4E27CA01FF98B7A5ADCF8FD3A6E2F6AEC4F36CE8D1D847E611CFDDA7B53AE4F0BA6481A2265D134B5B78F8416164B262CF58FA8806090613D09FA2E8CC417AF2A3208F5BB210CA87927C4FB980C9B97A743CC1B3A7BB9E22DD78EDFB52669C4DB24F796C5D99038E140CE81A9DFECE675F200DC0DEC203FB94380EAA8D13F30530A410BCBD393137FBF89AB80D872D6A4A46B303F01E79FA05DEF4F0F2A2ABD0788459E4C678F3952072570971EA5A686E5964D1C3A61E2311F57E7AB8519809243EB88A87A21B6589A16862EE1B9B4DD452950DDBB5D5482099FC667B5F9A43E3F803D9D0030D0D6E0F86DBFD2B0C2A67B9BFB1F318C6DF0745F75F9F59C7CC62F4763FBBFE3517BF28D9B68372674CBB759E150F6F06FB3053343D54DB7959B79C3764FE57AC25EF6728F1A6A2C6D98E56841DC461BBF12BD23E8C058D500435777431ADC23CA373B0F4A43B5E18787925E79113199A368F30692429BF3041D9BC82BFF88147C3DE432169578E304C72D5953204369C8DC8A0F
-20180409201511 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E047122A7
-20180409212042 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E06189297
-20180410021123 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0D35B28F
-20180410022638 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0D8CA623
-20180410024637 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E0E02E03F
-20180410063306 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E1393582B
-20180410063848 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E13B0682B
-20180410071153 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E147AB73B
-20180410082253 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E16363257
-20180410101335 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E18F03B13
-20180410105609 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E19F1DE37
-20180410152104 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E205A4ACB
-20180410153733 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E20B2606F
-20180410175655 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E240655BF
-20180410204830 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E281EDA87
-20180410231426 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2B95718B
-20180410233438 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2C0621C7
-20180410234833 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E2C5297E3
-20180411035657 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E32375BE3
-20180411053901 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3499E12F
-20180411073150 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3738967B
-20180411073910 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E375B7807
-20180411075734 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E37C0C66B
-20180411081855 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E383A5BCB
-20180411093848 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3A0D60EB
-20180411094657 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3A351317
-20180411110541 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3C08A7A7
-20180411120731 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3D6EB9BB
-20180411130125 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E3EAD50F3
-20180411151653 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E41CC6D9F
-20180411152943 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4210423B
-20180411184911 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E46A13843
-20180411191726 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E473E26CF
-20180411205712 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E498A1853
-20180411212652 2 6 100 6143 5 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4A2D607F
-20180411215657 2 6 100 6143 2 E01FFD7EC91328929E4FD6183C9C9EDF4EF8CFC608D943A1011CEE0B49D7322663D64028F7205A4F008A0C8F393F91FF42D1C7ACB6B4041D0DC79BB0DA6D394532A0E33BC96FEA6EC2E67987F13D2F218B9E8A46D20125D822B6AA1C9615087E5C667CCA74414305E3382E20792B058F61D9DBFD93EF80A2E30E17FDB883F79989B540A6E467D9CEF07C849B659890706CAC7FF6F95669DAD0D9170D485C298AA940C6B7B3092E265FB512C70F36E3D6515B7B799E20FFE9DA35F932C3F2C238F5D8BCB92193216563D6163EB9FAAFEDD0E8A1A3F8CE292E8A1BEF630C5E75D845444B414017844E9560C8309CD54BF9EEAB2CAAE888226AB8031F1569A728256BB6FCC14DF314314F9F2DF75E781E8A4A5411ACCB4D9E3103131F52E0D14386A6E107AA7A522E42F1A41C8A8E46CE69E824492B87BC8B34A457EC25A7508B3E1A33BCC9E99EA754163AEC31161A83A80780DF46D36E757CF90C0F002DF73AB406F7DF81FDA75AD7F3F052EEA91955FA737616D8D4BB87A60FF471400D50688146BC3C10FF60A35D8BB9EF6BEF26497361118125FBEE607726AA408674A45931C87666146BE520503A5241D49B964406A864749C50F9B2718B8E0F62614DB27F35F53D57F70CB4ECE081BD377CDBA5C4AD75BEA63CB8E2653E52D11C0CAC67916B0C24232FC9D90091C7CDD317D4F60D8271D81E70B79031BE25CD5D6CC1E7A04FAF98C25B143B9D7B08D94160B1737AB49F55A01AF3A9BB7C8C261E8F2F84A1995C752276F5F03E54EE22A973F63C73083377DD6851634AA5568AA1173E5BE96606D946AAC82951E326750E18C2AD12C311EF784AD9014BEE322032B45244BD6EEDA224CCDA93983C8FB326F8C8B02F5574B0BC0CD7BFD1C524CD66ACD8A7AC1619E57136F2FEB5F49E9791D4E0F0C9AB8B9E7A98E49E5603D4E02771EFC9993ED15974CD0EEA50510C410FD884CB5D83D0FCD0AF7218D49523F95C4C396CBC0359DABD75EC138910788E1766649130AD089F565ED926B4F26FEBAF9CA4F768E6CA6E6BB7E43769B7D46E2F0D6A63254B41715567635FC1D38DCD7E4AD99963
-20180412095549 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D1E908A07
-20180412222127 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D28C808CB
-20180413014812 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D2B32FFD3
-20180413033600 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D2C8AD64F
-20180413142737 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D34F03213
-20180413150907 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D35714FEF
-20180413164654 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D36BB8D1B
-20180413202724 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D39A4E13B
-20180413203949 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D39C6A4FB
-20180413211909 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D3A44F883
-20180414010718 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D3D3D3257
-20180414125221 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D467C1523
-20180414181319 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4AA2837B
-20180414202910 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4C60657F
-20180414210359 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D4CCB3D87
-20180415054313 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D53659F57
-20180415133017 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D596ABEFF
-20180415160204 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D5B5415B7
-20180415222232 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6018A3AB
-20180415224834 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6064EF13
-20180416005338 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D61F17307
-20180416021119 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D62E1D04F
-20180416083930 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D67B78127
-20180416182014 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6EDFEF6B
-20180416190916 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6F71FA97
-20180416195012 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D6FE60F77
-20180417005002 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D737F03EF
-20180417031611 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D75497E7B
-20180417042601 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D761E7D7F
-20180417230051 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D83ABCCEF
-20180417231044 2 6 100 7679 5 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D83C22B2F
-20180418011858 2 6 100 7679 2 FBED7F3DD7CF86B0A6EEDC1930C6958C3C00695DAF4347560C5AC1AA4B22F4DC76F190D63E230EB0CB4344A370A471F17FFCA8DA3B5B0A903F9D1258370125F6C172F3EC5F56D7B8EBD07B2072C45D6141DA3CDC01C3D95DE279C5FAA1E042651028141085EB68AFAC473600F75F4A373DC234D5405DCE7AB5B5854960ABC550FCEFEE8FD578810201DE6B4A5EF616F0CBF5707466D7ECBFD488EB68AD4B2EAC889BA2B7FEFE19CD8AA2C78F61D5DA08B4BC2738E1997F951A525EEF9F668148996D1ABFD1620F9276D741A46BECC0B7868A54745E0B16589A4AA7B938AF92FCA0FC9BBC193504D7EBFEFFEC996746DC6CAD3C192D724FB51E6228915789FF18314B3EB690359ADED802F35F48EC0D9C85AA1A20A2E5CF6EB795F2CCD03284547688B1B80A07EFC31668D30836C59C958BBBF6C1EE3940CC43A9334289C872302BB70368FDAC1653AF132F3E398E9310159C839E72555FD889E4E3B05E714E44E116804BF3748F62EF46E6A05DEC58A55185E43E2310EC945004AD61945BD2AD923B7B3C69A01C0393C15B6000BF542A55274ACA20B8A6EB96FAF83E27023FE0EA9EE564959A91BE17110176FB10D1A094947A23EFDE15DD093EF477EF798BCA8F5E14F85411242BC9C9492081444490C072BE8511B3C961AAAC80477897B54BDABE78C533F2E149FA64B51936E31F126625566CAFBB57E9F36CE0DF72A45E61AB27B6D25DEA3BA35910E16BB00AD300CEE2535CE75F9411DD43943250B03EBBA60C5C788974F2F695967103045F3A90A587AEFD0613F9C8E10A273DD827A314C75C7DBCE4326191DBCB92020CDB75129BCA032B6FD59D368C3E2404B2832398E40F43ACE284A91DED8812AA23E5B5A1D36AE204C53F1C6EF0E89AD31D1552E70538451847D7332D8FCACB62A1E56C1E5643E4F7AF63C67E082AC95DCB190795FA53522FA046F1919C81A088D7A8A452124E562BE2A702139670E94524D3110B9DFF35AE73F43280600B8304FA2E776089AF2ED929695967998E29A343FF62C4CAD7618222C01735734342FD33284BE9BDA4976DA1BC3B384E6F813FCBDFA3DC57B841515836CB2B37116EB6D417BBE6AEA7604AA915530AD803DF1C13656753C1A5867F4A3AE94BA7347580EE5A6CEBD2F3EB9B7F83E7B74F38995168F08A15A4CDF5702EA9DC907FC45910586D59537582DB1D5F155BF0050866CE3087560F1F44D1F275FD2B422038F9D8643C3BEBA49938D514848AC4F68F4CF44329C7E806B911B0CB7FF0020F3277A3E2B4FF17090D012B641E24D67A962E2FE361504DB014155F074F30F52078CB31DFC51B32746A42EDBF013F9920CFB17D8545B2B3
-20180418054538 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00823770B
-20180418071157 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00950BDC3
-20180418085254 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA00AAFBDDB
-20180418174929 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01225DA53
-20180418210652 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA014D6E5DF
-20180418211238 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA014E1D75B
-20180418224228 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA016133603
-20180418233547 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA016C53D1F
-20180419053435 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01B7B0413
-20180419055744 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA01BC212DB
-20180419135850 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA022362F53
-20180419162659 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02429C813
-20180419214419 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA0286020EF
-20180420033054 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02CE157FF
-20180420033355 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA02CE22F0F
-20180420131137 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03463D903
-20180420174655 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA037E8E853
-20180420224816 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03BC5BAEB
-20180421002804 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03CFF8483
-20180421033707 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA03F5CEF07
-20180421044121 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04029ED83
-20180421054539 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA040F07753
-20180421080206 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA042A70927
-20180421084346 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04323E033
-20180421135101 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04708373F
-20180421220150 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04D33A023
-20180421233337 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA04E52D9FF
-20180422094542 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA055FBBC03
-20180422151643 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA05A0B8E53
-20180422163933 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA05B02DF5B
-20180423004105 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA060EDD493
-20180423045850 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA06410777F
-20180423175352 2 6 100 7679 2 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA06D85A5C3
-20180424034739 2 6 100 7679 5 ECCC9B93ED119552D36A774B288F541A81536A13B8D687B23174D680CE3F21B8FA088685F5B965215AFA69736E741A3AFC2AC82CE16162A1E4F0012F28998A638AA98D0789D6C58D92F207EAAA33E467C801891B8D37651B66E0942CF6AB7FD8E0D09A6D597D582BA48563F1450C3300218874730D26EE8B6505059C95C1C764D5FD736BF0A64FAD10F0C7D52A8A57C3FBD653887AAA890DA7AFEDA55DAF702EFF06CC722D147DAA2C8B78F0707F51D2B326BEF8972F5A289829E998B94D98E0ED663143797B569F3A6B56897B5726A38B042806FDFDAA367A4F63C4BA31114300B6290828321C30B25DF97F273041E30A404836E84BB32E0620DC558047FC011A1205126F84D9F8EA5E607FC297E5C9FA00D803026D8126C08EF68B49F6A6C55DCB06EED0B666880CD49FCBFF598055D5E40303669CBC55D85F583DA5EF4F320D6E6A50ECBBFAF8C1F7209655EEAA58BFC18EB9FA20B29EC63FBC810C3A2EDCF8E27FD98975C87D59D9C909895AA10CEA5F7594ADD3ED1EBDFE01BE0559423475592A0E2936E4671504337221F897AE3016BC4670C6B765F5FF1185933B26B1183BCB1E5591970F40A1402EB19EF2644E941F67ABB31935259308B4A5271541F41653EB5E77CCA82214C9C6F4E42E8A3C46CC9BE15BC868BC45B28027E515A16554B9D4F6AB57CFFE42CFE0B42BF83E53F27B39AD95E000C329F716E51D15D6CD211E87AAA83A0F1175F5E1E8963A57DA656FBC19FB42661F14328B05CA7F1A83F49044A5086E6AF56225B8783450E43CB1B6F19061441AF58053BBFAACBC3A80FF5F19A8BD873F487A8FFE3DECD35E77EB2C26387EF66A3EED98C773211914115AFD0776FDAC90CB65479DFE59C0D199F195BBE9E4B2F70A9B1A41429002C2998FAB0F2D6956731819D9F5175B92FECE43178BC69ABEC6E2C18EA88289C5B14C58227640D02F614A9A881633816B9DCAC79E4721EF6E42691902AD1CF565600BAA8019310CAA0AC1087A86846C2E9B96B82C3F0CE52EE73760111061EF090DCBF47882710302A65FBDCF380F84703FE3D4FF7ADD0CB7ED65C889DD6EEC24D01F92771DF3F3D8DFB4BDE234D4A35AB20B22BF5D749398C9B6AE5C7B62DC11ACD887A49586238F5B6D37B47EA6953C3E339A9B40EF3EB01DD70F69253BA9A262777C75DF175195D172BD8233FC7B6F207154EF6E2F47533E359D24EB312A292C756C34A2D55A16452829DAD7A9731E2026E56486F6A3C07380DCA1AFFF270464DA8FF34621FBA715C5853EB1D4EA1C4E23B43CD1CDE1F252B728875F187626A813B4166CC34A62A5D6867E0B605641CEE8025F0AD73DBE4443286CA074B2314F
-20180424155916 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFACFC9C07
-20180424222331 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFB180A887
-20180425154127 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFBD59073B
-20180426001519 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFC3391D93
-20180426011753 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFC3E66CFF
-20180426121313 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFCB4C31C7
-20180426192735 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD02C1487
-20180427041246 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD60EF383
-20180427102113 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFD9FE975B
-20180427110709 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFDA77CFC7
-20180427115833 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFDB032A8F
-20180427231209 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE24BAFE7
-20180428032748 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE509AE73
-20180428050334 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFE60622B3
-20180428204832 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF035C75F
-20180428220506 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF0FF9743
-20180428221212 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF108842F
-20180429040829 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF4BDEDDF
-20180429045604 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF5372357
-20180429052346 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF57C9113
-20180429053535 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6CFF591B0F3
-20180429234833 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D000DBC47B
-20180430061137 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D004DD4873
-20180430071004 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D0056DDF9F
-20180430074559 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D005C5181B
-20180430091811 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D006B26D17
-20180430191732 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D00CD17013
-20180501005739 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01047BA13
-20180501022059 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01117B47B
-20180501025617 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D0116B88A7
-20180501031400 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01190866F
-20180501201356 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01BDDAB3B
-20180501204003 2 6 100 8191 5 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D01C18942F
-20180502033416 2 6 100 8191 2 FAEE1044985A5E9005F621D69401F45F006C4AC70C849E5C17F3D28A22FE2C86DEF3780E73C15BC778C65638702E1DF6193E19C79BC8A9CEC1D64759E6E8E1B3754AAD1F82819BDB1F1E224F7D7BFF62061D89F6AE8D8EAF444A543333A4E71A4EBEE16AA9FEAE434FD965B90E6B57A198C12619CC31EF4F2BA3ACEA4C0D31EDD7BD715FE76FCD9282221F27F6CFD678ABC0458E4EDFBB72FB23333A3137C1C9AEB0AE4E5D98148527A5670311C0181861C1305901FF9704C64F88B75AD76574ABE3B5CEAAC2F675F5A56B807B2D9FFEDC975C7CFC6C697A18ED7F3D76C164FE108255F43971A3CCEE8FDC5E95F38B6ED8F8B150E17A7780E2D5CFD9A4D35BC4E2B3C3F4F286DC9DD0A8A53A22E643AD29753AAAB58E4C268A4145B1958050895F7FF5EB300FD0435824024F6DA4C38039A621D8E553493D964479DB2C1647C5123A9ED27955117CB966D41BAB3FA2F6AE1CE0E9787E3C815B1E3A3E3002B0BC54A89D66A3B532E8152BB0FD681D134374B4F2197F0B451E4C68C589E1F213D42CB62FC749D0883D9A68B39B93A1582F957AC989E5664266BB53BB8A07C84F662D5E3B4D4B277840A98B37F8A2CDF892085AF77A0AD370B2A4649F2381B7136AEB189421C6C801DC4F20273922A57C76DB4DB487DFC33DA2AC490C77E8ABA4AC719E6F0428A37ADBBE04F776199ACE29C1BC3B8A1F8E0D049628FDA016735559589D660FB23421D29745528E160F60B5D1923E685D0E04BE9DAC15C90BCAC4F4A7FD5CE52950734F2A849CAAB083DD18324EE82D1679146E60C290A97E2C94FBFEEDD88DE9EBEB346DF9E11AE14F4540A84F98B210E5366A03A82128986543C48FC3867431B2531AF99B379CE7E8D3105C574B0D4974295E98EFA2C01AC31C80CB1654BCEFA8467A55BC7B55ADB92DC1BE438006E5392ED521B5817558DE5E38172D023E3236EEAE34037E92EA61D6DA463212E012E603709D65EBE8062644A17B1A00FF5DE6E42FD4B3812DACC8C85754616A5539AB60FEF0F9170413E94D3052CBA3A7B9FCF46F318D30DD88DD988C9C16F5BB8823538A8DBC4830B00E7CE5346277E4DAD464128025955E7E5FD184C40EEC184B6143FC4720DA45C7DE3ED4849D6ABC89B1C01D6761660EA595B65E7F70457A32A4D63CCC6FC9736ABDDB9AE9FC8FB90388DAB7BD2189B38488B17DA76B96DAB6871475F59FC36BD53076293EBF9970A1081BA84E44A3A109F6B7231E64C1C54BF9AABD2320185DC054672B2F8F52172CD262F14CCA3237542F421A2413DF5E371DD4F1297E01D81E392A6C4F3BBABAA3091B2F10DB1C4A2C12B0DDDC279F7AD45992225ACA55ADA7CB6370B07B0CD5B935B8DF18BFFA2567EBF77658772D043318B6BA159DBD3AA48C7A509A1F887A05118CBE1470599C2683D9C00DAA5480A05FFDDF7612E6D02024C2DB
-20180502214537 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED639CFC883
-20180503020255 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED63CD06DCB
-20180503022319 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED63D0368DF
-20180503125648 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6446836FF
-20180503155809 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED64679B30F
-20180503191156 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED648AEA87F
-20180504050354 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED64F75441F
-20180504071143 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED650DC49F3
-20180504084722 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED651F00D33
-20180504103430 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65316D0B7
-20180504105453 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65348CDBB
-20180504234946 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65BF5CBBF
-20180505042813 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65F0A04E7
-20180505043446 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED65F133337
-20180505082348 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6618FACC3
-20180505142452 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED665916E9B
-20180505191845 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED668B9BE0B
-20180506011717 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED66CA10377
-20180506064643 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67028E243
-20180506091931 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED671CB9597
-20180506094237 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67201565B
-20180506200807 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED678BDEA8B
-20180507012051 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED67C15F093
-20180507102714 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED681E510A7
-20180507105523 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6822806B3
-20180507204038 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6885CE023
-20180508025258 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED68C4A13A7
-20180508064503 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED68EAB2CC7
-20180508094511 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED69078137B
-20180509200633 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A5AB6E77
-20180509233450 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A7C34C7F
-20180510003712 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A85E2007
-20180510011010 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6A8ABBDA3
-20180510075358 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AC65344B
-20180510102028 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6ADD74BF3
-20180510111207 2 6 100 8191 2 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AE56234B
-20180510122304 2 6 100 8191 5 E3FCBDCFD41A409C58BE083B6485A2D67E20931B1F469774BAE0F1AB2898B800032581B1C4FC71FE136087937A885AFB6FC9E582DD97B8DE3AD2AF861419D5F06278316DFA78BAE7EF099889F0E99575C7812E7240B67623E7877737013A7D5DB3638040083400E8F27600BAC0650D24220CA1B3C05FB7DD70469A201DBFF1308ECA1C7152A6016BB89BFB6C625715EE91A92EA1848F0B2491AA92187468D9E8442679D7F5F6B64BC9D5A3D4E9B58C59EEEB65F8D6B70A71099E1B420BC0FD750CB2F333C23C97966BE727A6B6D9AEC8C0EB2436E01770F03840BFEC9228BB6DD46CE27D5739E18429F464FFF6812B0F66A8B0024BE03294900B8D0BC3CA6785F8C418EFE7068B2CD190A54BB9F90E05885A5C85DC069495C2009F79DBFD7774D7D65B9831FDC295CE146F4EB91DC56ABBD0B64BEAF3C340E0BF123A115D12289D44B650FF8461734308F4701CF2C199676DB3B4804FCDBD6B08C5D4875073AD5C575CA0B64597472A5C23EB4277B52B1128F3B1AE363E36A2C2D6EF5FCE00EE1573A40AD5ACDCDADE3E2672979CF68E87530520B2CA2C1110CBE4B631F3ABE83CFFDB7D5ACDD6DCA5916E30B1771FE29C4F60163B62349B66C0EDDCE8502F7C49DD4089EA5AE31FFB220A88C8D232367B52FAB7644F02E7EC10378697213CF0D90DA83A9941C217C559F88DEC6587AD953C95F11C575F0EFA9CC0650955C733910F2F90C78AE367F67B0F496A100E0B018731404D2BAEC7420F8C2B1FB6612AF69ECF369F236DD0BFB0ACBAED4141B2A14591C6475FC5C3D4E9B6229ECF7E288C015D59A35DE67F633DC586609AB3AB85A02B99DDF1B6FA7D54D4B2DDB767CAAB797C9FB29594B80B5BAACF777666D0B35CE6EFD8E46270C4D715B74FEA64FE34FBF4332BB4E8477CA438645C24444417EA5769B507925FB4B8FC59E429F1EC593C397F71087A080B39A192B5147D04D9F30DC237764C810E519B74EE90F047D0829104B6BA1A01F1CC18C85BE79F52084FAD6D7BF3EDA36D63981D8B75676740DB1AA6E06AD0C1F6A3B665D2D9D0E363FCE37B581C682A5F554D820849CEE7066A7DB011EA7D916B4A45212CBBC7A56ADAD33D203B8A1EDA03064A34351916C243E65D45425974C1468A626B773B48962108203F02814F15640149BCC2325C40F2457F0618CAAFDE26162326F2F81E8C727FAFED1B43E3AC8752E9F4EDFF5B58BD316882B555E63278FEB00B61144703C060B6188F3528E176E9B2D5996579048B723EB678CD56FA979004270E9F88F235404C522ED076E9F287097F2F7600A2D4566D2F6EFB600A9854B61CDB4363040D4F30D96BB011EF4BB0E0F21192F72B106B4F38A79FA384978C3C2A9AB94534BE01C83927BC95A9C5E55E618D7C5D77A9FA39664EEF11B2D50F59396DAD7CDC23F17948585BD88342EED6AF06789F
+20180920083436 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0BE8103
+20180920083444 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0C7C3CF
+20180920083448 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0C8204B
+20180920083506 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0E7A6DB
+20180920083516 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE0F5096B
+20180920083532 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE11027BF
+20180920083549 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE12EA013
+20180920083601 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE13F42E7
+20180920083617 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE15AA2C3
+20180920083643 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE18AB6BB
+20180920083714 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE1C69837
+20180920083747 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE207143B
+20180920083825 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE24E3977
+20180920083852 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2843EE7
+20180920083857 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE285908B
+20180920083917 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2A7511B
+20180920083924 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2B08EBF
+20180920083936 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2C326CF
+20180920083953 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE2E0BCBB
+20180920084017 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE30D862B
+20180920084034 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE32AADEF
+20180920084040 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE32F8FDB
+20180920084114 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE372E443
+20180920084154 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE3C3748F
+20180920084236 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4158847
+20180920084247 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4262F2F
+20180920084310 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE452029F
+20180920084323 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE467FAEB
+20180920084353 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4A3A77B
+20180920084435 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE4F4FEC3
+20180920084446 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE50404F3
+20180920084451 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE50889BB
+20180920084547 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE57A3D23
+20180920084627 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5CC4913
+20180920084636 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5D944FB
+20180920084649 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE5EF41F7
+20180920084732 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE646894F
+20180920084755 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE670C3B7
+20180920084818 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE69AD617
+20180920084821 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE69AE223
+20180920084833 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE6ADE1B3
+20180920084844 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE6BD0ACF
+20180920085036 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7ACC18B
+20180920085043 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7B37CAB
+20180920085052 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7BF34CF
+20180920085121 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7F719A3
+20180920085126 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7F7A70F
+20180920085132 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7FD3383
+20180920085137 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE7FF6C03
+20180920085143 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE806800F
+20180920085147 2 6 100 2047 2 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE807F56B
+20180920085153 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE80BD7DF
+20180920085205 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE81F7F6F
+20180920085257 2 6 100 2047 5 F13B549CC6FE8517551E48FAEBA8D93EAC29403838E22ED862927B8AC9A9ABBA96AB7E306F0A01B75C0E960AB9DEA0F8519BAA2F13E541E194604848CBC9DEC51165E7A45897104B4A9C54C7337270A8B1B7F53B9DC203744ED2C634889C879E713BEA519452AE800B390FFBABF40B992AF659947D3ED78AA04DDF51C84D7B0824978643683F2153C99F682E30A25683CE180948F62E2CC1EFA1513CB16E74117334356E4E365132BB37BA41B4B79F148F26842A61F12D42B149F3FAB0041CB7DF7F53742544FA4E956D314B140F49786E23A5446C1F5CD55CB59D845774C6D6EF1CE5B7426F351FE906C69D23720BCFC5E250DE2786ACEBEC823E1DE88D9BB7
+20180920085403 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79F990A17
+20180920085428 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79FC4B55B
+20180920085452 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD79FF25EFF
+20180920085519 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0250433
+20180920085620 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0A900D3
+20180920085639 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0C7B767
+20180920085651 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0DB38C3
+20180920085658 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A0E45E73
+20180920085744 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A13B7883
+20180920085800 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A155F0FF
+20180920085834 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A19802C3
+20180920085838 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A198FC0B
+20180920085854 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A1B38723
+20180920085908 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A1CBBC3F
+20180920090009 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A24638B7
+20180920090031 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A26FE49F
+20180920090036 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A272126F
+20180920090057 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2962B0B
+20180920090107 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2A69E27
+20180920090148 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2F49F9B
+20180920090155 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A2FC98C7
+20180920090222 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A32E8983
+20180920090227 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A332034B
+20180920090238 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A341BC13
+20180920090357 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A3E82A8B
+20180920090414 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A405F593
+20180920090443 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A44029BB
+20180920090533 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4A62F13
+20180920090600 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4D96A23
+20180920090616 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A4F1B05B
+20180920090637 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5184683
+20180920090705 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A549FBCF
+20180920090716 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5593157
+20180920090727 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5681F87
+20180920090741 2 6 100 2047 2 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A57EC4B3
+20180920090828 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5DD04FF
+20180920090834 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A5E3B3D7
+20180920090935 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A660A94F
+20180920091000 2 6 100 2047 5 FAEA3B642004FC1DB17244B7DE6AE7EFEA5B3AB4D54A13674A0E4B460E9D0716E6313530F9BA5D9C959562FD4A1D23FC92D99F1060A3C1B374050C77152C461AEC19CBE7AD6818C48CC9568FF8F4E45367C1053D6DEBCF76BD4DE8E3BA808FA43A3649722202C83417ED96F423DCEA18BB3F99E4598C797D05E0D3E6D2E27A5EC0B10304BB7643AEA01DD989AE84AA4B08AC3AA5613C222C41F5CD46EAF191343F1D07664F2D6E7BC876BFC46CFEFBE50991EBC15664112F6DC8D58D6665B9BB9F974D7210AB8E04F963128E43D92B6D645A963121058BA29C668AC5DA81DF3CC17908D240E8771EB52E4396AB6DA2157F3EE55D0C0E20A52C560FD7A68FC267
+20180920094201 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11528E4B7
+20180920094613 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B115D90A53
+20180920094828 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116301C17
+20180920094842 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11631DCAF
+20180920095300 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116E4CA3B
+20180920095312 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B116E4E133
+20180920095413 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B117068663
+20180920095436 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1170E270F
+20180920100204 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1184656D3
+20180920100341 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11883D577
+20180920100505 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118B728DB
+20180920100550 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118D00F87
+20180920100609 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B118D567E7
+20180920100942 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1196905F7
+20180920101027 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11980B233
+20180920101047 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B119877CCB
+20180920101204 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B119B78FAF
+20180920101600 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11A5CA257
+20180920102200 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B5728B7
+20180920102235 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B698D4F
+20180920102336 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11B8BE2EF
+20180920102711 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11C1D39BB
+20180920102826 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11C4B4083
+20180920103322 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11D1356A7
+20180920103630 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11D93FB63
+20180920103932 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11E0CAEBB
+20180920104303 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11E9CB9E3
+20180920104717 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11F4E4B63
+20180920104816 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11F72025B
+20180920105139 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B11FFAA343
+20180920105211 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B120087713
+20180920105407 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B12052E023
+20180920105834 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1210F24F7
+20180920110033 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1215A8893
+20180920110055 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B12161A467
+20180920111239 2 6 100 3071 2 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B1234E3F83
+20180920111553 2 6 100 3071 5 DE6700153B27F195B230266F3E9064D8646E4E27111A6C5A013DE98A5CD7F11B31B1DC4C71DD72CBEC38DA508B1AD04CB69A372B8D01396C5AE7F5F99C3C3CBE1B2B3287C6AB5794E3AFD6C4E5C8E23B76E21A479765DD7D0D8D41A75DA966486E2C94030AA81314CFC104172048A82D95F402FA9B12E2CF3469AF6202F527BB5FADD82F7F5A67CF47EAA9F70FA02A55D45688EC65A26E8A8BCBD47BEA5C70721995434D0736F3396E9D1681BB08A336B0A9E3340AA24D1E9AC4B33103438C130B4BB87A22D3D85B8BC66B66679790AF7429D0B8F8CEE9BFA7F34239E0F109DABE5370196CB46C134B184178ED494D4703A681A18FFE9A4D6FF5EE71E141EBE11C6E3A6FEE7586F9D5B400EFDF06289783269BD86F1F38CABB0FBEAE666C0FE9EDAF7D1017DCCFBC4AEE1F1BE6FDA3EBD47C7E2BA2D54CC61B740E94B171E0FC2A0F93BF1B93FA4C1D6050106D20A69C11B16AC43EA17C6EE954444B05DCCAD5DAB6794A98FEE7256EA9B1F817E80D86C9242CFA02EED926E200C7B123D4E7B7
+20180920113107 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BD211E4B
+20180920113301 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BD69A2F3
+20180920113601 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BDE3D567
+20180920113838 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BE4DA06B
+20180920114445 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5BF499357
+20180920114933 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C00F4FE3
+20180920115406 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C0C7C2CF
+20180920115734 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C159195F
+20180920120001 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C1B99ABF
+20180920120514 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C29330EB
+20180920120628 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C2C100E7
+20180920120657 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C2CD60CF
+20180920120944 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C33CEF4F
+20180920121341 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C3E0892F
+20180920121628 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C44E0077
+20180920121700 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C45D1D9F
+20180920121822 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C493C143
+20180920122041 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C4EF9D0B
+20180920122429 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C5898C03
+20180920122505 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C59B843B
+20180920122536 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C5A94107
+20180920122806 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C60D5BBB
+20180920123304 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C6DD0793
+20180920123753 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C7A1DB4B
+20180920124152 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C842B8B7
+20180920124601 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C8EEDABB
+20180920124906 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5C96EA9B7
+20180920125743 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CAE0E013
+20180920125855 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB0BFEAB
+20180920125915 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB10BF07
+20180920130235 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CB9812B3
+20180920130731 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CC62B69B
+20180920130910 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CC9EFAAB
+20180920131150 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD0A69F7
+20180920131303 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD357E3F
+20180920131355 2 6 100 3071 5 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD51C05F
+20180920131419 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD5A0C83
+20180920131529 2 6 100 3071 2 D55876EAB302ADAA592F62BBE1E67B18C153FA6D93B6CF3C0D0E8989C13F29E1F6638AE58634C6A3C067754CA1241A8EDA45CB1306347BC6BA69D2CE5F515238C78CAFEB65D4FF05D52048EB048BE9B4C127C81EC60B978A372A5054B89BA7D8963DA343DB7F5B673B275E34D03A25C098FEE46063F963E47CAEB67A4915F413570C89224688F4598D25EEEE97DE581256261C0053CCBA12966E31849F31BF32BC506029A41F94356714EF0046FF68D5B75EC86ACB79708CD817C7752EA5E0D5E730245B06B91953434E2325B706C70492446CFC070C11F8E347AFDDB065B680A075BF287DEBFA9D59EE918B85D5D0157CD539A5E46888F39DB448D1D6BFAD57A3970C537387B556D801960276284F363287FE0230CA1950725B1B09A54DEDDF924BE8059E38A729A400582713F149E7E1005C8B0FB302ECA12D8949BA2B4FC645BE96B3F20384384626F1BA1F4E8E045442DDD6A124DECC49B8CDBD6D4217978F69FF8DE7B7F4B15908881391F81F43DF6FBD616398BE9225FE3AC5CD82F3D3
+20180920134626 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1925064B
+20180920135427 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A19BA1E2B
+20180920141147 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1B0331C7
+20180920145454 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1E40577F
+20180920150140 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A1EBA2BA3
+20180920161629 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A24551BC7
+20180920163144 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A256E6A8B
+20180920164626 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26848667
+20180920164921 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26B3187F
+20180920165252 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A26EC656B
+20180920165723 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A273A8833
+20180920170336 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A27A959BF
+20180920170729 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A27EBBC83
+20180920171833 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A28B88307
+20180920173958 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2A47E5BF
+20180920174751 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2AD76CDB
+20180920175337 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2B3F16FF
+20180920180736 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2C416607
+20180920181108 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2C7C62CF
+20180920182003 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2D1C8377
+20180920183639 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2E532EF7
+20180920185506 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A2FAEF903
+20180920190842 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A30A680FB
+20180920193433 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A328D6FAB
+20180920193735 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A32BD423F
+20180920194925 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A339269AB
+20180920200058 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A34692BDB
+20180920200225 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A347B8EFF
+20180920200812 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A34DFF2BB
+20180920202050 2 6 100 4095 5 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A35C67F5F
+20180920204239 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A3758AE93
+20180920204648 2 6 100 4095 2 FC69089A469473B9CF3F3CCD21123CCF3563811632E7FB6CDF9CDF7726AFA4691881289B3952D2347D7BA520E95016066B02888C7EA1E633B998E00EFE78E454EAF64D6462437E9DDB4A239DE998EC0756E7ED17B7A3499CCF2E3F33A54FD223BB6C485AECA2475E2C002C303F6A55530F2F83A98059699C59A43238468FC85CD137A1FC9B9674ED5D746B44848339A9CA772E802BCE56FED99E8B110C8CA365DFB9BFDD47CB2A33CA92469B3BCC6758B73A7A5685F3FB74B6D785ACFA15E462CA9E70453CD1E9D48D146F0951E4E10773A4FBC9C8E2948D2A091525F964FDE6B60BC3C7A175FF88D20A3758B2D6C35F253AF00B95697F32446EAAA00C7B8A3C4B9DC47EDF44BC4C35052CF7304ADE74A0A9C70575FA935961B07B908D9E58454662B0ED6D8148B79FC45B1F5EDD602B13C7285A75B901183C87CF0F6C060E40D48D9910BDB86C2A253C9894CCE7034DEB7707EF5256DE8E98570375845ADABAAF81893FF6D9E61E45FE9906E61CD2FB86F4A1ABC0D51527B56D3329192EBDFA78149C4652EA23463D6FEFC6F79F22154631CEB04692FB67B815FF791576AB9BA71B0A51009D4B2ECF0ED280745831B4B6B49D951479E5E6831F19CE717025AE212A3057D21832E86C847970CF0CEA82D19BC3D211A23EE2CB6B60ED499F1910A4AEC72FEE2BCA10E8BA9AC47ED2D953E1429B056CCEAD0ED2715D2A379DD5F3
+20180920212404 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C3B843C3
+20180920212755 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C3FC854F
+20180920213937 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C4D5B923
+20180920214830 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C578D833
+20180920215602 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C60301F7
+20180920222334 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C80CD293
+20180920223427 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C8D7E023
+20180920224739 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C9CDF40F
+20180920224953 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002C9EF64FB
+20180920225400 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CA3777C7
+20180920225652 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CA6853C3
+20180920230359 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CAE81C2F
+20180920233313 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CD0FC883
+20180920233505 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CD297D7B
+20180920234143 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CDA00627
+20180920235433 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CE8651DF
+20180920235640 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CEA46B8F
+20180921000133 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002CEFBF913
+20180921001904 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D039AC1B
+20180921002105 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D0557A5B
+20180921003739 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D184F8BB
+20180921004140 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D1C803A3
+20180921004415 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D1F094A7
+20180921004716 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D21F8203
+20180921005129 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D268646B
+20180921010446 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D3556B5B
+20180921013214 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D556768F
+20180921014417 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D62CB7EF
+20180921021218 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D835583B
+20180921023434 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002D9D786F3
+20180921024155 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DA550ABB
+20180921031006 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DC5EBE23
+20180921031034 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DC5EC45F
+20180921032220 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD2F3B53
+20180921032554 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD68BE4B
+20180921032729 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DD7D755B
+20180921034633 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DED7E937
+20180921035421 2 6 100 4095 5 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DF60EDC7
+20180921035905 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002DFAC40E3
+20180921041542 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002E0D7FD93
+20180921042022 2 6 100 4095 2 CB00EACDC1EDB3E4111DB89DA6722A2D66156FC2F5B602DCE0510B47F36F6E94615D96D222BD22037AD407B782A888F534CE84C04E6B78FDF3F24C869960888D33F8396A58F34238B7E2F2BF3CE48263BE78474C422A073FCCF02C47218509E5A989208456CC7ECCB7004957802A413AA0AB3E51C29FB53A99886977A86B4C47A56C2F312D3BA2B2CC4D5CE637B13A77369D5D5CF478E9D38389969F5CF041863F1D5714F11BC66C0FEF500A6B3FEB18BDF575E9E0F066E0A42DEC284B5A23D1C31C628F672D94363CBCCEA7C81636D51D81337E7556B726B35185139FA7568978E684E511DB467D92F0B56B43ADF802E7ADC15107723068B06E024DD25340B228AE9674BC3FC58D6BD55FE67F01B197847B6F4FE8F2DF6BC8C72292067C6BEA73C1D8176926BDBB7A620C36CEC57230A89C9799416E68ECEB323425728DE2830C64979DDEC6355F2BB391FBDC705A5C1537EB03D2372650409D7084D6FF1B3913F9796109B40CAD99DC8B4EED4379A67E96FD1192BC87A5C60A410BB6996D1E0DA0D7E43CE2632B14714E6A25569B9F42D51F22C067F12E6E030DF1205FC91429E93214891F026089748772A64DD21C2F13EC3BEBC313187FB8936613D8E4A93F8569FFC6C6509D43F3939D4CFA5BF958D6E1E9E148DDD3E332728957413FA6084CDDC1263419C9C712F5DC3177F39F0EE5CB8B5F90EE60EEC4A002E12169CB
+20180921053713 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC509A2DF
+20180921055252 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC560A423
+20180921065744 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC6F28D1F
+20180921071557 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AC75F93C3
+20180921113009 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4ACDA5C3BF
+20180921133701 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD0A30BD7
+20180921151331 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD2DFFEAB
+20180921154930 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD3B43EF3
+20180921162910 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD4A147DB
+20180921183414 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD79B0197
+20180921184903 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD7F055F3
+20180921190227 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AD837F15B
+20180922004824 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE097172B
+20180922040435 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE5403DDB
+20180922052522 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AE71BA84B
+20180922073622 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEA2D28E3
+20180922084529 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEBD11737
+20180922095510 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AED6CB613
+20180922100442 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEDA11D23
+20180922102739 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEE243617
+20180922111522 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AEF3698BF
+20180922122645 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF0DFB873
+20180922135149 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF2D2C0A3
+20180922135535 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF2DFCAFB
+20180922143740 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF3D211A3
+20180922150118 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF45675DB
+20180922161720 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF614E323
+20180922174324 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF80E023F
+20180922183959 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AF956439F
+20180922202104 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFBAC649B
+20180922210150 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFC958F53
+20180922213354 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFD502EE3
+20180922232002 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4AFFC84A6B
+20180923014322 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B031123EB
+20180923030251 2 6 100 6143 2 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B04EC8B2B
+20180923042422 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B06C56A47
+20180923075109 2 6 100 6143 5 CAD8A4810C1ADC23A2317EA8BB2F93AD4198F948452AD65159BD3D71800456C339AFD34BC6D512D8FCD337463E3CDFBB4E81A9BE01A6FBA103051D50118610088400DEE2C8E51376B07593D50760832754D352737620CB3BD45CF6A0356209541D14FA9A356DB075DAC362617DF28B202B8FF5FE65A7A6106715796ECC5433DF29FDE1BA29D1D70BB0248EFEEE7DCB10B78EDE9F37078D39AEE37395927F97C2E8C8D80747496C5F4C7ED0A14193BDABE56665BE74475CBD49049F7BE47366B32A1E828B3155A7D48F1D06052DDAA3C0C24550772A69F0E3635794B1FC8BFF6274582092BE2CB3323269D3433FF6CC0294074B0BD8E5DF1A42A4A2A687FE9C4772994FA5EA75F099539D9A7761C687F3F2896D0517E73ABC64C8A330E740DB99537F30E9566497DE782C8F5A5A9E64111478A69BA4535C72B323CCCAFFD7E2C181009424D4CA391B0CED89411455E8CB00147E098716861AAB1B18EC5F295F22C8F687C9DBA534BDDF5F98D94E07F0DFFBB9D272AD71A7B1F657794E36EABA60A6D097F0AB4C405909F5D3D15B177496BCE74217892D701745D176AC5A6049C75F2C17C18FB00F09DFCF1934E69E64DC4C758C3353411503479EE07D7660B67DFDE76DD3FA26B2894DC3C6F5A87059657428324E613F7FE6AD25B09D73133AE16C0A5CA8E285BEF024DE79A27A3C363A70B80AAA1638EDEE29FCBD929D6AE23A5A064769F474D116DD11EACCA5B629EFAB4A95053BD9EBD5B21A3AC3CCD503EDF8CC659FBEAE8FC4EEB2B59CEB41438752AD130476F2DE793FB993BDE8057F1F31437F053B847653D379E2ED78491A0AF3F8ADFC4FF023DB11CC9087AFFC810FE16491CEE4E7CB8622C47E0F44479C0C6D915F4A68723B38FBE83DFDCEE4D5745CD316444BD98C951DAA9706795FE922754B80DB3AE924FBEC44AEF4C3D31EB9299175322FEF02A52E854377030F9BF09AB7CC1BF5327C8746BCAD1AA0A876B740FBCA2C914D45BA75292A2329078DF05ECDC8EA0C149D29E481AA1CA80DB2A13ADA476DE3D82D24136A5B92B7FCCC486A785706FF8ED0CD41F5DF4B0B7BA467
+20180923091429 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1949920F8B
+20180923122354 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB194E3CB3E3
+20180923132927 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB194FD1CDE7
+20180923135953 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB195089F093
+20180923141725 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1950F052F7
+20180923153745 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1952DF5333
+20180923161625 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1953CC5B37
+20180923174651 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1955FDACA3
+20180923174907 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB195602AE57
+20180923185706 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1957A5593B
+20180923201932 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1959A6D687
+20180924141921 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973A572FF
+20180924142936 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973D9C983
+20180924143229 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1973E18163
+20180924144304 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19741666EB
+20180924164032 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1976CE68FB
+20180924164811 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1976F40FA7
+20180924172248 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1977BCD9FB
+20180924193420 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197ACC31C7
+20180924195813 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197B54F0A3
+20180924213953 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197DA923D7
+20180924220006 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197E18BC83
+20180924221925 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197E83B0E7
+20180924230442 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB197F8509D7
+20180925002733 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198168A38B
+20180925022629 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19842450D7
+20180925032318 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19856CA53F
+20180925033018 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19858EBEEB
+20180925033504 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB1985A24167
+20180925040411 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB19864B479F
+20180925075729 2 6 100 6143 2 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198B9EEEC3
+20180925083607 2 6 100 6143 5 F35161AADD9632E3575CDA92B32D0F28F2E75A457C95BE770E9A8E8122E71DDB31C63B86B67348319F52466B6F3FED41463FAADCA6CE2901FF62D867C09A3565BFC511A060AABAD5040F94C3066EFBFED3CA9BA71864EBBE9F616FCE8F9B0C9C463E2172BA6B1EEF222E310FEC9B70FDF42104292FE772CB350DB09040ED588DA44E0607286D1D66F155FFC5607EBEB4041F705839FEDB0C03FDA40F013BAE3D02EA1256B6DB4DB0F9ED423CD6DCFFD36AA0841BB1FDAF66A453A19EB967F0ECF045FB069302CCB0C6EB52834D1A8DBDE302530510349FC21AE0EE7D5F912D6FBFDEF8A19B8B4CEF2EEE0D05F67DB8F03E564FCD7CD2A344DD1A45A7079037A7629747BE1F183775275C93F52505BA701B27FB18035A0B8D707BF1A3B3BE453FD1A21B0B7FBA7CF90B3BB9665AA33EFB1FC04F858A33E8908397B976C03F972D6C50296DF33359E0BE9209C7D333A019937EC6A26BBB0EDD75DA06CF63A6333B1786B55DC0812AB74FD5D87EE581750E238EFCC75A1EF651502D3988C29C6C37504D90F8878D2FBE7F9131F273638A1BFFF96839557C5D1BA687DF78AFAF75E7FA7214B44C04BE0F3D160071146681C7CBE9B1DB1766C1D972E836DF71D0D4CD4E396D15EE25EF1A58FAC876E2ACCC2DE8EFA8B194694524C1F73D66B8D4D0B95C9896D18FE4061A68FB322BBC155D24E7EA516F740866BB32BB55E8FECAA7BC7F9D3D347024584F8BF4A40232D6AF32E3BB753718567698ABCA6440D68AF0B4317F343FA866ECCC64E895D780300BFA2FCAAAAFA4630C37EB8546025DFDD1E3FAB56F70CC95AA0CB7E3E8F11253D80B4C072ED04FE7068C4818B52831F77C11934F97AD153C44499AF0E6C99DE5741E41EB4C3DDEA3A7C7404AF7F154EAB7422598797E4E5106BFCF7390DE9AF5E9978A7000566FF8EE5737730108235AACBD38D8C337C71978FDC765243322C08F74B0F71B91E3C50BE3DAB7E58F0F8F187839AABB2991C1AB686975AEF90EECCBEAD74AE9C78F0A4DF2376A35A4E5894E8677A08788FEA19DEAE13C88D696C65A7426E620AA1492115E2BF0FB198C77AA37
+20180925142730 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416C2EDFD4B
+20180926003216 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416CB3AFEA3
+20180926041318 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416CE37F7FB
+20180926074350 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D109F343
+20180926090735 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D2224817
+20180926125425 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D526B7D3
+20180926162303 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D7F88093
+20180926165118 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416D85194CB
+20180926224609 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DD089B0F
+20180926225812 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DD2A3B6B
+20180927013355 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DF3A214F
+20180927022646 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416DFE1C77F
+20180927025105 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E02B64E3
+20180927073721 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E3F7C30F
+20180927091345 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E533987B
+20180927094940 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416E5A3AA83
+20180927172504 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416EB936ECF
+20180927221028 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416EF491CEF
+20180928031538 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F33826BF
+20180928061816 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F58E9E8B
+20180928065908 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F6069543
+20180928120844 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416F9FC5BCB
+20180928170131 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B416FDB2EF23
+20180928221854 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B41701B64E6B
+20180929042224 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B417064EC2FF
+20180929093251 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170A2F02DB
+20180929124700 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170C92055B
+20180929125705 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170CA966AF
+20180929140557 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4170D7B99EB
+20180929225234 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171409B02B
+20180930030835 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B417172F0403
+20180930110353 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171D11BFBF
+20180930124634 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171E461903
+20180930150219 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4171FE2013B
+20181001021616 2 6 100 7679 2 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4172812EAEB
+20181001072125 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B4172BC07FE7
+20181001133408 2 6 100 7679 5 C988D06CCD826A9351D5CAE32A47B28ECC90FA4870D861CCC058CFA49419B0044A395E3F289A48C821B2EFE08D293B917B1DB2E2369564F5D066084F71A090706F84E101625CACAAECFFF3B2FE2A8C04FF9A14D43E9B316576F1571B0FDD51A119222601AE2BBFC3007FBC12D10A2D725AD9D8503A47B4B1977FAF4B0C8E244C372662A335C82380718ABAA9B522A03866EBFC6DD7DEE135A54FDCE58EAAF1996D2485E178888F361B01C2A5F5E21E65BAFFE3024C02210AF189975CADE7BFEAD4A90401D7E37D9B855FA8C8F0D2FBFF9357F8C05E3A2A14173E8F7555FD78B88ECEDC94E238639FA1F59C896F61501B2094199D7679805FB69026D4F13CDEB60CAA339BEB091D7D0C125C72028FDFEC35C5D6EE231B1A46C0619BF822F415121A975322001C4EDC29C5CAA430D1471D1013B67B90F5A7FAFB322B53A9C4D418763CB8A9DD068BF3B7702BA939B4FB0DA5253A999B5A8DFA664D2A9F94169F34E46D45D348E3A7E3424CF6019CFDFE1623940B3FC47A1064E601549C02020571FA10F63AEB0676213CD71D1A8A4140662D00471FE9BA88C269F8D217A978AE910A85CADCA772BD7023DC8D0C2ED524C7FEEFEDF408E4221F474A3783545E155118133FA9D65382F7261CF001701E46721021A1315780A53F4238C1AEEA41D38E1B3310D2EC9AE97C2677467157A0B74DA93A3CDF3E6CF898FA0F5CDF3F55CA572385698FD0F55E0E5C63B4BCB9F4A6EDB74C02C0150B057B1A903F7DD8EFC011EE822F2ECBB780914BCC43A11F7BF4A63BE31F06226881ADE9EA780A58C1A6D7183EE947611A03051A0EA817D6D26FC0C418607EEF57AE00494CDDA1CB518C3F910FD46C65F96E3553CEFFD72D13AC13904EFF4E66203B8D512BF7136251120F0BD28C1E781000BBF832A072DB3BBA7B2CFB5AB1F6DAA17FD6EA6C484BB764E5F01194A5445B1FD435977F916261FA1B5AAD6B7E83782C04EBF3CBD11DC7D929FFD8A16597E2D6A384F343D08E13CEA8232818D7F989BB4B0D7D7531AF0F4C6683356A109EAFD135D2E3319FFA6218053EC737FBD91D5886790D4FB1DB70F3D704148EFF2FAA0241F47F2902EA8286BD7647B615197B0E2A70F3638BDF46973518EA692DA5EE26E533F815FA5E5835C2080FAC1776A7CCFE2F49B1400A55F24C9FC465A766772EFB35756AABF0A42B58966E883AFE5E4000D863756225CDDA2F5AC06093173A1AFB5AD9A7B721A30820170A4AE35B3A2F09DE1B53B7D7A407E0F77F1CD4201337315E6677D30CA3E40F84A7AD707BE0FF99CE9334FAE40692F38135DBBC8CE8E7604C0F9C8AE1989C9FE2AC29C2800DC8876032B41730368927
+20181002022928 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4608E66C77
+20181002041648 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C460A539D5F
+20181002080547 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C460D765A73
+20181002132925 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4611D8F2D7
+20181002195913 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46170D027F
+20181003044410 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461E0FB427
+20181003045243 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461E245A3F
+20181003065635 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C461FC358AF
+20181003081458 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4620C4118B
+20181003091804 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4621936EAF
+20181003093652 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4621C96C57
+20181003213125 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C462B2BBD5B
+20181004064641 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4632523CCF
+20181004083341 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4633A72497
+20181004113212 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4635EC630B
+20181004123633 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4636B93337
+20181004144119 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C463844D7C3
+20181005025309 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4641A155C7
+20181005044622 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46430AFEB3
+20181005053156 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464390BAB3
+20181005074342 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464535BB4B
+20181005094350 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4646B220EF
+20181005154803 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464B3844E3
+20181005164416 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464BE2332F
+20181005203233 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C464EAB7A73
+20181006030808 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C46538BEADB
+20181006045927 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4654E5E903
+20181006134442 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465B551BBB
+20181006162315 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465D3CDE9F
+20181006171548 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465DD9203F
+20181006173731 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C465E163313
+20181006214027 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466102759F
+20181007065411 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C4667A72DC3
+20181007123656 2 6 100 7679 5 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466BB5F597
+20181007145027 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C466D436643
+20181007184043 2 6 100 7679 2 FB0D9422C2C18ABC70FF186A01FA8ED40D4950F804266E0B9661F1E2A6EC548235ADF6A86C277AC391995CF5C43940D264D81121AE69F224E949221EDC039AFE2DA6752F6C04E10159FE65D54CBE5EF34174D36E069C4FB18C8E6DBB80B2C6E0F0AD82E0B7281B9D675AE9E85F509B12746130BF725235E2AC495D268C383378FA130AFF2584962A8A3EDEC0B02504DF264F77980B8342713A28BD3219D83F6D70CC1393E10D5A4734BC029FECD3383FF41CB73AC61C29B54B50E439807BFA5663814B6DA5E81B9491217BE616F6B5F93728669FEF51C06D049586FA6584DFBECD526C5CAE6BBD17F104FA69D353A01CD7E39D5BEA60EB0491DCAE78F3A42BFBCC1F366C55FB23B649197B2D2493180963388FBC4A2AC804ECD042A97A07943D46F18EB6D6C24FC050E3DBD8EE2C84FA03E34814EA53197F1121232E239AA0DA133BD81D439AB595FC6F895AB27D0C6C8A5C3F468C9EF81A42BCB7676C2FF4D381063700AEE81FB7369463187413077048310A98D2DC034CCAB7001A28E288B4E6A8DB609974EC9FFC75F6DA91203429ACCEBA35B4CC03006BB069BD2A062A8CAF59E200A8E27B0CD48F896AE6236F0208AE3924EDF58F87557D05413C00CCAD3B95E6F659EC73FDC6933D6D1E21BE753670F6725F21721FDDC304E6178A3164A85F6757A508AFBD9AA4F1C7B181866F5AA306A25032E59C042ACA8EAEDE17B5136ACEC3B56D2E73284922162E614BE0B87654B7B12132D15E6F11F23B0FF2D0A898680B9A66BB908106A60FFC9A0FB43FF3ADCECDB128764764E1D429A0A194ABCD5AB41CE6B75CD025AC8A5FF2153A20E937354A27E361FB396D87924DCF91FE72203BCEA88303DF0A848EA5ADA9282C2C3C2B92542F721C58809178F36E2DA00D17C613FA5173BFC0F27F9502A1AE535BA9D373ABF83413A8F086FE904B0B45F449CCA9F0615028E1A4878463EA8EB424CA76949EA34A6A36C8DDE6EC4A4AE653A2F1F1009773BB92B8D20530A3313F388FA1AD70C3ECB716E5CA80A06C35CBA247D15D41795F8E083B27B4E227B616408863AFAE48F4C4AE68F1DA9A4B427F666DAD85035D1A499B25A09CC19548A5B9276FB082AA8B00879CCE17105CE7368033F4A18D68826780EB79162AD1B7C70879041BA08FB4A45B3071951DD05EFC9FD04AFCB99D57AEFD4EC51549EF9A166312E744CC7EEAEE9543C02D1B2D233A4B59B187D6E1DB64C843358E8B3C73765DDDC9D79D2D270FF493F56BB4F2F0DC4002605999644FF2A573CBA98492AC8577F5C1A822FD0FB709EAD85C786292DCB4FC8FAD924EEE898502BCD84ED4023C7D74A691A7A3A812685C467005CF4B
+20181007223658 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211133D9A97
+20181008074149 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21119A92B8B
+20181008163451 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2111FD14FAB
+20181008224318 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211241066AB
+20181009003245 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211254A0343
+20181009070543 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21129CA56FB
+20181009111433 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2112C8E0D93
+20181009152706 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2112F6601C7
+20181009164722 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2113048398B
+20181009203858 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21132D1168F
+20181010040332 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21137C65BFB
+20181011070638 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21149914247
+20181011150252 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2114EAE7D3B
+20181011153554 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2114EFEE58B
+20181011234311 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211542C97AF
+20181012043844 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21157397D47
+20181012060434 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115803DB63
+20181012142459 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115CF3077F
+20181012162028 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115E1C6FCB
+20181012182332 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115F5E2D97
+20181012182843 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2115F623A23
+20181012201834 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211608810CB
+20181012223139 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21161EAF243
+20181013114842 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2116A336C63
+20181013221122 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21170A23417
+20181013221710 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21170A81107
+20181014032132 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21173C1D793
+20181014035731 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117416EF17
+20181014044029 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211747D7B4B
+20181014092738 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117764D6CF
+20181014125735 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21179863787
+20181014151837 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117AE70AF7
+20181014175821 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117C7CCCA7
+20181014225732 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117F8262DB
+20181014233346 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C2117FD8EA63
+20181015001106 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211803251C3
+20181015101051 2 6 100 8191 2 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C21185F9BDF3
+20181016055751 2 6 100 8191 5 D72A51FC8A019CA61D28C85021CE881FBDCA1D9E2773A50343C390408ABF52C024F0268B5D4F74AA0722F8FA78F966B7AE411C57015CC9E0DB7E56B27A1D078D951747F90F8F663552B12F9BE26809481BD6D62C8EE018E2944DCF0EC7D31FFE3F7DD2F11F3C8311F1C2E2038613E541F53BA05FD92A540D11BB3267E80CCC5DEC74FD67AE473FAD56EFE2CF04457BB7B3121F93AC8F00A5DBE46E460B9B97823F937CF18722D4EE6373EF369D26A7602491493497C1EFDA3F7509772853CF84CD64A06A54FE32817B39B98CE3CE4477616CF232B04D0B2098D5A4E575939C63B26B72BE87B2BEF58F2F6DB4B2A0E00634E02637DF471D6519C22BA9494F225CA01A1A96886C6F02CE0D11EDE3370180E6E6F5CA54B44A8B66BF16ECD52193B7483700AA4051AF775F80818F3331AD80BB25A0FC8775B7821C32EAFDBEF75B3BFCB2F1A4BBDF5340B20AC9E185B0770CE6AAB120CFC4C8C88CA381946F48C0478DC07E5CF3CFB805A1BA8DB905A6D2ABFCFD765990CA4699D9F9B6922FECA4FF861362B4525FF0934E679109AB8F00909945FE897E927380F72416231AAE1A717D47BD129D5549F60C2EA377744B8807AA2432D1925D02C4C205715231DFAD86AC6B5253DE58E3E3F65484A0014CC1EFFBABC6EE912A925C08C8BB68E5FD7A13AED0116863EFA7E69A33D28A1FA853B7E0B84A5F78EFC44CDC39C4148C4B1B3D17E7371E51F96CFAAEBE15D67E82B590B9BB0567BC161AFF012F7571E514BCA7157A8C1521BD7147E83EE57721A77895722390D9C1B7C3BEEEF316E313F5A2DFBA0A5E3509F5F2CEB90C07E1177D3C8AA6CD56F5C5C614656D155350AAFD556890247AE6EDEE2236583A6DA347679C69A9B518FA9BD882F5B9850762C987F727CFEE68421A2D4F363EC45EDABAD574CC4C5AB7654F1C7E0CD84E708CD7C3ED66F369EC1E0E193346FE4747709F6A6DC969E3D2394758E807F4370E2C5A64B5190C5E9D3983CF5778076667B3E41AA28A868B9EA72C45A9234A2C92F0627512AC815CDC1418C676E66B474C071C65DF4EB7AA109ED189B30F49C9A7310CDD5504A0155E5A37FB41548B78049F3FF57EF682D04EFF6B43E5390B07019C555CB55D477552EC778C5BBF00830D1D2B233CB9B5C5A1817F96F395A527458625740A6B2FEFDF160F003D72086FAD44EA24CC669E710A965052D997E63144FD5F32271D0CF75D24DCCF5F4A8E7FD0381E03F0E9DB6F63BA5A59790788D48161E0C292436F79120C9057EBC7B1CA430E5D060836CEE57945DF5557EE2036588A902A1BD163F4DA436602B4BEF61A20D52B15877BFF9973366F242A6D2564BF32E2251C0E07DB2C98A31E82B63F6513FD4CC37D040653E3A68C6B2DB43B569FB070120ADEE89042BF0AC0E9103164E5F8BC57847A1F109ABF35E6E5DE0258C211914B6C57
+20181016115955 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA20E92F77
+20181017081453 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA2E7C1F6B
+20181017142420 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA32237C3F
+20181017185818 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA353F763B
+20181017191239 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA355F350B
+20181018142458 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4281917F
+20181018172424 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA44764C13
+20181019021923 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4A5411D3
+20181019034359 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA4B386FC3
+20181019143855 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA5262DD0F
+20181019175117 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA547B23C3
+20181019180938 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA54A6C53B
+20181019200034 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA55D16287
+20181020003801 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA58CB384B
+20181020112657 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA5F85360B
+20181020201319 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA652B1403
+20181020203144 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6552017F
+20181021021352 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA68F8AE73
+20181021071146 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6C1C6B53
+20181021104137 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA6E492B5B
+20181021162701 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA71E3AEBB
+20181021164042 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA71FF6D23
+20181022114359 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA7D41FB5F
+20181023003127 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA852BE5A7
+20181023054524 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA88559E07
+20181023122409 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8C5B7A9F
+20181023161120 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8EA11AB7
+20181023174619 2 6 100 8191 2 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8F91F893
+20181023175924 2 6 100 8191 5 EA2361A4ABC2DDA42ADD74B38CE837D05B00192233F16571DAB16B15049BA7606BA9A6DC1588738A9949D68815E7F9DB7FEB2C81C1284F976E38376817186BB7725E05B3DA281A887F71DADA27911625597D376826592E156211FF30844F8A1C47DF9320AE8E9C9171181EE3F7D5EB1B56F79D7DCC39FC5C20A23EF716809E2035466B7E7A43DF588D73637DC89192E5EC392C917AD498C66E229EDBEFAEBD449773973E04F812B55466A3F2E321FA8A3AD1B6AF8A95178F4EF001004EAA4D83EC362F1B966137C811AE2B52B5815ED28F7CEB16DE55E7C64E5D34BE122EED25B5E9DAC04AE9EBB4C0EEBA6D447B435262EDF18CD616E396C80DCAF8547DED8A9817BB70FEDEA734E5A7005F8C7C2CB53366827824E2666DE1F1AC109A41576BC37B3BD1536D79CAB6F6BD7A2D9863EF0F6FEA547A990EF5DF931632F203682D34462025E053CEE1D25EEB0508CBE0A50F7D687A5AE6038F3BE219992B7796E1181D06AA9072D5419E50046F40D5985CB8EBE8C5232EE75AB3C03F113C5EC4669C072D5C514EFA0778062DDD9FF90BB75DDBA4AE2E2100559A35273D202E93B17FFABBC976DB516DA4FC9433322FE6517E5B39021A4564AFB6E1A15B1EB5981B952A8161C688C461CD1CC8E67882CAAFD6FDFA2BA7EBFC40D16D39F4DA16879D230375833741E1B3C49D1630E10C5E6CD1C11AEB2C356C3A0A4EAD805B9330199AC8BC1BB1ECF2E3F84839B5A444FB06959505AF97019C695D6A14990A1E2C678A6EC187C90F6989DA0E977767F2110D8C9289C6E85CC87C7141B11B284A4DCE2ACA6414F5AEB560E11E44699973E4BC4B28526C2D1C68B81A51ACC9E490B6F28129100FC3888C85ABB9E0B3808F00753F76C908E8E71B08EDD87C9359F716324183EE3D89389839F0E741246400D1BEC8F5592F4D66ED0205A90F6A153D3D0751662BB95FA3CBF1543D35E2B9E02497FA24173FC8387B36EE320007E4DC8D3400DC69D361FE071D1C015F87F4FD8E942E5D92D7197279F02513839ABC5D11098DF80A4D3817B7AFC4F7A93BA8469D89DB503284B6D2B7E90F2B52ED2E6F65F0E90A3D13564725FF563772C5356E2C50AFED4301BBE029DEFB252B1598847FAB4136B69110942DE842A9186D391E8CB2AD210B1D9B9473676222F6EA1F445E24290B6F1845243B33250224C0F316E18C52180220C2549D093D9F3974980F95DA8F1A49E36D142A3957A1F7DE6E492578544D17C856BEEC0F40FAFBFB8140945D6B13AB23BE8D1ABDC3E4A92E051CD180C5F2FE288C96F831DD5F34CA679E618D160B21F1697870F8F3B3A7318D0A558C4EADF16D0A76079D148F7404AC163852513ECE66374A9F5A8BC4C87F36CB2AE52ADBC034DEAE51FD60DC071284F8CAC9346E6D60F97D6CFE41C605B2C4D8D0C8BA41DB0DB3A2BD01B037D8CA8FAACDB7
diff --git a/moduli.0 b/moduli.0
index 59767da38..a8109d7d7 100644
--- a/moduli.0
+++ b/moduli.0
@@ -71,4 +71,4 @@ STANDARDS
      the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
      2006.
 
-OpenBSD 6.4                   September 26, 2012                   OpenBSD 6.4
+OpenBSD 6.5                   September 26, 2012                   OpenBSD 6.5
diff --git a/moduli.c b/moduli.c
index 233cba8e8..7120415fd 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.32 2017/12/08 03:45:52 deraadt Exp $ */
+/* $OpenBSD: moduli.c,v 1.34 2019/01/23 09:49:00 dtucker Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -582,7 +582,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
         u_int32_t generator_known, in_tests, in_tries, in_type, in_size;
         unsigned long last_processed = 0, end_lineno;
         time_t time_start, time_stop;
-        int res;
+        int res, is_prime;
 
         if (trials < TRIAL_MINIMUM) {
                 error("Minimum primality trials is %d", TRIAL_MINIMUM);
@@ -716,8 +716,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
                 if (generator_known == 0) {
                         if (BN_mod_word(p, 24) == 11)
                                 generator_known = 2;
-                        else if (BN_mod_word(p, 12) == 5)
-                                generator_known = 3;
                         else {
                                 u_int32_t r = BN_mod_word(p, 10);
 
@@ -753,7 +751,10 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
                  * that p is also prime. A single pass will weed out the
                  * vast majority of composite q's.
                  */
-                if (BN_is_prime_ex(q, 1, ctx, NULL) <= 0) {
+                is_prime = BN_is_prime_ex(q, 1, ctx, NULL);
+                if (is_prime < 0)
+                        fatal("BN_is_prime_ex failed");
+                if (is_prime == 0) {
                         debug("%10u: q failed first possible prime test",
                             count_in);
                         continue;
@@ -766,14 +767,20 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
                  * will show up on the first Rabin-Miller iteration so it
                  * doesn't hurt to specify a high iteration count.
                  */
-                if (!BN_is_prime_ex(p, trials, ctx, NULL)) {
+                is_prime = BN_is_prime_ex(p, trials, ctx, NULL);
+                if (is_prime < 0)
+                        fatal("BN_is_prime_ex failed");
+                if (is_prime == 0) {
                         debug("%10u: p is not prime", count_in);
                         continue;
                 }
                 debug("%10u: p is almost certainly prime", count_in);
 
                 /* recheck q more rigorously */
-                if (!BN_is_prime_ex(q, trials - 1, ctx, NULL)) {
+                is_prime = BN_is_prime_ex(q, trials - 1, ctx, NULL);
+                if (is_prime < 0)
+                        fatal("BN_is_prime_ex failed");
+                if (is_prime == 0) {
                         debug("%10u: q is not prime", count_in);
                         continue;
                 }
diff --git a/monitor.c b/monitor.c
index 037d6d333..5f84e880d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.188 2018/11/16 02:43:56 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -112,51 +112,51 @@ static struct sshbuf *child_state;
 
 /* Functions on the monitor that answer unprivileged requests */
 
-int mm_answer_moduli(int, struct sshbuf *);
-int mm_answer_sign(int, struct sshbuf *);
-int mm_answer_pwnamallow(int, struct sshbuf *);
-int mm_answer_auth2_read_banner(int, struct sshbuf *);
-int mm_answer_authserv(int, struct sshbuf *);
-int mm_answer_authrole(int, struct sshbuf *);
-int mm_answer_authpassword(int, struct sshbuf *);
-int mm_answer_bsdauthquery(int, struct sshbuf *);
-int mm_answer_bsdauthrespond(int, struct sshbuf *);
-int mm_answer_keyallowed(int, struct sshbuf *);
-int mm_answer_keyverify(int, struct sshbuf *);
-int mm_answer_pty(int, struct sshbuf *);
-int mm_answer_pty_cleanup(int, struct sshbuf *);
-int mm_answer_term(int, struct sshbuf *);
-int mm_answer_rsa_keyallowed(int, struct sshbuf *);
-int mm_answer_rsa_challenge(int, struct sshbuf *);
-int mm_answer_rsa_response(int, struct sshbuf *);
-int mm_answer_sesskey(int, struct sshbuf *);
-int mm_answer_sessid(int, struct sshbuf *);
+int mm_answer_moduli(struct ssh *, int, struct sshbuf *);
+int mm_answer_sign(struct ssh *, int, struct sshbuf *);
+int mm_answer_pwnamallow(struct ssh *, int, struct sshbuf *);
+int mm_answer_auth2_read_banner(struct ssh *, int, struct sshbuf *);
+int mm_answer_authserv(struct ssh *, int, struct sshbuf *);
+int mm_answer_authrole(struct ssh *, int, struct sshbuf *);
+int mm_answer_authpassword(struct ssh *, int, struct sshbuf *);
+int mm_answer_bsdauthquery(struct ssh *, int, struct sshbuf *);
+int mm_answer_bsdauthrespond(struct ssh *, int, struct sshbuf *);
+int mm_answer_skeyquery(struct ssh *, int, struct sshbuf *);
+int mm_answer_skeyrespond(struct ssh *, int, struct sshbuf *);
+int mm_answer_keyallowed(struct ssh *, int, struct sshbuf *);
+int mm_answer_keyverify(struct ssh *, int, struct sshbuf *);
+int mm_answer_pty(struct ssh *, int, struct sshbuf *);
+int mm_answer_pty_cleanup(struct ssh *, int, struct sshbuf *);
+int mm_answer_term(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_keyallowed(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_challenge(struct ssh *, int, struct sshbuf *);
+int mm_answer_rsa_response(struct ssh *, int, struct sshbuf *);
+int mm_answer_sesskey(struct ssh *, int, struct sshbuf *);
+int mm_answer_sessid(struct ssh *, int, struct sshbuf *);
 
 #ifdef USE_PAM
-int mm_answer_pam_start(int, struct sshbuf *);
-int mm_answer_pam_account(int, struct sshbuf *);
-int mm_answer_pam_init_ctx(int, struct sshbuf *);
-int mm_answer_pam_query(int, struct sshbuf *);
-int mm_answer_pam_respond(int, struct sshbuf *);
-int mm_answer_pam_free_ctx(int, struct sshbuf *);
+int mm_answer_pam_start(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_account(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_init_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_query(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_respond(struct ssh *, int, struct sshbuf *);
+int mm_answer_pam_free_ctx(struct ssh *, int, struct sshbuf *);
 #endif
 
 #ifdef GSSAPI
-int mm_answer_gss_setup_ctx(int, struct sshbuf *);
-int mm_answer_gss_accept_ctx(int, struct sshbuf *);
-int mm_answer_gss_userok(int, struct sshbuf *);
-int mm_answer_gss_checkmic(int, struct sshbuf *);
-int mm_answer_gss_sign(int, struct sshbuf *);
-int mm_answer_gss_updatecreds(int, struct sshbuf *);
+int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_sign(struct ssh *, int, struct sshbuf *);
+int mm_answer_gss_updatecreds(struct ssh *, int, struct sshbuf *);
 #endif
 
 #ifdef SSH_AUDIT_EVENTS
-int mm_answer_audit_event(int, struct sshbuf *);
-int mm_answer_audit_command(int, struct sshbuf *);
+int mm_answer_audit_event(struct ssh *, int, struct sshbuf *);
+int mm_answer_audit_command(struct ssh *, int, struct sshbuf *);
 #endif
 
-static int monitor_read_log(struct monitor *);
-
 static Authctxt *authctxt;
 
 /* local state for key verify */
@@ -175,7 +175,7 @@ static pid_t monitor_child_pid;
 struct mon_table {
         enum monitor_reqtype type;
         int flags;
-        int (*f)(int, struct sshbuf *);
+        int (*f)(struct ssh *, int, struct sshbuf *);
 };
 
 #define MON_ISAUTH      0x0004  /* Required for Authentication */
@@ -187,6 +187,10 @@ struct mon_table {
 
 #define MON_PERMIT      0x1000  /* Request is permitted */
 
+static int monitor_read(struct ssh *, struct monitor *, struct mon_table *,
+    struct mon_table **);
+static int monitor_read_log(struct monitor *);
+
 struct mon_table mon_dispatch_proto20[] = {
 #ifdef WITH_OPENSSL
     {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
@@ -276,9 +280,8 @@ monitor_permit_authentications(int permit)
 }
 
 void
-monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
+monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct mon_table *ent;
         int authenticated = 0, partial = 0;
 
@@ -290,7 +293,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                 close(pmonitor->m_log_sendfd);
         pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
 
-        authctxt = _authctxt;
+        authctxt = (Authctxt *)ssh->authctxt;
         memset(authctxt, 0, sizeof(*authctxt));
         ssh->authctxt = authctxt;
 
@@ -312,7 +315,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                 auth_submethod = NULL;
                 auth2_authctxt_reset_info(authctxt);
 
-                authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
+                authenticated = (monitor_read(ssh, pmonitor,
+                    mon_dispatch, &ent) == 1);
 
                 /* Special handling for multiple required authentications */
                 if (options.num_auth_methods != 0) {
@@ -344,13 +348,13 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                                 mm_request_receive_expect(pmonitor->m_sendfd,
                                     MONITOR_REQ_PAM_ACCOUNT, m);
                                 authenticated = mm_answer_pam_account(
-                                    pmonitor->m_sendfd, m);
+                                    ssh, pmonitor->m_sendfd, m);
                                 sshbuf_free(m);
                         }
 #endif
                 }
                 if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
-                        auth_log(authctxt, authenticated, partial,
+                        auth_log(ssh, authenticated, partial,
                             auth_method, auth_submethod);
                         if (!partial && !authenticated)
                                 authctxt->failures++;
@@ -371,7 +375,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
         ssh->authctxt = NULL;
         ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user);
 
-        mm_get_keystate(pmonitor);
+        mm_get_keystate(ssh, pmonitor);
 
         /* Drain any buffered messages from the child */
         while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
@@ -397,7 +401,7 @@ monitor_child_handler(int sig)
 }
 
 void
-monitor_child_postauth(struct monitor *pmonitor)
+monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
 {
         close(pmonitor->m_recvfd);
         pmonitor->m_recvfd = -1;
@@ -419,7 +423,7 @@ monitor_child_postauth(struct monitor *pmonitor)
 #ifdef GSSAPI
         /* and for the GSSAPI key exchange */
         monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
-#endif          
+#endif
 
         if (auth_opts->permit_pty_flag) {
                 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
@@ -427,7 +431,7 @@ monitor_child_postauth(struct monitor *pmonitor)
         }
 
         for (;;)
-                monitor_read(pmonitor, mon_dispatch, NULL);
+                monitor_read(ssh, pmonitor, mon_dispatch, NULL);
 }
 
 static int
@@ -482,8 +486,8 @@ monitor_read_log(struct monitor *pmonitor)
         return 0;
 }
 
-int
-monitor_read(struct monitor *pmonitor, struct mon_table *ent,
+static int
+monitor_read(struct ssh *ssh, struct monitor *pmonitor, struct mon_table *ent,
     struct mon_table **pent)
 {
         struct sshbuf *m;
@@ -533,7 +537,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
                 if (!(ent->flags & MON_PERMIT))
                         fatal("%s: unpermitted request %d", __func__,
                             type);
-                ret = (*ent->f)(pmonitor->m_sendfd, m);
+                ret = (*ent->f)(ssh, pmonitor->m_sendfd, m);
                 sshbuf_free(m);
 
                 /* The child may use this request only once, disable it */
@@ -584,7 +588,7 @@ monitor_reset_key_state(void)
 
 #ifdef WITH_OPENSSL
 int
-mm_answer_moduli(int sock, struct sshbuf *m)
+mm_answer_moduli(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         DH *dh;
         const BIGNUM *dh_p, *dh_g;
@@ -626,9 +630,8 @@ mm_answer_moduli(int sock, struct sshbuf *m)
 #endif
 
 int
-mm_answer_sign(int sock, struct sshbuf *m)
+mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state;         /* XXX */
         extern int auth_sock;                   /* XXX move to state struct? */
         struct sshkey *key;
         struct sshbuf *sigbuf = NULL;
@@ -729,9 +732,8 @@ mm_answer_sign(int sock, struct sshbuf *m)
 /* Retrieves the password entry and also checks if the user is permitted */
 
 int
-mm_answer_pwnamallow(int sock, struct sshbuf *m)
+mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         char *username;
         struct passwd *pwent;
         int r, allowed = 0;
@@ -745,7 +747,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
         if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
-        pwent = getpwnamallow(username);
+        pwent = getpwnamallow(ssh, username);
 
         authctxt->user = xstrdup(username);
         setproctitle("%s [priv]", pwent ? username : "unknown");
@@ -830,7 +832,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
         return (0);
 }
 
-int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
+int mm_answer_auth2_read_banner(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *banner;
         int r;
@@ -846,7 +848,7 @@ int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_authserv(int sock, struct sshbuf *m)
+mm_answer_authserv(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r;
 
@@ -873,7 +875,7 @@ mm_answer_authserv(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_authrole(int sock, struct sshbuf *m)
+mm_answer_authrole(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r;
 
@@ -922,9 +924,8 @@ key_base_type_match(const char *method, const struct sshkey *key,
 }
 
 int
-mm_answer_authpassword(int sock, struct sshbuf *m)
+mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         static int call_count;
         char *passwd;
         int r, authenticated;
@@ -963,7 +964,7 @@ mm_answer_authpassword(int sock, struct sshbuf *m)
 
 #ifdef BSD_AUTH
 int
-mm_answer_bsdauthquery(int sock, struct sshbuf *m)
+mm_answer_bsdauthquery(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *name, *infotxt;
         u_int numprompts, *echo_on, success;
@@ -997,7 +998,7 @@ mm_answer_bsdauthquery(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
+mm_answer_bsdauthrespond(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *response;
         int r, authok;
@@ -1031,12 +1032,12 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
 
 #ifdef USE_PAM
 int
-mm_answer_pam_start(int sock, struct sshbuf *m)
+mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         if (!options.use_pam)
                 fatal("UsePAM not set, but ended up in %s anyway", __func__);
 
-        start_pam(authctxt);
+        start_pam(ssh);
 
         monitor_permit(mon_dispatch, MONITOR_REQ_PAM_ACCOUNT, 1);
         if (options.kbd_interactive_authentication)
@@ -1046,7 +1047,7 @@ mm_answer_pam_start(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_account(int sock, struct sshbuf *m)
+mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         u_int ret;
         int r;
@@ -1069,7 +1070,7 @@ static void *sshpam_ctxt, *sshpam_authok;
 extern KbdintDevice sshpam_device;
 
 int
-mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
+mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         u_int ok = 0;
         int r;
@@ -1094,7 +1095,7 @@ mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_query(int sock, struct sshbuf *m)
+mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char *name = NULL, *info = NULL, **prompts = NULL;
         u_int i, num = 0, *echo_on = 0;
@@ -1135,7 +1136,7 @@ mm_answer_pam_query(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_respond(int sock, struct sshbuf *m)
+mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         char **resp;
         u_int i, num;
@@ -1173,7 +1174,7 @@ mm_answer_pam_respond(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
+mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
 
@@ -1193,9 +1194,8 @@ mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
 #endif
 
 int
-mm_answer_keyallowed(int sock, struct sshbuf *m)
+mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct sshkey *key = NULL;
         char *cuser, *chost;
         u_int pubkey_auth_attempt;
@@ -1241,7 +1241,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                         if (!key_base_type_match(auth_method, key,
                             options.hostbased_key_types))
                                 break;
-                        allowed = hostbased_key_allowed(authctxt->pw,
+                        allowed = hostbased_key_allowed(ssh, authctxt->pw,
                             cuser, chost, key);
                         auth2_record_info(authctxt,
                             "client user \"%.100s\", client host \"%.100s\"",
@@ -1273,7 +1273,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m)
                 hostbased_chost = chost;
         } else {
                 /* Log failed attempt */
-                auth_log(authctxt, 0, 0, auth_method, NULL);
+                auth_log(ssh, 0, 0, auth_method, NULL);
                 free(cuser);
                 free(chost);
         }
@@ -1430,9 +1430,8 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
 }
 
 int
-mm_answer_keyverify(int sock, struct sshbuf *m)
+mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct sshkey *key;
         u_char *signature, *data, *blob;
         char *sigalg;
@@ -1477,7 +1476,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
                 fatal("%s: bad signature data blob", __func__);
 
         ret = sshkey_verify(key, signature, signaturelen, data, datalen,
-            sigalg, active_state->compat);
+            sigalg, ssh->compat);
         debug3("%s: %s %p signature %s", __func__, auth_method, key,
             (ret == 0) ? "verified" : "unverified");
         auth2_record_key(authctxt, ret == 0, key);
@@ -1504,9 +1503,8 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
 }
 
 static void
-mm_record_login(Session *s, struct passwd *pw)
+mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
 {
-        struct ssh *ssh = active_state; /* XXX */
         socklen_t fromlen;
         struct sockaddr_storage from;
 
@@ -1516,8 +1514,8 @@ mm_record_login(Session *s, struct passwd *pw)
          */
         memset(&from, 0, sizeof(from));
         fromlen = sizeof(from);
-        if (packet_connection_is_on_socket()) {
-                if (getpeername(packet_get_connection_in(),
+        if (ssh_packet_connection_is_on_socket(ssh)) {
+                if (getpeername(ssh_packet_get_connection_in(ssh),
                     (struct sockaddr *)&from, &fromlen) < 0) {
                         debug("getpeername: %.100s", strerror(errno));
                         cleanup_exit(255);
@@ -1541,7 +1539,7 @@ mm_session_close(Session *s)
 }
 
 int
-mm_answer_pty(int sock, struct sshbuf *m)
+mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         extern struct monitor *pmonitor;
         Session *s;
@@ -1569,7 +1567,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
         if (dup2(s->ttyfd, 0) == -1)
                 fatal("%s: dup2", __func__);
 
-        mm_record_login(s, authctxt->pw);
+        mm_record_login(ssh, s, authctxt->pw);
 
         /* Now we can close the file descriptor again */
         close(0);
@@ -1611,7 +1609,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_pty_cleanup(int sock, struct sshbuf *m)
+mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         Session *s;
         char *tty;
@@ -1629,9 +1627,8 @@ mm_answer_pty_cleanup(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_term(int sock, struct sshbuf *req)
+mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req)
 {
-        struct ssh *ssh = active_state; /* XXX */
         extern struct monitor *pmonitor;
         int res, status;
 
@@ -1658,7 +1655,7 @@ mm_answer_term(int sock, struct sshbuf *req)
 #ifdef SSH_AUDIT_EVENTS
 /* Report that an audit event occurred */
 int
-mm_answer_audit_event(int socket, struct sshbuf *m)
+mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m)
 {
         u_int n;
         ssh_audit_event_t event;
@@ -1677,7 +1674,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m)
         case SSH_LOGIN_ROOT_DENIED:
         case SSH_CONNECTION_CLOSE:
         case SSH_INVALID_USER:
-                audit_event(event);
+                audit_event(ssh, event);
                 break;
         default:
                 fatal("Audit event type %d not permitted", event);
@@ -1687,7 +1684,7 @@ mm_answer_audit_event(int socket, struct sshbuf *m)
 }
 
 int
-mm_answer_audit_command(int socket, struct sshbuf *m)
+mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
 {
         char *cmd;
         int r;
@@ -1703,10 +1700,8 @@ mm_answer_audit_command(int socket, struct sshbuf *m)
 #endif /* SSH_AUDIT_EVENTS */
 
 void
-monitor_clear_keystate(struct monitor *pmonitor)
+monitor_clear_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
-
         ssh_clear_newkeys(ssh, MODE_IN);
         ssh_clear_newkeys(ssh, MODE_OUT);
         sshbuf_free(child_state);
@@ -1714,9 +1709,8 @@ monitor_clear_keystate(struct monitor *pmonitor)
 }
 
 void
-monitor_apply_keystate(struct monitor *pmonitor)
+monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
-        struct ssh *ssh = active_state; /* XXX */
         struct kex *kex;
         int r;
 
@@ -1729,25 +1723,30 @@ monitor_apply_keystate(struct monitor *pmonitor)
         if ((kex = ssh->kex) != NULL) {
                 /* XXX set callbacks */
 #ifdef WITH_OPENSSL
-                kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-                kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
-                kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
-                kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
-                kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
+                kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+                kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
+                kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
+                kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
+                kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
                 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
                 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 # ifdef OPENSSL_HAS_ECC
-                kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+                kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
-#endif /* WITH_OPENSSL */
-                kex->kex[KEX_C25519_SHA256] = kexc25519_server;
-#ifdef GSSAPI
+# ifdef GSSAPI
                 if (options.gss_keyex) {
                         kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
                         kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
-                        kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
+                        kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
+                        kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
+                        kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
+                        kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
+                        kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
                 }
-#endif
+# endif
+#endif /* WITH_OPENSSL */
+                kex->kex[KEX_C25519_SHA256] = kex_gen_server;
+                kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
                 kex->load_host_public_key=&get_hostkey_public_by_type;
                 kex->load_host_private_key=&get_hostkey_private_by_type;
                 kex->host_key_index=&get_hostkey_index;
@@ -1758,7 +1757,7 @@ monitor_apply_keystate(struct monitor *pmonitor)
 /* This function requries careful sanity checking */
 
 void
-mm_get_keystate(struct monitor *pmonitor)
+mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
         debug3("%s: Waiting for new keys", __func__);
 
@@ -1830,7 +1829,7 @@ monitor_reinit(struct monitor *mon)
 
 #ifdef GSSAPI
 int
-mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
+mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_OID_desc goid;
         OM_uint32 major;
@@ -1863,7 +1862,7 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
+mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_buffer_desc in;
         gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
@@ -1898,7 +1897,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_checkmic(int sock, struct sshbuf *m)
+mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
 {
         gss_buffer_desc gssbuf, mic;
         OM_uint32 ret;
@@ -1929,16 +1928,19 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_userok(int sock, struct sshbuf *m)
+mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
 {
-        int r, authenticated;
+        int r, authenticated, kex;
         const char *displayname;
 
         if (!options.gss_authentication && !options.gss_keyex)
                 fatal("%s: GSSAPI not enabled", __func__);
 
-        authenticated = authctxt->valid && 
-            ssh_gssapi_userok(authctxt->user, authctxt->pw);
+        if ((r = sshbuf_get_u32(m, &kex)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+
+        authenticated = authctxt->valid &&
+            ssh_gssapi_userok(authctxt->user, authctxt->pw, kex);
 
         sshbuf_reset(m);
         if ((r = sshbuf_put_u32(m, authenticated)) != 0)
@@ -1947,7 +1949,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
         debug3("%s: sending result %d", __func__, authenticated);
         mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
 
-        auth_method = "gssapi-with-mic";
+        if (kex) {
+                auth_method = "gssapi-keyex";
+        } else {
+                auth_method = "gssapi-with-mic";
+        }
 
         if ((displayname = ssh_gssapi_displayname()) != NULL)
                 auth2_record_info(authctxt, "%s", displayname);
@@ -1956,14 +1962,14 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
         return (authenticated);
 }
 
-int 
-mm_answer_gss_sign(int socket, struct sshbuf *m)
+int
+mm_answer_gss_sign(struct ssh *ssh, int socket, struct sshbuf *m)
 {
         gss_buffer_desc data;
         gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
         OM_uint32 major, minor;
         size_t len;
-        u_char *p;
+        u_char *p = NULL;
         int r;
 
         if (!options.gss_authentication && !options.gss_keyex)
@@ -1973,8 +1979,9 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
         data.value = p;
         data.length = len;
-        if (data.length != 20) 
-                fatal("%s: data length incorrect: %d", __func__, 
+        /* Lengths of SHA-1, SHA-256 and SHA-512 hashes that are used */
+        if (data.length != 20 && data.length != 32 && data.length != 64)
+                fatal("%s: data length incorrect: %d", __func__,
                     (int) data.length);
 
         /* Save the session ID on the first time around */
@@ -1988,6 +1995,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
         free(data.value);
 
         sshbuf_reset(m);
+
         if ((r = sshbuf_put_u32(m, major)) != 0 ||
             (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -1998,7 +2006,7 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
 
         /* Turn on getpwnam permissions */
         monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
-        
+
         /* And credential updating, for when rekeying */
         monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
 
@@ -2006,16 +2014,16 @@ mm_answer_gss_sign(int socket, struct sshbuf *m)
 }
 
 int
-mm_answer_gss_updatecreds(int socket, struct sshbuf *m) {
+mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) {
         ssh_gssapi_ccache store;
         int r, ok;
 
         if (!options.gss_authentication && !options.gss_keyex)
                 fatal("%s: GSSAPI not enabled", __func__);
 
-        if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 ||
-            (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 ||
-            (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0)
+        if ((r = sshbuf_get_string(m, (u_char **)&store.filename, NULL)) != 0 ||
+            (r = sshbuf_get_string(m, (u_char **)&store.envvar, NULL)) != 0 ||
+            (r = sshbuf_get_string(m, (u_char **)&store.envval, NULL)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
         ok = ssh_gssapi_update_creds(&store);
diff --git a/monitor.h b/monitor.h
index 8f65e684d..4d87284aa 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.h,v 1.21 2018/07/09 21:53:45 markus Exp $ */
+/* $OpenBSD: monitor.h,v 1.23 2019/01/19 21:43:56 djm Exp $ */
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -67,9 +67,10 @@ enum monitor_reqtype {
         MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153,
 
         MONITOR_REQ_AUTHROLE = 154,
-
 };
 
+struct ssh;
+
 struct monitor {
         int                      m_recvfd;
         int                      m_sendfd;
@@ -83,15 +84,16 @@ struct monitor *monitor_init(void);
 void monitor_reinit(struct monitor *);
 
 struct Authctxt;
-void monitor_child_preauth(struct Authctxt *, struct monitor *);
-void monitor_child_postauth(struct monitor *);
+void monitor_child_preauth(struct ssh *, struct monitor *);
+void monitor_child_postauth(struct ssh *, struct monitor *);
 
-struct mon_table;
-int monitor_read(struct monitor*, struct mon_table *, struct mon_table **);
+void monitor_clear_keystate(struct ssh *, struct monitor *);
+void monitor_apply_keystate(struct ssh *, struct monitor *);
 
 /* Prototypes for request sending and receiving */
 void mm_request_send(int, enum monitor_reqtype, struct sshbuf *);
 void mm_request_receive(int, struct sshbuf *);
 void mm_request_receive_expect(int, enum monitor_reqtype, struct sshbuf *);
+void mm_get_keystate(struct ssh *, struct monitor *);
 
 #endif /* _MONITOR_H_ */
diff --git a/monitor_wrap.c b/monitor_wrap.c
index fd4d7eb3b..6b3a6251c 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.112 2019/01/21 09:54:11 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -202,12 +202,8 @@ mm_choose_dh(int min, int nbits, int max)
         if (success == 0)
                 fatal("%s: MONITOR_ANS_MODULI failed", __func__);
 
-        if ((p = BN_new()) == NULL)
-                fatal("%s: BN_new failed", __func__);
-        if ((g = BN_new()) == NULL)
-                fatal("%s: BN_new failed", __func__);
-        if ((r = sshbuf_get_bignum2(m, p)) != 0 ||
-            (r = sshbuf_get_bignum2(m, g)) != 0)
+        if ((r = sshbuf_get_bignum2(m, &p)) != 0 ||
+            (r = sshbuf_get_bignum2(m, &g)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
         debug3("%s: remaining %zu", __func__, sshbuf_len(m));
@@ -218,12 +214,12 @@ mm_choose_dh(int min, int nbits, int max)
 #endif
 
 int
-mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp,
+mm_sshkey_sign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
     const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat)
 {
         struct kex *kex = *pmonitor->m_pkex;
         struct sshbuf *m;
-        u_int ndx = kex->host_key_index(key, 0, active_state);
+        u_int ndx = kex->host_key_index(key, 0, ssh);
         int r;
 
         debug3("%s entering", __func__);
@@ -248,9 +244,8 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp,
 }
 
 struct passwd *
-mm_getpwnamallow(const char *username)
+mm_getpwnamallow(struct ssh *ssh, const char *username)
 {
-        struct ssh *ssh = active_state;         /* XXX */
         struct sshbuf *m;
         struct passwd *pw;
         size_t len;
@@ -459,8 +454,8 @@ mm_user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key,
 }
 
 int
-mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host,
-    struct sshkey *key)
+mm_hostbased_key_allowed(struct ssh *ssh, struct passwd *pw,
+    const char *user, const char *host, struct sshkey *key)
 {
         return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0, NULL));
 }
@@ -553,9 +548,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
 }
 
 void
-mm_send_keystate(struct monitor *monitor)
+mm_send_keystate(struct ssh *ssh, struct monitor *monitor)
 {
-        struct ssh *ssh = active_state;         /* XXX */
         struct sshbuf *m;
         int r;
 
@@ -649,7 +643,7 @@ mm_session_pty_cleanup2(Session *s)
 
 #ifdef USE_PAM
 void
-mm_start_pam(Authctxt *authctxt)
+mm_start_pam(struct ssh *ssh)
 {
         struct sshbuf *m;
 
@@ -890,7 +884,7 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
 
 #ifdef SSH_AUDIT_EVENTS
 void
-mm_audit_event(ssh_audit_event_t event)
+mm_audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         struct sshbuf *m;
         int r;
@@ -1005,13 +999,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
 }
 
 int
-mm_ssh_gssapi_userok(char *user, struct passwd *pw)
+mm_ssh_gssapi_userok(char *user, struct passwd *pw, int kex)
 {
         struct sshbuf *m;
         int r, authenticated = 0;
 
         if ((m = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
+        if ((r = sshbuf_put_u32(m, kex)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);
         mm_request_receive_expect(pmonitor->m_recvfd,
@@ -1046,7 +1042,7 @@ mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
 
         sshbuf_free(m);
 
-        return(major);
+        return (major);
 }
 
 int
@@ -1057,6 +1053,7 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
 
         if ((m = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
+
         if ((r = sshbuf_put_cstring(m,
             store->filename ? store->filename : "")) != 0 ||
             (r = sshbuf_put_cstring(m,
@@ -1070,6 +1067,7 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
 
         if ((r = sshbuf_get_u32(m, &ok)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
+
         sshbuf_free(m);
 
         return (ok);
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 79e78cc90..3d0e32d48 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.h,v 1.38 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: monitor_wrap.h,v 1.41 2019/01/19 21:43:56 djm Exp $ */
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -33,6 +33,7 @@ extern int use_privsep;
 
 enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY };
 
+struct ssh;
 struct monitor;
 struct Authctxt;
 struct sshkey;
@@ -41,18 +42,18 @@ struct sshauthopt;
 void mm_log_handler(LogLevel, const char *, void *);
 int mm_is_monitor(void);
 DH *mm_choose_dh(int, int, int);
-int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t,
-    const char *, u_int compat);
+int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *,
+    const u_char *, size_t, const char *, u_int compat);
 void mm_inform_authserv(char *, char *, char *);
 void mm_inform_authrole(char *);
-struct passwd *mm_getpwnamallow(const char *);
+struct passwd *mm_getpwnamallow(struct ssh *, const char *);
 char *mm_auth2_read_banner(void);
 int mm_auth_password(struct ssh *, char *);
 int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *,
     int, struct sshauthopt **);
 int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int,
     struct sshauthopt **);
-int mm_hostbased_key_allowed(struct passwd *, const char *,
+int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *,
     const char *, struct sshkey *);
 int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
     const u_char *, size_t, const char *, u_int);
@@ -61,14 +62,14 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
 OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
 OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
    gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
-int mm_ssh_gssapi_userok(char *user, struct passwd *);
+int mm_ssh_gssapi_userok(char *user, struct passwd *, int kex);
 OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
 OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
 int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *);
 #endif
 
 #ifdef USE_PAM
-void mm_start_pam(struct Authctxt *);
+void mm_start_pam(struct ssh *ssh);
 u_int mm_do_pam_account(void);
 void *mm_sshpam_init_ctx(struct Authctxt *);
 int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **);
@@ -78,7 +79,7 @@ void mm_sshpam_free_ctx(void *);
 
 #ifdef SSH_AUDIT_EVENTS
 #include "audit.h"
-void mm_audit_event(ssh_audit_event_t);
+void mm_audit_event(struct ssh *, ssh_audit_event_t);
 void mm_audit_run_command(const char *);
 #endif
 
@@ -91,10 +92,7 @@ void mm_session_pty_cleanup2(struct Session *);
 struct newkeys *mm_newkeys_from_blob(u_char *, int);
 int mm_newkeys_to_blob(int, u_char **, u_int *);
 
-void monitor_clear_keystate(struct monitor *);
-void monitor_apply_keystate(struct monitor *);
-void mm_get_keystate(struct monitor *);
-void mm_send_keystate(struct monitor*);
+void mm_send_keystate(struct ssh *, struct monitor*);
 
 /* bsdauth */
 int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
diff --git a/mux.c b/mux.c
index 8e4b60827..e89db193d 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.77 2018/09/26 07:32:44 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.79 2019/01/19 21:35:25 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -610,6 +610,7 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
         struct Forward *rfwd;
         Channel *c;
         struct sshbuf *out;
+        u_int port;
         int r;
 
         if ((c = channel_by_id(ssh, fctx->cid)) == NULL) {
@@ -632,7 +633,15 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
             rfwd->connect_host, rfwd->connect_port);
         if (type == SSH2_MSG_REQUEST_SUCCESS) {
                 if (rfwd->listen_port == 0) {
-                        rfwd->allocated_port = packet_get_int();
+                        if ((r = sshpkt_get_u32(ssh, &port)) != 0)
+                                fatal("%s: packet error: %s",
+                                    __func__, ssh_err(r));
+                        if (port > 65535) {
+                                fatal("Invalid allocated port %u for "
+                                    "mux remote forward to %s:%d", port,
+                                    rfwd->connect_host, rfwd->connect_port);
+                        }
+                        rfwd->allocated_port = (int)port;
                         debug("Allocated port %u for mux remote forward"
                             " to %s:%d", rfwd->allocated_port,
                             rfwd->connect_host, rfwd->connect_port);
@@ -1406,7 +1415,8 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg)
         if (cctx->want_agent_fwd && options.forward_agent) {
                 debug("Requesting authentication agent forwarding.");
                 channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0);
-                packet_send();
+                if ((r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: packet error: %s", __func__, ssh_err(r));
         }
 
         client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys,
diff --git a/myproposal.h b/myproposal.h
index 27b4a15a1..f16729876 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.57 2018/09/12 01:34:02 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.58 2019/02/23 08:20:43 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -90,20 +90,15 @@
 # else
 #  define KEX_CURVE25519_METHODS ""
 # endif
-#define KEX_COMMON_KEX \
+#define KEX_SERVER_KEX \
         KEX_CURVE25519_METHODS \
         KEX_ECDH_METHODS \
-        KEX_SHA2_METHODS
-
-#define KEX_SERVER_KEX KEX_COMMON_KEX \
-        KEX_SHA2_GROUP14 \
-        "diffie-hellman-group14-sha1" \
-
-#define KEX_CLIENT_KEX KEX_COMMON_KEX \
-        "diffie-hellman-group-exchange-sha1," \
+        KEX_SHA2_METHODS \
         KEX_SHA2_GROUP14 \
         "diffie-hellman-group14-sha1"
 
+#define KEX_CLIENT_KEX KEX_SERVER_KEX
+
 #define KEX_DEFAULT_PK_ALG      \
         HOSTKEY_ECDSA_CERT_METHODS \
         "ssh-ed25519-cert-v01@openssh.com," \
diff --git a/opacket.c b/opacket.c
deleted file mode 100644
index 7672c0b59..000000000
--- a/opacket.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* $OpenBSD: opacket.c,v 1.7 2017/10/20 01:56:39 djm Exp $ */
-/* Written by Markus Friedl. Placed in the public domain.  */
-
-#include "includes.h"
-
-#include <stdarg.h>
-
-#include "ssherr.h"
-#include "packet.h"
-#include "log.h"
-
-struct ssh *active_state, *backup_state;
-
-/* Map old to new API */
-
-void
-ssh_packet_start(struct ssh *ssh, u_char type)
-{
-        int r;
-
-        if ((r = sshpkt_start(ssh, type)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_char(struct ssh *ssh, int value)
-{
-        u_char ch = value;
-        int r;
-
-        if ((r = sshpkt_put_u8(ssh, ch)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_int(struct ssh *ssh, u_int value)
-{
-        int r;
-
-        if ((r = sshpkt_put_u32(ssh, value)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_int64(struct ssh *ssh, u_int64_t value)
-{
-        int r;
-
-        if ((r = sshpkt_put_u64(ssh, value)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_string(struct ssh *ssh, const void *buf, u_int len)
-{
-        int r;
-
-        if ((r = sshpkt_put_string(ssh, buf, len)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_cstring(struct ssh *ssh, const char *str)
-{
-        int r;
-
-        if ((r = sshpkt_put_cstring(ssh, str)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-void
-ssh_packet_put_raw(struct ssh *ssh, const void *buf, u_int len)
-{
-        int r;
-
-        if ((r = sshpkt_put(ssh, buf, len)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-
-#ifdef WITH_OPENSSL
-void
-ssh_packet_put_bignum2(struct ssh *ssh, const BIGNUM * value)
-{
-        int r;
-
-        if ((r = sshpkt_put_bignum2(ssh, value)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-# ifdef OPENSSL_HAS_ECC
-void
-ssh_packet_put_ecpoint(struct ssh *ssh, const EC_GROUP *curve,
-    const EC_POINT *point)
-{
-        int r;
-
-        if ((r = sshpkt_put_ec(ssh, point, curve)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-# endif
-#endif /* WITH_OPENSSL */
-
-void
-ssh_packet_send(struct ssh *ssh)
-{
-        int r;
-
-        if ((r = sshpkt_send(ssh)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-u_int
-ssh_packet_get_char(struct ssh *ssh)
-{
-        u_char ch;
-        int r;
-
-        if ((r = sshpkt_get_u8(ssh, &ch)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        return ch;
-}
-
-u_int
-ssh_packet_get_int(struct ssh *ssh)
-{
-        u_int val;
-        int r;
-
-        if ((r = sshpkt_get_u32(ssh, &val)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        return val;
-}
-
-u_int64_t
-ssh_packet_get_int64(struct ssh *ssh)
-{
-        u_int64_t val;
-        int r;
-
-        if ((r = sshpkt_get_u64(ssh, &val)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        return val;
-}
-
-
-#ifdef WITH_OPENSSL
-void
-ssh_packet_get_bignum2(struct ssh *ssh, BIGNUM * value)
-{
-        int r;
-
-        if ((r = sshpkt_get_bignum2(ssh, value)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-
-# ifdef OPENSSL_HAS_ECC
-void
-ssh_packet_get_ecpoint(struct ssh *ssh, const EC_GROUP *curve, EC_POINT *point)
-{
-        int r;
-
-        if ((r = sshpkt_get_ec(ssh, point, curve)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-}
-# endif
-#endif /* WITH_OPENSSL */
-
-void *
-ssh_packet_get_string(struct ssh *ssh, u_int *length_ptr)
-{
-        int r;
-        size_t len;
-        u_char *val;
-
-        if ((r = sshpkt_get_string(ssh, &val, &len)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        if (length_ptr != NULL)
-                *length_ptr = (u_int)len;
-        return val;
-}
-
-const void *
-ssh_packet_get_string_ptr(struct ssh *ssh, u_int *length_ptr)
-{
-        int r;
-        size_t len;
-        const u_char *val;
-
-        if ((r = sshpkt_get_string_direct(ssh, &val, &len)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        if (length_ptr != NULL)
-                *length_ptr = (u_int)len;
-        return val;
-}
-
-char *
-ssh_packet_get_cstring(struct ssh *ssh, u_int *length_ptr)
-{
-        int r;
-        size_t len;
-        char *val;
-
-        if ((r = sshpkt_get_cstring(ssh, &val, &len)) != 0)
-                fatal("%s: %s", __func__, ssh_err(r));
-        if (length_ptr != NULL)
-                *length_ptr = (u_int)len;
-        return val;
-}
-
-/* Old API, that had to be reimplemented */
-
-void
-packet_set_connection(int fd_in, int fd_out)
-{
-        active_state = ssh_packet_set_connection(active_state, fd_in, fd_out);
-        if (active_state == NULL)
-                fatal("%s: ssh_packet_set_connection failed", __func__);
-}
-
-u_int
-packet_get_char(void)
-{
-        return (ssh_packet_get_char(active_state));
-}
-
-u_int
-packet_get_int(void)
-{
-        return (ssh_packet_get_int(active_state));
-}
-
-int
-packet_read_seqnr(u_int32_t *seqnr)
-{
-        u_char type;
-        int r;
-
-        if ((r = ssh_packet_read_seqnr(active_state, &type, seqnr)) != 0)
-                sshpkt_fatal(active_state, __func__, r);
-        return type;
-}
-
-int
-packet_read_poll_seqnr(u_int32_t *seqnr)
-{
-        u_char type;
-        int r;
-
-        if ((r = ssh_packet_read_poll_seqnr(active_state, &type, seqnr)))
-                sshpkt_fatal(active_state, __func__, r);
-        return type;
-}
-
-void
-packet_close(void)
-{
-        ssh_packet_close(active_state);
-        active_state = NULL;
-}
-
-void
-packet_process_incoming(const char *buf, u_int len)
-{
-        int r;
-
-        if ((r = ssh_packet_process_incoming(active_state, buf, len)) != 0)
-                sshpkt_fatal(active_state, __func__, r);
-}
-
-void
-packet_write_wait(void)
-{
-        int r;
-
-        if ((r = ssh_packet_write_wait(active_state)) != 0)
-                sshpkt_fatal(active_state, __func__, r);
-}
-
-void
-packet_write_poll(void)
-{
-        int r;
-
-        if ((r = ssh_packet_write_poll(active_state)) != 0)
-                sshpkt_fatal(active_state, __func__, r);
-}
-
-void
-packet_read_expect(int expected_type)
-{
-        int r;
-
-        if ((r = ssh_packet_read_expect(active_state, expected_type)) != 0)
-                sshpkt_fatal(active_state, __func__, r);
-}
-
-void
-packet_disconnect(const char *fmt, ...)
-{
-        char buf[1024];
-        va_list args;
-
-        va_start(args, fmt);
-        vsnprintf(buf, sizeof(buf), fmt, args);
-        va_end(args);
-        ssh_packet_disconnect(active_state, "%s", buf);
-}
-
-void
-packet_send_debug(const char *fmt, ...)
-{
-        char buf[1024];
-        va_list args;
-
-        va_start(args, fmt);
-        vsnprintf(buf, sizeof(buf), fmt, args);
-        va_end(args);
-        ssh_packet_send_debug(active_state, "%s", buf);
-}
diff --git a/opacket.h b/opacket.h
deleted file mode 100644
index 1cf66a2d3..000000000
--- a/opacket.h
+++ /dev/null
@@ -1,154 +0,0 @@
-/* $OpenBSD: opacket.h,v 1.13 2018/07/06 09:03:02 sf Exp $ */
-#ifndef _OPACKET_H
-/* Written by Markus Friedl. Placed in the public domain.  */
-
-/* Map old to new API */
-void     ssh_packet_start(struct ssh *, u_char);
-void     ssh_packet_put_char(struct ssh *, int ch);
-void     ssh_packet_put_int(struct ssh *, u_int value);
-void     ssh_packet_put_int64(struct ssh *, u_int64_t value);
-void     ssh_packet_put_bignum2(struct ssh *, const BIGNUM * value);
-void     ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *);
-void     ssh_packet_put_string(struct ssh *, const void *buf, u_int len);
-void     ssh_packet_put_cstring(struct ssh *, const char *str);
-void     ssh_packet_put_raw(struct ssh *, const void *buf, u_int len);
-void     ssh_packet_send(struct ssh *);
-
-u_int    ssh_packet_get_char(struct ssh *);
-u_int    ssh_packet_get_int(struct ssh *);
-u_int64_t ssh_packet_get_int64(struct ssh *);
-void     ssh_packet_get_bignum2(struct ssh *, BIGNUM * value);
-void     ssh_packet_get_ecpoint(struct ssh *, const EC_GROUP *, EC_POINT *);
-void    *ssh_packet_get_string(struct ssh *, u_int *length_ptr);
-char    *ssh_packet_get_cstring(struct ssh *, u_int *length_ptr);
-
-/* don't allow remaining bytes after the end of the message */
-#define ssh_packet_check_eom(ssh) \
-do { \
-        int _len = ssh_packet_remaining(ssh); \
-        if (_len > 0) { \
-                logit("Packet integrity error (%d bytes remaining) at %s:%d", \
-                    _len ,__FILE__, __LINE__); \
-                ssh_packet_disconnect(ssh, \
-                    "Packet integrity error."); \
-        } \
-} while (0)
-
-/* old API */
-void     packet_close(void);
-u_int    packet_get_char(void);
-u_int    packet_get_int(void);
-void     packet_set_connection(int, int);
-int      packet_read_seqnr(u_int32_t *);
-int      packet_read_poll_seqnr(u_int32_t *);
-void     packet_process_incoming(const char *buf, u_int len);
-void     packet_write_wait(void);
-void     packet_write_poll(void);
-void     packet_read_expect(int expected_type);
-#define packet_set_timeout(timeout, count) \
-        ssh_packet_set_timeout(active_state, (timeout), (count))
-#define packet_connection_is_on_socket() \
-        ssh_packet_connection_is_on_socket(active_state)
-#define packet_set_nonblocking() \
-        ssh_packet_set_nonblocking(active_state)
-#define packet_get_connection_in() \
-        ssh_packet_get_connection_in(active_state)
-#define packet_get_connection_out() \
-        ssh_packet_get_connection_out(active_state)
-#define packet_set_protocol_flags(protocol_flags) \
-        ssh_packet_set_protocol_flags(active_state, (protocol_flags))
-#define packet_get_protocol_flags() \
-        ssh_packet_get_protocol_flags(active_state)
-#define packet_start(type) \
-        ssh_packet_start(active_state, (type))
-#define packet_put_char(value) \
-        ssh_packet_put_char(active_state, (value))
-#define packet_put_int(value) \
-        ssh_packet_put_int(active_state, (value))
-#define packet_put_int64(value) \
-        ssh_packet_put_int64(active_state, (value))
-#define packet_put_string( buf, len) \
-        ssh_packet_put_string(active_state, (buf), (len))
-#define packet_put_cstring(str) \
-        ssh_packet_put_cstring(active_state, (str))
-#define packet_put_raw(buf, len) \
-        ssh_packet_put_raw(active_state, (buf), (len))
-#define packet_put_bignum2(value) \
-        ssh_packet_put_bignum2(active_state, (value))
-#define packet_send() \
-        ssh_packet_send(active_state)
-#define packet_read() \
-        ssh_packet_read(active_state)
-#define packet_get_int64() \
-        ssh_packet_get_int64(active_state)
-#define packet_get_bignum2(value) \
-        ssh_packet_get_bignum2(active_state, (value))
-#define packet_remaining() \
-        ssh_packet_remaining(active_state)
-#define packet_get_string(length_ptr) \
-        ssh_packet_get_string(active_state, (length_ptr))
-#define packet_get_string_ptr(length_ptr) \
-        ssh_packet_get_string_ptr(active_state, (length_ptr))
-#define packet_get_cstring(length_ptr) \
-        ssh_packet_get_cstring(active_state, (length_ptr))
-void    packet_send_debug(const char *, ...)
-            __attribute__((format(printf, 1, 2)));
-void    packet_disconnect(const char *, ...)
-            __attribute__((format(printf, 1, 2)))
-            __attribute__((noreturn));
-#define packet_have_data_to_write() \
-        ssh_packet_have_data_to_write(active_state)
-#define packet_not_very_much_data_to_write() \
-        ssh_packet_not_very_much_data_to_write(active_state)
-#define packet_set_interactive(interactive, qos_interactive, qos_bulk) \
-        ssh_packet_set_interactive(active_state, (interactive), (qos_interactive), (qos_bulk))
-#define packet_is_interactive() \
-        ssh_packet_is_interactive(active_state)
-#define packet_set_maxsize(s) \
-        ssh_packet_set_maxsize(active_state, (s))
-#define packet_inc_alive_timeouts() \
-        ssh_packet_inc_alive_timeouts(active_state)
-#define packet_set_alive_timeouts(ka) \
-        ssh_packet_set_alive_timeouts(active_state, (ka))
-#define packet_get_maxsize() \
-        ssh_packet_get_maxsize(active_state)
-#define packet_add_padding(pad) \
-        sshpkt_add_padding(active_state, (pad))
-#define packet_send_ignore(nbytes) \
-        ssh_packet_send_ignore(active_state, (nbytes))
-#define packet_set_server() \
-        ssh_packet_set_server(active_state)
-#define packet_set_authenticated() \
-        ssh_packet_set_authenticated(active_state)
-#define packet_get_input() \
-        ssh_packet_get_input(active_state)
-#define packet_get_output() \
-        ssh_packet_get_output(active_state)
-#define packet_check_eom() \
-        ssh_packet_check_eom(active_state)
-#define set_newkeys(mode) \
-        ssh_set_newkeys(active_state, (mode))
-#define packet_get_state(m) \
-        ssh_packet_get_state(active_state, m)
-#define packet_set_state(m) \
-        ssh_packet_set_state(active_state, m)
-#define packet_get_raw(lenp) \
-        sshpkt_ptr(active_state, lenp)
-#define packet_get_ecpoint(c,p) \
-        ssh_packet_get_ecpoint(active_state, c, p)
-#define packet_put_ecpoint(c,p) \
-        ssh_packet_put_ecpoint(active_state, c, p)
-#define packet_get_rekey_timeout() \
-        ssh_packet_get_rekey_timeout(active_state)
-#define packet_set_rekey_limits(x,y) \
-        ssh_packet_set_rekey_limits(active_state, x, y)
-#define packet_get_bytes(x,y) \
-        ssh_packet_get_bytes(active_state, x, y)
-#define packet_set_mux() \
-        ssh_packet_set_mux(active_state)
-#define packet_get_mux() \
-        ssh_packet_get_mux(active_state)
-#define packet_clear_keys() \
-        ssh_packet_clear_keys(active_state)
-
-#endif /* _OPACKET_H */
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index fb49e30f5..54628e260 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -37,6 +37,9 @@
 #include <string.h>
 #include <unistd.h>
 #include <stdarg.h>
+#include <stdlib.h>
+#include <wchar.h>
+#include <wctype.h>
 
 #include "xmalloc.h"
 
@@ -117,4 +120,150 @@ free_windows_environment(char **p)
         free(p);
 }
 
+/*
+ * Returns true if the given string matches the pattern (which may contain ?
+ * and * as wildcards), and zero if it does not match.
+ *
+ * The Cygwin version of this function must be case-insensitive and take
+ * Unicode characters into account.
+ */
+
+static int
+__match_pattern (const wchar_t *s, const wchar_t *pattern)
+{
+        for (;;) {
+                /* If at end of pattern, accept if also at end of string. */
+                if (!*pattern)
+                        return !*s;
+
+                if (*pattern == '*') {
+                        /* Skip the asterisk. */
+                        pattern++;
+
+                        /* If at end of pattern, accept immediately. */
+                        if (!*pattern)
+                                return 1;
+
+                        /* If next character in pattern is known, optimize. */
+                        if (*pattern != '?' && *pattern != '*') {
+                                /*
+                                 * Look instances of the next character in
+                                 * pattern, and try to match starting from
+                                 * those.
+                                 */
+                                for (; *s; s++)
+                                        if (*s == *pattern &&
+                                            __match_pattern(s + 1, pattern + 1))
+                                                return 1;
+                                /* Failed. */
+                                return 0;
+                        }
+                        /*
+                         * Move ahead one character at a time and try to
+                         * match at each position.
+                         */
+                        for (; *s; s++)
+                                if (__match_pattern(s, pattern))
+                                        return 1;
+                        /* Failed. */
+                        return 0;
+                }
+                /*
+                 * There must be at least one more character in the string.
+                 * If we are at the end, fail.
+                 */
+                if (!*s)
+                        return 0;
+
+                /* Check if the next character of the string is acceptable. */
+                if (*pattern != '?' && towlower(*pattern) != towlower(*s))
+                        return 0;
+
+                /* Move to the next character, both in string and in pattern. */
+                s++;
+                pattern++;
+        }
+        /* NOTREACHED */
+}
+
+static int
+_match_pattern(const char *s, const char *pattern)
+{
+        wchar_t *ws;
+        wchar_t *wpattern;
+        size_t len;
+        int ret;
+
+        if ((len = mbstowcs(NULL, s, 0)) < 0)
+                return 0;
+        ws = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t));
+        mbstowcs(ws, s, len + 1);
+        if ((len = mbstowcs(NULL, pattern, 0)) < 0)
+                return 0;
+        wpattern = (wchar_t *) xcalloc(len + 1, sizeof (wchar_t));
+        mbstowcs(wpattern, pattern, len + 1);
+        ret = __match_pattern (ws, wpattern);
+        free(ws);
+        free(wpattern);
+        return ret;
+}
+
+/*
+ * Tries to match the string against the
+ * comma-separated sequence of subpatterns (each possibly preceded by ! to
+ * indicate negation).  Returns -1 if negation matches, 1 if there is
+ * a positive match, 0 if there is no match at all.
+ */
+int
+cygwin_ug_match_pattern_list(const char *string, const char *pattern)
+{
+        char sub[1024];
+        int negated;
+        int got_positive;
+        u_int i, subi, len = strlen(pattern);
+
+        got_positive = 0;
+        for (i = 0; i < len;) {
+                /* Check if the subpattern is negated. */
+                if (pattern[i] == '!') {
+                        negated = 1;
+                        i++;
+                } else
+                        negated = 0;
+
+                /*
+                 * Extract the subpattern up to a comma or end.  Convert the
+                 * subpattern to lowercase.
+                 */
+                for (subi = 0;
+                    i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
+                    subi++, i++)
+                        sub[subi] = pattern[i];
+                /* If subpattern too long, return failure (no match). */
+                if (subi >= sizeof(sub) - 1)
+                        return 0;
+
+                /* If the subpattern was terminated by a comma, then skip it. */
+                if (i < len && pattern[i] == ',')
+                        i++;
+
+                /* Null-terminate the subpattern. */
+                sub[subi] = '\0';
+
+                /* Try to match the subpattern against the string. */
+                if (_match_pattern(string, sub)) {
+                        if (negated)
+                                return -1;              /* Negative */
+                        else
+                                got_positive = 1;       /* Positive */
+                }
+        }
+
+        /*
+         * Return success if got a positive match.  If there was a negative
+         * match, we have already returned -1 and never get here.
+         */
+        return got_positive;
+}
+
 #endif /* HAVE_CYGWIN */
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 202c055db..55c5a5b81 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -55,6 +55,7 @@ int binary_open(const char *, int , ...);
 int check_ntsec(const char *);
 char **fetch_windows_environment(void);
 void free_windows_environment(char **);
+int cygwin_ug_match_pattern_list(const char *, const char *);
 
 #ifndef NO_BINARY_OPEN
 #define open binary_open
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 5d7540a70..aa1c7d7a3 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -25,6 +25,7 @@
 # include <sys/time.h>
 #endif
 
+#include <fcntl.h>
 #include <string.h>
 #include <signal.h>
 #include <stdlib.h>
@@ -117,6 +118,106 @@ int utimes(char *filename, struct timeval *tvp)
 }
 #endif
 
+#ifndef HAVE_UTIMENSAT
+/*
+ * A limited implementation of utimensat() that only implements the
+ * functionality used by OpenSSH, currently only AT_FDCWD and
+ * AT_SYMLINK_NOFOLLOW.
+ */
+int
+utimensat(int fd, const char *path, const struct timespec times[2],
+    int flag)
+{
+        struct timeval tv[2];
+        int ret, oflags = O_WRONLY;
+
+        tv[0].tv_sec = times[0].tv_sec;
+        tv[0].tv_usec = times[0].tv_nsec / 1000;
+        tv[1].tv_sec = times[1].tv_sec;
+        tv[1].tv_usec = times[1].tv_nsec / 1000;
+
+        if (fd != AT_FDCWD) {
+                errno = ENOSYS;
+                return -1;
+        }
+# ifndef HAVE_FUTIMES
+        return utimes(path, tv);
+# else
+#  ifdef O_NOFOLLOW
+        if (flag & AT_SYMLINK_NOFOLLOW)
+                oflags |= O_NOFOLLOW;
+#  endif /* O_NOFOLLOW */
+        if ((fd = open(path, oflags)) == -1)
+                return -1;
+        ret = futimes(fd, tv);
+        close(fd);
+        return ret;
+# endif
+}
+#endif
+
+#ifndef HAVE_FCHOWNAT
+/*
+ * A limited implementation of fchownat() that only implements the
+ * functionality used by OpenSSH, currently only AT_FDCWD and
+ * AT_SYMLINK_NOFOLLOW.
+ */
+int
+fchownat(int fd, const char *path, uid_t owner, gid_t group, int flag)
+{
+        int ret, oflags = O_WRONLY;
+
+        if (fd != AT_FDCWD) {
+                errno = ENOSYS;
+                return -1;
+        }
+# ifndef HAVE_FCHOWN
+        return chown(pathname, owner, group);
+# else
+#  ifdef O_NOFOLLOW
+        if (flag & AT_SYMLINK_NOFOLLOW)
+                oflags |= O_NOFOLLOW;
+#  endif /* O_NOFOLLOW */
+        if ((fd = open(path, oflags)) == -1)
+                return -1;
+        ret = fchown(fd, owner, group);
+        close(fd);
+        return ret;
+# endif
+}
+#endif
+
+#ifndef HAVE_FCHMODAT
+/*
+ * A limited implementation of fchmodat() that only implements the
+ * functionality used by OpenSSH, currently only AT_FDCWD and
+ * AT_SYMLINK_NOFOLLOW.
+ */
+int
+fchmodat(int fd, const char *path, mode_t mode, int flag)
+{
+        int ret, oflags = O_WRONLY;
+
+        if (fd != AT_FDCWD) {
+                errno = ENOSYS;
+                return -1;
+        }
+# ifndef HAVE_FCHMOD
+        return chown(pathname, owner, group);
+# else
+#  ifdef O_NOFOLLOW
+        if (flag & AT_SYMLINK_NOFOLLOW)
+                oflags |= O_NOFOLLOW;
+#  endif /* O_NOFOLLOW */
+        if ((fd = open(path, oflags)) == -1)
+                return -1;
+        ret = fchmod(fd, mode);
+        close(fd);
+        return ret;
+# endif
+}
+#endif
+
 #ifndef HAVE_TRUNCATE
 int truncate(const char *path, off_t length)
 {
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index 52ec52853..cb158cd5c 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -64,6 +64,26 @@ struct timeval {
 int utimes(char *, struct timeval *);
 #endif /* HAVE_UTIMES */
 
+#ifndef HAVE_UTIMENSAT
+/* start with the high bits and work down to minimise risk of overlap */
+# ifndef AT_SYMLINK_NOFOLLOW
+#  define AT_SYMLINK_NOFOLLOW 0x80000000
+# endif
+int utimensat(int, const char *, const struct timespec[2], int);
+#endif
+
+#ifndef AT_FDCWD
+# define AT_FDCWD (-2)
+#endif
+
+#ifndef HAVE_FCHMODAT
+int fchmodat(int, const char *, mode_t, int);
+#endif
+
+#ifndef HAVE_FCHOWNAT
+int fchownat(int, const char *, uid_t, gid_t, int);
+#endif
+
 #ifndef HAVE_TRUNCATE
 int truncate (const char *, off_t);
 #endif /* HAVE_TRUNCATE */
diff --git a/openbsd-compat/libressl-api-compat.c b/openbsd-compat/libressl-api-compat.c
index de3e64a63..ae00ff593 100644
--- a/openbsd-compat/libressl-api-compat.c
+++ b/openbsd-compat/libressl-api-compat.c
@@ -152,7 +152,9 @@
 #include <openssl/dsa.h>
 #include <openssl/rsa.h>
 #include <openssl/evp.h>
+#ifdef OPENSSL_HAS_ECC
 #include <openssl/ecdsa.h>
+#endif
 #include <openssl/dh.h>
 
 #ifndef HAVE_DSA_GET0_PQG
@@ -417,6 +419,7 @@ DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
 }
 #endif /* HAVE_DSA_SIG_SET0 */
 
+#ifdef OPENSSL_HAS_ECC
 #ifndef HAVE_ECDSA_SIG_GET0
 void
 ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
@@ -442,6 +445,7 @@ ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
         return 1;
 }
 #endif /* HAVE_ECDSA_SIG_SET0 */
+#endif /* OPENSSL_HAS_ECC */
 
 #ifndef HAVE_DH_GET0_PQG
 void
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index f5c833bf2..865aaee53 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -61,6 +61,7 @@ void closefrom(int);
 #endif
 
 #ifndef HAVE_GETLINE
+#include <stdio.h>
 ssize_t getline(char **, size_t *, FILE *);
 #endif
 
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index ea0b0c9fb..c1749210d 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -66,23 +66,31 @@ ssh_compatible_openssl(long headerver, long libver)
         return 0;
 }
 
-#ifdef  USE_OPENSSL_ENGINE
 void
-ssh_OpenSSL_add_all_algorithms(void)
+ssh_libcrypto_init(void)
 {
+#if defined(HAVE_OPENSSL_INIT_CRYPTO) && \
+      defined(OPENSSL_INIT_ADD_ALL_CIPHERS) && \
+      defined(OPENSSL_INIT_ADD_ALL_DIGESTS)
+        OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
+            OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+#elif defined(HAVE_OPENSSL_ADD_ALL_ALGORITHMS)
         OpenSSL_add_all_algorithms();
+#endif
 
+#ifdef  USE_OPENSSL_ENGINE
         /* Enable use of crypto hardware */
         ENGINE_load_builtin_engines();
         ENGINE_register_all_complete();
 
-#if OPENSSL_VERSION_NUMBER < 0x10001000L
-        OPENSSL_config(NULL);
-#else
+        /* Load the libcrypto config file to pick up engines defined there */
+# if defined(HAVE_OPENSSL_INIT_CRYPTO) && defined(OPENSSL_INIT_LOAD_CONFIG)
         OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
             OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL);
-#endif
+# else
+        OPENSSL_config(NULL);
+# endif
+#endif /* USE_OPENSSL_ENGINE */
 }
-#endif
 
 #endif /* WITH_OPENSSL */
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 9e0264c04..917bc6f7c 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -21,16 +21,32 @@
 #ifdef WITH_OPENSSL
 
 #include <openssl/opensslv.h>
+#include <openssl/crypto.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+#ifdef OPENSSL_HAS_ECC
 #include <openssl/ecdsa.h>
+#endif
 #include <openssl/dh.h>
 
 int ssh_compatible_openssl(long, long);
+void ssh_libcrypto_init(void);
+
+#if (OPENSSL_VERSION_NUMBER < 0x1000100fL)
+# error OpenSSL 1.0.1 or greater is required
+#endif
+
+#ifndef OPENSSL_VERSION
+# define OPENSSL_VERSION        SSLEAY_VERSION
+#endif
+
+#ifndef HAVE_OPENSSL_VERSION
+# define OpenSSL_version(x)     SSLeay_version(x)
+#endif
 
-#if (OPENSSL_VERSION_NUMBER <= 0x0090805fL)
-# error OpenSSL 0.9.8f or greater is required
+#ifndef HAVE_OPENSSL_VERSION_NUM
+# define OpenSSL_version_num    SSLeay
 #endif
 
 #if OPENSSL_VERSION_NUMBER < 0x10000001L
@@ -77,27 +93,6 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
 # endif
 #endif
 
-/*
- * We overload some of the OpenSSL crypto functions with ssh_* equivalents
- * to automatically handle OpenSSL engine initialisation.
- *
- * In order for the compat library to call the real functions, it must
- * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and
- * implement the ssh_* equivalents.
- */
-#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS
-
-# ifdef USE_OPENSSL_ENGINE
-#  ifdef OpenSSL_add_all_algorithms
-#   undef OpenSSL_add_all_algorithms
-#  endif
-#  define OpenSSL_add_all_algorithms()  ssh_OpenSSL_add_all_algorithms()
-# endif
-
-void ssh_OpenSSL_add_all_algorithms(void);
-
-#endif  /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
-
 /* LibreSSL/OpenSSL 1.1x API compat */
 #ifndef HAVE_DSA_GET0_PQG
 void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
@@ -161,6 +156,7 @@ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
 int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
 #endif /* DSA_SIG_SET0 */
 
+#ifdef OPENSSL_HAS_ECC
 #ifndef HAVE_ECDSA_SIG_GET0
 void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
 #endif /* HAVE_ECDSA_SIG_GET0 */
@@ -168,6 +164,7 @@ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
 #ifndef HAVE_ECDSA_SIG_SET0
 int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
 #endif /* HAVE_ECDSA_SIG_SET0 */
+#endif /* OPENSSL_HAS_ECC */
 
 #ifndef HAVE_DH_GET0_PQG
 void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 943177c70..fc80dc39f 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -313,7 +313,8 @@ sys_auth_get_lastlogin_msg(const char *user, uid_t uid)
  * record_failed_login: generic "login failed" interface function
  */
 void
-record_failed_login(const char *user, const char *hostname, const char *ttyname)
+record_failed_login(struct ssh *ssh, const char *user, const char *hostname,
+    const char *ttyname)
 {
         if (geteuid() != 0)
                 return;
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 748c0e4e3..904de3096 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -30,6 +30,7 @@
 # include <sys/socket.h>
 #endif
 
+struct ssh;
 struct sshbuf;
 
 /* These should be in the system headers but are not. */
@@ -89,8 +90,8 @@ void aix_usrinfo(struct passwd *);
 # define CUSTOM_SYS_AUTH_ALLOWED_USER 1
 int sys_auth_allowed_user(struct passwd *, struct sshbuf *);
 # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
-int sys_auth_record_login(const char *, const char *,
-    const char *, struct sshbuf *);
+int sys_auth_record_login(const char *, const char *, const char *,
+    struct sshbuf *);
 # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
 char *sys_auth_get_lastlogin_msg(const char *, uid_t);
 # define CUSTOM_FAILED_LOGIN 1
diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in
index 529331be5..c5aae61e2 100644
--- a/openbsd-compat/regress/Makefile.in
+++ b/openbsd-compat/regress/Makefile.in
@@ -14,7 +14,7 @@ LIBS=@LIBS@
 LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)
 
 TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
-        strtonumtest$(EXEEXT) opensslvertest$(EXEEXT)
+        strtonumtest$(EXEEXT) opensslvertest$(EXEEXT) utimensattest$(EXEEXT)
 
 all:    t-exec ${OTHERTESTS}
 
diff --git a/openbsd-compat/regress/utimensattest.c b/openbsd-compat/regress/utimensattest.c
new file mode 100644
index 000000000..a7bc7634b
--- /dev/null
+++ b/openbsd-compat/regress/utimensattest.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2019 Darren Tucker
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#define TMPFILE "utimensat.tmp"
+#define TMPFILE2 "utimensat.tmp2"
+
+#ifndef AT_SYMLINK_NOFOLLOW
+# define AT_SYMLINK_NOFOLLOW 0x80000000
+#endif
+
+int utimensat(int, const char *, const struct timespec[2], int);
+
+void
+fail(char *msg, long expect, long got)
+{
+        int saved_errno = errno;
+
+        if (expect == got && got == 0)
+                fprintf(stderr, "utimensat: %s: %s\n", msg,
+                     strerror(saved_errno));
+        else
+                fprintf(stderr, "utimensat: %s: expected %ld got %ld\n",
+                     msg, expect, got);
+        exit(1);
+}
+
+int
+main(void)
+{
+        int fd;
+        struct stat sb;
+        struct timespec ts[2];
+
+        if ((fd = open(TMPFILE, O_CREAT, 0600)) == -1)
+                fail("open", 0, 0);
+        close(fd);
+
+        ts[0].tv_sec = 12345678;
+        ts[0].tv_nsec = 23456789;
+        ts[1].tv_sec = 34567890;
+        ts[1].tv_nsec = 45678901;
+        if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) == -1)
+                fail("utimensat", 0, 0);
+
+        if (stat(TMPFILE, &sb) == -1)
+                fail("stat", 0, 0 );
+        if (sb.st_atime != 12345678)
+                fail("st_atime", 0, 0 );
+        if (sb.st_mtime != 34567890)
+                fail("st_mtime", 0, 0 );
+#if 0
+        /*
+         * Results expected to be rounded to the nearest microsecond.
+         * Depends on timestamp precision in kernel and filesystem so
+         * disabled by default.
+         */
+        if (sb.st_atim.tv_nsec != 23456000)
+                fail("atim.tv_nsec", 23456000, sb.st_atim.tv_nsec);
+        if (sb.st_mtim.tv_nsec != 45678000)
+                fail("mtim.tv_nsec", 45678000, sb.st_mtim.tv_nsec);
+#endif
+
+        if (rename(TMPFILE, TMPFILE2) == -1)
+                fail("rename", 0, 0);
+        if (symlink(TMPFILE2, TMPFILE) == -1)
+                fail("symlink", 0, 0);
+
+        if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) != -1)
+                fail("utimensat followed symlink", 0, 0);
+
+        if (!(unlink(TMPFILE) == 0 && unlink(TMPFILE2) == 0))
+                fail("unlink", 0, 0);
+        exit(0);
+}
diff --git a/openbsd-compat/sys-queue.h b/openbsd-compat/sys-queue.h
index af93d6814..5108f394c 100644
--- a/openbsd-compat/sys-queue.h
+++ b/openbsd-compat/sys-queue.h
@@ -81,6 +81,7 @@
 #undef SIMPLEQ_EMPTY
 #undef SIMPLEQ_NEXT
 #undef SIMPLEQ_FOREACH
+#undef SIMPLEQ_FOREACH_SAFE
 #undef SIMPLEQ_INIT
 #undef SIMPLEQ_INSERT_HEAD
 #undef SIMPLEQ_INSERT_TAIL
diff --git a/packet.c b/packet.c
index dcf35e6e6..36e352b44 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.277 2018/07/16 03:09:13 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.283 2019/03/01 03:29:32 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -58,6 +58,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <limits.h>
+#include <poll.h>
 #include <signal.h>
 #include <time.h>
 
@@ -228,6 +229,7 @@ ssh_alloc_session_state(void)
 
         if ((ssh = calloc(1, sizeof(*ssh))) == NULL ||
             (state = calloc(1, sizeof(*state))) == NULL ||
+            (ssh->kex = kex_new()) == NULL ||
             (state->input = sshbuf_new()) == NULL ||
             (state->output = sshbuf_new()) == NULL ||
             (state->outgoing_packet = sshbuf_new()) == NULL ||
@@ -250,6 +252,10 @@ ssh_alloc_session_state(void)
         ssh->state = state;
         return ssh;
  fail:
+        if (ssh) {
+                kex_free(ssh->kex);
+                free(ssh);
+        }
         if (state) {
                 sshbuf_free(state->input);
                 sshbuf_free(state->output);
@@ -257,7 +263,6 @@ ssh_alloc_session_state(void)
                 sshbuf_free(state->outgoing_packet);
                 free(state);
         }
-        free(ssh);
         return NULL;
 }
 
@@ -272,8 +277,7 @@ ssh_packet_set_input_hook(struct ssh *ssh, ssh_packet_hook_fn *hook, void *ctx)
 int
 ssh_packet_is_rekeying(struct ssh *ssh)
 {
-        return ssh->state->rekeying ||
-            (ssh->kex != NULL && ssh->kex->done == 0);
+        return ssh->state->rekeying || ssh->kex->done == 0;
 }
 
 /*
@@ -837,6 +841,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
         u_int64_t *max_blocks;
         const char *wmsg;
         int r, crypt_type;
+        const char *dir = mode == MODE_OUT ? "out" : "in";
 
         debug2("set_newkeys: mode %d", mode);
 
@@ -852,14 +857,12 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
                 max_blocks = &state->max_blocks_in;
         }
         if (state->newkeys[mode] != NULL) {
-                debug("set_newkeys: rekeying, input %llu bytes %llu blocks, "
-                   "output %llu bytes %llu blocks",
+                debug("%s: rekeying %s, input %llu bytes %llu blocks, "
+                   "output %llu bytes %llu blocks", __func__, dir,
                    (unsigned long long)state->p_read.bytes,
                    (unsigned long long)state->p_read.blocks,
                    (unsigned long long)state->p_send.bytes,
                    (unsigned long long)state->p_send.blocks);
-                cipher_free(*ccp);
-                *ccp = NULL;
                 kex_free_newkeys(state->newkeys[mode]);
                 state->newkeys[mode] = NULL;
         }
@@ -877,7 +880,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
                         return r;
         }
         mac->enabled = 1;
-        DBG(debug("cipher_init_context: %d", mode));
+        DBG(debug("%s: cipher_init_context: %s", __func__, dir));
+        cipher_free(*ccp);
+        *ccp = NULL;
         if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len,
             enc->iv, enc->iv_len, crypt_type)) != 0)
                 return r;
@@ -916,7 +921,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
         if (state->rekey_limit)
                 *max_blocks = MINIMUM(*max_blocks,
                     state->rekey_limit / enc->block_size);
-        debug("rekey after %llu blocks", (unsigned long long)*max_blocks);
+        debug("rekey %s after %llu blocks", dir,
+            (unsigned long long)*max_blocks);
         return 0;
 }
 
@@ -932,7 +938,7 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
                 return 0;
 
         /* Haven't keyed yet or KEX in progress. */
-        if (ssh->kex == NULL || ssh_packet_is_rekeying(ssh))
+        if (ssh_packet_is_rekeying(ssh))
                 return 0;
 
         /* Peer can't rekey */
@@ -1805,10 +1811,10 @@ sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l)
 /*
  * Pretty-print connection-terminating errors and exit.
  */
-void
-sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
+static void
+sshpkt_vfatal(struct ssh *ssh, int r, const char *fmt, va_list ap)
 {
-        char remote_id[512];
+        char *tag = NULL, remote_id[512];
 
         sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
 
@@ -1842,6 +1848,11 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
                 }
                 /* FALLTHROUGH */
         default:
+                if (vasprintf(&tag, fmt, ap) == -1) {
+                        ssh_packet_clear_keys(ssh);
+                        logdie("%s: could not allocate failure message",
+                            __func__);
+                }
                 ssh_packet_clear_keys(ssh);
                 logdie("%s%sConnection %s %s: %s",
                     tag != NULL ? tag : "", tag != NULL ? ": " : "",
@@ -1850,6 +1861,18 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
         }
 }
 
+void
+sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...)
+{
+        va_list ap;
+
+        va_start(ap, fmt);
+        sshpkt_vfatal(ssh, r, fmt, ap);
+        /* NOTREACHED */
+        va_end(ap);
+        logdie("%s: should have exited", __func__);
+}
+
 /*
  * Logs the error plus constructs and sends a disconnect packet, closes the
  * connection, and exits.  This function never returns. The error message
@@ -1885,10 +1908,10 @@ ssh_packet_disconnect(struct ssh *ssh, const char *fmt,...)
          * for it to get sent.
          */
         if ((r = sshpkt_disconnect(ssh, "%s", buf)) != 0)
-                sshpkt_fatal(ssh, __func__, r);
+                sshpkt_fatal(ssh, r, "%s", __func__);
 
         if ((r = ssh_packet_write_wait(ssh)) != 0)
-                sshpkt_fatal(ssh, __func__, r);
+                sshpkt_fatal(ssh, r, "%s", __func__);
 
         /* Close the connection. */
         ssh_packet_close(ssh);
@@ -2123,6 +2146,7 @@ void
 ssh_packet_set_server(struct ssh *ssh)
 {
         ssh->state->server_side = 1;
+        ssh->kex->server = 1; /* XXX unify? */
 }
 
 void
@@ -2175,9 +2199,9 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
             (r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
             (r = sshbuf_put_stringb(m, kex->my)) != 0 ||
             (r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
-            (r = sshbuf_put_u32(m, kex->flags)) != 0 ||
-            (r = sshbuf_put_cstring(m, kex->client_version_string)) != 0 ||
-            (r = sshbuf_put_cstring(m, kex->server_version_string)) != 0)
+            (r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
+            (r = sshbuf_put_stringb(m, kex->server_version)) != 0 ||
+            (r = sshbuf_put_u32(m, kex->flags)) != 0)
                 return r;
         return 0;
 }
@@ -2327,12 +2351,8 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
         struct kex *kex;
         int r;
 
-        if ((kex = calloc(1, sizeof(struct kex))) == NULL ||
-            (kex->my = sshbuf_new()) == NULL ||
-            (kex->peer = sshbuf_new()) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
+        if ((kex = kex_new()) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
         if ((r = sshbuf_get_string(m, &kex->session_id, &kex->session_id_len)) != 0 ||
             (r = sshbuf_get_u32(m, &kex->we_need)) != 0 ||
             (r = sshbuf_get_cstring(m, &kex->hostkey_alg, NULL)) != 0 ||
@@ -2341,23 +2361,20 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
             (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
             (r = sshbuf_get_stringb(m, kex->my)) != 0 ||
             (r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
-            (r = sshbuf_get_u32(m, &kex->flags)) != 0 ||
-            (r = sshbuf_get_cstring(m, &kex->client_version_string, NULL)) != 0 ||
-            (r = sshbuf_get_cstring(m, &kex->server_version_string, NULL)) != 0)
+            (r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
+            (r = sshbuf_get_stringb(m, kex->server_version)) != 0 ||
+            (r = sshbuf_get_u32(m, &kex->flags)) != 0)
                 goto out;
         kex->server = 1;
         kex->done = 1;
         r = 0;
  out:
         if (r != 0 || kexp == NULL) {
-                if (kex != NULL) {
-                        sshbuf_free(kex->my);
-                        sshbuf_free(kex->peer);
-                        free(kex);
-                }
+                kex_free(kex);
                 if (kexp != NULL)
                         *kexp = NULL;
         } else {
+                kex_free(*kexp);
                 *kexp = kex;
         }
         return r;
@@ -2468,6 +2485,12 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
         return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
 }
 
+int
+sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp)
+{
+        return sshbuf_froms(ssh->state->incoming_packet, valp);
+}
+
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 int
@@ -2544,11 +2567,10 @@ sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
 }
 #endif /* OPENSSL_HAS_ECC */
 
-
 int
-sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
+sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp)
 {
-        return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
+        return sshbuf_get_bignum2(ssh->state->incoming_packet, valp);
 }
 #endif /* WITH_OPENSSL */
 
diff --git a/packet.h b/packet.h
index 170203cab..0dfa36da1 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.86 2018/07/09 21:20:26 markus Exp $ */
+/* $OpenBSD: packet.h,v 1.90 2019/01/21 10:35:09 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -176,7 +176,8 @@ int	sshpkt_send(struct ssh *ssh);
 int     sshpkt_disconnect(struct ssh *, const char *fmt, ...)
             __attribute__((format(printf, 2, 3)));
 int     sshpkt_add_padding(struct ssh *, u_char);
-void    sshpkt_fatal(struct ssh *ssh, const char *tag, int r);
+void    sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...)
+            __attribute__((format(printf, 3, 4)));
 int     sshpkt_msg_ignore(struct ssh *, u_int);
 
 int     sshpkt_put(struct ssh *ssh, const void *v, size_t len);
@@ -198,16 +199,13 @@ int	sshpkt_get_string(struct ssh *ssh, u_char **valp, size_t *lenp);
 int     sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp);
 int     sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp);
 int     sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp);
+int     sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp);
 int     sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g);
-int     sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v);
+int     sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp);
 int     sshpkt_get_end(struct ssh *ssh);
 void    sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l);
 const u_char    *sshpkt_ptr(struct ssh *, size_t *lenp);
 
-/* OLD API */
-extern struct ssh *active_state;
-#include "opacket.h"
-
 #if !defined(WITH_OPENSSL)
 # undef BIGNUM
 # undef EC_KEY
diff --git a/readconf.c b/readconf.c
index 6d046f063..2ba312441 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.300 2018/10/05 14:26:09 naddy Exp $ */
+/* $OpenBSD: readconf.c,v 1.304 2019/03/01 02:08:50 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -67,6 +67,7 @@
 #include "uidswap.h"
 #include "myproposal.h"
 #include "digest.h"
+#include "ssh-gss.h"
 
 /* Format of the configuration file:
 
@@ -133,10 +134,11 @@
 
 static int read_config_file_depth(const char *filename, struct passwd *pw,
     const char *host, const char *original_host, Options *options,
-    int flags, int *activep, int depth);
+    int flags, int *activep, int *want_final_pass, int depth);
 static int process_config_line_depth(Options *options, struct passwd *pw,
     const char *host, const char *original_host, char *line,
-    const char *filename, int linenum, int *activep, int flags, int depth);
+    const char *filename, int linenum, int *activep, int flags,
+    int *want_final_pass, int depth);
 
 /* Keyword tokens. */
 
@@ -162,7 +164,7 @@ typedef enum {
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
         oAddressFamily, oGssAuthentication, oGssDelegateCreds,
         oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
-        oGssServerIdentity, 
+        oGssServerIdentity, oGssKexAlgorithms,
         oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
         oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
         oHashKnownHosts,
@@ -211,6 +213,7 @@ static struct {
         { "gssapiclientidentity", oGssClientIdentity },
         { "gssapiserveridentity", oGssServerIdentity },
         { "gssapirenewalforcesrekey", oGssRenewalRekey },
+        { "gssapikexalgorithms", oGssKexAlgorithms },
 # else
         { "gssapiauthentication", oUnsupported },
         { "gssapikeyexchange", oUnsupported },
@@ -219,10 +222,11 @@ static struct {
         { "gssapiclientidentity", oUnsupported },
         { "gssapiserveridentity", oUnsupported },
         { "gssapirenewalforcesrekey", oUnsupported },
+        { "gssapikexalgorithms", oUnsupported },
 #endif
 #ifdef ENABLE_PKCS11
-        { "smartcarddevice", oPKCS11Provider },
         { "pkcs11provider", oPKCS11Provider },
+        { "smartcarddevice", oPKCS11Provider },
 # else
         { "smartcarddevice", oUnsupported },
         { "pkcs11provider", oUnsupported },
@@ -555,8 +559,8 @@ execute_in_shell(const char *cmd)
  */
 static int
 match_cfg_line(Options *options, char **condition, struct passwd *pw,
-    const char *host_arg, const char *original_host, int post_canon,
-    const char *filename, int linenum)
+    const char *host_arg, const char *original_host, int final_pass,
+    int *want_final_pass, const char *filename, int linenum)
 {
         char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria;
         const char *ruser;
@@ -570,7 +574,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
          */
         port = options->port <= 0 ? default_ssh_port() : options->port;
         ruser = options->user == NULL ? pw->pw_name : options->user;
-        if (post_canon) {
+        if (final_pass) {
                 host = xstrdup(options->hostname);
         } else if (options->hostname != NULL) {
                 /* NB. Please keep in sync with ssh.c:main() */
@@ -602,8 +606,16 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
                         goto out;
                 }
                 attributes++;
-                if (strcasecmp(attrib, "canonical") == 0) {
-                        r = !!post_canon;  /* force bitmask member to boolean */
+                if (strcasecmp(attrib, "canonical") == 0 ||
+                    strcasecmp(attrib, "final") == 0) {
+                        /*
+                         * If the config requests "Match final" then remember
+                         * this so we can perform a second pass later.
+                         */
+                        if (strcasecmp(attrib, "final") == 0 &&
+                            want_final_pass != NULL)
+                                *want_final_pass = 1;
+                        r = !!final_pass;  /* force bitmask member to boolean */
                         if (r == (negate ? 1 : 0))
                                 this_result = result = 0;
                         debug3("%.200s line %d: %smatched '%s'",
@@ -840,14 +852,14 @@ process_config_line(Options *options, struct passwd *pw, const char *host,
     int linenum, int *activep, int flags)
 {
         return process_config_line_depth(options, pw, host, original_host,
-            line, filename, linenum, activep, flags, 0);
+            line, filename, linenum, activep, flags, NULL, 0);
 }
 
 #define WHITESPACE " \t\r\n"
 static int
 process_config_line_depth(Options *options, struct passwd *pw, const char *host,
     const char *original_host, char *line, const char *filename,
-    int linenum, int *activep, int flags, int depth)
+    int linenum, int *activep, int flags, int *want_final_pass, int depth)
 {
         char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
         char **cpptr, fwdarg[256];
@@ -1014,6 +1026,18 @@ parse_time:
                 intptr = &options->gss_renewal_rekey;
                 goto parse_flag;
 
+        case oGssKexAlgorithms:
+                arg = strdelim(&s);
+                if (!arg || *arg == '\0')
+                        fatal("%.200s line %d: Missing argument.",
+                            filename, linenum);
+                if (!kex_gss_names_valid(arg))
+                        fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.",
+                            filename, linenum, arg ? arg : "<NONE>");
+                if (*activep && options->gss_kex_algorithms == NULL)
+                        options->gss_kex_algorithms = xstrdup(arg);
+                break;
+
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
@@ -1375,7 +1399,8 @@ parse_keytypes:
                         fatal("Host directive not supported as a command-line "
                             "option");
                 value = match_cfg_line(options, &s, pw, host, original_host,
-                    flags & SSHCONF_POSTCANON, filename, linenum);
+                    flags & SSHCONF_FINAL, want_final_pass,
+                    filename, linenum);
                 if (value < 0)
                         fatal("%.200s line %d: Bad Match condition", filename,
                             linenum);
@@ -1559,7 +1584,7 @@ parse_keytypes:
                         if (*arg == '~' && (flags & SSHCONF_USERCONF) == 0)
                                 fatal("%.200s line %d: bad include path %s.",
                                     filename, linenum, arg);
-                        if (*arg != '/' && *arg != '~') {
+                        if (!path_absolute(arg) && *arg != '~') {
                                 xasprintf(&arg2, "%s/%s",
                                     (flags & SSHCONF_USERCONF) ?
                                     "~/" _PATH_SSH_USER_DIR : SSHDIR, arg);
@@ -1586,7 +1611,7 @@ parse_keytypes:
                                     pw, host, original_host, options,
                                     flags | SSHCONF_CHECKPERM |
                                     (oactive ? 0 : SSHCONF_NEVERMATCH),
-                                    activep, depth + 1);
+                                    activep, want_final_pass, depth + 1);
                                 if (r != 1 && errno != ENOENT) {
                                         fatal("Can't open user config file "
                                             "%.100s: %.100s", gl.gl_pathv[i],
@@ -1789,19 +1814,20 @@ parse_keytypes:
  */
 int
 read_config_file(const char *filename, struct passwd *pw, const char *host,
-    const char *original_host, Options *options, int flags)
+    const char *original_host, Options *options, int flags,
+    int *want_final_pass)
 {
         int active = 1;
 
         return read_config_file_depth(filename, pw, host, original_host,
-            options, flags, &active, 0);
+            options, flags, &active, want_final_pass, 0);
 }
 
 #define READCONF_MAX_DEPTH      16
 static int
 read_config_file_depth(const char *filename, struct passwd *pw,
     const char *host, const char *original_host, Options *options,
-    int flags, int *activep, int depth)
+    int flags, int *activep, int *want_final_pass, int depth)
 {
         FILE *f;
         char *line = NULL;
@@ -1835,7 +1861,8 @@ read_config_file_depth(const char *filename, struct passwd *pw,
                 /* Update line number counter. */
                 linenum++;
                 if (process_config_line_depth(options, pw, host, original_host,
-                    line, filename, linenum, activep, flags, depth) != 0)
+                    line, filename, linenum, activep, flags, want_final_pass,
+                    depth) != 0)
                         bad_options++;
         }
         free(line);
@@ -1885,6 +1912,7 @@ initialize_options(Options * options)
         options->gss_renewal_rekey = -1;
         options->gss_client_identity = NULL;
         options->gss_server_identity = NULL;
+        options->gss_kex_algorithms = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
@@ -2038,6 +2066,10 @@ fill_default_options(Options * options)
                 options->gss_trust_dns = 0;
         if (options->gss_renewal_rekey == -1)
                 options->gss_renewal_rekey = 0;
+#ifdef GSSAPI
+        if (options->gss_kex_algorithms == NULL)
+                options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX);
+#endif
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
@@ -2163,9 +2195,9 @@ fill_default_options(Options * options)
                     defaults, all)) != 0) \
                         fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
         } while (0)
-        ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
-        ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
-        ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
+        ASSEMBLE(ciphers, KEX_CLIENT_ENCRYPT, all_cipher);
+        ASSEMBLE(macs, KEX_CLIENT_MAC, all_mac);
+        ASSEMBLE(kex_algorithms, KEX_CLIENT_KEX, all_kex);
         ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
         ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
         ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
@@ -2188,6 +2220,7 @@ fill_default_options(Options * options)
         CLEAR_ON_NONE(options->proxy_command);
         CLEAR_ON_NONE(options->control_path);
         CLEAR_ON_NONE(options->revoked_host_keys);
+        CLEAR_ON_NONE(options->pkcs11_provider);
         if (options->jump_host != NULL &&
             strcmp(options->jump_host, "none") == 0 &&
             options->jump_port == 0 && options->jump_user == NULL) {
@@ -2656,7 +2689,14 @@ dump_client_config(Options *o, const char *host)
         dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports);
 #ifdef GSSAPI
         dump_cfg_fmtint(oGssAuthentication, o->gss_authentication);
+        dump_cfg_fmtint(oGssKeyEx, o->gss_keyex);
         dump_cfg_fmtint(oGssDelegateCreds, o->gss_deleg_creds);
+        dump_cfg_fmtint(oGssTrustDns, o->gss_trust_dns);
+        dump_cfg_fmtint(oGssRenewalRekey, o->gss_renewal_rekey);
+        dump_cfg_string(oGssClientIdentity, o->gss_client_identity);
+        dump_cfg_string(oGssServerIdentity, o->gss_server_identity);
+        dump_cfg_string(oGssKexAlgorithms, o->gss_kex_algorithms ?
+            o->gss_kex_algorithms : GSS_KEX_DEFAULT_KEX);
 #endif /* GSSAPI */
         dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts);
         dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication);
diff --git a/readconf.h b/readconf.h
index 8e4900d01..0bff6d80a 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.128 2018/09/20 03:30:44 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.129 2018/11/23 05:08:07 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -46,6 +46,7 @@ typedef struct {
         int     gss_renewal_rekey;      /* Credential renewal forces rekey */
         char    *gss_client_identity;   /* Principal to initiate GSSAPI with */
         char    *gss_server_identity;   /* GSSAPI target principal */
+        char    *gss_kex_algorithms;    /* GSSAPI kex methods to be offered by client. */
         int     password_authentication;        /* Try password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
@@ -190,7 +191,7 @@ typedef struct {
 
 #define SSHCONF_CHECKPERM       1  /* check permissions on config file */
 #define SSHCONF_USERCONF        2  /* user provided config file not system */
-#define SSHCONF_POSTCANON       4  /* After hostname canonicalisation */
+#define SSHCONF_FINAL           4  /* Final pass over config, after canon. */
 #define SSHCONF_NEVERMATCH      8  /* Match/Host never matches; internal only */
 
 #define SSH_UPDATE_HOSTKEYS_NO  0
@@ -208,7 +209,7 @@ void	 fill_default_options_for_canonicalization(Options *);
 int      process_config_line(Options *, struct passwd *, const char *,
     const char *, char *, const char *, int, int *, int);
 int      read_config_file(const char *, struct passwd *, const char *,
-    const char *, Options *, int);
+    const char *, Options *, int, int *);
 int      parse_forward(struct Forward *, const char *, int, int);
 int      parse_jump(const char *, Options *, int);
 int      parse_ssh_uri(const char *, char **, char **, int *);
diff --git a/readpass.c b/readpass.c
index f160f866b..44014ef8a 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readpass.c,v 1.52 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: readpass.c,v 1.53 2019/01/19 04:15:56 tb Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -117,7 +117,7 @@ ssh_askpass(char *askpass, const char *msg)
 char *
 read_passphrase(const char *prompt, int flags)
 {
-        char *askpass = NULL, *ret, buf[1024];
+        char cr = '\r', *askpass = NULL, *ret, buf[1024];
         int rppflags, use_askpass = 0, ttyfd;
 
         rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
@@ -131,9 +131,16 @@ read_passphrase(const char *prompt, int flags)
         } else {
                 rppflags |= RPP_REQUIRE_TTY;
                 ttyfd = open(_PATH_TTY, O_RDWR);
-                if (ttyfd >= 0)
+                if (ttyfd >= 0) {
+                        /*
+                         * If we're on a tty, ensure that show the prompt at
+                         * the beginning of the line. This will hopefully
+                         * clobber any password characters the user has
+                         * optimistically typed before echo is disabled.
+                         */
+                        (void)write(ttyfd, &cr, 1);
                         close(ttyfd);
-                else {
+                } else {
                         debug("read_passphrase: can't open %s: %s", _PATH_TTY,
                             strerror(errno));
                         use_askpass = 1;
diff --git a/regress/Makefile b/regress/Makefile
index 6e462a4f6..6fdfcc8ca 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.97 2018/06/07 04:46:34 djm Exp $
+#       $OpenBSD: Makefile,v 1.100 2019/01/20 23:24:19 djm Exp $
 
 REGRESS_TARGETS=        unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
 tests:          prep $(REGRESS_TARGETS)
@@ -11,7 +11,6 @@ prep:
 
 clean:
         for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done
-        test -z "${SUDO}" || ${SUDO} rm -f ${SUDO_CLEAN}
         rm -rf $(OBJ).putty
 
 distclean:      clean
@@ -92,7 +91,8 @@ LTESTS= 	connect \
 INTEROP_TESTS=  putty-transfer putty-ciphers putty-kex conch-ciphers
 #INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
 
-#LTESTS=        cipher-speed
+EXTRA_TESTS=    agent-pkcs11
+#EXTRA_TESTS+=  cipher-speed
 
 USERNAME=               ${LOGNAME}
 CLEANFILES=     *.core actual agent-key.* authorized_keys_${USERNAME} \
@@ -123,8 +123,6 @@ CLEANFILES=	*.core actual agent-key.* authorized_keys_${USERNAME} \
                 t8.out t8.out.pub t9.out t9.out.pub testdata \
                 user_*key* user_ca* user_key*
 
-SUDO_CLEAN+=    /var/run/testdata_${USERNAME} /var/run/keycommand_${USERNAME}
-
 # Enable all malloc(3) randomisations and checks
 TEST_ENV=      "MALLOC_OPTIONS=CFGJRSUX"
 
@@ -218,6 +216,13 @@ t-exec-interop:	${INTEROP_TESTS:=.sh}
                 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
         done
 
+t-extra:        ${EXTRA_TESTS:=.sh}
+        @if [ "x$?" = "x" ]; then exit 0; fi; \
+        for TEST in ""$?; do \
+                echo "run test $${TEST}" ... 1>&2; \
+                (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
+        done
+
 # Not run by default
 interop: ${INTEROP_TARGETS}
 
diff --git a/regress/agent-pkcs11.sh b/regress/agent-pkcs11.sh
index db3018b88..5205d9067 100644
--- a/regress/agent-pkcs11.sh
+++ b/regress/agent-pkcs11.sh
@@ -1,16 +1,53 @@
-#       $OpenBSD: agent-pkcs11.sh,v 1.3 2017/04/30 23:34:55 djm Exp $
+#       $OpenBSD: agent-pkcs11.sh,v 1.6 2019/01/21 09:13:41 djm Exp $
 #       Placed in the Public Domain.
 
 tid="pkcs11 agent test"
 
-TEST_SSH_PIN=""
-TEST_SSH_PKCS11=/usr/local/lib/soft-pkcs11.so.0.0
+try_token_libs() {
+        for _lib in "$@" ; do
+                if test -f "$_lib" ; then
+                        verbose "Using token library $_lib"
+                        TEST_SSH_PKCS11="$_lib"
+                        return
+                fi
+        done
+        echo "skipped: Unable to find PKCS#11 token library"
+        exit 0
+}
+
+try_token_libs \
+        /usr/local/lib/softhsm/libsofthsm2.so \
+        /usr/lib64/pkcs11/libsofthsm2.so \
+        /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
+
+TEST_SSH_PIN=1234
+TEST_SSH_SOPIN=12345678
+if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then
+        SSH_PKCS11_HELPER="${TEST_SSH_SSHPKCS11HELPER}"
+        export SSH_PKCS11_HELPER
+fi
 
 test -f "$TEST_SSH_PKCS11" || fatal "$TEST_SSH_PKCS11 does not exist"
 
-# setup environment for soft-pkcs11 token
-SOFTPKCS11RC=$OBJ/pkcs11.info
-export SOFTPKCS11RC
+# setup environment for softhsm2 token
+DIR=$OBJ/SOFTHSM
+rm -rf $DIR
+TOKEN=$DIR/tokendir
+mkdir -p $TOKEN
+SOFTHSM2_CONF=$DIR/softhsm2.conf
+export SOFTHSM2_CONF
+cat > $SOFTHSM2_CONF << EOF
+# SoftHSM v2 configuration file
+directories.tokendir = ${TOKEN}
+objectstore.backend = file
+# ERROR, WARNING, INFO, DEBUG
+log.level = DEBUG
+# If CKF_REMOVABLE_DEVICE flag should be set
+slots.removable = false
+EOF
+out=$(softhsm2-util --init-token --free --label token-slot-0 --pin "$TEST_SSH_PIN" --so-pin "$TEST_SSH_SOPIN")
+slot=$(echo -- $out | sed 's/.* //')
+
 # prevent ssh-agent from calling ssh-askpass
 SSH_ASKPASS=/usr/bin/true
 export SSH_ASKPASS
@@ -22,22 +59,27 @@ notty() {
             if (fork) { wait; exit($? >> 8); } else { exec(@ARGV) }' "$@"
 }
 
+trace "generating keys"
+RSA=${DIR}/RSA
+EC=${DIR}/EC
+openssl genpkey -algorithm rsa > $RSA
+openssl pkcs8 -nocrypt -in $RSA |\
+    softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" --import /dev/stdin
+openssl genpkey \
+    -genparam \
+    -algorithm ec \
+    -pkeyopt ec_paramgen_curve:prime256v1 |\
+    openssl genpkey \
+    -paramfile /dev/stdin > $EC
+openssl pkcs8 -nocrypt -in $EC |\
+    softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" --import /dev/stdin
+
 trace "start agent"
 eval `${SSHAGENT} -s` > /dev/null
 r=$?
 if [ $r -ne 0 ]; then
         fail "could not start ssh-agent: exit code $r"
 else
-        trace "generating key/cert"
-        rm -f $OBJ/pkcs11.key $OBJ/pkcs11.crt
-        openssl genrsa -out $OBJ/pkcs11.key 2048 > /dev/null 2>&1
-        chmod 600 $OBJ/pkcs11.key 
-        openssl req -key $OBJ/pkcs11.key -new -x509 \
-            -out $OBJ/pkcs11.crt -text -subj '/CN=pkcs11 test' > /dev/null
-        printf "a\ta\t$OBJ/pkcs11.crt\t$OBJ/pkcs11.key" > $SOFTPKCS11RC
-        # add to authorized keys
-        ${SSHKEYGEN} -y -f $OBJ/pkcs11.key > $OBJ/authorized_keys_$USER
-
         trace "add pkcs11 key to agent"
         echo ${TEST_SSH_PIN} | notty ${SSHADD} -s ${TEST_SSH_PKCS11} > /dev/null 2>&1
         r=$?
@@ -52,12 +94,23 @@ else
                 fail "ssh-add -l failed: exit code $r"
         fi
 
-        trace "pkcs11 connect via agent"
-        ${SSH} -F $OBJ/ssh_proxy somehost exit 5
-        r=$?
-        if [ $r -ne 5 ]; then
-                fail "ssh connect failed (exit code $r)"
-        fi
+        for k in $RSA $EC; do
+                trace "testing $k"
+                chmod 600 $k
+                ssh-keygen -y -f $k > $k.pub
+                pub=$(cat $k.pub)
+                ${SSHADD} -L | grep -q "$pub" || fail "key $k missing in ssh-add -L"
+                ${SSHADD} -T $k.pub || fail "ssh-add -T with $k failed"
+
+                # add to authorized keys
+                cat $k.pub > $OBJ/authorized_keys_$USER
+                trace "pkcs11 connect via agent ($k)"
+                ${SSH} -F $OBJ/ssh_proxy somehost exit 5
+                r=$?
+                if [ $r -ne 5 ]; then
+                        fail "ssh connect failed (exit code $r)"
+                fi
+        done
 
         trace "remove pkcs11 keys"
         echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1
diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh
index 9598c2032..80012f80c 100644
--- a/regress/agent-timeout.sh
+++ b/regress/agent-timeout.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent-timeout.sh,v 1.3 2015/03/03 22:35:19 markus Exp $
+#       $OpenBSD: agent-timeout.sh,v 1.4 2019/01/28 00:08:26 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="agent timeout test"
@@ -12,16 +12,18 @@ if [ $r -ne 0 ]; then
         fail "could not start ssh-agent: exit code $r"
 else
         trace "add keys with timeout"
+        keys=0
         for t in ${SSH_KEYTYPES}; do
                 ${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1
                 if [ $? -ne 0 ]; then
                         fail "ssh-add did succeed exit code 0"
                 fi
+                keys=$((${keys} + 1))
         done
         n=`${SSHADD} -l 2> /dev/null | wc -l`
         trace "agent has $n keys"
-        if [ $n -ne 2 ]; then
-                fail "ssh-add -l did not return 2 keys: $n"
+        if [ $n -ne $keys ]; then
+                fail "ssh-add -l did not return $keys keys: $n"
         fi
         trace "sleeping 2*${SSHAGENT_TIMEOUT} seconds"
         sleep ${SSHAGENT_TIMEOUT}
diff --git a/regress/agent.sh b/regress/agent.sh
index 7111056c9..788b02064 100644
--- a/regress/agent.sh
+++ b/regress/agent.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent.sh,v 1.13 2017/12/19 00:49:30 djm Exp $
+#       $OpenBSD: agent.sh,v 1.14 2019/01/28 00:12:36 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="simple agent test"
@@ -27,6 +27,9 @@ ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key \
 trace "overwrite authorized keys"
 printf '' > $OBJ/authorized_keys_$USER
 
+echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/ssh_proxy
+echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $OBJ/sshd_proxy
+
 for t in ${SSH_KEYTYPES}; do
         # generate user key for agent
         rm -f $OBJ/$t-agent $OBJ/$t-agent.pub*
@@ -96,6 +99,7 @@ fi
 (printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \
         > $OBJ/authorized_keys_$USER
 for t in ${SSH_KEYTYPES}; do
+    if [ "$t" != "ssh-dss" ]; then
         trace "connect via agent using $t key"
         ${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \
                 -oCertificateFile=$OBJ/$t-agent-cert.pub \
@@ -104,6 +108,7 @@ for t in ${SSH_KEYTYPES}; do
         if [ $r -ne 52 ]; then
                 fail "ssh connect with failed (exit code $r)"
         fi
+    fi
 done
 
 trace "delete all agent keys"
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index d2ecd318b..3ce777967 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-hostkey.sh,v 1.16 2018/07/03 11:43:49 djm Exp $
+#       $OpenBSD: cert-hostkey.sh,v 1.17 2018/10/31 11:09:27 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="certified host keys"
@@ -127,7 +127,7 @@ attempt_connect() {
 }
 
 # Basic connect and revocation tests.
-for privsep in yes no ; do
+for privsep in yes sandbox ; do
         for ktype in $PLAIN_TYPES ; do
                 verbose "$tid: host ${ktype} cert connect privsep $privsep"
                 (
@@ -165,7 +165,7 @@ for ktype in $PLAIN_TYPES ; do
         kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
 done
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for privsep in yes no ; do
+for privsep in yes sandbox ; do
         for ktype in $PLAIN_TYPES ; do
                 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
                 (
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 30c2c156d..6849e9922 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-userkey.sh,v 1.19 2018/03/12 00:54:04 djm Exp $
+#       $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="certified user keys"
@@ -47,7 +47,7 @@ done
 # Test explicitly-specified principals
 for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
         t=$(kname $ktype)
-        for privsep in yes no ; do
+        for privsep in yes sandbox ; do
                 _prefix="${ktype} privsep $privsep"
 
                 # Setup for AuthorizedPrincipalsFile
diff --git a/regress/keys-command.sh b/regress/keys-command.sh
index 4029e2c78..d166fc589 100644
--- a/regress/keys-command.sh
+++ b/regress/keys-command.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: keys-command.sh,v 1.4 2016/09/26 21:34:38 bluhm Exp $
+#       $OpenBSD: keys-command.sh,v 1.5 2018/11/22 08:48:32 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="authorized keys from command"
@@ -19,7 +19,8 @@ expected_key_fp=`$SSHKEYGEN -lf $OBJ/rsa.pub | awk '{ print $2 }'`
 
 # Establish a AuthorizedKeysCommand in /var/run where it will have
 # acceptable directory permissions.
-KEY_COMMAND="/var/run/keycommand_${LOGNAME}"
+KEY_COMMAND="/var/run/keycommand_${LOGNAME}.$$"
+trap "${SUDO} rm -f ${KEY_COMMAND}" 0
 cat << _EOF | $SUDO sh -c "rm -f '$KEY_COMMAND' ; cat > '$KEY_COMMAND'"
 #!/bin/sh
 echo args: "\$@" >> $OBJ/keys-command-args
@@ -78,5 +79,3 @@ if [ -x $KEY_COMMAND ]; then
 else
         echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)"
 fi
-
-$SUDO rm -f $KEY_COMMAND
diff --git a/regress/keyscan.sh b/regress/keyscan.sh
index 3bde1219a..8940d24b6 100644
--- a/regress/keyscan.sh
+++ b/regress/keyscan.sh
@@ -1,14 +1,20 @@
-#       $OpenBSD: keyscan.sh,v 1.6 2017/04/30 23:34:55 djm Exp $
+#       $OpenBSD: keyscan.sh,v 1.9 2019/01/28 03:50:39 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="keyscan"
 
-# remove DSA hostkey
-rm -f ${OBJ}/host.dsa
+KEYTYPES=`${SSH} -Q key-plain`
+for i in $KEYTYPES; do
+        if [ -z "$algs" ]; then
+                algs="$i"
+        else
+                algs="$algs,$i"
+        fi
+done
+echo "HostKeyAlgorithms $algs" >> $OBJ/sshd_config
 
 start_sshd
 
-KEYTYPES=`${SSH} -Q key-plain`
 for t in $KEYTYPES; do
         trace "keyscan type $t"
         ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \
diff --git a/regress/misc/kexfuzz/Makefile b/regress/misc/kexfuzz/Makefile
index a7bb6b70d..20802cb87 100644
--- a/regress/misc/kexfuzz/Makefile
+++ b/regress/misc/kexfuzz/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.3 2017/12/21 05:46:35 djm Exp $
+#       $OpenBSD: Makefile,v 1.4 2019/01/21 12:50:12 djm Exp $
 
 .include <bsd.own.mk>
 .include <bsd.obj.mk>
@@ -18,12 +18,21 @@ SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c
 SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c
 SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c
 SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c
-SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c
-SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c
-SRCS+=dh.c compat.c
-SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
+SRCS+=compat.c ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
 SRCS+=cipher-chachapoly.c chacha.c poly1305.c
-SRCS+=smult_curve25519_ref.c
+
+SRCS+=  kex.c
+SRCS+=  dh.c
+SRCS+=  kexdh.c
+SRCS+=  kexecdh.c
+SRCS+=  kexgex.c
+SRCS+=  kexgexc.c
+SRCS+=  kexgexs.c
+SRCS+=  kexc25519.c
+SRCS+=  smult_curve25519_ref.c
+SRCS+=  kexgen.c
+SRCS+=  kexsntrup4591761x25519.c
+SRCS+=  sntrup4591761.c
 
 SRCS+=digest-openssl.c
 #SRCS+=digest-libc.c
diff --git a/regress/misc/kexfuzz/kexfuzz.c b/regress/misc/kexfuzz/kexfuzz.c
index 3e2c48160..7051e87b1 100644
--- a/regress/misc/kexfuzz/kexfuzz.c
+++ b/regress/misc/kexfuzz/kexfuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: kexfuzz.c,v 1.4 2017/04/30 23:34:55 djm Exp $ */
+/*      $OpenBSD: kexfuzz.c,v 1.5 2019/01/21 12:50:12 djm Exp $ */
 /*
  * Fuzz harness for KEX code
  *
@@ -29,8 +29,6 @@
 #include "authfile.h"
 #include "log.h"
 
-struct ssh *active_state = NULL; /* XXX - needed for linking */
-
 void kex_tests(void);
 static int do_debug = 0;
 
@@ -275,18 +273,18 @@ do_kex_with_key(const char *kex, struct sshkey *prvkey, int *c2s, int *s2c,
         ASSERT_PTR_NE(server2->kex, NULL);
         /* XXX we need to set the callbacks */
 #ifdef WITH_OPENSSL
-        server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
+        server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
         server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 # ifdef OPENSSL_HAS_ECC
-        server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+        server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
 #endif
-        server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+        server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
         server2->kex->load_host_public_key = server->kex->load_host_public_key;
         server2->kex->load_host_private_key = server->kex->load_host_private_key;
         server2->kex->sign = server->kex->sign;
diff --git a/regress/multiplex.sh b/regress/multiplex.sh
index a6fad8eb8..de357c4d5 100644
--- a/regress/multiplex.sh
+++ b/regress/multiplex.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: multiplex.sh,v 1.28 2017/04/30 23:34:55 djm Exp $
+#       $OpenBSD: multiplex.sh,v 1.29 2019/01/01 22:20:16 djm Exp $
 #       Placed in the Public Domain.
 
 make_tmpdir
@@ -142,7 +142,8 @@ ${SSH} -F $OBJ/ssh_config -p$P otherhost true \
 verbose "test $tid: cmd forward local (UNIX)"
 ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \
      || fail "request local forward failed"
-echo "" | $NC -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \
+echo "" | $NC -U $OBJ/unix-1.fwd | \
+    grep "Invalid SSH identification string" >/dev/null 2>&1 \
      || fail "connect to local forward path failed"
 ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \
      || fail "cancel local forward failed"
@@ -153,7 +154,8 @@ rm -f $OBJ/unix-1.fwd
 verbose "test $tid: cmd forward remote (UNIX)"
 ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \
      || fail "request remote forward failed"
-echo "" | $NC -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \
+echo "" | $NC -U $OBJ/unix-1.fwd | \
+    grep "Invalid SSH identification string" >/dev/null 2>&1 \
      || fail "connect to remote forwarded path failed"
 ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \
      || fail "cancel remote forward failed"
diff --git a/regress/multipubkey.sh b/regress/multipubkey.sh
index e9d15306f..4d443ec45 100644
--- a/regress/multipubkey.sh
+++ b/regress/multipubkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: multipubkey.sh,v 1.1 2014/12/22 08:06:03 djm Exp $
+#       $OpenBSD: multipubkey.sh,v 1.2 2018/10/31 11:09:27 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="multiple pubkey"
@@ -31,7 +31,7 @@ grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
 opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
 opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2"
 
-for privsep in no yes; do
+for privsep in yes sandbox ; do
         (
                 grep -v "Protocol"  $OBJ/sshd_proxy.orig
                 echo "Protocol 2"
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index bcc68e80b..197c00021 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: principals-command.sh,v 1.4 2017/04/30 23:34:55 djm Exp $
+#       $OpenBSD: principals-command.sh,v 1.6 2018/11/22 08:48:32 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="authorized principals command"
@@ -30,7 +30,8 @@ CA_FP=`${SSHKEYGEN} -lf $OBJ/user_ca_key.pub | awk '{ print $2 }'`
 
 # Establish a AuthorizedPrincipalsCommand in /var/run where it will have
 # acceptable directory permissions.
-PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}"
+PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}.$$"
+trap "$SUDO rm -f ${PRINCIPALS_COMMAND}" 0
 cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'"
 #!/bin/sh
 test "x\$1" != "x${LOGNAME}" && exit 1
@@ -57,7 +58,7 @@ fi
 
 if [ -x $PRINCIPALS_COMMAND ]; then
         # Test explicitly-specified principals
-        for privsep in yes no ; do
+        for privsep in yes sandbox ; do
                 _prefix="privsep $privsep"
 
                 # Setup for AuthorizedPrincipalsCommand
diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh
index ba5bd1efb..5acc4d2de 100644
--- a/regress/sftp-chroot.sh
+++ b/regress/sftp-chroot.sh
@@ -1,11 +1,12 @@
-#       $OpenBSD: sftp-chroot.sh,v 1.6 2018/02/09 03:42:57 dtucker Exp $
+#       $OpenBSD: sftp-chroot.sh,v 1.7 2018/11/22 08:48:32 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="sftp in chroot"
 
 CHROOT=/var/run
-FILENAME=testdata_${USER}
+FILENAME=testdata_${USER}.$$
 PRIVDATA=${CHROOT}/${FILENAME}
+trap "${SUDO} rm -f ${PRIVDATA}" 0
 
 if [ -z "$SUDO" -a ! -w /var/run ]; then
         echo "need SUDO to create file in /var/run, test won't work without"
@@ -28,5 +29,3 @@ ${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \
     >>$TEST_REGRESS_LOGFILE 2>&1 || \
         fatal "Fetch ${FILENAME} failed"
 cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ"
-
-$SUDO rm $PRIVDATA
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh
index aad7fcac2..1289c4089 100644
--- a/regress/sftp-cmds.sh
+++ b/regress/sftp-cmds.sh
@@ -77,7 +77,6 @@ echo "get \"$DATA\" $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
         || fail "get failed"
 cmp $DATA ${COPY} || fail "corrupted copy after get"
 
-if [ "$os" != "cygwin" ]; then
 rm -f ${QUOTECOPY}
 cp $DATA ${QUOTECOPY}
 verbose "$tid: get filename with quotes"
@@ -85,7 +84,6 @@ echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1
         || fail "get failed"
 cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes"
 rm -f ${QUOTECOPY} ${COPY}
-fi
 
 rm -f "$SPACECOPY" ${COPY}
 cp $DATA "$SPACECOPY"
@@ -136,13 +134,11 @@ echo "put $DATA $COPY" | \
         ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
 cmp $DATA ${COPY} || fail "corrupted copy after put"
 
-if [ "$os" != "cygwin" ]; then
 rm -f ${QUOTECOPY}
 verbose "$tid: put filename with quotes"
 echo "put $DATA \"$QUOTECOPY_ARG\"" | \
         ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
 cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes"
-fi
 
 rm -f "$SPACECOPY"
 verbose "$tid: put filename with spaces"
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 1bbd47f25..08338121b 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: test-exec.sh,v 1.64 2018/08/10 01:35:49 dtucker Exp $
+#       $OpenBSD: test-exec.sh,v 1.65 2019/01/27 06:30:53 dtucker Exp $
 #       Placed in the Public Domain.
 
 #SUDO=sudo
@@ -12,10 +12,6 @@ OSF1*)
         BIN_SH=xpg4
         export BIN_SH
         ;;
-CYGWIN_NT-5.0)
-        os=cygwin
-        TEST_SSH_IPV6=no
-        ;;
 CYGWIN*)
         os=cygwin
         ;;
@@ -469,11 +465,11 @@ fi
 
 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 
-SSH_KEYTYPES="rsa ed25519"
+SSH_KEYTYPES=`$SSH -Q key-plain`
 
-trace "generate keys"
 for t in ${SSH_KEYTYPES}; do
         # generate user key
+        trace "generating key type $t"
         if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
                 rm -f $OBJ/$t
                 ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
diff --git a/regress/unittests/Makefile.inc b/regress/unittests/Makefile.inc
index b509f4452..428ef6836 100644
--- a/regress/unittests/Makefile.inc
+++ b/regress/unittests/Makefile.inc
@@ -1,8 +1,25 @@
-#       $OpenBSD: Makefile.inc,v 1.12 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile.inc,v 1.13 2018/10/17 23:28:05 djm Exp $
+
+REGRESS_FAIL_EARLY?=    yes
 
 .include <bsd.own.mk>
 .include <bsd.obj.mk>
 
+# User-settable options
+UNITTEST_FAST?= no      # Skip slow tests (e.g. less intensive fuzzing).
+UNITTEST_SLOW?= no      # Include slower tests (e.g. more intensive fuzzing).
+UNITTEST_VERBOSE?= no   # Verbose test output (inc. per-test names).
+
+MALLOC_OPTIONS?=        CFGJRSUX
+TEST_ENV?=              MALLOC_OPTIONS=${MALLOC_OPTIONS}
+
+# XXX detect from ssh binary?
+OPENSSL?=       yes
+
+.if (${OPENSSL:L} == "yes")
+CFLAGS+=        -DWITH_OPENSSL
+.endif
+
 # enable warnings
 WARNINGS=Yes
 
@@ -49,5 +66,21 @@ DPADD+=${.CURDIR}/../test_helper/libtest_helper.a
 
 .PATH: ${.CURDIR}/${SSHREL}
 
+LDADD+= -lutil
+DPADD+= ${LIBUTIL}
+
+.if (${OPENSSL:L} == "yes")
 LDADD+= -lcrypto
 DPADD+= ${LIBCRYPTO}
+.endif
+
+UNITTEST_ARGS?=
+
+.if (${UNITTEST_VERBOSE:L} != "no")
+UNITTEST_ARGS+= -v
+.endif
+.if (${UNITTEST_FAST:L} != "no")
+UNITTEST_ARGS+= -f
+.elif (${UNITTEST_SLOW:L} != "no")
+UNITTEST_ARGS+= -F
+.endif
diff --git a/regress/unittests/kex/Makefile b/regress/unittests/kex/Makefile
index 5c61307a3..7b4c644e5 100644
--- a/regress/unittests/kex/Makefile
+++ b/regress/unittests/kex/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.6 2019/01/21 12:35:20 djm Exp $
 
 PROG=test_kex
 SRCS=tests.c test_kex.c
@@ -9,12 +9,21 @@ SRCS+=atomicio.c sshkey.c authfile.c cipher.c log.c ssh-rsa.c ssh-dss.c
 SRCS+=ssh-ecdsa.c ssh-ed25519.c mac.c umac.c umac128.c hmac.c misc.c
 SRCS+=ssherr.c uidswap.c cleanup.c xmalloc.c match.c krl.c fatal.c
 SRCS+=addrmatch.c bitmap.c packet.c dispatch.c canohost.c ssh_api.c
-SRCS+=kex.c kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c
-SRCS+=kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c
-SRCS+=dh.c compat.c
-SRCS+=ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
+SRCS+=compat.c ed25519.c hash.c ge25519.c fe25519.c sc25519.c verify.c
 SRCS+=cipher-chachapoly.c chacha.c poly1305.c
-SRCS+=smult_curve25519_ref.c
+
+SRCS+=  kex.c
+SRCS+=  dh.c
+SRCS+=  kexdh.c
+SRCS+=  kexecdh.c
+SRCS+=  kexgex.c
+SRCS+=  kexgexc.c
+SRCS+=  kexgexs.c
+SRCS+=  kexc25519.c
+SRCS+=  smult_curve25519_ref.c
+SRCS+=  kexgen.c
+SRCS+=  kexsntrup4591761x25519.c
+SRCS+=  sntrup4591761.c
 
 SRCS+=digest-openssl.c
 #SRCS+=digest-libc.c
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c
index 6e5999bb9..a860efc02 100644
--- a/regress/unittests/kex/test_kex.c
+++ b/regress/unittests/kex/test_kex.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_kex.c,v 1.2 2015/07/10 06:23:25 markus Exp $ */
+/*      $OpenBSD: test_kex.c,v 1.4 2019/01/21 12:35:20 djm Exp $ */
 /*
  * Regress test KEX
  *
@@ -24,8 +24,6 @@
 #include "packet.h"
 #include "myproposal.h"
 
-struct ssh *active_state = NULL; /* XXX - needed for linking */
-
 void kex_tests(void);
 static int do_debug = 0;
 
@@ -139,20 +137,19 @@ do_kex_with_key(char *kex, int keytype, int bits)
         ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0);
         ASSERT_PTR_NE(server2, NULL);
         ASSERT_INT_EQ(ssh_add_hostkey(server2, private), 0);
-        kex_free(server2->kex); /* XXX or should ssh_packet_set_state()? */
         ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0);
         ASSERT_INT_EQ(sshbuf_len(state), 0);
         sshbuf_free(state);
         ASSERT_PTR_NE(server2->kex, NULL);
         /* XXX we need to set the callbacks */
-        server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-        server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
+        server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+        server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
         server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 #ifdef OPENSSL_HAS_ECC
-        server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+        server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 #endif
-        server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+        server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
         server2->kex->load_host_public_key = server->kex->load_host_public_key;
         server2->kex->load_host_private_key = server->kex->load_host_private_key;
         server2->kex->sign = server->kex->sign;
diff --git a/regress/unittests/sshbuf/Makefile b/regress/unittests/sshbuf/Makefile
index 81d4f27a6..0e8e9fd10 100644
--- a/regress/unittests/sshbuf/Makefile
+++ b/regress/unittests/sshbuf/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.6 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.7 2018/10/17 23:28:05 djm Exp $
 
 .include <bsd.regress.mk>
 
@@ -17,6 +17,5 @@ SRCS+=sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c
 SRCS+=atomicio.c
 
 run-regress-${PROG}: ${PROG}
-        env ${TEST_ENV} ./${PROG}
- 
+        env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS}
 
diff --git a/regress/unittests/sshbuf/test_sshbuf_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
index c52376b53..e236c82f9 100644
--- a/regress/unittests/sshbuf/test_sshbuf_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_fuzz.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_fuzz.c,v 1.2 2018/10/17 23:28:05 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -30,10 +30,15 @@ sshbuf_fuzz_tests(void)
 {
         struct sshbuf *p1;
         u_char *dp;
-        size_t sz, sz2, i;
+        size_t sz, sz2, i, ntests = NUM_FUZZ_TESTS;
         u_int32_t r;
         int ret;
 
+        if (test_is_fast())
+                ntests >>= 2;
+        if (test_is_slow())
+                ntests <<= 2;
+
         /* NB. uses sshbuf internals */
         TEST_START("fuzz alloc/dealloc");
         p1 = sshbuf_new();
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
index a68e1329e..5d39e63e1 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_crypto.c,v 1.2 2019/01/21 12:29:35 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -33,7 +33,6 @@ sshbuf_getput_crypto_tests(void)
 {
         struct sshbuf *p1;
         BIGNUM *bn, *bn2;
-        /* This one has num_bits != num_bytes * 8 to test bignum1 encoding */
         const char *hexbn1 = "0102030405060708090a0b0c0d0e0f10";
         /* This one has MSB set to test bignum2 encoding negative-avoidance */
         const char *hexbn2 = "f0e0d0c0b0a0908070605040302010007fff11";
@@ -77,54 +76,6 @@ sshbuf_getput_crypto_tests(void)
                 ASSERT_INT_GT(BN_hex2bn(&bnn, b), 0); \
         } while (0)
 
-        TEST_START("sshbuf_put_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn1, sizeof(expbn1));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 limited");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_bignum1(p1, bn), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 2);
-        ASSERT_U16_EQ(PEEK_U16(sshbuf_ptr(p1)), (u_int16_t)BN_num_bits(bn));
-        ASSERT_MEM_EQ(sshbuf_ptr(p1) + 2, expbn2, sizeof(expbn2));
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_put_bignum1 bn2 limited");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_set_max_size(p1, sizeof(expbn1) + 1), 0);
-        r = sshbuf_put_bignum1(p1, bn);
-        ASSERT_INT_EQ(r, SSH_ERR_NO_BUFFER_SPACE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 0);
-        BN_free(bn);
-        sshbuf_free(p1);
-        TEST_DONE();
-
         TEST_START("sshbuf_put_bignum2");
         MKBN(hexbn1, bn);
         p1 = sshbuf_new();
@@ -174,88 +125,6 @@ sshbuf_getput_crypto_tests(void)
         sshbuf_free(p1);
         TEST_DONE();
 
-        TEST_START("sshbuf_get_bignum1");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 truncated");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn1) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 giant");
-        MKBN(hexbn1, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xffff), 0);
-        ASSERT_INT_EQ(sshbuf_reserve(p1, (0xffff + 7) / 8, NULL), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + ((0xffff + 7) / 8));
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 bn2");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2));
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum1(p1, bn2), 0);
-        ASSERT_BIGNUM_EQ(bn, bn2);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
-        TEST_START("sshbuf_get_bignum1 bn2 truncated");
-        MKBN(hexbn2, bn);
-        p1 = sshbuf_new();
-        ASSERT_PTR_NE(p1, NULL);
-        ASSERT_INT_EQ(sshbuf_put_u16(p1, BN_num_bits(bn)), 0);
-        ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum1(p1, bn2);
-        ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
-        ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2 + sizeof(expbn2) - 1);
-        BN_free(bn);
-        BN_free(bn2);
-        sshbuf_free(p1);
-        TEST_DONE();
-
         TEST_START("sshbuf_get_bignum2");
         MKBN(hexbn1, bn);
         p1 = sshbuf_new();
@@ -264,8 +133,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1)), 0);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + sizeof(expbn1));
         ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        bn2 = NULL;
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
         ASSERT_BIGNUM_EQ(bn, bn2);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
         BN_free(bn);
@@ -279,8 +148,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn1, sizeof(expbn1) - 1), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn1) + 3);
         BN_free(bn);
@@ -294,8 +163,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, 65536), 0);
         ASSERT_INT_EQ(sshbuf_reserve(p1, 65536, NULL), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_TOO_LARGE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 65536 + 4);
         BN_free(bn);
@@ -312,8 +181,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 4 + 1 + sizeof(expbn2));
         ASSERT_INT_EQ(sshbuf_put_u16(p1, 0xd00f), 0);
-        bn2 = BN_new();
-        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, bn2), 0);
+        bn2 = NULL;
+        ASSERT_INT_EQ(sshbuf_get_bignum2(p1, &bn2), 0);
         ASSERT_BIGNUM_EQ(bn, bn2);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), 2);
         BN_free(bn);
@@ -328,8 +197,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn) + 1), 0);
         ASSERT_INT_EQ(sshbuf_put_u8(p1, 0x00), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2) - 1), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_MESSAGE_INCOMPLETE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 1 + 4 - 1);
         BN_free(bn);
@@ -343,8 +212,8 @@ sshbuf_getput_crypto_tests(void)
         ASSERT_PTR_NE(p1, NULL);
         ASSERT_INT_EQ(sshbuf_put_u32(p1, BN_num_bytes(bn)), 0);
         ASSERT_INT_EQ(sshbuf_put(p1, expbn2, sizeof(expbn2)), 0);
-        bn2 = BN_new();
-        r = sshbuf_get_bignum2(p1, bn2);
+        bn2 = NULL;
+        r = sshbuf_get_bignum2(p1, &bn2);
         ASSERT_INT_EQ(r, SSH_ERR_BIGNUM_IS_NEGATIVE);
         ASSERT_SIZE_T_EQ(sshbuf_len(p1), sizeof(expbn2) + 4);
         BN_free(bn);
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
index c6b5c29d1..ca06bfb00 100644
--- a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
+++ b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.2 2014/05/02 02:54:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_getput_fuzz.c,v 1.4 2019/01/21 12:29:35 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -54,11 +54,8 @@ attempt_parse_blob(u_char *blob, size_t len)
                 bzero(s, l);
                 free(s);
         }
-        bn = BN_new();
-        sshbuf_get_bignum1(p1, bn);
-        BN_clear_free(bn);
-        bn = BN_new();
-        sshbuf_get_bignum2(p1, bn);
+        bn = NULL;
+        sshbuf_get_bignum2(p1, &bn);
         BN_clear_free(bn);
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
         eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -92,10 +89,6 @@ sshbuf_getput_fuzz_tests(void)
                 /* string */
                 0x00, 0x00, 0x00, 0x09,
                 'O', ' ', 'G', 'o', 'r', 'g', 'o', 'n', '!',
-                /* bignum1 */
-                0x79,
-                0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
-                0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
                 /* bignum2 */
                 0x00, 0x00, 0x00, 0x14,
                 0x00,
@@ -115,11 +108,15 @@ sshbuf_getput_fuzz_tests(void)
                 0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4,
         };
         struct fuzz *fuzz;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP |
+            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
+
+        if (test_is_fast())
+                fuzzers &= ~(FUZZ_2_BYTE_FLIP|FUZZ_2_BIT_FLIP);
 
         TEST_START("fuzz blob parsing");
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_2_BIT_FLIP |
-            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, blob, sizeof(blob));
+        fuzz = fuzz_begin(fuzzers, blob, sizeof(blob));
         TEST_ONERROR(onerror, fuzz);
         for(; !fuzz_done(fuzz); fuzz_next(fuzz))
                 attempt_parse_blob(blob, sizeof(blob));
diff --git a/regress/unittests/sshkey/Makefile b/regress/unittests/sshkey/Makefile
index 1c940bec6..aa731df1c 100644
--- a/regress/unittests/sshkey/Makefile
+++ b/regress/unittests/sshkey/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.5 2017/12/21 00:41:22 djm Exp $
+#       $OpenBSD: Makefile,v 1.6 2018/10/17 23:28:05 djm Exp $
 
 PROG=test_sshkey
 SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c
@@ -18,7 +18,7 @@ SRCS+=digest-openssl.c
 REGRESS_TARGETS=run-regress-${PROG}
 
 run-regress-${PROG}: ${PROG}
-        env ${TEST_ENV} ./${PROG} -d ${.CURDIR}/testdata
+        env ${TEST_ENV} ./${PROG} ${UNITTEST_ARGS} -d ${.CURDIR}/testdata
 
 .include <bsd.regress.mk>
 
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index d3b0c92b4..5953de595 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_fuzz.c,v 1.8 2017/12/21 00:41:22 djm Exp $ */
+/*      $OpenBSD: test_fuzz.c,v 1.9 2018/10/17 23:28:05 djm Exp $ */
 /*
  * Fuzz tests for key parsing
  *
@@ -51,14 +51,16 @@ public_fuzz(struct sshkey *k)
         struct sshkey *k1;
         struct sshbuf *buf;
         struct fuzz *fuzz;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
 
+        if (test_is_fast())
+                fuzzers &= ~FUZZ_1_BIT_FLIP;
+        if (test_is_slow())
+                fuzzers |= FUZZ_2_BIT_FLIP | FUZZ_2_BYTE_FLIP;
         ASSERT_PTR_NE(buf = sshbuf_new(), NULL);
         ASSERT_INT_EQ(sshkey_putb(k, buf), 0);
-        /* XXX need a way to run the tests in "slow, but complete" mode */
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* XXX too slow FUZZ_2_BIT_FLIP | */
-            FUZZ_1_BYTE_FLIP | /* XXX too slow FUZZ_2_BYTE_FLIP | */
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
-            sshbuf_mutable_ptr(buf), sshbuf_len(buf));
+        fuzz = fuzz_begin(fuzzers, sshbuf_mutable_ptr(buf), sshbuf_len(buf));
         ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(buf), sshbuf_len(buf),
             &k1), 0);
         sshkey_free(k1);
@@ -77,12 +79,17 @@ sig_fuzz(struct sshkey *k, const char *sig_alg)
         struct fuzz *fuzz;
         u_char *sig, c[] = "some junk to be signed";
         size_t l;
+        u_int fuzzers = FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
+            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END;
+
+        if (test_is_fast())
+                fuzzers &= ~FUZZ_2_BYTE_FLIP;
+        if (test_is_slow())
+                fuzzers |= FUZZ_2_BIT_FLIP;
 
         ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0);
         ASSERT_SIZE_T_GT(l, 0);
-        fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */
-            FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
-            FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sig, l);
+        fuzz = fuzz_begin(fuzzers, sig, l);
         ASSERT_INT_EQ(sshkey_verify(k, sig, l, c, sizeof(c), NULL, 0), 0);
         free(sig);
         TEST_ONERROR(onerror, fuzz);
@@ -96,13 +103,15 @@ sig_fuzz(struct sshkey *k, const char *sig_alg)
         fuzz_cleanup(fuzz);
 }
 
+#define NUM_FAST_BASE64_TESTS   1024
+
 void
 sshkey_fuzz_tests(void)
 {
         struct sshkey *k1;
         struct sshbuf *buf, *fuzzed;
         struct fuzz *fuzz;
-        int r;
+        int r, i;
 
 
         TEST_START("fuzz RSA private");
@@ -114,12 +123,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -134,12 +145,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -154,12 +167,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -174,12 +189,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -195,12 +212,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -215,12 +234,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
@@ -236,12 +257,14 @@ sshkey_fuzz_tests(void)
         sshbuf_free(buf);
         ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
         TEST_ONERROR(onerror, fuzz);
-        for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
+        for(i = 0; !fuzz_done(fuzz); i++, fuzz_next(fuzz)) {
                 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
                 ASSERT_INT_EQ(r, 0);
                 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
                         sshkey_free(k1);
                 sshbuf_reset(fuzzed);
+                if (test_is_fast() && i >= NUM_FAST_BASE64_TESTS)
+                        break;
         }
         sshbuf_free(fuzzed);
         fuzz_cleanup(fuzz);
diff --git a/regress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c
index 13f265cdb..78aa9223d 100644
--- a/regress/unittests/sshkey/tests.c
+++ b/regress/unittests/sshkey/tests.c
@@ -7,8 +7,6 @@
 
 #include "includes.h"
 
-#include <openssl/evp.h>
-
 #include "../test_helper/test_helper.h"
 
 void sshkey_tests(void);
@@ -18,9 +16,6 @@ void sshkey_fuzz_tests(void);
 void
 tests(void)
 {
-        OpenSSL_add_all_algorithms();
-        ERR_load_CRYPTO_strings();
-
         sshkey_tests();
         sshkey_file_tests();
         sshkey_fuzz_tests();
diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c
index 4cc70852c..e7a47b265 100644
--- a/regress/unittests/test_helper/test_helper.c
+++ b/regress/unittests/test_helper/test_helper.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_helper.c,v 1.8 2018/02/08 08:46:20 djm Exp $     */
+/*      $OpenBSD: test_helper.c,v 1.11 2018/11/23 02:53:57 dtucker Exp $        */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -35,11 +35,13 @@
 #include <signal.h>
 
 #include <openssl/bn.h>
+#include <openssl/err.h>
 
 #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
 # include <vis.h>
 #endif
 
+#include "entropy.h"
 #include "test_helper.h"
 #include "atomicio.h"
 
@@ -115,12 +117,17 @@ static test_onerror_func_t *test_onerror = NULL;
 static void *onerror_ctx = NULL;
 static const char *data_dir = NULL;
 static char subtest_info[512];
+static int fast = 0;
+static int slow = 0;
 
 int
 main(int argc, char **argv)
 {
         int ch;
 
+        seed_rng();
+        ERR_load_CRYPTO_strings();
+
         /* Handle systems without __progname */
         if (__progname == NULL) {
                 __progname = strrchr(argv[0], '/');
@@ -134,8 +141,14 @@ main(int argc, char **argv)
                 }
         }
 
-        while ((ch = getopt(argc, argv, "vqd:")) != -1) {
+        while ((ch = getopt(argc, argv, "Ffvqd:")) != -1) {
                 switch (ch) {
+                case 'F':
+                        slow = 1;
+                        break;
+                case 'f':
+                        fast = 1;
+                        break;
                 case 'd':
                         data_dir = optarg;
                         break;
@@ -167,17 +180,29 @@ main(int argc, char **argv)
 }
 
 int
-test_is_verbose()
+test_is_verbose(void)
 {
         return verbose_mode;
 }
 
 int
-test_is_quiet()
+test_is_quiet(void)
 {
         return quiet_mode;
 }
 
+int
+test_is_fast(void)
+{
+        return fast;
+}
+
+int
+test_is_slow(void)
+{
+        return slow;
+}
+
 const char *
 test_data_file(const char *name)
 {
diff --git a/regress/unittests/test_helper/test_helper.h b/regress/unittests/test_helper/test_helper.h
index 6da0066e9..1f893c8dd 100644
--- a/regress/unittests/test_helper/test_helper.h
+++ b/regress/unittests/test_helper/test_helper.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_helper.h,v 1.8 2018/02/08 08:46:20 djm Exp $     */
+/*      $OpenBSD: test_helper.h,v 1.9 2018/10/17 23:28:05 djm Exp $     */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -45,6 +45,8 @@ void set_onerror_func(test_onerror_func_t *f, void *ctx);
 void test_done(void);
 int test_is_verbose(void);
 int test_is_quiet(void);
+int test_is_fast(void);
+int test_is_slow(void);
 void test_subtest_info(const char *fmt, ...)
     __attribute__((format(printf, 1, 2)));
 void ssl_err_check(const char *file, int line);
diff --git a/scp.0 b/scp.0
index 03157e8b7..045f1183d 100644
--- a/scp.0
+++ b/scp.0
@@ -4,8 +4,9 @@ NAME
      scp M-bM-^@M-^S secure copy (remote file copy program)
 
 SYNOPSIS
-     scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
-         [-l limit] [-o ssh_option] [-P port] [-S program] source ... target
+     scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
+         [-J destination] [-l limit] [-o ssh_option] [-P port] [-S program]
+         source ... target
 
 DESCRIPTION
      scp copies files between hosts on a network.  It uses ssh(1) for data
@@ -52,6 +53,14 @@ DESCRIPTION
              key authentication is read.  This option is directly passed to
              ssh(1).
 
+     -J destination
+             Connect to the target host by first making an scp connection to
+             the jump host described by destination and then establishing a
+             TCP forwarding to the ultimate destination from there.  Multiple
+             jump hops may be specified separated by comma characters.  This
+             is a shortcut to specify a ProxyJump configuration directive.
+             This option is directly passed to ssh(1).
+
      -l limit
              Limits the used bandwidth, specified in Kbit/s.
 
@@ -141,6 +150,16 @@ DESCRIPTION
              Name of program to use for the encrypted connection.  The program
              must understand ssh(1) options.
 
+     -T      Disable strict filename checking.  By default when copying files
+             from a remote host to a local directory scp checks that the
+             received filenames match those requested on the command-line to
+             prevent the remote end from sending unexpected or unwanted files.
+             Because of differences in how various operating systems and
+             shells interpret filename wildcards, these checks may cause
+             wanted files to be rejected.  This option disables these checks
+             at the expense of fully trusting that the server will not send
+             unexpected filenames.
+
      -v      Verbose mode.  Causes scp and ssh(1) to print debugging messages
              about their progress.  This is helpful in debugging connection,
              authentication, and configuration problems.
@@ -160,4 +179,4 @@ AUTHORS
      Timo Rinne <tri@iki.fi>
      Tatu Ylonen <ylo@cs.hut.fi>
 
-OpenBSD 6.4                   September 20, 2018                   OpenBSD 6.4
+OpenBSD 6.5                    January 26, 2019                    OpenBSD 6.5
diff --git a/scp.1 b/scp.1
index 397e77091..a2833dab0 100644
--- a/scp.1
+++ b/scp.1
@@ -8,9 +8,9 @@
 .\"
 .\" Created: Sun May  7 00:14:37 1995 ylo
 .\"
-.\" $OpenBSD: scp.1,v 1.81 2018/09/20 06:58:48 jmc Exp $
+.\" $OpenBSD: scp.1,v 1.85 2019/01/26 22:41:28 djm Exp $
 .\"
-.Dd $Mdocdate: September 20 2018 $
+.Dd $Mdocdate: January 26 2019 $
 .Dt SCP 1
 .Os
 .Sh NAME
@@ -22,6 +22,7 @@
 .Op Fl c Ar cipher
 .Op Fl F Ar ssh_config
 .Op Fl i Ar identity_file
+.Op Fl J Ar destination
 .Op Fl l Ar limit
 .Op Fl o Ar ssh_option
 .Op Fl P Ar port
@@ -106,6 +107,19 @@ Selects the file from which the identity (private key) for public key
 authentication is read.
 This option is directly passed to
 .Xr ssh 1 .
+.It Fl J Ar destination
+Connect to the target host by first making an
+.Nm
+connection to the jump host described by
+.Ar destination
+and then establishing a TCP forwarding to the ultimate destination from
+there.
+Multiple jump hops may be specified separated by comma characters.
+This is a shortcut to specify a
+.Cm ProxyJump
+configuration directive.
+This option is directly passed to
+.Xr ssh 1 .
 .It Fl l Ar limit
 Limits the used bandwidth, specified in Kbit/s.
 .It Fl o Ar ssh_option
diff --git a/scp.c b/scp.c
index 3888baab0..a2dc410bd 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
+/* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -409,6 +409,8 @@ main(int argc, char **argv)
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
 
+        seed_rng();
+
         msetlocale();
 
         /* Copy argv, because we modify it */
@@ -432,7 +434,7 @@ main(int argc, char **argv)
 
         fflag = Tflag = tflag = 0;
         while ((ch = getopt(argc, argv,
-            "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) {
+            "dfl:prtTvBCc:i:P:q12346S:o:F:J:")) != -1) {
                 switch (ch) {
                 /* User-visible flags. */
                 case '1':
@@ -454,6 +456,7 @@ main(int argc, char **argv)
                 case 'c':
                 case 'i':
                 case 'F':
+                case 'J':
                         addargs(&remote_remote_args, "-%c", ch);
                         addargs(&remote_remote_args, "%s", optarg);
                         addargs(&args, "-%c", ch);
@@ -1604,8 +1607,9 @@ void
 usage(void)
 {
         (void) fprintf(stderr,
-            "usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
-            "           [-l limit] [-o ssh_option] [-P port] [-S program] source ... target\n");
+            "usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
+            "            [-J destination] [-l limit] [-o ssh_option] [-P port]\n"
+            "            [-S program] source ... target\n");
         exit(1);
 }
 
diff --git a/servconf.c b/servconf.c
index bf2669147..365e6ff1e 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.342 2018/09/20 23:40:16 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -64,6 +64,7 @@
 #include "auth.h"
 #include "myproposal.h"
 #include "digest.h"
+#include "ssh-gss.h"
 
 static void add_listen_addr(ServerOptions *, const char *,
     const char *, int);
@@ -128,6 +129,7 @@ initialize_server_options(ServerOptions *options)
         options->gss_cleanup_creds = -1;
         options->gss_strict_acceptor = -1;
         options->gss_store_rekey = -1;
+        options->gss_kex_algorithms = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
@@ -224,26 +226,40 @@ assemble_algorithms(ServerOptions *o)
 }
 
 static void
-array_append(const char *file, const int line, const char *directive,
-    char ***array, u_int *lp, const char *s)
+array_append2(const char *file, const int line, const char *directive,
+    char ***array, int **iarray, u_int *lp, const char *s, int i)
 {
 
         if (*lp >= INT_MAX)
                 fatal("%s line %d: Too many %s entries", file, line, directive);
 
+        if (iarray != NULL) {
+                *iarray = xrecallocarray(*iarray, *lp, *lp + 1,
+                    sizeof(**iarray));
+                (*iarray)[*lp] = i;
+        }
+
         *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array));
         (*array)[*lp] = xstrdup(s);
         (*lp)++;
 }
 
+static void
+array_append(const char *file, const int line, const char *directive,
+    char ***array, u_int *lp, const char *s)
+{
+        array_append2(file, line, directive, array, NULL, lp, s, 0);
+}
+
 void
 servconf_add_hostkey(const char *file, const int line,
-    ServerOptions *options, const char *path)
+    ServerOptions *options, const char *path, int userprovided)
 {
         char *apath = derelativise_path(path);
 
-        array_append(file, line, "HostKey",
-            &options->host_key_files, &options->num_host_key_files, apath);
+        array_append2(file, line, "HostKey",
+            &options->host_key_files, &options->host_key_file_userprovided,
+            &options->num_host_key_files, apath, userprovided);
         free(apath);
 }
 
@@ -271,16 +287,16 @@ fill_default_server_options(ServerOptions *options)
         if (options->num_host_key_files == 0) {
                 /* fill default hostkeys for protocols */
                 servconf_add_hostkey("[default]", 0, options,
-                    _PATH_HOST_RSA_KEY_FILE);
+                    _PATH_HOST_RSA_KEY_FILE, 0);
 #ifdef OPENSSL_HAS_ECC
                 servconf_add_hostkey("[default]", 0, options,
-                    _PATH_HOST_ECDSA_KEY_FILE);
+                    _PATH_HOST_ECDSA_KEY_FILE, 0);
 #endif
                 servconf_add_hostkey("[default]", 0, options,
-                    _PATH_HOST_ED25519_KEY_FILE);
+                    _PATH_HOST_ED25519_KEY_FILE, 0);
 #ifdef WITH_XMSS
                 servconf_add_hostkey("[default]", 0, options,
-                    _PATH_HOST_XMSS_KEY_FILE);
+                    _PATH_HOST_XMSS_KEY_FILE, 0);
 #endif /* WITH_XMSS */
         }
         /* No certificates by default */
@@ -348,6 +364,10 @@ fill_default_server_options(ServerOptions *options)
                 options->gss_strict_acceptor = 1;
         if (options->gss_store_rekey == -1)
                 options->gss_store_rekey = 0;
+#ifdef GSSAPI
+        if (options->gss_kex_algorithms == NULL)
+                options->gss_kex_algorithms = strdup(GSS_KEX_DEFAULT_KEX);
+#endif
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
@@ -465,7 +485,6 @@ fill_default_server_options(ServerOptions *options)
                 options->compression = 0;
         }
 #endif
-
 }
 
 /* Keyword tokens. */
@@ -494,7 +513,7 @@ typedef enum {
         sHostKeyAlgorithms,
         sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
         sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
-        sGssKeyEx, sGssStoreRekey,
+        sGssKeyEx, sGssKexAlgorithms, sGssStoreRekey,
         sAcceptEnv, sSetEnv, sPermitTunnel,
         sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
         sUsePrivilegeSeparation, sAllowAgentForwarding,
@@ -574,6 +593,7 @@ static struct {
         { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
         { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
         { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL },
+        { "gssapikexalgorithms", sGssKexAlgorithms, SSHCFG_GLOBAL },
 #else
         { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
         { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
@@ -581,6 +601,7 @@ static struct {
         { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
         { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
         { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL },
+        { "gssapikexalgorithms", sUnsupported, SSHCFG_GLOBAL },
 #endif
         { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL },
         { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL },
@@ -723,7 +744,7 @@ derelativise_path(const char *path)
         if (strcasecmp(path, "none") == 0)
                 return xstrdup("none");
         expanded = tilde_expand_filename(path, getuid());
-        if (*expanded == '/')
+        if (path_absolute(expanded))
                 return expanded;
         if (getcwd(cwd, sizeof(cwd)) == NULL)
                 fatal("%s: getcwd: %s", __func__, strerror(errno));
@@ -885,7 +906,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
 {
         u_int i;
         int port;
-        char *host, *arg, *oarg;
+        char *host, *arg, *oarg, ch;
         int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
         const char *what = lookup_opcode_name(opcode);
 
@@ -903,8 +924,9 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
         /* Otherwise treat it as a list of permitted host:port */
         for (i = 0; i < num_opens; i++) {
                 oarg = arg = xstrdup(opens[i]);
-                host = hpdelim(&arg);
-                if (host == NULL)
+                ch = '\0';
+                host = hpdelim2(&arg, &ch);
+                if (host == NULL || ch == '/')
                         fatal("%s: missing host in %s", __func__, what);
                 host = cleanhostname(host);
                 if (arg == NULL || ((port = permitopen_port(arg)) < 0))
@@ -930,12 +952,11 @@ process_permitopen(struct ssh *ssh, ServerOptions *options)
 }
 
 struct connection_info *
-get_connection_info(int populate, int use_dns)
+get_connection_info(struct ssh *ssh, int populate, int use_dns)
 {
-        struct ssh *ssh = active_state; /* XXX */
         static struct connection_info ci;
 
-        if (!populate)
+        if (ssh == NULL || !populate)
                 return &ci;
         ci.host = auth_get_canonical_hostname(ssh, use_dns);
         ci.address = ssh_remote_ipaddr(ssh);
@@ -1056,7 +1077,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                         }
                         if (ci->user == NULL)
                                 match_test_missing_fatal("User", "user");
-                        if (match_pattern_list(ci->user, arg, 0) != 1)
+                        if (match_usergroup_pattern_list(ci->user, arg) != 1)
                                 result = 0;
                         else
                                 debug("user %.100s matched 'User %.100s' at "
@@ -1222,7 +1243,7 @@ process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum, int *activep,
     struct connection_info *connectinfo)
 {
-        char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
+        char ch, *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
         int cmdline = 0, *intptr, value, value2, n, port;
         SyslogFacility *log_facility_ptr;
         LogLevel *log_level_ptr;
@@ -1322,8 +1343,10 @@ process_server_config_line(ServerOptions *options, char *line,
                         port = 0;
                         p = arg;
                 } else {
-                        p = hpdelim(&arg);
-                        if (p == NULL)
+                        arg2 = NULL;
+                        ch = '\0';
+                        p = hpdelim2(&arg, &ch);
+                        if (p == NULL || ch == '/')
                                 fatal("%s line %d: bad address:port usage",
                                     filename, linenum);
                         p = cleanhostname(p);
@@ -1376,8 +1399,10 @@ process_server_config_line(ServerOptions *options, char *line,
                 if (!arg || *arg == '\0')
                         fatal("%s line %d: missing file name.",
                             filename, linenum);
-                if (*activep)
-                        servconf_add_hostkey(filename, linenum, options, arg);
+                if (*activep) {
+                        servconf_add_hostkey(filename, linenum,
+                            options, arg, 1);
+                }
                 break;
 
         case sHostKeyAgent:
@@ -1505,6 +1530,18 @@ process_server_config_line(ServerOptions *options, char *line,
                 intptr = &options->gss_store_rekey;
                 goto parse_flag;
 
+        case sGssKexAlgorithms:
+                arg = strdelim(&cp);
+                if (!arg || *arg == '\0')
+                        fatal("%.200s line %d: Missing argument.",
+                            filename, linenum);
+                if (!kex_gss_names_valid(arg))
+                        fatal("%.200s line %d: Bad GSSAPI KexAlgorithms '%s'.",
+                            filename, linenum, arg ? arg : "<NONE>");
+                if (*activep && options->gss_kex_algorithms == NULL)
+                        options->gss_kex_algorithms = xstrdup(arg);
+                break;
+
         case sPasswordAuthentication:
                 intptr = &options->password_authentication;
                 goto parse_flag;
@@ -1957,8 +1994,9 @@ process_server_config_line(ServerOptions *options, char *line,
                                 xasprintf(&arg2, "*:%s", arg);
                         } else {
                                 arg2 = xstrdup(arg);
-                                p = hpdelim(&arg);
-                                if (p == NULL) {
+                                ch = '\0';
+                                p = hpdelim2(&arg, &ch);
+                                if (p == NULL || ch == '/') {
                                         fatal("%s line %d: missing host in %s",
                                             filename, linenum,
                                             lookup_opcode_name(opcode));
@@ -2593,10 +2631,11 @@ dump_config(ServerOptions *o)
 #endif
 #ifdef GSSAPI
         dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
-        dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
         dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
+        dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
         dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor);
         dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
+        dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms);
 #endif
         dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
         dump_cfg_fmtint(sKbdInteractiveAuthentication,
diff --git a/servconf.h b/servconf.h
index 4e3c54042..986093ffa 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.137 2018/09/20 03:28:06 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.139 2019/01/19 21:37:48 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -75,6 +75,7 @@ typedef struct {
         char    *routing_domain;        /* Bind session to routing domain */
 
         char   **host_key_files;        /* Files containing host keys. */
+        int     *host_key_file_userprovided; /* Key was specified by user. */
         u_int   num_host_key_files;     /* Number of files for host keys. */
         char   **host_cert_files;       /* Files containing host certs. */
         u_int   num_host_cert_files;    /* Number of files for host certs. */
@@ -129,6 +130,7 @@ typedef struct {
         int     gss_cleanup_creds;      /* If true, destroy cred cache on logout */
         int     gss_strict_acceptor;    /* If true, restrict the GSSAPI acceptor name */
         int     gss_store_rekey;
+        char   *gss_kex_algorithms;     /* GSSAPI kex methods to be offered by client. */
         int     password_authentication;        /* If true, permit password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* If true, permit */
@@ -261,7 +263,7 @@ struct connection_info {
                 M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \
         } while (0)
 
-struct connection_info *get_connection_info(int, int);
+struct connection_info *get_connection_info(struct ssh *, int, int);
 void     initialize_server_options(ServerOptions *);
 void     fill_default_server_options(ServerOptions *);
 int      process_server_config_line(ServerOptions *, char *, const char *, int,
@@ -277,7 +279,7 @@ void	 copy_set_server_options(ServerOptions *, ServerOptions *, int);
 void     dump_config(ServerOptions *);
 char    *derelativise_path(const char *);
 void     servconf_add_hostkey(const char *, const int,
-            ServerOptions *, const char *path);
+            ServerOptions *, const char *path, int);
 void     servconf_add_hostcert(const char *, const int,
             ServerOptions *, const char *path);
 
diff --git a/serverloop.c b/serverloop.c
index 7be83e2d3..d7b04b37c 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */
+/* $OpenBSD: serverloop.c,v 1.215 2019/03/27 09:29:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,6 +49,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <pwd.h>
+#include <limits.h>
 #include <signal.h>
 #include <string.h>
 #include <termios.h>
@@ -98,7 +99,7 @@ static volatile sig_atomic_t child_terminated = 0;	/* The child has terminated.
 static volatile sig_atomic_t received_sigterm = 0;
 
 /* prototypes */
-static void server_init_dispatch(void);
+static void server_init_dispatch(struct ssh *);
 
 /* requested tunnel forwarding interface(s), shared with session.c */
 char *tun_fwd_ifnames = NULL;
@@ -179,11 +180,12 @@ sigterm_handler(int sig)
 static void
 client_alive_check(struct ssh *ssh)
 {
-        int channel_id;
         char remote_id[512];
+        int r, channel_id;
 
         /* timeout, check to see how many we have had */
-        if (packet_inc_alive_timeouts() > options.client_alive_count_max) {
+        if (ssh_packet_inc_alive_timeouts(ssh) >
+            options.client_alive_count_max) {
                 sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
                 logit("Timeout, client not responding from %s", remote_id);
                 cleanup_exit(255);
@@ -194,14 +196,17 @@ client_alive_check(struct ssh *ssh)
          * we should get back a failure
          */
         if ((channel_id = channel_find_open(ssh)) == -1) {
-                packet_start(SSH2_MSG_GLOBAL_REQUEST);
-                packet_put_cstring("keepalive@openssh.com");
-                packet_put_char(1);     /* boolean: want reply */
+                if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "keepalive@openssh.com"))
+                    != 0 ||
+                    (r = sshpkt_put_u8(ssh, 1)) != 0) /* boolean: want reply */
+                        fatal("%s: %s", __func__, ssh_err(r));
         } else {
                 channel_request_start(ssh, channel_id,
                     "keepalive@openssh.com", 1);
         }
-        packet_send();
+        if ((r = sshpkt_send(ssh)) != 0)
+                fatal("%s: %s", __func__, ssh_err(r));
 }
 
 /*
@@ -220,6 +225,7 @@ wait_until_can_do_something(struct ssh *ssh,
         int ret;
         time_t minwait_secs = 0;
         int client_alive_scheduled = 0;
+        /* time we last heard from the client OR sent a keepalive */
         static time_t last_client_time;
 
         /* Allocate and update select() masks for channel descriptors. */
@@ -242,9 +248,10 @@ wait_until_can_do_something(struct ssh *ssh,
                 uint64_t keepalive_ms =
                     (uint64_t)options.client_alive_interval * 1000;
 
-                client_alive_scheduled = 1;
-                if (max_time_ms == 0 || max_time_ms > keepalive_ms)
+                if (max_time_ms == 0 || max_time_ms > keepalive_ms) {
                         max_time_ms = keepalive_ms;
+                        client_alive_scheduled = 1;
+                }
         }
 
 #if 0
@@ -258,14 +265,14 @@ wait_until_can_do_something(struct ssh *ssh,
          * If we have buffered packet data going to the client, mark that
          * descriptor.
          */
-        if (packet_have_data_to_write())
+        if (ssh_packet_have_data_to_write(ssh))
                 FD_SET(connection_out, *writesetp);
 
         /*
          * If child has terminated and there is enough buffer space to read
          * from it, then read as much as is available and exit.
          */
-        if (child_terminated && packet_not_very_much_data_to_write())
+        if (child_terminated && ssh_packet_not_very_much_data_to_write(ssh))
                 if (max_time_ms == 0 || client_alive_scheduled)
                         max_time_ms = 100;
 
@@ -288,13 +295,15 @@ wait_until_can_do_something(struct ssh *ssh,
         } else if (client_alive_scheduled) {
                 time_t now = monotime();
 
-                if (ret == 0) { /* timeout */
+                /*
+                 * If the select timed out, or returned for some other reason
+                 * but we haven't heard from the client in time, send keepalive.
+                 */
+                if (ret == 0 || (last_client_time != 0 && last_client_time +
+                    options.client_alive_interval <= now)) {
                         client_alive_check(ssh);
-                } else if (FD_ISSET(connection_in, *readsetp)) {
                         last_client_time = now;
-                } else if (last_client_time != 0 && last_client_time +
-                    options.client_alive_interval <= now) {
-                        client_alive_check(ssh);
+                } else if (FD_ISSET(connection_in, *readsetp)) {
                         last_client_time = now;
                 }
         }
@@ -309,7 +318,7 @@ wait_until_can_do_something(struct ssh *ssh,
 static int
 process_input(struct ssh *ssh, fd_set *readset, int connection_in)
 {
-        int len;
+        int r, len;
         char buf[16384];
 
         /* Read and buffer any input data from the client. */
@@ -330,7 +339,10 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in)
                         }
                 } else {
                         /* Buffer any received data. */
-                        packet_process_incoming(buf, len);
+                        if ((r = ssh_packet_process_incoming(ssh, buf, len))
+                            != 0)
+                                fatal("%s: ssh_packet_process_incoming: %s",
+                                    __func__, ssh_err(r));
                 }
         }
         return 0;
@@ -340,11 +352,16 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in)
  * Sends data from internal buffers to client program stdin.
  */
 static void
-process_output(fd_set *writeset, int connection_out)
+process_output(struct ssh *ssh, fd_set *writeset, int connection_out)
 {
+        int r;
+
         /* Send any buffered packet data to the client. */
-        if (FD_ISSET(connection_out, writeset))
-                packet_write_poll();
+        if (FD_ISSET(connection_out, writeset)) {
+                if ((r = ssh_packet_write_poll(ssh)) != 0)
+                        fatal("%s: ssh_packet_write_poll: %s",
+                            __func__, ssh_err(r));
+        }
 }
 
 static void
@@ -387,8 +404,8 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
 
         signal(SIGCHLD, sigchld_handler);
         child_terminated = 0;
-        connection_in = packet_get_connection_in();
-        connection_out = packet_get_connection_out();
+        connection_in = ssh_packet_get_connection_in(ssh);
+        connection_out = ssh_packet_get_connection_out(ssh);
 
         if (!use_privsep) {
                 signal(SIGTERM, sigterm_handler);
@@ -401,18 +418,21 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
         max_fd = MAXIMUM(connection_in, connection_out);
         max_fd = MAXIMUM(max_fd, notify_pipe[0]);
 
-        server_init_dispatch();
+        server_init_dispatch(ssh);
 
         for (;;) {
                 process_buffered_input_packets(ssh);
 
                 if (!ssh_packet_is_rekeying(ssh) &&
-                    packet_not_very_much_data_to_write())
+                    ssh_packet_not_very_much_data_to_write(ssh))
                         channel_output_poll(ssh);
-                if (options.rekey_interval > 0 && !ssh_packet_is_rekeying(ssh))
-                        rekey_timeout_ms = packet_get_rekey_timeout() * 1000;
-                else
+                if (options.rekey_interval > 0 &&
+                    !ssh_packet_is_rekeying(ssh)) {
+                        rekey_timeout_ms = ssh_packet_get_rekey_timeout(ssh) *
+                            1000;
+                } else {
                         rekey_timeout_ms = 0;
+                }
 
                 wait_until_can_do_something(ssh, connection_in, connection_out,
                     &readset, &writeset, &max_fd, &nalloc, rekey_timeout_ms);
@@ -428,7 +448,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
                         channel_after_select(ssh, readset, writeset);
                 if (process_input(ssh, readset, connection_in) < 0)
                         break;
-                process_output(writeset, connection_out);
+                process_output(ssh, writeset, connection_out);
         }
         collect_children(ssh);
 
@@ -451,7 +471,7 @@ server_input_keep_alive(int type, u_int32_t seq, struct ssh *ssh)
          * even if this was generated by something other than
          * the bogus CHANNEL_REQUEST we send for keepalives.
          */
-        packet_set_alive_timeouts(0);
+        ssh_packet_set_alive_timeouts(ssh, 0);
         return 0;
 }
 
@@ -459,16 +479,28 @@ static Channel *
 server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg)
 {
         Channel *c = NULL;
-        char *target, *originator;
-        u_short target_port, originator_port;
-
-        target = packet_get_string(NULL);
-        target_port = packet_get_int();
-        originator = packet_get_string(NULL);
-        originator_port = packet_get_int();
-        packet_check_eom();
+        char *target = NULL, *originator = NULL;
+        u_int target_port = 0, originator_port = 0;
+        int r;
+
+        if ((r = sshpkt_get_cstring(ssh, &target, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &target_port)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+        if (target_port > 0xFFFF) {
+                error("%s: invalid target port", __func__);
+                *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED;
+                goto out;
+        }
+        if (originator_port > 0xFFFF) {
+                error("%s: invalid originator port", __func__);
+                *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED;
+                goto out;
+        }
 
-        debug("%s: originator %s port %d, target %s port %d", __func__,
+        debug("%s: originator %s port %u, target %s port %u", __func__,
             originator, originator_port, target, target_port);
 
         /* XXX fine grained permissions */
@@ -485,9 +517,9 @@ server_request_direct_tcpip(struct ssh *ssh, int *reason, const char **errmsg)
                         *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED;
         }
 
+ out:
         free(originator);
         free(target);
-
         return c;
 }
 
@@ -495,17 +527,23 @@ static Channel *
 server_request_direct_streamlocal(struct ssh *ssh)
 {
         Channel *c = NULL;
-        char *target, *originator;
-        u_short originator_port;
+        char *target = NULL, *originator = NULL;
+        u_int originator_port = 0;
         struct passwd *pw = the_authctxt->pw;
+        int r;
 
         if (pw == NULL || !the_authctxt->valid)
                 fatal("%s: no/invalid user", __func__);
 
-        target = packet_get_string(NULL);
-        originator = packet_get_string(NULL);
-        originator_port = packet_get_int();
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &target, NULL)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &originator, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &originator_port)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+        if (originator_port > 0xFFFF) {
+                error("%s: invalid originator port", __func__);
+                goto out;
+        }
 
         debug("%s: originator %s port %d, target %s", __func__,
             originator, originator_port, target);
@@ -522,9 +560,9 @@ server_request_direct_streamlocal(struct ssh *ssh)
                     originator, originator_port, target);
         }
 
+out:
         free(originator);
         free(target);
-
         return c;
 }
 
@@ -532,27 +570,35 @@ static Channel *
 server_request_tun(struct ssh *ssh)
 {
         Channel *c = NULL;
-        int mode, tun, sock;
+        u_int mode, tun;
+        int r, sock;
         char *tmp, *ifname = NULL;
 
-        mode = packet_get_int();
+        if ((r = sshpkt_get_u32(ssh, &mode)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse mode", __func__);
         switch (mode) {
         case SSH_TUNMODE_POINTOPOINT:
         case SSH_TUNMODE_ETHERNET:
                 break;
         default:
-                packet_send_debug("Unsupported tunnel device mode.");
+                ssh_packet_send_debug(ssh, "Unsupported tunnel device mode.");
                 return NULL;
         }
         if ((options.permit_tun & mode) == 0) {
-                packet_send_debug("Server has rejected tunnel device "
+                ssh_packet_send_debug(ssh, "Server has rejected tunnel device "
                     "forwarding");
                 return NULL;
         }
 
-        tun = packet_get_int();
+        if ((r = sshpkt_get_u32(ssh, &tun)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse device", __func__);
+        if (tun > INT_MAX) {
+                debug("%s: invalid tun", __func__);
+                goto done;
+        }
         if (auth_opts->force_tun_device != -1) {
-                if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != tun)
+                if (tun != SSH_TUNID_ANY &&
+                    auth_opts->force_tun_device != (int)tun)
                         goto done;
                 tun = auth_opts->force_tun_device;
         }
@@ -585,7 +631,7 @@ server_request_tun(struct ssh *ssh)
 
  done:
         if (c == NULL)
-                packet_send_debug("Failed to open the tunnel device.");
+                ssh_packet_send_debug(ssh, "Failed to open the tunnel device.");
         return c;
 }
 
@@ -593,13 +639,15 @@ static Channel *
 server_request_session(struct ssh *ssh)
 {
         Channel *c;
+        int r;
 
         debug("input_session_request");
-        packet_check_eom();
+        if ((r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
 
         if (no_more_sessions) {
-                packet_disconnect("Possible attack: attempt to open a session "
-                    "after additional sessions disabled");
+                ssh_packet_disconnect(ssh, "Possible attack: attempt to open a "
+                    "session after additional sessions disabled");
         }
 
         /*
@@ -624,20 +672,22 @@ static int
 server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c = NULL;
-        char *ctype;
+        char *ctype = NULL;
         const char *errmsg = NULL;
-        int rchan, reason = SSH2_OPEN_CONNECT_FAILED;
-        u_int rmaxpack, rwindow, len;
-
-        ctype = packet_get_string(&len);
-        rchan = packet_get_int();
-        rwindow = packet_get_int();
-        rmaxpack = packet_get_int();
-
-        debug("%s: ctype %s rchan %d win %d max %d", __func__,
+        int r, reason = SSH2_OPEN_CONNECT_FAILED;
+        u_int rchan = 0, rmaxpack = 0, rwindow = 0;
+
+        if ((r = sshpkt_get_cstring(ssh, &ctype, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rchan)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rwindow)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &rmaxpack)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+        debug("%s: ctype %s rchan %u win %u max %u", __func__,
             ctype, rchan, rwindow, rmaxpack);
 
-        if (strcmp(ctype, "session") == 0) {
+        if (rchan > INT_MAX) {
+                error("%s: invalid remote channel ID", __func__);
+        } else if (strcmp(ctype, "session") == 0) {
                 c = server_request_session(ssh);
         } else if (strcmp(ctype, "direct-tcpip") == 0) {
                 c = server_request_direct_tcpip(ssh, &reason, &errmsg);
@@ -648,26 +698,32 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
         }
         if (c != NULL) {
                 debug("%s: confirm %s", __func__, ctype);
-                c->remote_id = rchan;
+                c->remote_id = (int)rchan;
                 c->have_remote_id = 1;
                 c->remote_window = rwindow;
                 c->remote_maxpacket = rmaxpack;
                 if (c->type != SSH_CHANNEL_CONNECTING) {
-                        packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION);
-                        packet_put_int(c->remote_id);
-                        packet_put_int(c->self);
-                        packet_put_int(c->local_window);
-                        packet_put_int(c->local_maxpacket);
-                        packet_send();
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->self)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->local_window)) != 0 ||
+                            (r = sshpkt_put_u32(ssh, c->local_maxpacket)) != 0 ||
+                            (r = sshpkt_send(ssh)) != 0) {
+                                sshpkt_fatal(ssh, r,
+                                    "%s: send open confirm", __func__);
+                        }
                 }
         } else {
                 debug("%s: failure %s", __func__, ctype);
-                packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE);
-                packet_put_int(rchan);
-                packet_put_int(reason);
-                packet_put_cstring(errmsg ? errmsg : "open failed");
-                packet_put_cstring("");
-                packet_send();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, rchan)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, reason)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, errmsg ? errmsg : "open failed")) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "")) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0) {
+                        sshpkt_fatal(ssh, r,
+                            "%s: send open failure", __func__);
+                }
         }
         free(ctype);
         return 0;
@@ -730,9 +786,9 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp)
                     (r = sshbuf_put_string(sigbuf,
                     ssh->kex->session_id, ssh->kex->session_id_len)) != 0 ||
                     (r = sshkey_puts(key, sigbuf)) != 0 ||
-                    (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen,
+                    (r = ssh->kex->sign(ssh, key_prv, key_pub, &sig, &slen,
                     sshbuf_ptr(sigbuf), sshbuf_len(sigbuf),
-                    use_kexsigtype ? ssh->kex->hostkey_alg : NULL, 0)) != 0 ||
+                    use_kexsigtype ? ssh->kex->hostkey_alg : NULL)) != 0 ||
                     (r = sshbuf_put_string(resp, sig, slen)) != 0) {
                         error("%s: couldn't prepare signature: %s",
                             __func__, ssh_err(r));
@@ -754,65 +810,66 @@ server_input_hostkeys_prove(struct ssh *ssh, struct sshbuf **respp)
 static int
 server_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
 {
-        char *rtype;
-        int want_reply;
+        char *rtype = NULL;
+        u_char want_reply = 0;
         int r, success = 0, allocated_listen_port = 0;
+        u_int port = 0;
         struct sshbuf *resp = NULL;
         struct passwd *pw = the_authctxt->pw;
+        struct Forward fwd;
 
+        memset(&fwd, 0, sizeof(fwd));
         if (pw == NULL || !the_authctxt->valid)
                 fatal("%s: no/invalid user", __func__);
 
-        rtype = packet_get_string(NULL);
-        want_reply = packet_get_char();
+        if ((r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 ||
+            (r = sshpkt_get_u8(ssh, &want_reply)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
         debug("%s: rtype %s want_reply %d", __func__, rtype, want_reply);
 
         /* -R style forwarding */
         if (strcmp(rtype, "tcpip-forward") == 0) {
-                struct Forward fwd;
-
-                memset(&fwd, 0, sizeof(fwd));
-                fwd.listen_host = packet_get_string(NULL);
-                fwd.listen_port = (u_short)packet_get_int();
-                debug("%s: tcpip-forward listen %s port %d", __func__,
-                    fwd.listen_host, fwd.listen_port);
-
+                if ((r = sshpkt_get_cstring(ssh, &fwd.listen_host, NULL)) != 0 ||
+                    (r = sshpkt_get_u32(ssh, &port)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: parse tcpip-forward", __func__);
+                debug("%s: tcpip-forward listen %s port %u", __func__,
+                    fwd.listen_host, port);
+                if (port <= INT_MAX)
+                        fwd.listen_port = (int)port;
                 /* check permissions */
-                if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 ||
+                if (port > INT_MAX ||
+                    (options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 ||
                     !auth_opts->permit_port_forwarding_flag ||
                     options.disable_forwarding ||
                     (!want_reply && fwd.listen_port == 0) ||
                     (fwd.listen_port != 0 &&
                      !bind_permitted(fwd.listen_port, pw->pw_uid))) {
                         success = 0;
-                        packet_send_debug("Server has disabled port forwarding.");
+                        ssh_packet_send_debug(ssh, "Server has disabled port forwarding.");
                 } else {
                         /* Start listening on the port */
                         success = channel_setup_remote_fwd_listener(ssh, &fwd,
                             &allocated_listen_port, &options.fwd_opts);
                 }
-                free(fwd.listen_host);
                 if ((resp = sshbuf_new()) == NULL)
                         fatal("%s: sshbuf_new", __func__);
                 if (allocated_listen_port != 0 &&
                     (r = sshbuf_put_u32(resp, allocated_listen_port)) != 0)
                         fatal("%s: sshbuf_put_u32: %s", __func__, ssh_err(r));
         } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) {
-                struct Forward fwd;
+                if ((r = sshpkt_get_cstring(ssh, &fwd.listen_host, NULL)) != 0 ||
+                    (r = sshpkt_get_u32(ssh, &port)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: parse cancel-tcpip-forward", __func__);
 
-                memset(&fwd, 0, sizeof(fwd));
-                fwd.listen_host = packet_get_string(NULL);
-                fwd.listen_port = (u_short)packet_get_int();
                 debug("%s: cancel-tcpip-forward addr %s port %d", __func__,
-                    fwd.listen_host, fwd.listen_port);
-
-                success = channel_cancel_rport_listener(ssh, &fwd);
-                free(fwd.listen_host);
+                    fwd.listen_host, port);
+                if (port <= INT_MAX) {
+                        fwd.listen_port = (int)port;
+                        success = channel_cancel_rport_listener(ssh, &fwd);
+                }
         } else if (strcmp(rtype, "streamlocal-forward@openssh.com") == 0) {
-                struct Forward fwd;
-
-                memset(&fwd, 0, sizeof(fwd));
-                fwd.listen_path = packet_get_string(NULL);
+                if ((r = sshpkt_get_cstring(ssh, &fwd.listen_path, NULL)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: parse streamlocal-forward@openssh.com", __func__);
                 debug("%s: streamlocal-forward listen path %s", __func__,
                     fwd.listen_path);
 
@@ -822,39 +879,37 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
                     options.disable_forwarding ||
                     (pw->pw_uid != 0 && !use_privsep)) {
                         success = 0;
-                        packet_send_debug("Server has disabled "
+                        ssh_packet_send_debug(ssh, "Server has disabled "
                             "streamlocal forwarding.");
                 } else {
                         /* Start listening on the socket */
                         success = channel_setup_remote_fwd_listener(ssh,
                             &fwd, NULL, &options.fwd_opts);
                 }
-                free(fwd.listen_path);
         } else if (strcmp(rtype, "cancel-streamlocal-forward@openssh.com") == 0) {
-                struct Forward fwd;
-
-                memset(&fwd, 0, sizeof(fwd));
-                fwd.listen_path = packet_get_string(NULL);
+                if ((r = sshpkt_get_cstring(ssh, &fwd.listen_path, NULL)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: parse cancel-streamlocal-forward@openssh.com", __func__);
                 debug("%s: cancel-streamlocal-forward path %s", __func__,
                     fwd.listen_path);
 
                 success = channel_cancel_rport_listener(ssh, &fwd);
-                free(fwd.listen_path);
         } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) {
                 no_more_sessions = 1;
                 success = 1;
         } else if (strcmp(rtype, "hostkeys-prove-00@openssh.com") == 0) {
                 success = server_input_hostkeys_prove(ssh, &resp);
         }
+        /* XXX sshpkt_get_end() */
         if (want_reply) {
-                packet_start(success ?
-                    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
-                if (success && resp != NULL)
-                        ssh_packet_put_raw(ssh, sshbuf_ptr(resp),
-                            sshbuf_len(resp));
-                packet_send();
-                packet_write_wait();
+                if ((r = sshpkt_start(ssh, success ?
+                    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE)) != 0 ||
+                    (success && resp != NULL && (r = sshpkt_putb(ssh, resp)) != 0) ||
+                    (r = sshpkt_send(ssh)) != 0 ||
+                    (r = ssh_packet_write_wait(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: send reply", __func__);
         }
+        free(fwd.listen_host);
+        free(fwd.listen_path);
         free(rtype);
         sshbuf_free(resp);
         return 0;
@@ -864,58 +919,64 @@ static int
 server_input_channel_req(int type, u_int32_t seq, struct ssh *ssh)
 {
         Channel *c;
-        int id, reply, success = 0;
-        char *rtype;
-
-        id = packet_get_int();
-        rtype = packet_get_string(NULL);
-        reply = packet_get_char();
-
-        debug("server_input_channel_req: channel %d request %s reply %d",
-            id, rtype, reply);
-
-        if ((c = channel_lookup(ssh, id)) == NULL)
-                packet_disconnect("server_input_channel_req: "
-                    "unknown channel %d", id);
+        int r, success = 0;
+        char *rtype = NULL;
+        u_char want_reply = 0;
+        u_int id = 0;
+
+        if ((r = sshpkt_get_u32(ssh, &id)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &rtype, NULL)) != 0 ||
+            (r = sshpkt_get_u8(ssh, &want_reply)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+
+        debug("server_input_channel_req: channel %u request %s reply %d",
+            id, rtype, want_reply);
+
+        if (id >= INT_MAX || (c = channel_lookup(ssh, (int)id)) == NULL) {
+                ssh_packet_disconnect(ssh, "%s: unknown channel %d",
+                    __func__, id);
+        }
         if (!strcmp(rtype, "eow@openssh.com")) {
-                packet_check_eom();
+                if ((r = sshpkt_get_end(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
                 chan_rcvd_eow(ssh, c);
         } else if ((c->type == SSH_CHANNEL_LARVAL ||
             c->type == SSH_CHANNEL_OPEN) && strcmp(c->ctype, "session") == 0)
                 success = session_input_channel_req(ssh, c, rtype);
-        if (reply && !(c->flags & CHAN_CLOSE_SENT)) {
+        if (want_reply && !(c->flags & CHAN_CLOSE_SENT)) {
                 if (!c->have_remote_id)
                         fatal("%s: channel %d: no remote_id",
                             __func__, c->self);
-                packet_start(success ?
-                    SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
-                packet_put_int(c->remote_id);
-                packet_send();
+                if ((r = sshpkt_start(ssh, success ?
+                    SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: send reply", __func__);
         }
         free(rtype);
         return 0;
 }
 
 static void
-server_init_dispatch(void)
+server_init_dispatch(struct ssh *ssh)
 {
         debug("server_init_dispatch");
-        dispatch_init(&dispatch_protocol_error);
-        dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
-        dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
-        dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
-        dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN, &server_input_channel_open);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
-        dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
-        dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &server_input_channel_req);
-        dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
-        dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request);
+        ssh_dispatch_init(ssh, &dispatch_protocol_error);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_DATA, &channel_input_data);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN, &server_input_channel_open);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_REQUEST, &server_input_channel_req);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
+        ssh_dispatch_set(ssh, SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request);
         /* client_alive */
-        dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &server_input_keep_alive);
-        dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive);
-        dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive);
-        dispatch_set(SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_SUCCESS, &server_input_keep_alive);
+        ssh_dispatch_set(ssh, SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive);
+        ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive);
+        ssh_dispatch_set(ssh, SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive);
         /* rekeying */
-        dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
+        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
diff --git a/session.c b/session.c
index 19f38637e..d87ea4d44 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.307 2018/10/04 00:10:11 djm Exp $ */
+/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -123,9 +123,6 @@ int	do_exec_no_pty(struct ssh *, Session *, const char *);
 int     do_exec(struct ssh *, Session *, const char *);
 void    do_login(struct ssh *, Session *, const char *);
 void    do_child(struct ssh *, Session *, const char *);
-#ifdef LOGIN_NEEDS_UTMPX
-static void     do_pre_login(Session *s);
-#endif
 void    do_motd(void);
 int     check_quietlogin(Session *, const char *);
 
@@ -142,7 +139,7 @@ extern int startup_pipe;
 extern void destroy_sensitive_data(void);
 extern struct sshbuf *loginmsg;
 extern struct sshauthopt *auth_opts;
-char *tun_fwd_ifnames; /* serverloop.c */
+extern char *tun_fwd_ifnames; /* serverloop.c */
 
 /* original command from peer. */
 const char *original_command = NULL;
@@ -204,7 +201,7 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
 
         /* Create private directory for socket */
         if (mkdtemp(auth_sock_dir) == NULL) {
-                packet_send_debug("Agent forwarding disabled: "
+                ssh_packet_send_debug(ssh, "Agent forwarding disabled: "
                     "mkdtemp() failed: %.100s", strerror(errno));
                 restore_uid();
                 free(auth_sock_dir);
@@ -236,7 +233,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
  authsock_err:
         free(auth_sock_name);
         if (auth_sock_dir != NULL) {
+                temporarily_use_uid(pw);
                 rmdir(auth_sock_dir);
+                restore_uid();
                 free(auth_sock_dir);
         }
         if (sock != -1)
@@ -359,7 +358,7 @@ do_authenticated(struct ssh *ssh, Authctxt *authctxt)
                 else
                         channel_permit_all(ssh, FORWARD_REMOTE);
         }
-        auth_debug_send();
+        auth_debug_send(ssh);
 
         prepare_auth_info_file(authctxt->pw, authctxt->session_info);
 
@@ -521,7 +520,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
 
         s->pid = pid;
         /* Set interactive/non-interactive mode. */
-        packet_set_interactive(s->display != NULL,
+        ssh_packet_set_interactive(ssh, s->display != NULL,
             options.ip_qos_interactive, options.ip_qos_bulk);
 
         /*
@@ -548,7 +547,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
          * Enter the interactive session.  Note: server_loop must be able to
          * handle the case that fdin and fdout are the same.
          */
-        session_set_fds(s, inout[1], inout[1], err[1],
+        session_set_fds(ssh, s, inout[1], inout[1], err[1],
             s->is_subsystem, 0);
 #endif
         return 0;
@@ -650,41 +649,12 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
 
         /* Enter interactive session. */
         s->ptymaster = ptymaster;
-        packet_set_interactive(1, 
+        ssh_packet_set_interactive(ssh, 1,
             options.ip_qos_interactive, options.ip_qos_bulk);
         session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1);
         return 0;
 }
 
-#ifdef LOGIN_NEEDS_UTMPX
-static void
-do_pre_login(Session *s)
-{
-        struct ssh *ssh = active_state; /* XXX */
-        socklen_t fromlen;
-        struct sockaddr_storage from;
-        pid_t pid = getpid();
-
-        /*
-         * Get IP address of client. If the connection is not a socket, let
-         * the address be 0.0.0.0.
-         */
-        memset(&from, 0, sizeof(from));
-        fromlen = sizeof(from);
-        if (packet_connection_is_on_socket()) {
-                if (getpeername(packet_get_connection_in(),
-                    (struct sockaddr *)&from, &fromlen) < 0) {
-                        debug("getpeername: %.100s", strerror(errno));
-                        cleanup_exit(255);
-                }
-        }
-
-        record_utmp_only(pid, s->tty, s->pw->pw_name,
-            session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns),
-            (struct sockaddr *)&from, fromlen);
-}
-#endif
-
 /*
  * This is called to fork and execute a command.  If another command is
  * to be forced, execute that instead.
@@ -783,8 +753,8 @@ do_login(struct ssh *ssh, Session *s, const char *command)
          */
         memset(&from, 0, sizeof(from));
         fromlen = sizeof(from);
-        if (packet_connection_is_on_socket()) {
-                if (getpeername(packet_get_connection_in(),
+        if (ssh_packet_connection_is_on_socket(ssh)) {
+                if (getpeername(ssh_packet_get_connection_in(ssh),
                     (struct sockaddr *)&from, &fromlen) < 0) {
                         debug("getpeername: %.100s", strerror(errno));
                         cleanup_exit(255);
@@ -1082,8 +1052,11 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 # endif /* HAVE_CYGWIN */
 #endif /* HAVE_LOGIN_CAP */
 
-        snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name);
-        child_set_env(&env, &envsize, "MAIL", buf);
+        if (!options.use_pam) {
+                snprintf(buf, sizeof buf, "%.200s/%.50s",
+                    _PATH_MAILDIR, pw->pw_name);
+                child_set_env(&env, &envsize, "MAIL", buf);
+        }
 
         /* Normal systems set SHELL by default. */
         child_set_env(&env, &envsize, "SHELL", shell);
@@ -1162,15 +1135,18 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
                 char **p;
 
                 /*
-                 * Don't allow SSH_AUTH_INFO variables posted to PAM to leak
-                 * back into the environment.
+                 * Don't allow PAM-internal env vars to leak
+                 * back into the session environment.
                  */
+#define PAM_ENV_BLACKLIST  "SSH_AUTH_INFO*,SSH_CONNECTION*"
                 p = fetch_pam_child_environment();
-                copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+                copy_environment_blacklist(p, &env, &envsize,
+                    PAM_ENV_BLACKLIST);
                 free_pam_environment(p);
 
                 p = fetch_pam_environment();
-                copy_environment_blacklist(p, &env, &envsize, "SSH_AUTH_INFO*");
+                copy_environment_blacklist(p, &env, &envsize,
+                    PAM_ENV_BLACKLIST);
                 free_pam_environment(p);
         }
 #endif /* USE_PAM */
@@ -1192,7 +1168,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
             ssh_local_port(ssh));
         child_set_env(&env, &envsize, "SSH_CLIENT", buf);
 
-        laddr = get_local_ipaddr(packet_get_connection_in());
+        laddr = get_local_ipaddr(ssh_packet_get_connection_in(ssh));
         snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
             ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
             laddr, ssh_local_port(ssh));
@@ -1334,7 +1310,7 @@ safely_chroot(const char *path, uid_t uid)
         char component[PATH_MAX];
         struct stat st;
 
-        if (*path != '/')
+        if (!path_absolute(path))
                 fatal("chroot path does not begin at root");
         if (strlen(path) >= sizeof(component))
                 fatal("chroot path too long");
@@ -1359,7 +1335,7 @@ safely_chroot(const char *path, uid_t uid)
                             component, strerror(errno));
                 if (st.st_uid != 0 || (st.st_mode & 022) != 0)
                         fatal("bad ownership or modes for chroot "
-                            "directory %s\"%s\"", 
+                            "directory %s\"%s\"",
                             cp == NULL ? "" : "component ", component);
                 if (!S_ISDIR(st.st_mode))
                         fatal("chroot path %s\"%s\" is not a directory",
@@ -1497,11 +1473,12 @@ child_close_fds(struct ssh *ssh)
                 auth_sock = -1;
         }
 
-        if (packet_get_connection_in() == packet_get_connection_out())
-                close(packet_get_connection_in());
+        if (ssh_packet_get_connection_in(ssh) ==
+            ssh_packet_get_connection_out(ssh))
+                close(ssh_packet_get_connection_in(ssh));
         else {
-                close(packet_get_connection_in());
-                close(packet_get_connection_out());
+                close(ssh_packet_get_connection_in(ssh));
+                close(ssh_packet_get_connection_out(ssh));
         }
         /*
          * Close all descriptors related to channels.  They will still remain
@@ -1535,15 +1512,16 @@ void
 do_child(struct ssh *ssh, Session *s, const char *command)
 {
         extern char **environ;
-        char **env;
-        char *argv[ARGV_MAX];
+        char **env, *argv[ARGV_MAX], remote_id[512];
         const char *shell, *shell0;
         struct passwd *pw = s->pw;
         int r = 0;
 
+        sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
+
         /* remove hostkey from the child's memory */
         destroy_sensitive_data();
-        packet_clear_keys();
+        ssh_packet_clear_keys(ssh);
 
         /* Force a password change */
         if (s->authctxt->force_pwchange) {
@@ -1663,6 +1641,8 @@ do_child(struct ssh *ssh, Session *s, const char *command)
         signal(SIGPIPE, SIG_DFL);
 
         if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) {
+                error("Connection from %s: refusing non-sftp session",
+                    remote_id);
                 printf("This service allows sftp connections only.\n");
                 fflush(NULL);
                 exit(1);
@@ -1905,11 +1885,14 @@ session_by_pid(pid_t pid)
 static int
 session_window_change_req(struct ssh *ssh, Session *s)
 {
-        s->col = packet_get_int();
-        s->row = packet_get_int();
-        s->xpixel = packet_get_int();
-        s->ypixel = packet_get_int();
-        packet_check_eom();
+        int r;
+
+        if ((r = sshpkt_get_u32(ssh, &s->col)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->row)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->xpixel)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->ypixel)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
         pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
         return 1;
 }
@@ -1917,22 +1900,23 @@ session_window_change_req(struct ssh *ssh, Session *s)
 static int
 session_pty_req(struct ssh *ssh, Session *s)
 {
-        u_int len;
+        int r;
 
         if (!auth_opts->permit_pty_flag || !options.permit_tty) {
                 debug("Allocating a pty not permitted for this connection.");
                 return 0;
         }
         if (s->ttyfd != -1) {
-                packet_disconnect("Protocol error: you already have a pty.");
+                ssh_packet_disconnect(ssh, "Protocol error: you already have a pty.");
                 return 0;
         }
 
-        s->term = packet_get_string(&len);
-        s->col = packet_get_int();
-        s->row = packet_get_int();
-        s->xpixel = packet_get_int();
-        s->ypixel = packet_get_int();
+        if ((r = sshpkt_get_cstring(ssh, &s->term, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->col)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->row)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->xpixel)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->ypixel)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
 
         if (strcmp(s->term, "") == 0) {
                 free(s->term);
@@ -1954,13 +1938,15 @@ session_pty_req(struct ssh *ssh, Session *s)
 
         ssh_tty_parse_modes(ssh, s->ttyfd);
 
+        if ((r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+
         if (!use_privsep)
                 pty_setowner(s->pw, s->tty, s->authctxt->role);
 
         /* Set window size from the packet. */
         pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
 
-        packet_check_eom();
         session_proctitle(s);
         return 1;
 }
@@ -1969,13 +1955,13 @@ static int
 session_subsystem_req(struct ssh *ssh, Session *s)
 {
         struct stat st;
-        u_int len;
-        int success = 0;
+        int r, success = 0;
         char *prog, *cmd;
         u_int i;
 
-        s->subsys = packet_get_string(&len);
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &s->subsys, NULL)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
         debug2("subsystem request for %.100s by user %s", s->subsys,
             s->pw->pw_name);
 
@@ -2008,18 +1994,22 @@ session_subsystem_req(struct ssh *ssh, Session *s)
 static int
 session_x11_req(struct ssh *ssh, Session *s)
 {
-        int success;
+        int r, success;
+        u_char single_connection = 0;
 
         if (s->auth_proto != NULL || s->auth_data != NULL) {
                 error("session_x11_req: session %d: "
                     "x11 forwarding already active", s->self);
                 return 0;
         }
-        s->single_connection = packet_get_char();
-        s->auth_proto = packet_get_string(NULL);
-        s->auth_data = packet_get_string(NULL);
-        s->screen = packet_get_int();
-        packet_check_eom();
+        if ((r = sshpkt_get_u8(ssh, &single_connection)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &s->auth_proto, NULL)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &s->auth_data, NULL)) != 0 ||
+            (r = sshpkt_get_u32(ssh, &s->screen)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
+
+        s->single_connection = single_connection;
 
         if (xauth_valid_string(s->auth_proto) &&
             xauth_valid_string(s->auth_data))
@@ -2040,17 +2030,24 @@ session_x11_req(struct ssh *ssh, Session *s)
 static int
 session_shell_req(struct ssh *ssh, Session *s)
 {
-        packet_check_eom();
+        int r;
+
+        if ((r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
         return do_exec(ssh, s, NULL) == 0;
 }
 
 static int
 session_exec_req(struct ssh *ssh, Session *s)
 {
-        u_int len, success;
+        u_int success;
+        int r;
+        char *command = NULL;
+
+        if ((r = sshpkt_get_cstring(ssh, &command, NULL)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
 
-        char *command = packet_get_string(&len);
-        packet_check_eom();
         success = do_exec(ssh, s, command) == 0;
         free(command);
         return success;
@@ -2059,9 +2056,11 @@ session_exec_req(struct ssh *ssh, Session *s)
 static int
 session_break_req(struct ssh *ssh, Session *s)
 {
+        int r;
 
-        packet_get_int();       /* ignored */
-        packet_check_eom();
+        if ((r = sshpkt_get_u32(ssh, NULL)) != 0 || /* ignore */
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
 
         if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0)
                 return 0;
@@ -2072,11 +2071,13 @@ static int
 session_env_req(struct ssh *ssh, Session *s)
 {
         char *name, *val;
-        u_int name_len, val_len, i;
+        u_int i;
+        int r;
 
-        name = packet_get_cstring(&name_len);
-        val = packet_get_cstring(&val_len);
-        packet_check_eom();
+        if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, &val, NULL)) != 0 ||
+            (r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
 
         /* Don't set too many environment variables */
         if (s->num_env > 128) {
@@ -2179,8 +2180,10 @@ static int
 session_auth_agent_req(struct ssh *ssh, Session *s)
 {
         static int called = 0;
+        int r;
 
-        packet_check_eom();
+        if ((r = sshpkt_get_end(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
         if (!auth_opts->permit_agent_forwarding_flag ||
             !options.allow_agent_forwarding) {
                 debug("%s: agent forwarding disabled", __func__);
@@ -2370,6 +2373,7 @@ static void
 session_exit_message(struct ssh *ssh, Session *s, int status)
 {
         Channel *c;
+        int r;
 
         if ((c = channel_lookup(ssh, s->chanid)) == NULL)
                 fatal("%s: session %d: no channel %d",
@@ -2379,22 +2383,23 @@ session_exit_message(struct ssh *ssh, Session *s, int status)
 
         if (WIFEXITED(status)) {
                 channel_request_start(ssh, s->chanid, "exit-status", 0);
-                packet_put_int(WEXITSTATUS(status));
-                packet_send();
+                if ((r = sshpkt_put_u32(ssh, WEXITSTATUS(status))) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: exit reply", __func__);
         } else if (WIFSIGNALED(status)) {
                 channel_request_start(ssh, s->chanid, "exit-signal", 0);
-                packet_put_cstring(sig2name(WTERMSIG(status)));
-#ifdef WCOREDUMP
-                packet_put_char(WCOREDUMP(status)? 1 : 0);
-#else /* WCOREDUMP */
-                packet_put_char(0);
-#endif /* WCOREDUMP */
-                packet_put_cstring("");
-                packet_put_cstring("");
-                packet_send();
+#ifndef WCOREDUMP
+# define WCOREDUMP(x) (0)
+#endif
+                if ((r = sshpkt_put_cstring(ssh, sig2name(WTERMSIG(status)))) != 0 ||
+                    (r = sshpkt_put_u8(ssh, WCOREDUMP(status)? 1 : 0)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "")) != 0 ||
+                    (r = sshpkt_put_cstring(ssh, "")) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: exit reply", __func__);
         } else {
                 /* Some weird exit cause.  Just exit. */
-                packet_disconnect("wait returned status %04x.", status);
+                ssh_packet_disconnect(ssh, "wait returned status %04x.", status);
         }
 
         /* disconnect channel */
@@ -2565,7 +2570,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
         u_int i;
 
         if (!auth_opts->permit_x11_forwarding_flag) {
-                packet_send_debug("X11 forwarding disabled by key options.");
+                ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options.");
                 return 0;
         }
         if (!options.x11_forwarding) {
@@ -2574,7 +2579,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
         }
         if (options.xauth_location == NULL ||
             (stat(options.xauth_location, &st) == -1)) {
-                packet_send_debug("No xauth program; cannot forward X11.");
+                ssh_packet_send_debug(ssh, "No xauth program; cannot forward X11.");
                 return 0;
         }
         if (s->display != NULL) {
@@ -2615,7 +2620,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
                 he = gethostbyname(hostname);
                 if (he == NULL) {
                         error("Can't get IP address for X11 DISPLAY.");
-                        packet_send_debug("Can't get IP address for X11 DISPLAY.");
+                        ssh_packet_send_debug(ssh, "Can't get IP address for X11 DISPLAY.");
                         return 0;
                 }
                 memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr));
@@ -2669,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
 
 #ifdef KRB5
         if (options.kerberos_ticket_cleanup &&
-            authctxt->krb5_ctx)
+            authctxt->krb5_ctx) {
+                temporarily_use_uid(authctxt->pw);
                 krb5_cleanup_proc(authctxt);
+                restore_uid();
+        }
 #endif
 
 #ifdef GSSAPI
-        if (options.gss_cleanup_creds)
+        if (options.gss_cleanup_creds) {
+                temporarily_use_uid(authctxt->pw);
                 ssh_gssapi_cleanup_creds();
+                restore_uid();
+        }
 #endif
 
         /* remove agent socket */
diff --git a/sftp-client.c b/sftp-client.c
index cf2887a40..73e3c2f53 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.130 2018/07/31 03:07:24 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.133 2019/01/24 16:52:17 dtucker Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -86,6 +86,7 @@ struct sftp_conn {
 #define SFTP_EXT_FSTATVFS       0x00000004
 #define SFTP_EXT_HARDLINK       0x00000008
 #define SFTP_EXT_FSYNC          0x00000010
+#define SFTP_EXT_LSETSTAT       0x00000020
         u_int exts;
         u_int64_t limit_kbps;
         struct bwlimit bwlimit_in, bwlimit_out;
@@ -465,6 +466,10 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests,
                     strcmp((char *)value, "1") == 0) {
                         ret->exts |= SFTP_EXT_FSYNC;
                         known = 1;
+                } else if (strcmp(name, "lsetstat@openssh.com") == 0 &&
+                    strcmp((char *)value, "1") == 0) {
+                        ret->exts |= SFTP_EXT_LSETSTAT;
+                        known = 1;
                 }
                 if (known) {
                         debug2("Server supports extension \"%s\" revision %s",
@@ -1098,7 +1103,6 @@ do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st,
 
         if ((msg = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
-        sshbuf_reset(msg);
         if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
             (r = sshbuf_put_u32(msg, id)) != 0 ||
             (r = sshbuf_put_cstring(msg, "statvfs@openssh.com")) != 0 ||
@@ -1127,7 +1131,6 @@ do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
 
         if ((msg = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
-        sshbuf_reset(msg);
         if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
             (r = sshbuf_put_u32(msg, id)) != 0 ||
             (r = sshbuf_put_cstring(msg, "fstatvfs@openssh.com")) != 0 ||
@@ -1140,6 +1143,38 @@ do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
 }
 #endif
 
+int
+do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a)
+{
+        struct sshbuf *msg;
+        u_int status, id;
+        int r;
+
+        if ((conn->exts & SFTP_EXT_LSETSTAT) == 0) {
+                error("Server does not support lsetstat@openssh.com extension");
+                return -1;
+        }
+
+        id = conn->msg_id++;
+        if ((msg = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
+        if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
+            (r = sshbuf_put_u32(msg, id)) != 0 ||
+            (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 ||
+            (r = sshbuf_put_cstring(msg, path)) != 0 ||
+            (r = encode_attrib(msg, a)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        send_msg(conn, msg);
+        sshbuf_free(msg);
+
+        status = get_status(conn, id);
+        if (status != SSH2_FX_OK)
+                error("Couldn't setstat on \"%s\": %s", path,
+                    fx2txt(status));
+
+        return status == SSH2_FX_OK ? 0 : -1;
+}
+
 static void
 send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset,
     u_int len, const u_char *handle, u_int handle_len)
@@ -1149,7 +1184,6 @@ send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset,
 
         if ((msg = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
-        sshbuf_reset(msg);
         if ((r = sshbuf_put_u8(msg, SSH2_FXP_READ)) != 0 ||
             (r = sshbuf_put_u32(msg, id)) != 0 ||
             (r = sshbuf_put_string(msg, handle, handle_len)) != 0 ||
diff --git a/sftp-client.h b/sftp-client.h
index 14a3b8182..63a9b8b13 100644
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.h,v 1.27 2015/05/08 06:45:13 djm Exp $ */
+/* $OpenBSD: sftp-client.h,v 1.28 2019/01/16 23:23:45 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
@@ -91,6 +91,9 @@ int do_setstat(struct sftp_conn *, const char *, Attrib *);
 /* Set file attributes of open file 'handle' */
 int do_fsetstat(struct sftp_conn *, const u_char *, u_int, Attrib *);
 
+/* Set file attributes of 'path', not following symlinks */
+int do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a);
+
 /* Canonicalise 'path' - caller must free result */
 char *do_realpath(struct sftp_conn *, const char *);
 
diff --git a/sftp-common.c b/sftp-common.c
index 5d743d3b2..677f27d63 100644
--- a/sftp-common.c
+++ b/sftp-common.c
@@ -36,6 +36,7 @@
 #include <string.h>
 #include <time.h>
 #include <stdarg.h>
+#include <unistd.h>
 #ifdef HAVE_UTIL_H
 #include <util.h>
 #endif
diff --git a/sftp-server-main.c b/sftp-server-main.c
index c6ccd623e..6230d897d 100644
--- a/sftp-server-main.c
+++ b/sftp-server-main.c
@@ -43,6 +43,8 @@ main(int argc, char **argv)
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
 
+        seed_rng();
+
         if ((user_pw = getpwuid(getuid())) == NULL) {
                 fprintf(stderr, "No user found for uid %lu\n",
                     (u_long)getuid());
diff --git a/sftp-server.0 b/sftp-server.0
index 4c42b26c9..fb84373d9 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -93,4 +93,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.4                    December 11, 2014                   OpenBSD 6.4
+OpenBSD 6.5                    December 11, 2014                   OpenBSD 6.5
diff --git a/sftp-server.c b/sftp-server.c
index ab1b063f2..19a132bd9 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.112 2018/06/01 03:33:53 djm Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.114 2019/01/16 23:22:10 djm Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -107,6 +107,7 @@ static void process_extended_statvfs(u_int32_t id);
 static void process_extended_fstatvfs(u_int32_t id);
 static void process_extended_hardlink(u_int32_t id);
 static void process_extended_fsync(u_int32_t id);
+static void process_extended_lsetstat(u_int32_t id);
 static void process_extended(u_int32_t id);
 
 struct sftp_handler {
@@ -117,7 +118,7 @@ struct sftp_handler {
         int does_write;         /* if nonzero, banned for readonly mode */
 };
 
-struct sftp_handler handlers[] = {
+static const struct sftp_handler handlers[] = {
         /* NB. SSH2_FXP_OPEN does the readonly check in the handler itself */
         { "open", NULL, SSH2_FXP_OPEN, process_open, 0 },
         { "close", NULL, SSH2_FXP_CLOSE, process_close, 0 },
@@ -141,18 +142,19 @@ struct sftp_handler handlers[] = {
 };
 
 /* SSH2_FXP_EXTENDED submessages */
-struct sftp_handler extended_handlers[] = {
+static const struct sftp_handler extended_handlers[] = {
         { "posix-rename", "posix-rename@openssh.com", 0,
            process_extended_posix_rename, 1 },
         { "statvfs", "statvfs@openssh.com", 0, process_extended_statvfs, 0 },
         { "fstatvfs", "fstatvfs@openssh.com", 0, process_extended_fstatvfs, 0 },
         { "hardlink", "hardlink@openssh.com", 0, process_extended_hardlink, 1 },
         { "fsync", "fsync@openssh.com", 0, process_extended_fsync, 1 },
+        { "lsetstat", "lsetstat@openssh.com", 0, process_extended_lsetstat, 1 },
         { NULL, NULL, 0, NULL, 0 }
 };
 
 static int
-request_permitted(struct sftp_handler *h)
+request_permitted(const struct sftp_handler *h)
 {
         char *result;
 
@@ -285,9 +287,9 @@ enum {
         HANDLE_FILE
 };
 
-Handle *handles = NULL;
-u_int num_handles = 0;
-int first_unused_handle = -1;
+static Handle *handles = NULL;
+static u_int num_handles = 0;
+static int first_unused_handle = -1;
 
 static void handle_unused(int i)
 {
@@ -666,6 +668,8 @@ process_init(void)
             (r = sshbuf_put_cstring(msg, "1")) != 0 || /* version */
             /* fsync extension */
             (r = sshbuf_put_cstring(msg, "fsync@openssh.com")) != 0 ||
+            (r = sshbuf_put_cstring(msg, "1")) != 0 || /* version */
+            (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 ||
             (r = sshbuf_put_cstring(msg, "1")) != 0) /* version */
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
         send_msg(msg);
@@ -889,6 +893,18 @@ attrib_to_tv(const Attrib *a)
         return tv;
 }
 
+static struct timespec *
+attrib_to_ts(const Attrib *a)
+{
+        static struct timespec ts[2];
+
+        ts[0].tv_sec = a->atime;
+        ts[0].tv_nsec = 0;
+        ts[1].tv_sec = a->mtime;
+        ts[1].tv_nsec = 0;
+        return ts;
+}
+
 static void
 process_setstat(u_int32_t id)
 {
@@ -1370,6 +1386,55 @@ process_extended_fsync(u_int32_t id)
 }
 
 static void
+process_extended_lsetstat(u_int32_t id)
+{
+        Attrib a;
+        char *name;
+        int r, status = SSH2_FX_OK;
+
+        if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 ||
+            (r = decode_attrib(iqueue, &a)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+
+        debug("request %u: lsetstat name \"%s\"", id, name);
+        if (a.flags & SSH2_FILEXFER_ATTR_SIZE) {
+                /* nonsensical for links */
+                status = SSH2_FX_BAD_MESSAGE;
+                goto out;
+        }
+        if (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
+                logit("set \"%s\" mode %04o", name, a.perm);
+                r = fchmodat(AT_FDCWD, name,
+                    a.perm & 07777, AT_SYMLINK_NOFOLLOW);
+                if (r == -1)
+                        status = errno_to_portable(errno);
+        }
+        if (a.flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
+                char buf[64];
+                time_t t = a.mtime;
+
+                strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
+                    localtime(&t));
+                logit("set \"%s\" modtime %s", name, buf);
+                r = utimensat(AT_FDCWD, name,
+                    attrib_to_ts(&a), AT_SYMLINK_NOFOLLOW);
+                if (r == -1)
+                        status = errno_to_portable(errno);
+        }
+        if (a.flags & SSH2_FILEXFER_ATTR_UIDGID) {
+                logit("set \"%s\" owner %lu group %lu", name,
+                    (u_long)a.uid, (u_long)a.gid);
+                r = fchownat(AT_FDCWD, name, a.uid, a.gid,
+                    AT_SYMLINK_NOFOLLOW);
+                if (r == -1)
+                        status = errno_to_portable(errno);
+        }
+ out:
+        send_status(id, status);
+        free(name);
+}
+
+static void
 process_extended(u_int32_t id)
 {
         char *request;
diff --git a/sftp.0 b/sftp.0
index ed98400d3..2342c2320 100644
--- a/sftp.0
+++ b/sftp.0
@@ -5,9 +5,10 @@ NAME
 
 SYNOPSIS
      sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
-          [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit]
-          [-o ssh_option] [-P port] [-R num_requests] [-S program]
-          [-s subsystem | sftp_server] destination
+          [-D sftp_server_path] [-F ssh_config] [-i identity_file]
+          [-J destination] [-l limit] [-o ssh_option] [-P port]
+          [-R num_requests] [-S program] [-s subsystem | sftp_server]
+          destination
 
 DESCRIPTION
      sftp is a file transfer program, similar to ftp(1), which performs all
@@ -52,13 +53,18 @@ DESCRIPTION
              instead of stdin.  Since it lacks user interaction it should be
              used in conjunction with non-interactive authentication to
              obviate the need to enter a password at connection time (see
-             sshd(8) and ssh-keygen(1) for details).  A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may
-             be used to indicate standard input.  sftp will abort if any of
-             the following commands fail: get, put, reget, reput, rename, ln,
-             rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df,
-             symlink, and lmkdir.  Termination on error can be suppressed on a
-             command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y
-             character (for example, -rm /tmp/blah*).
+             sshd(8) and ssh-keygen(1) for details).
+
+             A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input.  sftp
+             will abort if any of the following commands fail: get, put,
+             reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod,
+             chown, chgrp, lpwd, df, symlink, and lmkdir.
+
+             Termination on error can be suppressed on a command by command
+             basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example,
+             -rm /tmp/blah*).  Echo of the command may be suppressed by
+             prefixing the command with a M-bM-^@M-^X@M-bM-^@M-^Y character.  These two prefixes
+             may be combined in any order, for example -@ls /bsd.
 
      -C      Enables compression (via ssh's -C flag).
 
@@ -83,6 +89,14 @@ DESCRIPTION
              key authentication is read.  This option is directly passed to
              ssh(1).
 
+     -J destination
+             Connect to the target host by first making an sftp connection to
+             the jump host described by destination and then establishing a
+             TCP forwarding to the ultimate destination from there.  Multiple
+             jump hops may be specified separated by comma characters.  This
+             is a shortcut to specify a ProxyJump configuration directive.
+             This option is directly passed to ssh(1).
+
      -l limit
              Limits the used bandwidth, specified in Kbit/s.
 
@@ -197,17 +211,20 @@ INTERACTIVE COMMANDS
              Change remote directory to path.  If path is not specified, then
              change directory to the one the session started in.
 
-     chgrp grp path
-             Change group of file path to grp.  path may contain glob(7)
+     chgrp [-h] grp path
+             Change group of file path to grp.  If the -h flag is specified,
+             then symlinks will not be followed.  path may contain glob(7)
              characters and may match multiple files.  grp must be a numeric
              GID.
 
-     chmod mode path
-             Change permissions of file path to mode.  path may contain
+     chmod [-h] mode path
+             Change permissions of file path to mode.  If the -h flag is
+             specified, then symlinks will not be followed.  path may contain
              glob(7) characters and may match multiple files.
 
-     chown own path
-             Change owner of file path to own.  path may contain glob(7)
+     chown [-h] own path
+             Change owner of file path to own.  If the -h flag is specified,
+             then symlinks will not be followed.  path may contain glob(7)
              characters and may match multiple files.  own must be a numeric
              UID.
 
@@ -376,4 +393,4 @@ SEE ALSO
      T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
      filexfer-00.txt, January 2001, work in progress material.
 
-OpenBSD 6.4                   September 20, 2018                   OpenBSD 6.4
+OpenBSD 6.5                    January 22, 2019                    OpenBSD 6.5
diff --git a/sftp.1 b/sftp.1
index 0fd54cae0..259095885 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sftp.1,v 1.120 2018/09/20 06:58:48 jmc Exp $
+.\" $OpenBSD: sftp.1,v 1.125 2019/01/22 06:58:31 jmc Exp $
 .\"
 .\" Copyright (c) 2001 Damien Miller.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 20 2018 $
+.Dd $Mdocdate: January 22 2019 $
 .Dt SFTP 1
 .Os
 .Sh NAME
@@ -37,6 +37,7 @@
 .Op Fl D Ar sftp_server_path
 .Op Fl F Ar ssh_config
 .Op Fl i Ar identity_file
+.Op Fl J Ar destination
 .Op Fl l Ar limit
 .Op Fl o Ar ssh_option
 .Op Fl P Ar port
@@ -127,6 +128,7 @@ at connection time (see
 and
 .Xr ssh-keygen 1
 for details).
+.Pp
 A
 .Ar batchfile
 of
@@ -135,17 +137,23 @@ may be used to indicate standard input.
 .Nm
 will abort if any of the following
 commands fail:
-.Ic get , put , reget , reput, rename , ln ,
+.Ic get , put , reget , reput , rename , ln ,
 .Ic rm , mkdir , chdir , ls ,
 .Ic lchdir , chmod , chown ,
 .Ic chgrp , lpwd , df , symlink ,
 and
 .Ic lmkdir .
+.Pp
 Termination on error can be suppressed on a command by command basis by
 prefixing the command with a
 .Sq \-
 character (for example,
 .Ic -rm /tmp/blah* ) .
+Echo of the command may be suppressed by prefixing the command with a
+.Sq @
+character.
+These two prefixes may be combined in any order, for example
+.Ic -@ls /bsd .
 .It Fl C
 Enables compression (via ssh's
 .Fl C
@@ -174,6 +182,19 @@ Selects the file from which the identity (private key) for public key
 authentication is read.
 This option is directly passed to
 .Xr ssh 1 .
+.It Fl J Ar destination
+Connect to the target host by first making an
+.Nm
+connection to the jump host described by
+.Ar destination
+and then establishing a TCP forwarding to the ultimate destination from
+there.
+Multiple jump hops may be specified separated by comma characters.
+This is a shortcut to specify a
+.Cm ProxyJump
+configuration directive.
+This option is directly passed to
+.Xr ssh 1 .
 .It Fl l Ar limit
 Limits the used bandwidth, specified in Kbit/s.
 .It Fl o Ar ssh_option
@@ -309,31 +330,52 @@ Change remote directory to
 If
 .Ar path
 is not specified, then change directory to the one the session started in.
-.It Ic chgrp Ar grp Ar path
+.It Xo Ic chgrp
+.Op Fl h
+.Ar grp
+.Ar path
+.Xc
 Change group of file
 .Ar path
 to
 .Ar grp .
+If the
+.Fl h
+flag is specified, then symlinks will not be followed.
 .Ar path
 may contain
 .Xr glob 7
 characters and may match multiple files.
 .Ar grp
 must be a numeric GID.
-.It Ic chmod Ar mode Ar path
+.It Xo Ic chmod
+.Op Fl h
+.Ar mode
+.Ar path
+.Xc
 Change permissions of file
 .Ar path
 to
 .Ar mode .
+If the
+.Fl h
+flag is specified, then symlinks will not be followed.
 .Ar path
 may contain
 .Xr glob 7
 characters and may match multiple files.
-.It Ic chown Ar own Ar path
+.It Xo Ic chown
+.Op Fl h
+.Ar own
+.Ar path
+.Xc
 Change owner of file
 .Ar path
 to
 .Ar own .
+If the
+.Fl h
+flag is specified, then symlinks will not be followed.
 .Ar path
 may contain
 .Xr glob 7
diff --git a/sftp.c b/sftp.c
index 7db86c2d3..44aa19d96 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.186 2018/09/07 04:26:56 dtucker Exp $ */
+/* $OpenBSD: sftp.c,v 1.190 2019/01/21 22:50:42 tb Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -278,9 +278,9 @@ help(void)
         printf("Available commands:\n"
             "bye                                Quit sftp\n"
             "cd path                            Change remote directory to 'path'\n"
-            "chgrp grp path                     Change group of file 'path' to 'grp'\n"
-            "chmod mode path                    Change permissions of file 'path' to 'mode'\n"
-            "chown own path                     Change owner of file 'path' to 'own'\n"
+            "chgrp [-h] grp path                Change group of file 'path' to 'grp'\n"
+            "chmod [-h] mode path               Change permissions of file 'path' to 'mode'\n"
+            "chown [-h] own path                Change owner of file 'path' to 'own'\n"
             "df [-hi] [path]                    Display statistics for current directory or\n"
             "                                   filesystem containing 'path'\n"
             "exit                               Quit sftp\n"
@@ -389,7 +389,7 @@ make_absolute(char *p, const char *pwd)
         char *abs_str;
 
         /* Derelativise */
-        if (p && p[0] != '/') {
+        if (p && !path_absolute(p)) {
                 abs_str = path_append(pwd, p);
                 free(p);
                 return(abs_str);
@@ -562,6 +562,30 @@ parse_df_flags(const char *cmd, char **argv, int argc, int *hflag, int *iflag)
 }
 
 static int
+parse_ch_flags(const char *cmd, char **argv, int argc, int *hflag)
+{
+        extern int opterr, optind, optopt, optreset;
+        int ch;
+
+        optind = optreset = 1;
+        opterr = 0;
+
+        *hflag = 0;
+        while ((ch = getopt(argc, argv, "h")) != -1) {
+                switch (ch) {
+                case 'h':
+                        *hflag = 1;
+                        break;
+                default:
+                        error("%s: Invalid flag -%c", cmd, optopt);
+                        return -1;
+                }
+        }
+
+        return optind;
+}
+
+static int
 parse_no_flags(const char *cmd, char **argv, int argc)
 {
         extern int opterr, optind, optopt, optreset;
@@ -1296,7 +1320,7 @@ makeargv(const char *arg, int *argcp, int sloppy, char *lastquote,
 }
 
 static int
-parse_args(const char **cpp, int *ignore_errors, int *aflag,
+parse_args(const char **cpp, int *ignore_errors, int *disable_echo, int *aflag,
           int *fflag, int *hflag, int *iflag, int *lflag, int *pflag,
           int *rflag, int *sflag,
     unsigned long *n_arg, char **path1, char **path2)
@@ -1310,13 +1334,23 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag,
         /* Skip leading whitespace */
         cp = cp + strspn(cp, WHITESPACE);
 
-        /* Check for leading '-' (disable error processing) */
+        /*
+         * Check for leading '-' (disable error processing) and '@' (suppress
+         * command echo)
+         */
         *ignore_errors = 0;
-        if (*cp == '-') {
-                *ignore_errors = 1;
-                cp++;
-                cp = cp + strspn(cp, WHITESPACE);
+        *disable_echo = 0;
+        for (;*cp != '\0'; cp++) {
+                if (*cp == '-') {
+                        *ignore_errors = 1;
+                } else if (*cp == '@') {
+                        *disable_echo = 1;
+                } else {
+                        /* all other characters terminate prefix processing */
+                        break;
+                }
         }
+        cp = cp + strspn(cp, WHITESPACE);
 
         /* Ignore blank lines and lines which begin with comment '#' char */
         if (*cp == '\0' || *cp == '#')
@@ -1446,7 +1480,7 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag,
                 /* FALLTHROUGH */
         case I_CHOWN:
         case I_CHGRP:
-                if ((optidx = parse_no_flags(cmd, argv, argc)) == -1)
+                if ((optidx = parse_ch_flags(cmd, argv, argc, hflag)) == -1)
                         return -1;
                 /* Get numeric arg (mandatory) */
                 if (argc - optidx < 1)
@@ -1491,11 +1525,12 @@ parse_args(const char **cpp, int *ignore_errors, int *aflag,
 
 static int
 parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
-    const char *startdir, int err_abort)
+    const char *startdir, int err_abort, int echo_command)
 {
+        const char *ocmd = cmd;
         char *path1, *path2, *tmp;
-        int ignore_errors = 0, aflag = 0, fflag = 0, hflag = 0,
-        iflag = 0;
+        int ignore_errors = 0, disable_echo = 1;
+        int aflag = 0, fflag = 0, hflag = 0, iflag = 0;
         int lflag = 0, pflag = 0, rflag = 0, sflag = 0;
         int cmdnum, i;
         unsigned long n_arg = 0;
@@ -1505,11 +1540,15 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
         glob_t g;
 
         path1 = path2 = NULL;
-        cmdnum = parse_args(&cmd, &ignore_errors, &aflag, &fflag, &hflag,
-            &iflag, &lflag, &pflag, &rflag, &sflag, &n_arg, &path1, &path2);
+        cmdnum = parse_args(&cmd, &ignore_errors, &disable_echo, &aflag, &fflag,
+            &hflag, &iflag, &lflag, &pflag, &rflag, &sflag, &n_arg,
+            &path1, &path2);
         if (ignore_errors != 0)
                 err_abort = 0;
 
+        if (echo_command && !disable_echo)
+                mprintf("sftp> %s\n", ocmd);
+
         memset(&g, 0, sizeof(g));
 
         /* Perform command */
@@ -1608,7 +1647,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
 
                 /* Strip pwd off beginning of non-absolute paths */
                 tmp = NULL;
-                if (*path1 != '/')
+                if (!path_absolute(path1))
                         tmp = *pwd;
 
                 path1 = make_absolute(path1, *pwd);
@@ -1660,7 +1699,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                         if (!quiet)
                                 mprintf("Changing mode on %s\n",
                                     g.gl_pathv[i]);
-                        err = do_setstat(conn, g.gl_pathv[i], &a);
+                        err = (hflag ? do_lsetstat : do_setstat)(conn,
+                            g.gl_pathv[i], &a);
                         if (err != 0 && err_abort)
                                 break;
                 }
@@ -1670,7 +1710,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                 path1 = make_absolute(path1, *pwd);
                 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
                 for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
-                        if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) {
+                        if (!(aa = (hflag ? do_lstat : do_stat)(conn,
+                            g.gl_pathv[i], 0))) {
                                 if (err_abort) {
                                         err = -1;
                                         break;
@@ -1698,7 +1739,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                                             g.gl_pathv[i]);
                                 aa->gid = n_arg;
                         }
-                        err = do_setstat(conn, g.gl_pathv[i], aa);
+                        err = (hflag ? do_lsetstat : do_setstat)(conn,
+                            g.gl_pathv[i], aa);
                         if (err != 0 && err_abort)
                                 break;
                 }
@@ -1936,7 +1978,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
                 xasprintf(&tmp, "%s*", file);
 
         /* Check if the path is absolute. */
-        isabs = tmp[0] == '/';
+        isabs = path_absolute(tmp);
 
         memset(&g, 0, sizeof(g));
         if (remote != LOCAL) {
@@ -2169,7 +2211,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
                                 mprintf("Changing to: %s\n", dir);
                         snprintf(cmd, sizeof cmd, "cd \"%s\"", dir);
                         if (parse_dispatch_command(conn, cmd,
-                            &remote_path, startdir, 1) != 0) {
+                            &remote_path, startdir, 1, 0) != 0) {
                                 free(dir);
                                 free(startdir);
                                 free(remote_path);
@@ -2183,7 +2225,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
                             file2 == NULL ? "" : " ",
                             file2 == NULL ? "" : file2);
                         err = parse_dispatch_command(conn, cmd,
-                            &remote_path, startdir, 1);
+                            &remote_path, startdir, 1, 0);
                         free(dir);
                         free(startdir);
                         free(remote_path);
@@ -2199,8 +2241,6 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
         interactive = !batchmode && isatty(STDIN_FILENO);
         err = 0;
         for (;;) {
-                char *cp;
-
                 signal(SIGINT, SIG_IGN);
 
                 if (el == NULL) {
@@ -2211,12 +2251,6 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
                                         printf("\n");
                                 break;
                         }
-                        if (!interactive) { /* Echo command */
-                                mprintf("sftp> %s", cmd);
-                                if (strlen(cmd) > 0 &&
-                                    cmd[strlen(cmd) - 1] != '\n')
-                                        printf("\n");
-                        }
                 } else {
 #ifdef USE_LIBEDIT
                         const char *line;
@@ -2235,16 +2269,14 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
 #endif /* USE_LIBEDIT */
                 }
 
-                cp = strrchr(cmd, '\n');
-                if (cp)
-                        *cp = '\0';
+                cmd[strcspn(cmd, "\n")] = '\0';
 
                 /* Handle user interrupts gracefully during commands */
                 interrupted = 0;
                 signal(SIGINT, cmd_interrupt);
 
                 err = parse_dispatch_command(conn, cmd, &remote_path,
-                    startdir, batchmode);
+                    startdir, batchmode, !interactive && el == NULL);
                 if (err != 0)
                         break;
         }
@@ -2330,11 +2362,10 @@ usage(void)
 
         fprintf(stderr,
             "usage: %s [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]\n"
-            "          [-D sftp_server_path] [-F ssh_config] "
-            "[-i identity_file] [-l limit]\n"
-            "          [-o ssh_option] [-P port] [-R num_requests] "
-            "[-S program]\n"
-            "          [-s subsystem | sftp_server] destination\n",
+            "          [-D sftp_server_path] [-F ssh_config] [-i identity_file]\n"
+            "          [-J destination] [-l limit] [-o ssh_option] [-P port]\n"
+            "          [-R num_requests] [-S program] [-s subsystem | sftp_server]\n"
+            "          destination\n",
             __progname);
         exit(1);
 }
@@ -2362,6 +2393,8 @@ main(int argc, char **argv)
         sanitise_stdfd();
         msetlocale();
 
+        seed_rng();
+
         __progname = ssh_get_progname(argv[0]);
         memset(&args, '\0', sizeof(args));
         args.list = NULL;
@@ -2375,7 +2408,7 @@ main(int argc, char **argv)
         infile = stdin;
 
         while ((ch = getopt(argc, argv,
-            "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) {
+            "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) {
                 switch (ch) {
                 /* Passed through to ssh(1) */
                 case '4':
@@ -2385,6 +2418,7 @@ main(int argc, char **argv)
                         break;
                 /* Passed through to ssh(1) with argument */
                 case 'F':
+                case 'J':
                 case 'c':
                 case 'i':
                 case 'o':
diff --git a/sntrup4591761.c b/sntrup4591761.c
new file mode 100644
index 000000000..61fe2483f
--- /dev/null
+++ b/sntrup4591761.c
@@ -0,0 +1,1083 @@
+/*  $OpenBSD: sntrup4591761.c,v 1.3 2019/01/30 19:51:15 markus Exp $ */
+
+/*
+ * Public Domain, Authors:
+ * - Daniel J. Bernstein
+ * - Chitchanok Chuengsatiansup
+ * - Tanja Lange
+ * - Christine van Vredendaal
+ */
+
+#include "includes.h"
+
+#include <string.h>
+#include "crypto_api.h"
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.h */
+#ifndef int32_sort_h
+#define int32_sort_h
+
+
+static void int32_sort(crypto_int32 *,int);
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void minmax(crypto_int32 *x,crypto_int32 *y)
+{
+  crypto_uint32 xi = *x;
+  crypto_uint32 yi = *y;
+  crypto_uint32 xy = xi ^ yi;
+  crypto_uint32 c = yi - xi;
+  c ^= xy & (c ^ yi);
+  c >>= 31;
+  c = -c;
+  c &= xy;
+  *x = xi ^ c;
+  *y = yi ^ c;
+}
+
+static void int32_sort(crypto_int32 *x,int n)
+{
+  int top,p,q,i;
+
+  if (n < 2) return;
+  top = 1;
+  while (top < n - top) top += top;
+
+  for (p = top;p > 0;p >>= 1) {
+    for (i = 0;i < n - p;++i)
+      if (!(i & p))
+        minmax(x + i,x + i + p);
+    for (q = top;q > p;q >>= 1)
+      for (i = 0;i < n - q;++i)
+        if (!(i & p))
+          minmax(x + i + p,x + i + q);
+  }
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.h */
+#ifndef small_h
+#define small_h
+
+
+typedef crypto_int8 small;
+
+static void small_encode(unsigned char *,const small *);
+
+static void small_decode(small *,const unsigned char *);
+
+
+static void small_random(small *);
+
+static void small_random_weightw(small *);
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/mod3.h */
+#ifndef mod3_h
+#define mod3_h
+
+
+/* -1 if x is nonzero, 0 otherwise */
+static inline int mod3_nonzero_mask(small x)
+{
+  return -x*x;
+}
+
+/* input between -100000 and 100000 */
+/* output between -1 and 1 */
+static inline small mod3_freeze(crypto_int32 a)
+{
+  a -= 3 * ((10923 * a) >> 15);
+  a -= 3 * ((89478485 * a + 134217728) >> 28);
+  return a;
+}
+
+static inline small mod3_minusproduct(small a,small b,small c)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  crypto_int32 C = c;
+  return mod3_freeze(A - B * C);
+}
+
+static inline small mod3_plusproduct(small a,small b,small c)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  crypto_int32 C = c;
+  return mod3_freeze(A + B * C);
+}
+
+static inline small mod3_product(small a,small b)
+{
+  return a * b;
+}
+
+static inline small mod3_sum(small a,small b)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  return mod3_freeze(A + B);
+}
+
+static inline small mod3_reciprocal(small a1)
+{
+  return a1;
+}
+
+static inline small mod3_quotient(small num,small den)
+{
+  return mod3_product(num,mod3_reciprocal(den));
+}
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/modq.h */
+#ifndef modq_h
+#define modq_h
+
+
+typedef crypto_int16 modq;
+
+/* -1 if x is nonzero, 0 otherwise */
+static inline int modq_nonzero_mask(modq x)
+{
+  crypto_int32 r = (crypto_uint16) x;
+  r = -r;
+  r >>= 30;
+  return r;
+}
+
+/* input between -9000000 and 9000000 */
+/* output between -2295 and 2295 */
+static inline modq modq_freeze(crypto_int32 a)
+{
+  a -= 4591 * ((228 * a) >> 20);
+  a -= 4591 * ((58470 * a + 134217728) >> 28);
+  return a;
+}
+
+static inline modq modq_minusproduct(modq a,modq b,modq c)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  crypto_int32 C = c;
+  return modq_freeze(A - B * C);
+}
+
+static inline modq modq_plusproduct(modq a,modq b,modq c)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  crypto_int32 C = c;
+  return modq_freeze(A + B * C);
+}
+
+static inline modq modq_product(modq a,modq b)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  return modq_freeze(A * B);
+}
+
+static inline modq modq_square(modq a)
+{
+  crypto_int32 A = a;
+  return modq_freeze(A * A);
+}
+
+static inline modq modq_sum(modq a,modq b)
+{
+  crypto_int32 A = a;
+  crypto_int32 B = b;
+  return modq_freeze(A + B);
+}
+
+static inline modq modq_reciprocal(modq a1)
+{
+  modq a2 = modq_square(a1);
+  modq a3 = modq_product(a2,a1);
+  modq a4 = modq_square(a2);
+  modq a8 = modq_square(a4);
+  modq a16 = modq_square(a8);
+  modq a32 = modq_square(a16);
+  modq a35 = modq_product(a32,a3);
+  modq a70 = modq_square(a35);
+  modq a140 = modq_square(a70);
+  modq a143 = modq_product(a140,a3);
+  modq a286 = modq_square(a143);
+  modq a572 = modq_square(a286);
+  modq a1144 = modq_square(a572);
+  modq a1147 = modq_product(a1144,a3);
+  modq a2294 = modq_square(a1147);
+  modq a4588 = modq_square(a2294);
+  modq a4589 = modq_product(a4588,a1);
+  return a4589;
+}
+
+static inline modq modq_quotient(modq num,modq den)
+{
+  return modq_product(num,modq_reciprocal(den));
+}
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/params.h */
+#ifndef params_h
+#define params_h
+
+#define q 4591
+/* XXX: also built into modq in various ways */
+
+#define qshift 2295
+#define p 761
+#define w 286
+
+#define rq_encode_len 1218
+#define small_encode_len 191
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3.h */
+#ifndef r3_h
+#define r3_h
+
+
+static void r3_mult(small *,const small *,const small *);
+
+extern int r3_recip(small *,const small *);
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.h */
+#ifndef rq_h
+#define rq_h
+
+
+static void rq_encode(unsigned char *,const modq *);
+
+static void rq_decode(modq *,const unsigned char *);
+
+static void rq_encoderounded(unsigned char *,const modq *);
+
+static void rq_decoderounded(modq *,const unsigned char *);
+
+static void rq_round3(modq *,const modq *);
+
+static void rq_mult(modq *,const modq *,const small *);
+
+int rq_recip3(modq *,const small *);
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.h */
+#ifndef swap_h
+#define swap_h
+
+static void swap(void *,void *,int,int);
+
+#endif
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/dec.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+#ifdef KAT
+#endif
+
+
+int crypto_kem_sntrup4591761_dec(
+  unsigned char *k,
+  const unsigned char *cstr,
+  const unsigned char *sk
+)
+{
+  small f[p];
+  modq h[p];
+  small grecip[p];
+  modq c[p];
+  modq t[p];
+  small t3[p];
+  small r[p];
+  modq hr[p];
+  unsigned char rstr[small_encode_len];
+  unsigned char hash[64];
+  int i;
+  int result = 0;
+  int weight;
+
+  small_decode(f,sk);
+  small_decode(grecip,sk + small_encode_len);
+  rq_decode(h,sk + 2 * small_encode_len);
+
+  rq_decoderounded(c,cstr + 32);
+
+  rq_mult(t,c,f);
+  for (i = 0;i < p;++i) t3[i] = mod3_freeze(modq_freeze(3*t[i]));
+
+  r3_mult(r,t3,grecip);
+
+#ifdef KAT
+  {
+    int j;
+    printf("decrypt r:");
+    for (j = 0;j < p;++j)
+      if (r[j] == 1) printf(" +%d",j);
+      else if (r[j] == -1) printf(" -%d",j);
+    printf("\n");
+  }
+#endif
+
+  weight = 0;
+  for (i = 0;i < p;++i) weight += (1 & r[i]);
+  weight -= w;
+  result |= modq_nonzero_mask(weight); /* XXX: puts limit on p */
+
+  rq_mult(hr,h,r);
+  rq_round3(hr,hr);
+  for (i = 0;i < p;++i) result |= modq_nonzero_mask(hr[i] - c[i]);
+
+  small_encode(rstr,r);
+  crypto_hash_sha512(hash,rstr,sizeof rstr);
+  result |= crypto_verify_32(hash,cstr);
+
+  for (i = 0;i < 32;++i) k[i] = (hash[32 + i] & ~result);
+  return result;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/enc.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+#ifdef KAT
+#endif
+
+
+int crypto_kem_sntrup4591761_enc(
+  unsigned char *cstr,
+  unsigned char *k,
+  const unsigned char *pk
+)
+{
+  small r[p];
+  modq h[p];
+  modq c[p];
+  unsigned char rstr[small_encode_len];
+  unsigned char hash[64];
+
+  small_random_weightw(r);
+
+#ifdef KAT
+  {
+    int i;
+    printf("encrypt r:");
+    for (i = 0;i < p;++i)
+      if (r[i] == 1) printf(" +%d",i);
+      else if (r[i] == -1) printf(" -%d",i);
+    printf("\n");
+  }
+#endif
+
+  small_encode(rstr,r);
+  crypto_hash_sha512(hash,rstr,sizeof rstr);
+
+  rq_decode(h,pk);
+  rq_mult(c,h,r);
+  rq_round3(c,c);
+
+  memcpy(k,hash + 32,32);
+  memcpy(cstr,hash,32);
+  rq_encoderounded(cstr + 32,c);
+
+  return 0;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/keypair.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+#if crypto_kem_sntrup4591761_PUBLICKEYBYTES != rq_encode_len
+#error "crypto_kem_sntrup4591761_PUBLICKEYBYTES must match rq_encode_len"
+#endif
+#if crypto_kem_sntrup4591761_SECRETKEYBYTES != rq_encode_len + 2 * small_encode_len
+#error "crypto_kem_sntrup4591761_SECRETKEYBYTES must match rq_encode_len + 2 * small_encode_len"
+#endif
+
+int crypto_kem_sntrup4591761_keypair(unsigned char *pk,unsigned char *sk)
+{
+  small g[p];
+  small grecip[p];
+  small f[p];
+  modq f3recip[p];
+  modq h[p];
+
+  do
+    small_random(g);
+  while (r3_recip(grecip,g) != 0);
+
+  small_random_weightw(f);
+  rq_recip3(f3recip,f);
+
+  rq_mult(h,f3recip,g);
+
+  rq_encode(pk,h);
+  small_encode(sk,f);
+  small_encode(sk + small_encode_len,grecip);
+  memcpy(sk + 2 * small_encode_len,pk,rq_encode_len);
+
+  return 0;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_mult.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void r3_mult(small *h,const small *f,const small *g)
+{
+  small fg[p + p - 1];
+  small result;
+  int i, j;
+
+  for (i = 0;i < p;++i) {
+    result = 0;
+    for (j = 0;j <= i;++j)
+      result = mod3_plusproduct(result,f[j],g[i - j]);
+    fg[i] = result;
+  }
+  for (i = p;i < p + p - 1;++i) {
+    result = 0;
+    for (j = i - p + 1;j < p;++j)
+      result = mod3_plusproduct(result,f[j],g[i - j]);
+    fg[i] = result;
+  }
+
+  for (i = p + p - 2;i >= p;--i) {
+    fg[i - p] = mod3_sum(fg[i - p],fg[i]);
+    fg[i - p + 1] = mod3_sum(fg[i - p + 1],fg[i]);
+  }
+
+  for (i = 0;i < p;++i)
+    h[i] = fg[i];
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_recip.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+/* caller must ensure that x-y does not overflow */
+static int smaller_mask_r3_recip(int x,int y)
+{
+  return (x - y) >> 31;
+}
+
+static void vectormod3_product(small *z,int len,const small *x,const small c)
+{
+  int i;
+  for (i = 0;i < len;++i) z[i] = mod3_product(x[i],c);
+}
+
+static void vectormod3_minusproduct(small *z,int len,const small *x,const small *y,const small c)
+{
+  int i;
+  for (i = 0;i < len;++i) z[i] = mod3_minusproduct(x[i],y[i],c);
+}
+
+static void vectormod3_shift(small *z,int len)
+{
+  int i;
+  for (i = len - 1;i > 0;--i) z[i] = z[i - 1];
+  z[0] = 0;
+}
+
+/*
+r = s^(-1) mod m, returning 0, if s is invertible mod m
+or returning -1 if s is not invertible mod m
+r,s are polys of degree <p
+m is x^p-x-1
+*/
+int r3_recip(small *r,const small *s)
+{
+  const int loops = 2*p + 1;
+  int loop;
+  small f[p + 1]; 
+  small g[p + 1]; 
+  small u[2*p + 2];
+  small v[2*p + 2];
+  small c;
+  int i;
+  int d = p;
+  int e = p;
+  int swapmask;
+
+  for (i = 2;i < p;++i) f[i] = 0;
+  f[0] = -1;
+  f[1] = -1;
+  f[p] = 1;
+  /* generalization: can initialize f to any polynomial m */
+  /* requirements: m has degree exactly p, nonzero constant coefficient */
+
+  for (i = 0;i < p;++i) g[i] = s[i];
+  g[p] = 0;
+
+  for (i = 0;i <= loops;++i) u[i] = 0;
+
+  v[0] = 1;
+  for (i = 1;i <= loops;++i) v[i] = 0;
+
+  loop = 0;
+  for (;;) {
+    /* e == -1 or d + e + loop <= 2*p */
+
+    /* f has degree p: i.e., f[p]!=0 */
+    /* f[i]==0 for i < p-d */
+
+    /* g has degree <=p (so it fits in p+1 coefficients) */
+    /* g[i]==0 for i < p-e */
+
+    /* u has degree <=loop (so it fits in loop+1 coefficients) */
+    /* u[i]==0 for i < p-d */
+    /* if invertible: u[i]==0 for i < loop-p (so can look at just p+1 coefficients) */
+
+    /* v has degree <=loop (so it fits in loop+1 coefficients) */
+    /* v[i]==0 for i < p-e */
+    /* v[i]==0 for i < loop-p (so can look at just p+1 coefficients) */
+
+    if (loop >= loops) break;
+
+    c = mod3_quotient(g[p],f[p]);
+
+    vectormod3_minusproduct(g,p + 1,g,f,c);
+    vectormod3_shift(g,p + 1);
+
+#ifdef SIMPLER
+    vectormod3_minusproduct(v,loops + 1,v,u,c);
+    vectormod3_shift(v,loops + 1);
+#else
+    if (loop < p) {
+      vectormod3_minusproduct(v,loop + 1,v,u,c);
+      vectormod3_shift(v,loop + 2);
+    } else {
+      vectormod3_minusproduct(v + loop - p,p + 1,v + loop - p,u + loop - p,c);
+      vectormod3_shift(v + loop - p,p + 2);
+    }
+#endif
+
+    e -= 1;
+
+    ++loop;
+
+    swapmask = smaller_mask_r3_recip(e,d) & mod3_nonzero_mask(g[p]);
+    swap(&e,&d,sizeof e,swapmask);
+    swap(f,g,(p + 1) * sizeof(small),swapmask);
+
+#ifdef SIMPLER
+    swap(u,v,(loops + 1) * sizeof(small),swapmask);
+#else
+    if (loop < p) {
+      swap(u,v,(loop + 1) * sizeof(small),swapmask);
+    } else {
+      swap(u + loop - p,v + loop - p,(p + 1) * sizeof(small),swapmask);
+    }
+#endif
+  }
+
+  c = mod3_reciprocal(f[p]);
+  vectormod3_product(r,p,u + p,c);
+  return smaller_mask_r3_recip(0,d);
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomsmall.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void small_random(small *g)
+{
+  int i;
+
+  for (i = 0;i < p;++i) {
+    crypto_uint32 r = small_random32();
+    g[i] = (small) (((1073741823 & r) * 3) >> 30) - 1;
+  }
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomweightw.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void small_random_weightw(small *f)
+{
+  crypto_int32 r[p];
+  int i;
+
+  for (i = 0;i < p;++i) r[i] = small_random32();
+  for (i = 0;i < w;++i) r[i] &= -2;
+  for (i = w;i < p;++i) r[i] = (r[i] & -3) | 1;
+  int32_sort(r,p);
+  for (i = 0;i < p;++i) f[i] = ((small) (r[i] & 3)) - 1;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void rq_encode(unsigned char *c,const modq *f)
+{
+  crypto_int32 f0, f1, f2, f3, f4;
+  int i;
+
+  for (i = 0;i < p/5;++i) {
+    f0 = *f++ + qshift;
+    f1 = *f++ + qshift;
+    f2 = *f++ + qshift;
+    f3 = *f++ + qshift;
+    f4 = *f++ + qshift;
+    /* now want f0 + 6144*f1 + ... as a 64-bit integer */
+    f1 *= 3;
+    f2 *= 9;
+    f3 *= 27;
+    f4 *= 81;
+    /* now want f0 + f1<<11 + f2<<22 + f3<<33 + f4<<44 */
+    f0 += f1 << 11;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0; f0 >>= 8;
+    f0 += f2 << 6;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0; f0 >>= 8;
+    f0 += f3 << 1;
+    *c++ = f0; f0 >>= 8;
+    f0 += f4 << 4;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0;
+  }
+  /* XXX: using p mod 5 = 1 */
+  f0 = *f++ + qshift;
+  *c++ = f0; f0 >>= 8;
+  *c++ = f0;
+}
+
+static void rq_decode(modq *f,const unsigned char *c)
+{
+  crypto_uint32 c0, c1, c2, c3, c4, c5, c6, c7;
+  crypto_uint32 f0, f1, f2, f3, f4;
+  int i;
+
+  for (i = 0;i < p/5;++i) {
+    c0 = *c++;
+    c1 = *c++;
+    c2 = *c++;
+    c3 = *c++;
+    c4 = *c++;
+    c5 = *c++;
+    c6 = *c++;
+    c7 = *c++;
+
+    /* f0 + f1*6144 + f2*6144^2 + f3*6144^3 + f4*6144^4 */
+    /* = c0 + c1*256 + ... + c6*256^6 + c7*256^7 */
+    /* with each f between 0 and 4590 */
+
+    c6 += c7 << 8;
+    /* c6 <= 23241 = floor(4591*6144^4/2^48) */
+    /* f4 = (16/81)c6 + (1/1296)(c5+[0,1]) - [0,0.75] */
+    /* claim: 2^19 f4 < x < 2^19(f4+1) */
+    /* where x = 103564 c6 + 405(c5+1) */
+    /* proof: x - 2^19 f4 = (76/81)c6 + (37/81)c5 + 405 - (32768/81)[0,1] + 2^19[0,0.75] */
+    /* at least 405 - 32768/81 > 0 */
+    /* at most (76/81)23241 + (37/81)255 + 405 + 2^19 0.75 < 2^19 */
+    f4 = (103564*c6 + 405*(c5+1)) >> 19;
+
+    c5 += c6 << 8;
+    c5 -= (f4 * 81) << 4;
+    c4 += c5 << 8;
+
+    /* f0 + f1*6144 + f2*6144^2 + f3*6144^3 */
+    /* = c0 + c1*256 + c2*256^2 + c3*256^3 + c4*256^4 */
+    /* c4 <= 247914 = floor(4591*6144^3/2^32) */
+    /* f3 = (1/54)(c4+[0,1]) - [0,0.75] */
+    /* claim: 2^19 f3 < x < 2^19(f3+1) */
+    /* where x = 9709(c4+2) */
+    /* proof: x - 2^19 f3 = 19418 - (1/27)c4 - (262144/27)[0,1] + 2^19[0,0.75] */
+    /* at least 19418 - 247914/27 - 262144/27 > 0 */
+    /* at most 19418 + 2^19 0.75 < 2^19 */
+    f3 = (9709*(c4+2)) >> 19;
+
+    c4 -= (f3 * 27) << 1;
+    c3 += c4 << 8;
+    /* f0 + f1*6144 + f2*6144^2 */
+    /* = c0 + c1*256 + c2*256^2 + c3*256^3 */
+    /* c3 <= 10329 = floor(4591*6144^2/2^24) */
+    /* f2 = (4/9)c3 + (1/576)c2 + (1/147456)c1 + (1/37748736)c0 - [0,0.75] */
+    /* claim: 2^19 f2 < x < 2^19(f2+1) */
+    /* where x = 233017 c3 + 910(c2+2) */
+    /* proof: x - 2^19 f2 = 1820 + (1/9)c3 - (2/9)c2 - (32/9)c1 - (1/72)c0 + 2^19[0,0.75] */
+    /* at least 1820 - (2/9)255 - (32/9)255 - (1/72)255 > 0 */
+    /* at most 1820 + (1/9)10329 + 2^19 0.75 < 2^19 */
+    f2 = (233017*c3 + 910*(c2+2)) >> 19;
+
+    c2 += c3 << 8;
+    c2 -= (f2 * 9) << 6;
+    c1 += c2 << 8;
+    /* f0 + f1*6144 */
+    /* = c0 + c1*256 */
+    /* c1 <= 110184 = floor(4591*6144/2^8) */
+    /* f1 = (1/24)c1 + (1/6144)c0 - (1/6144)f0 */
+    /* claim: 2^19 f1 < x < 2^19(f1+1) */
+    /* where x = 21845(c1+2) + 85 c0 */
+    /* proof: x - 2^19 f1 = 43690 - (1/3)c1 - (1/3)c0 + 2^19 [0,0.75] */
+    /* at least 43690 - (1/3)110184 - (1/3)255 > 0 */
+    /* at most 43690 + 2^19 0.75 < 2^19 */
+    f1 = (21845*(c1+2) + 85*c0) >> 19;
+
+    c1 -= (f1 * 3) << 3;
+    c0 += c1 << 8;
+    f0 = c0;
+
+    *f++ = modq_freeze(f0 + q - qshift);
+    *f++ = modq_freeze(f1 + q - qshift);
+    *f++ = modq_freeze(f2 + q - qshift);
+    *f++ = modq_freeze(f3 + q - qshift);
+    *f++ = modq_freeze(f4 + q - qshift);
+  }
+
+  c0 = *c++;
+  c1 = *c++;
+  c0 += c1 << 8;
+  *f++ = modq_freeze(c0 + q - qshift);
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_mult.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void rq_mult(modq *h,const modq *f,const small *g)
+{
+  modq fg[p + p - 1];
+  modq result;
+  int i, j;
+
+  for (i = 0;i < p;++i) {
+    result = 0;
+    for (j = 0;j <= i;++j)
+      result = modq_plusproduct(result,f[j],g[i - j]);
+    fg[i] = result;
+  }
+  for (i = p;i < p + p - 1;++i) {
+    result = 0;
+    for (j = i - p + 1;j < p;++j)
+      result = modq_plusproduct(result,f[j],g[i - j]);
+    fg[i] = result;
+  }
+
+  for (i = p + p - 2;i >= p;--i) {
+    fg[i - p] = modq_sum(fg[i - p],fg[i]);
+    fg[i - p + 1] = modq_sum(fg[i - p + 1],fg[i]);
+  }
+
+  for (i = 0;i < p;++i)
+    h[i] = fg[i];
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_recip3.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+/* caller must ensure that x-y does not overflow */
+static int smaller_mask_rq_recip3(int x,int y)
+{
+  return (x - y) >> 31;
+}
+
+static void vectormodq_product(modq *z,int len,const modq *x,const modq c)
+{
+  int i;
+  for (i = 0;i < len;++i) z[i] = modq_product(x[i],c);
+}
+
+static void vectormodq_minusproduct(modq *z,int len,const modq *x,const modq *y,const modq c)
+{
+  int i;
+  for (i = 0;i < len;++i) z[i] = modq_minusproduct(x[i],y[i],c);
+}
+
+static void vectormodq_shift(modq *z,int len)
+{
+  int i;
+  for (i = len - 1;i > 0;--i) z[i] = z[i - 1];
+  z[0] = 0;
+}
+
+/*
+r = (3s)^(-1) mod m, returning 0, if s is invertible mod m
+or returning -1 if s is not invertible mod m
+r,s are polys of degree <p
+m is x^p-x-1
+*/
+int rq_recip3(modq *r,const small *s)
+{
+  const int loops = 2*p + 1;
+  int loop;
+  modq f[p + 1]; 
+  modq g[p + 1]; 
+  modq u[2*p + 2];
+  modq v[2*p + 2];
+  modq c;
+  int i;
+  int d = p;
+  int e = p;
+  int swapmask;
+
+  for (i = 2;i < p;++i) f[i] = 0;
+  f[0] = -1;
+  f[1] = -1;
+  f[p] = 1;
+  /* generalization: can initialize f to any polynomial m */
+  /* requirements: m has degree exactly p, nonzero constant coefficient */
+
+  for (i = 0;i < p;++i) g[i] = 3 * s[i];
+  g[p] = 0;
+
+  for (i = 0;i <= loops;++i) u[i] = 0;
+
+  v[0] = 1;
+  for (i = 1;i <= loops;++i) v[i] = 0;
+
+  loop = 0;
+  for (;;) {
+    /* e == -1 or d + e + loop <= 2*p */
+
+    /* f has degree p: i.e., f[p]!=0 */
+    /* f[i]==0 for i < p-d */
+
+    /* g has degree <=p (so it fits in p+1 coefficients) */
+    /* g[i]==0 for i < p-e */
+
+    /* u has degree <=loop (so it fits in loop+1 coefficients) */
+    /* u[i]==0 for i < p-d */
+    /* if invertible: u[i]==0 for i < loop-p (so can look at just p+1 coefficients) */
+
+    /* v has degree <=loop (so it fits in loop+1 coefficients) */
+    /* v[i]==0 for i < p-e */
+    /* v[i]==0 for i < loop-p (so can look at just p+1 coefficients) */
+
+    if (loop >= loops) break;
+
+    c = modq_quotient(g[p],f[p]);
+
+    vectormodq_minusproduct(g,p + 1,g,f,c);
+    vectormodq_shift(g,p + 1);
+
+#ifdef SIMPLER
+    vectormodq_minusproduct(v,loops + 1,v,u,c);
+    vectormodq_shift(v,loops + 1);
+#else
+    if (loop < p) {
+      vectormodq_minusproduct(v,loop + 1,v,u,c);
+      vectormodq_shift(v,loop + 2);
+    } else {
+      vectormodq_minusproduct(v + loop - p,p + 1,v + loop - p,u + loop - p,c);
+      vectormodq_shift(v + loop - p,p + 2);
+    }
+#endif
+
+    e -= 1;
+
+    ++loop;
+
+    swapmask = smaller_mask_rq_recip3(e,d) & modq_nonzero_mask(g[p]);
+    swap(&e,&d,sizeof e,swapmask);
+    swap(f,g,(p + 1) * sizeof(modq),swapmask);
+
+#ifdef SIMPLER
+    swap(u,v,(loops + 1) * sizeof(modq),swapmask);
+#else
+    if (loop < p) {
+      swap(u,v,(loop + 1) * sizeof(modq),swapmask);
+    } else {
+      swap(u + loop - p,v + loop - p,(p + 1) * sizeof(modq),swapmask);
+    }
+#endif
+  }
+
+  c = modq_reciprocal(f[p]);
+  vectormodq_product(r,p,u + p,c);
+  return smaller_mask_rq_recip3(0,d);
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_round3.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void rq_round3(modq *h,const modq *f)
+{
+  int i;
+
+  for (i = 0;i < p;++i)
+    h[i] = ((21846 * (f[i] + 2295) + 32768) >> 16) * 3 - 2295;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_rounded.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void rq_encoderounded(unsigned char *c,const modq *f)
+{
+  crypto_int32 f0, f1, f2;
+  int i;
+
+  for (i = 0;i < p/3;++i) {
+    f0 = *f++ + qshift;
+    f1 = *f++ + qshift;
+    f2 = *f++ + qshift;
+    f0 = (21846 * f0) >> 16;
+    f1 = (21846 * f1) >> 16;
+    f2 = (21846 * f2) >> 16;
+    /* now want f0 + f1*1536 + f2*1536^2 as a 32-bit integer */
+    f2 *= 3;
+    f1 += f2 << 9;
+    f1 *= 3;
+    f0 += f1 << 9;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0; f0 >>= 8;
+    *c++ = f0;
+  }
+  /* XXX: using p mod 3 = 2 */
+  f0 = *f++ + qshift;
+  f1 = *f++ + qshift;
+  f0 = (21846 * f0) >> 16;
+  f1 = (21846 * f1) >> 16;
+  f1 *= 3;
+  f0 += f1 << 9;
+  *c++ = f0; f0 >>= 8;
+  *c++ = f0; f0 >>= 8;
+  *c++ = f0;
+}
+
+static void rq_decoderounded(modq *f,const unsigned char *c)
+{
+  crypto_uint32 c0, c1, c2, c3;
+  crypto_uint32 f0, f1, f2;
+  int i;
+
+  for (i = 0;i < p/3;++i) {
+    c0 = *c++;
+    c1 = *c++;
+    c2 = *c++;
+    c3 = *c++;
+
+    /* f0 + f1*1536 + f2*1536^2 */
+    /* = c0 + c1*256 + c2*256^2 + c3*256^3 */
+    /* with each f between 0 and 1530 */
+
+    /* f2 = (64/9)c3 + (1/36)c2 + (1/9216)c1 + (1/2359296)c0 - [0,0.99675] */
+    /* claim: 2^21 f2 < x < 2^21(f2+1) */
+    /* where x = 14913081*c3 + 58254*c2 + 228*(c1+2) */
+    /* proof: x - 2^21 f2 = 456 - (8/9)c0 + (4/9)c1 - (2/9)c2 + (1/9)c3 + 2^21 [0,0.99675] */
+    /* at least 456 - (8/9)255 - (2/9)255 > 0 */
+    /* at most 456 + (4/9)255 + (1/9)255 + 2^21 0.99675 < 2^21 */
+    f2 = (14913081*c3 + 58254*c2 + 228*(c1+2)) >> 21;
+
+    c2 += c3 << 8;
+    c2 -= (f2 * 9) << 2;
+    /* f0 + f1*1536 */
+    /* = c0 + c1*256 + c2*256^2 */
+    /* c2 <= 35 = floor((1530+1530*1536)/256^2) */
+    /* f1 = (128/3)c2 + (1/6)c1 + (1/1536)c0 - (1/1536)f0 */
+    /* claim: 2^21 f1 < x < 2^21(f1+1) */
+    /* where x = 89478485*c2 + 349525*c1 + 1365*(c0+1) */
+    /* proof: x - 2^21 f1 = 1365 - (1/3)c2 - (1/3)c1 - (1/3)c0 + (4096/3)f0 */
+    /* at least 1365 - (1/3)35 - (1/3)255 - (1/3)255 > 0 */
+    /* at most 1365 + (4096/3)1530 < 2^21 */
+    f1 = (89478485*c2 + 349525*c1 + 1365*(c0+1)) >> 21;
+
+    c1 += c2 << 8;
+    c1 -= (f1 * 3) << 1;
+
+    c0 += c1 << 8;
+    f0 = c0;
+
+    *f++ = modq_freeze(f0 * 3 + q - qshift);
+    *f++ = modq_freeze(f1 * 3 + q - qshift);
+    *f++ = modq_freeze(f2 * 3 + q - qshift);
+  }
+
+  c0 = *c++;
+  c1 = *c++;
+  c2 = *c++;
+
+  f1 = (89478485*c2 + 349525*c1 + 1365*(c0+1)) >> 21;
+
+  c1 += c2 << 8;
+  c1 -= (f1 * 3) << 1;
+
+  c0 += c1 << 8;
+  f0 = c0;
+
+  *f++ = modq_freeze(f0 * 3 + q - qshift);
+  *f++ = modq_freeze(f1 * 3 + q - qshift);
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+/* XXX: these functions rely on p mod 4 = 1 */
+
+/* all coefficients in -1, 0, 1 */
+static void small_encode(unsigned char *c,const small *f)
+{
+  small c0;
+  int i;
+
+  for (i = 0;i < p/4;++i) {
+    c0 = *f++ + 1;
+    c0 += (*f++ + 1) << 2;
+    c0 += (*f++ + 1) << 4;
+    c0 += (*f++ + 1) << 6;
+    *c++ = c0;
+  }
+  c0 = *f++ + 1;
+  *c++ = c0;
+}
+
+static void small_decode(small *f,const unsigned char *c)
+{
+  unsigned char c0;
+  int i;
+
+  for (i = 0;i < p/4;++i) {
+    c0 = *c++;
+    *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2;
+    *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2;
+    *f++ = ((small) (c0 & 3)) - 1; c0 >>= 2;
+    *f++ = ((small) (c0 & 3)) - 1;
+  }
+  c0 = *c++;
+  *f++ = ((small) (c0 & 3)) - 1;
+}
+
+/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.c */
+/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */
+
+
+static void swap(void *x,void *y,int bytes,int mask)
+{
+  int i;
+  char xi, yi, c, t;
+
+  c = mask;
+  
+  for (i = 0;i < bytes;++i) {
+    xi = i[(char *) x];
+    yi = i[(char *) y];
+    t = c & (xi ^ yi);
+    xi ^= t;
+    yi ^= t;
+    i[(char *) x] = xi;
+    i[(char *) y] = yi;
+  }
+}
+
diff --git a/sntrup4591761.sh b/sntrup4591761.sh
new file mode 100644
index 000000000..e684c3329
--- /dev/null
+++ b/sntrup4591761.sh
@@ -0,0 +1,57 @@
+#!/bin/sh
+#       $OpenBSD: sntrup4591761.sh,v 1.3 2019/01/30 19:51:15 markus Exp $
+#       Placed in the Public Domain.
+#
+AUTHOR="libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/implementors"
+FILES="
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/mod3.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/modq.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/params.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.h
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/dec.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/enc.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/keypair.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_mult.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_recip.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomsmall.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomweightw.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_mult.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_recip3.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_round3.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_rounded.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.c
+        libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.c
+"
+###
+
+set -e
+cd $1
+echo -n '/*  $'
+echo 'OpenBSD: $ */'
+echo
+echo '/*'
+echo ' * Public Domain, Authors:'
+sed -e '/Alphabetical order:/d' -e 's/^/ * - /' < $AUTHOR
+echo ' */'
+echo
+echo '#include <string.h>'
+echo '#include "crypto_api.h"'
+echo
+for i in $FILES; do
+        echo "/* from $i */"
+        b=$(basename $i .c)
+        grep \
+           -v '#include' $i | \
+           grep -v "extern crypto_int32 small_random32" |
+           sed -e "s/crypto_kem_/crypto_kem_sntrup4591761_/g" \
+                -e "s/smaller_mask/smaller_mask_${b}/g" \
+                -e "s/^extern void /static void /" \
+                -e "s/^void /static void /"
+        echo
+done
diff --git a/ssh-add.0 b/ssh-add.0
index d60ae715e..c614a2fe5 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -4,9 +4,10 @@ NAME
      ssh-add M-bM-^@M-^S adds private key identities to the authentication agent
 
 SYNOPSIS
-     ssh-add [-cDdkLlqXx] [-E fingerprint_hash] [-t life] [file ...]
+     ssh-add [-cDdkLlqvXx] [-E fingerprint_hash] [-t life] [file ...]
      ssh-add -s pkcs11
      ssh-add -e pkcs11
+     ssh-add -T pubkey ...
 
 DESCRIPTION
      ssh-add adds private key identities to the authentication agent,
@@ -65,11 +66,20 @@ DESCRIPTION
      -s pkcs11
              Add keys provided by the PKCS#11 shared library pkcs11.
 
+     -T pubkey ...
+             Tests whether the private keys that correspond to the specified
+             pubkey files are usable by performing sign and verify operations
+             on each.
+
      -t life
              Set a maximum lifetime when adding identities to an agent.  The
              lifetime may be specified in seconds or in a time format
              specified in sshd_config(5).
 
+     -v      Verbose mode.  Causes ssh-add to print debugging messages about
+             its progress.  This is helpful in debugging problems.  Multiple
+             -v options increase the verbosity.  The maximum is 3.
+
      -X      Unlock the agent.
 
      -x      Lock the agent with a password.
@@ -120,4 +130,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.4                     August 29, 2017                    OpenBSD 6.4
+OpenBSD 6.5                    January 21, 2019                    OpenBSD 6.5
diff --git a/ssh-add.1 b/ssh-add.1
index d5da9279c..d4e1c603b 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-add.1,v 1.66 2017/08/29 13:05:58 jmc Exp $
+.\"     $OpenBSD: ssh-add.1,v 1.69 2019/01/21 12:53:35 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 29 2017 $
+.Dd $Mdocdate: January 21 2019 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -43,7 +43,7 @@
 .Nd adds private key identities to the authentication agent
 .Sh SYNOPSIS
 .Nm ssh-add
-.Op Fl cDdkLlqXx
+.Op Fl cDdkLlqvXx
 .Op Fl E Ar fingerprint_hash
 .Op Fl t Ar life
 .Op Ar
@@ -51,6 +51,9 @@
 .Fl s Ar pkcs11
 .Nm ssh-add
 .Fl e Ar pkcs11
+.Nm ssh-add
+.Fl T
+.Ar pubkey ...
 .Sh DESCRIPTION
 .Nm
 adds private key identities to the authentication agent,
@@ -131,11 +134,25 @@ Be quiet after a successful operation.
 .It Fl s Ar pkcs11
 Add keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
+.It Fl T Ar pubkey ...
+Tests whether the private keys that correspond to the specified
+.Ar pubkey
+files are usable by performing sign and verify operations on each.
 .It Fl t Ar life
 Set a maximum lifetime when adding identities to an agent.
 The lifetime may be specified in seconds or in a time format
 specified in
 .Xr sshd_config 5 .
+.It Fl v
+Verbose mode.
+Causes
+.Nm
+to print debugging messages about its progress.
+This is helpful in debugging problems.
+Multiple
+.Fl v
+options increase the verbosity.
+The maximum is 3.
 .It Fl X
 Unlock the agent.
 .It Fl x
diff --git a/ssh-add.c b/ssh-add.c
index 627c02983..ac9c808dd 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.136 2018/09/19 02:03:02 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.138 2019/01/21 12:53:35 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -418,6 +418,40 @@ update_card(int agent_fd, int add, const char *id, int qflag)
 }
 
 static int
+test_key(int agent_fd, const char *filename)
+{
+        struct sshkey *key = NULL;
+        u_char *sig = NULL;
+        size_t slen = 0;
+        int r, ret = -1;
+        char data[1024];
+
+        if ((r = sshkey_load_public(filename, &key, NULL)) != 0) {
+                error("Couldn't read public key %s: %s", filename, ssh_err(r));
+                return -1;
+        }
+        arc4random_buf(data, sizeof(data));
+        if ((r = ssh_agent_sign(agent_fd, key, &sig, &slen, data, sizeof(data),
+            NULL, 0)) != 0) {
+                error("Agent signature failed for %s: %s",
+                    filename, ssh_err(r));
+                goto done;
+        }
+        if ((r = sshkey_verify(key, sig, slen, data, sizeof(data),
+            NULL, 0)) != 0) {
+                error("Signature verification failed for %s: %s",
+                    filename, ssh_err(r));
+                goto done;
+        }
+        /* success */
+        ret = 0;
+ done:
+        free(sig);
+        sshkey_free(key);
+        return ret;
+}
+
+static int
 list_identities(int agent_fd, int do_fp)
 {
         char *fp;
@@ -524,7 +558,9 @@ usage(void)
         fprintf(stderr, "  -X          Unlock agent.\n");
         fprintf(stderr, "  -s pkcs11   Add keys from PKCS#11 provider.\n");
         fprintf(stderr, "  -e pkcs11   Remove keys provided by PKCS#11 provider.\n");
+        fprintf(stderr, "  -T pubkey   Test if ssh-agent can access matching private key.\n");
         fprintf(stderr, "  -q          Be quiet after a successful operation.\n");
+        fprintf(stderr, "  -v          Be more verbose.\n");
 }
 
 int
@@ -535,7 +571,9 @@ main(int argc, char **argv)
         int agent_fd;
         char *pkcs11provider = NULL;
         int r, i, ch, deleting = 0, ret = 0, key_only = 0;
-        int xflag = 0, lflag = 0, Dflag = 0, qflag = 0;
+        int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
+        SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
+        LogLevel log_level = SYSLOG_LEVEL_INFO;
 
         ssh_malloc_init();      /* must be called before any mallocs */
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
@@ -544,9 +582,7 @@ main(int argc, char **argv)
         __progname = ssh_get_progname(argv[0]);
         seed_rng();
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-#endif
+        log_init(__progname, log_level, log_facility, 1);
 
         setvbuf(stdout, NULL, _IOLBF, 0);
 
@@ -563,8 +599,14 @@ main(int argc, char **argv)
                 exit(2);
         }
 
-        while ((ch = getopt(argc, argv, "klLcdDxXE:e:M:m:qs:t:")) != -1) {
+        while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:t:")) != -1) {
                 switch (ch) {
+                case 'v':
+                        if (log_level == SYSLOG_LEVEL_INFO)
+                                log_level = SYSLOG_LEVEL_DEBUG1;
+                        else if (log_level < SYSLOG_LEVEL_DEBUG3)
+                                log_level++;
+                        break;
                 case 'E':
                         fingerprint_hash = ssh_digest_alg_by_name(optarg);
                         if (fingerprint_hash == -1)
@@ -627,12 +669,16 @@ main(int argc, char **argv)
                 case 'q':
                         qflag = 1;
                         break;
+                case 'T':
+                        Tflag = 1;
+                        break;
                 default:
                         usage();
                         ret = 1;
                         goto done;
                 }
         }
+        log_init(__progname, log_level, log_facility, 1);
 
         if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1)
                 fatal("Invalid combination of actions");
@@ -652,6 +698,14 @@ main(int argc, char **argv)
 
         argc -= optind;
         argv += optind;
+        if (Tflag) {
+                if (argc <= 0)
+                        fatal("no keys to test");
+                for (r = i = 0; i < argc; i++)
+                        r |= test_key(agent_fd, argv[i]);
+                ret = r == 0 ? 0 : 1;
+                goto done;
+        }
         if (pkcs11provider != NULL) {
                 if (update_card(agent_fd, !deleting, pkcs11provider,
                     qflag) == -1)
diff --git a/ssh-agent.0 b/ssh-agent.0
index f4575d01b..9f140afb5 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -117,4 +117,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.4                    November 30, 2016                   OpenBSD 6.4
+OpenBSD 6.5                    November 30, 2016                   OpenBSD 6.5
diff --git a/ssh-agent.c b/ssh-agent.c
index d8a8260f9..d06ecfd98 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.233 2019/01/22 22:58:50 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -96,6 +96,8 @@
 
 /* Maximum accepted message length */
 #define AGENT_MAX_LEN   (256*1024)
+/* Maximum bytes to read from client socket */
+#define AGENT_RBUF_LEN  (4096)
 
 typedef enum {
         AUTH_UNUSED,
@@ -839,7 +841,7 @@ handle_socket_read(u_int socknum)
 static int
 handle_conn_read(u_int socknum)
 {
-        char buf[1024];
+        char buf[AGENT_RBUF_LEN];
         ssize_t len;
         int r;
 
@@ -946,6 +948,7 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
         struct pollfd *pfd = *pfdp;
         size_t i, j, npfd = 0;
         time_t deadline;
+        int r;
 
         /* Count active sockets */
         for (i = 0; i < sockets_alloc; i++) {
@@ -983,8 +986,19 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
                 case AUTH_CONNECTION:
                         pfd[j].fd = sockets[i].fd;
                         pfd[j].revents = 0;
-                        /* XXX backoff when input buffer full */
-                        pfd[j].events = POLLIN;
+                        /*
+                         * Only prepare to read if we can handle a full-size
+                         * input read buffer and enqueue a max size reply..
+                         */
+                        if ((r = sshbuf_check_reserve(sockets[i].input,
+                            AGENT_RBUF_LEN)) == 0 &&
+                            (r = sshbuf_check_reserve(sockets[i].output,
+                             AGENT_MAX_LEN)) == 0)
+                                pfd[j].events = POLLIN;
+                        else if (r != SSH_ERR_NO_BUFFER_SPACE) {
+                                fatal("%s: buffer error: %s",
+                                    __func__, ssh_err(r));
+                        }
                         if (sshbuf_len(sockets[i].output) > 0)
                                 pfd[j].events |= POLLOUT;
                         j++;
@@ -1095,10 +1109,6 @@ main(int ac, char **av)
         if (getrlimit(RLIMIT_NOFILE, &rlim) == -1)
                 fatal("%s: getrlimit: %s", __progname, strerror(errno));
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-#endif
-
         __progname = ssh_get_progname(av[0]);
         seed_rng();
 
@@ -1199,7 +1209,7 @@ main(int ac, char **av)
          */
 #define SSH_AGENT_MIN_FDS (3+1+1+1+4)
         if (rlim.rlim_cur < SSH_AGENT_MIN_FDS)
-                fatal("%s: file descriptior rlimit %lld too low (minimum %u)",
+                fatal("%s: file descriptor rlimit %lld too low (minimum %u)",
                     __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS);
         maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS;
 
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 2f5531752..599c7199d 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.14 2018/02/07 02:06:51 jsing Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.16 2019/01/21 09:54:11 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -151,15 +151,13 @@ ssh_ecdsa_verify(const struct sshkey *key,
         }
 
         /* parse signature */
-        if ((sig = ECDSA_SIG_new()) == NULL ||
-            (sig_r = BN_new()) == NULL ||
-            (sig_s = BN_new()) == NULL) {
-                ret = SSH_ERR_ALLOC_FAIL;
+        if (sshbuf_get_bignum2(sigbuf, &sig_r) != 0 ||
+            sshbuf_get_bignum2(sigbuf, &sig_s) != 0) {
+                ret = SSH_ERR_INVALID_FORMAT;
                 goto out;
         }
-        if (sshbuf_get_bignum2(sigbuf, sig_r) != 0 ||
-            sshbuf_get_bignum2(sigbuf, sig_s) != 0) {
-                ret = SSH_ERR_INVALID_FORMAT;
+        if ((sig = ECDSA_SIG_new()) == NULL) {
+                ret = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
         if (!ECDSA_SIG_set0(sig, sig_r, sig_s)) {
diff --git a/ssh-gss.h b/ssh-gss.h
index 350ce7882..70dd36658 100644
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -70,7 +70,15 @@
 #define SSH2_MSG_KEXGSS_GROUP                           41
 #define KEX_GSS_GRP1_SHA1_ID                            "gss-group1-sha1-"
 #define KEX_GSS_GRP14_SHA1_ID                           "gss-group14-sha1-"
+#define KEX_GSS_GRP14_SHA256_ID                 "gss-group14-sha256-"
+#define KEX_GSS_GRP16_SHA512_ID                 "gss-group16-sha512-"
 #define KEX_GSS_GEX_SHA1_ID                             "gss-gex-sha1-"
+#define KEX_GSS_NISTP256_SHA256_ID                      "gss-nistp256-sha256-"
+#define KEX_GSS_C25519_SHA256_ID                        "gss-curve25519-sha256-"
+
+#define        GSS_KEX_DEFAULT_KEX \
+        KEX_GSS_GEX_SHA1_ID "," \
+        KEX_GSS_GRP14_SHA1_ID
 
 typedef struct {
         char *filename;
@@ -126,6 +134,7 @@ OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *);
 
 struct sshbuf;
 int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *);
+int ssh_gssapi_sshpkt_get_buffer_desc(struct ssh *, gss_buffer_desc *);
 
 OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
 OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
@@ -145,16 +154,16 @@ OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *);
 int ssh_gssapi_credentials_updated(Gssctxt *);
 
 /* In the server */
-typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, 
+typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *,
     const char *);
-char *ssh_gssapi_client_mechanisms(const char *, const char *);
+char *ssh_gssapi_client_mechanisms(const char *, const char *, const char *);
 char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *,
-    const char *);
+    const char *, const char *);
 gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int);
-int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, 
+int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *,
     const char *);
 OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
-int ssh_gssapi_userok(char *name, struct passwd *);
+int ssh_gssapi_userok(char *name, struct passwd *, int kex);
 OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
 void ssh_gssapi_do_child(char ***, u_int *);
 void ssh_gssapi_cleanup_creds(void);
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 906a338c4..1fe19f0b6 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -6,7 +6,9 @@ NAME
 SYNOPSIS
      ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]
                 [-N new_passphrase] [-C comment] [-f output_keyfile]
+                [-m format]
      ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
+                [-m format]
      ssh-keygen -i [-m key_format] [-f input_keyfile]
      ssh-keygen -e [-m key_format] [-f input_keyfile]
      ssh-keygen -y [-f input_keyfile]
@@ -68,11 +70,17 @@ DESCRIPTION
      or forgotten, a new key must be generated and the corresponding public
      key copied to other machines.
 
-     For keys stored in the newer OpenSSH format, there is also a comment
-     field in the key file that is only for convenience to the user to help
-     identify the key.  The comment can tell what the key is for, or whatever
-     is useful.  The comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is
-     created, but can be changed using the -c option.
+     ssh-keygen will by default write keys in an OpenSSH-specific format.
+     This format is preferred as it offers better protection for keys at rest
+     as well as allowing storage of key comments within the private key file
+     itself.  The key comment may be useful to help identify the key.  The
+     comment is initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be
+     changed using the -c option.
+
+     It is still possible for ssh-keygen to write the previously-used PEM
+     format private keys using the -m flag.  This may be used when generating
+     new keys, and existing new-format keys may be converted using this option
+     in conjunction with the -p (change passphrase) flag.
 
      After a key is generated, instructions below detail where the keys should
      be placed to be activated.
@@ -119,10 +127,10 @@ DESCRIPTION
              new comment.
 
      -D pkcs11
-             Download the RSA public keys provided by the PKCS#11 shared
-             library pkcs11.  When used in combination with -s, this option
-             indicates that a CA key resides in a PKCS#11 token (see the
-             CERTIFICATES section for details).
+             Download the public keys provided by the PKCS#11 shared library
+             pkcs11.  When used in combination with -s, this option indicates
+             that a CA key resides in a PKCS#11 token (see the CERTIFICATES
+             section for details).
 
      -E fingerprint_hash
              Specifies the hash algorithm used when displaying key
@@ -130,16 +138,17 @@ DESCRIPTION
              default is M-bM-^@M-^\sha256M-bM-^@M-^].
 
      -e      This option will read a private or public OpenSSH key file and
-             print to stdout the key in one of the formats specified by the -m
-             option.  The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^].  This option
-             allows exporting OpenSSH keys for use by other programs,
+             print to stdout a public key in one of the formats specified by
+             the -m option.  The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^].  This
+             option allows exporting OpenSSH keys for use by other programs,
              including several commercial SSH implementations.
 
-     -F hostname
-             Search for the specified hostname in a known_hosts file, listing
-             any occurrences found.  This option is useful to find hashed host
-             names or addresses and may also be used in conjunction with the
-             -H option to print found keys in a hashed format.
+     -F hostname | [hostname]:port
+             Search for the specified hostname (with optional port number) in
+             a known_hosts file, listing any occurrences found.  This option
+             is useful to find hashed host names or addresses and may also be
+             used in conjunction with the -H option to print found keys in a
+             hashed format.
 
      -f filename
              Specifies the filename of the key file.
@@ -206,13 +215,16 @@ DESCRIPTION
              generating candidate moduli for DH-GEX.
 
      -m key_format
-             Specify a key format for the -i (import) or -e (export)
-             conversion options.  The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^]
-             (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public
-             key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key).  The default conversion format is
-             M-bM-^@M-^\RFC4716M-bM-^@M-^].  Setting a format of M-bM-^@M-^\PEMM-bM-^@M-^] when generating or updating
-             a supported private key type will cause the key to be stored in
-             the legacy PEM private key format.
+             Specify a key format for key generation, the -i (import), -e
+             (export) conversion options, and the -p change passphrase
+             operation.  The latter may be used to convert between OpenSSH
+             private key and PEM private key formats.  The supported key
+             formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] (RFC 4716/SSH2 public or private key),
+             M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key).  The
+             default conversion format is M-bM-^@M-^\RFC4716M-bM-^@M-^].  Setting a format of
+             M-bM-^@M-^\PEMM-bM-^@M-^] when generating or updating a supported private key type
+             will cause the key to be stored in the legacy PEM private key
+             format.
 
      -N new_passphrase
              Provides the new passphrase.
@@ -301,10 +313,10 @@ DESCRIPTION
 
      -q      Silence ssh-keygen.
 
-     -R hostname
-             Removes all keys belonging to hostname from a known_hosts file.
-             This option is useful to delete hashed hosts (see the -H option
-             above).
+     -R hostname | [hostname]:port
+             Removes all keys belonging to the specified hostname (with
+             optional port number) from a known_hosts file.  This option is
+             useful to delete hashed hosts (see the -H option above).
 
      -r hostname
              Print the SSHFP fingerprint resource record named hostname for
@@ -378,8 +390,10 @@ DESCRIPTION
 
      -z serial_number
              Specifies a serial number to be embedded in the certificate to
-             distinguish this certificate from others from the same CA.  The
-             default serial number is zero.
+             distinguish this certificate from others from the same CA.  If
+             the serial_number is prefixed with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the
+             serial number will be incremented for each certificate signed on
+             a single command-line.  The default serial number is zero.
 
              When generating a KRL, the -z flag is used to specify a KRL
              version number.
@@ -582,4 +596,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.4                   September 12, 2018                   OpenBSD 6.4
+OpenBSD 6.5                      March 5, 2019                     OpenBSD 6.5
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index da6b5ed76..9b877b860 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.150 2018/09/12 06:18:59 djm Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.157 2019/03/05 16:17:12 naddy Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 12 2018 $
+.Dd $Mdocdate: March 5 2019 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -50,11 +50,13 @@
 .Op Fl N Ar new_passphrase
 .Op Fl C Ar comment
 .Op Fl f Ar output_keyfile
+.Op Fl m Ar format
 .Nm ssh-keygen
 .Fl p
 .Op Fl P Ar old_passphrase
 .Op Fl N Ar new_passphrase
 .Op Fl f Ar keyfile
+.Op Fl m Ar format
 .Nm ssh-keygen
 .Fl i
 .Op Fl m Ar key_format
@@ -203,16 +205,28 @@ There is no way to recover a lost passphrase.
 If the passphrase is lost or forgotten, a new key must be generated
 and the corresponding public key copied to other machines.
 .Pp
-For keys stored in the newer OpenSSH format,
-there is also a comment field in the key file that is only for
-convenience to the user to help identify the key.
-The comment can tell what the key is for, or whatever is useful.
+.Nm
+will by default write keys in an OpenSSH-specific format.
+This format is preferred as it offers better protection for
+keys at rest as well as allowing storage of key comments within
+the private key file itself.
+The key comment may be useful to help identify the key.
 The comment is initialized to
 .Dq user@host
 when the key is created, but can be changed using the
 .Fl c
 option.
 .Pp
+It is still possible for
+.Nm
+to write the previously-used PEM format private keys using the
+.Fl m
+flag.
+This may be used when generating new keys, and existing new-format
+keys may be converted using this option in conjunction with the
+.Fl p
+(change passphrase) flag.
+.Pp
 After a key is generated, instructions below detail where the keys
 should be placed to be activated.
 .Pp
@@ -261,7 +275,7 @@ Requests changing the comment in the private and public key files.
 The program will prompt for the file containing the private keys, for
 the passphrase if the key has one, and for the new comment.
 .It Fl D Ar pkcs11
-Download the RSA public keys provided by the PKCS#11 shared library
+Download the public keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 When used in combination with
 .Fl s ,
@@ -278,16 +292,17 @@ The default is
 .Dq sha256 .
 .It Fl e
 This option will read a private or public OpenSSH key file and
-print to stdout the key in one of the formats specified by the
+print to stdout a public key in one of the formats specified by the
 .Fl m
 option.
 The default export format is
 .Dq RFC4716 .
 This option allows exporting OpenSSH keys for use by other programs, including
 several commercial SSH implementations.
-.It Fl F Ar hostname
+.It Fl F Ar hostname | [hostname]:port
 Search for the specified
 .Ar hostname
+(with optional port number)
 in a
 .Pa known_hosts
 file, listing any occurrences found.
@@ -387,11 +402,15 @@ fingerprint.
 Specify the amount of memory to use (in megabytes) when generating
 candidate moduli for DH-GEX.
 .It Fl m Ar key_format
-Specify a key format for the
+Specify a key format for key generation, the
 .Fl i
-(import) or
+(import),
 .Fl e
-(export) conversion options.
+(export) conversion options, and the
+.Fl p
+change passphrase operation.
+The latter may be used to convert between OpenSSH private key and PEM
+private key formats.
 The supported key formats are:
 .Dq RFC4716
 (RFC 4716/SSH2 public or private key),
@@ -513,9 +532,10 @@ Test whether keys have been revoked in a KRL.
 .It Fl q
 Silence
 .Nm ssh-keygen .
-.It Fl R Ar hostname
-Removes all keys belonging to
+.It Fl R Ar hostname | [hostname]:port
+Removes all keys belonging to the specified
 .Ar hostname
+(with optional port number)
 from a
 .Pa known_hosts
 file.
@@ -616,6 +636,12 @@ OpenSSH format file and print an OpenSSH public key to stdout.
 .It Fl z Ar serial_number
 Specifies a serial number to be embedded in the certificate to distinguish
 this certificate from others from the same CA.
+If the
+.Ar serial_number
+is prefixed with a
+.Sq +
+character, then the serial number will be incremented for each certificate
+signed on a single command-line.
 The default serial number is zero.
 .Pp
 When generating a KRL, the
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 46b3af5a8..3898b281e 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.322 2018/09/14 04:17:44 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.329 2019/03/25 16:19:44 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -67,79 +67,52 @@
 # define DEFAULT_KEY_TYPE_NAME "ed25519"
 #endif
 
-/* Number of bits in the RSA/DSA key.  This value can be set on the command line. */
-#define DEFAULT_BITS            2048
-#define DEFAULT_BITS_DSA        1024
-#define DEFAULT_BITS_ECDSA      256
-u_int32_t bits = 0;
-
 /*
- * Flag indicating that we just want to change the passphrase.  This can be
- * set on the command line.
- */
-int change_passphrase = 0;
-
-/*
- * Flag indicating that we just want to change the comment.  This can be set
- * on the command line.
+ * Default number of bits in the RSA, DSA and ECDSA keys.  These value can be
+ * overridden on the command line.
+ *
+ * These values, with the exception of DSA, provide security equivalent to at
+ * least 128 bits of security according to NIST Special Publication 800-57:
+ * Recommendation for Key Management Part 1 rev 4 section 5.6.1.
+ * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for
+ * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only
+ * SHA1 we limit the DSA key size 1k bits.
  */
-int change_comment = 0;
-
-int quiet = 0;
-
-int log_level = SYSLOG_LEVEL_INFO;
-
-/* Flag indicating that we want to hash a known_hosts file */
-int hash_hosts = 0;
-/* Flag indicating that we want lookup a host in known_hosts file */
-int find_host = 0;
-/* Flag indicating that we want to delete a host from a known_hosts file */
-int delete_host = 0;
+#define DEFAULT_BITS            3072
+#define DEFAULT_BITS_DSA        1024
+#define DEFAULT_BITS_ECDSA      256
 
-/* Flag indicating that we want to show the contents of a certificate */
-int show_cert = 0;
+static int quiet = 0;
 
 /* Flag indicating that we just want to see the key fingerprint */
-int print_fingerprint = 0;
-int print_bubblebabble = 0;
+static int print_fingerprint = 0;
+static int print_bubblebabble = 0;
 
 /* Hash algorithm to use for fingerprints. */
-int fingerprint_hash = SSH_FP_HASH_DEFAULT;
+static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
 
 /* The identity file name, given on the command line or entered by the user. */
-char identity_file[1024];
-int have_identity = 0;
+static char identity_file[1024];
+static int have_identity = 0;
 
 /* This is set to the passphrase if given on the command line. */
-char *identity_passphrase = NULL;
+static char *identity_passphrase = NULL;
 
 /* This is set to the new passphrase if given on the command line. */
-char *identity_new_passphrase = NULL;
-
-/* This is set to the new comment if given on the command line. */
-char *identity_comment = NULL;
-
-/* Path to CA key when certifying keys. */
-char *ca_key_path = NULL;
-
-/* Prefer to use agent keys for CA signing */
-int prefer_agent = 0;
-
-/* Certificate serial number */
-unsigned long long cert_serial = 0;
+static char *identity_new_passphrase = NULL;
 
 /* Key type when certifying */
-u_int cert_key_type = SSH2_CERT_TYPE_USER;
+static u_int cert_key_type = SSH2_CERT_TYPE_USER;
 
 /* "key ID" of signed key */
-char *cert_key_id = NULL;
+static char *cert_key_id = NULL;
 
 /* Comma-separated list of principal names for certifying keys */
-char *cert_principals = NULL;
+static char *cert_principals = NULL;
 
 /* Validity period for certificates */
-u_int64_t cert_valid_from = 0;
-u_int64_t cert_valid_to = ~0ULL;
+static u_int64_t cert_valid_from = 0;
+static u_int64_t cert_valid_to = ~0ULL;
 
 /* Certificate options */
 #define CERTOPT_X_FWD   (1)
@@ -149,9 +122,9 @@ u_int64_t cert_valid_to = ~0ULL;
 #define CERTOPT_USER_RC (1<<4)
 #define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \
                          CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC)
-u_int32_t certflags_flags = CERTOPT_DEFAULT;
-char *certflags_command = NULL;
-char *certflags_src_addr = NULL;
+static u_int32_t certflags_flags = CERTOPT_DEFAULT;
+static char *certflags_command = NULL;
+static char *certflags_src_addr = NULL;
 
 /* Arbitrary extensions specified by user */
 struct cert_userext {
@@ -159,41 +132,37 @@ struct cert_userext {
         char *val;
         int crit;
 };
-struct cert_userext *cert_userext;
-size_t ncert_userext;
+static struct cert_userext *cert_userext;
+static size_t ncert_userext;
 
 /* Conversion to/from various formats */
-int convert_to = 0;
-int convert_from = 0;
 enum {
         FMT_RFC4716,
         FMT_PKCS8,
         FMT_PEM
 } convert_format = FMT_RFC4716;
-int print_public = 0;
-int print_generic = 0;
 
-char *key_type_name = NULL;
+static char *key_type_name = NULL;
 
 /* Load key from this PKCS#11 provider */
-char *pkcs11provider = NULL;
+static char *pkcs11provider = NULL;
 
 /* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */
-int use_new_format = 1;
+static int use_new_format = 1;
 
 /* Cipher for new-format private keys */
-char *new_format_cipher = NULL;
+static char *new_format_cipher = NULL;
 
 /*
  * Number of KDF rounds to derive new format keys /
  * number of primality trials when screening moduli.
  */
-int rounds = 0;
+static int rounds = 0;
 
 /* argv0 */
 extern char *__progname;
 
-char hostname[NI_MAXHOST];
+static char hostname[NI_MAXHOST];
 
 #ifdef WITH_OPENSSL
 /* moduli.c */
@@ -243,7 +212,11 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
         case KEY_ECDSA:
                 if (sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
                         fatal("Invalid ECDSA key length: valid lengths are "
+#ifdef OPENSSL_HAS_NISTP521
                             "256, 384 or 521 bits");
+#else
+                            "256 or 384 bits");
+#endif
         }
 #endif
 }
@@ -806,7 +779,7 @@ do_download(struct passwd *pw)
         fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
         rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
 
-        pkcs11_init(0);
+        pkcs11_init(1);
         nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys);
         if (nkeys <= 0)
                 fatal("cannot read public key from pkcs11");
@@ -819,7 +792,7 @@ do_download(struct passwd *pw)
                                 fatal("%s: sshkey_fingerprint fail", __func__);
                         printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]),
                             fp, sshkey_type(keys[i]));
-                        if (log_level >= SYSLOG_LEVEL_VERBOSE)
+                        if (log_level_get() >= SYSLOG_LEVEL_VERBOSE)
                                 printf("%s\n", ra);
                         free(ra);
                         free(fp);
@@ -867,7 +840,7 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
                 fatal("%s: sshkey_fingerprint failed", __func__);
         mprintf("%u %s %s (%s)\n", sshkey_size(public), fp,
             comment ? comment : "no comment", sshkey_type(public));
-        if (log_level >= SYSLOG_LEVEL_VERBOSE)
+        if (log_level_get() >= SYSLOG_LEVEL_VERBOSE)
                 printf("%s\n", ra);
         free(ra);
         free(fp);
@@ -1015,6 +988,7 @@ do_gen_all_hostkeys(struct passwd *pw)
                 { NULL, NULL, NULL }
         };
 
+        u_int bits = 0;
         int first = 0;
         struct stat st;
         struct sshkey *private, *public;
@@ -1138,6 +1112,9 @@ struct known_hosts_ctx {
         int has_unhashed;       /* When hashing, original had unhashed hosts */
         int found_key;          /* For find/delete, host was found */
         int invalid;            /* File contained invalid items; don't delete */
+        int hash_hosts;         /* Hash hostnames as we go */
+        int find_host;          /* Search for specific hostname */
+        int delete_host;        /* Delete host from known_hosts */
 };
 
 static int
@@ -1157,7 +1134,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
                  */
                 if (was_hashed || has_wild || l->marker != MRK_NONE) {
                         fprintf(ctx->out, "%s\n", l->line);
-                        if (has_wild && !find_host) {
+                        if (has_wild && !ctx->find_host) {
                                 logit("%s:%lu: ignoring host name "
                                     "with wildcard: %.64s", l->path,
                                     l->linenum, l->hosts);
@@ -1203,7 +1180,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
         rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
 
         if (l->status == HKF_STATUS_MATCHED) {
-                if (delete_host) {
+                if (ctx->delete_host) {
                         if (l->marker != MRK_NONE) {
                                 /* Don't remove CA and revocation lines */
                                 fprintf(ctx->out, "%s\n", l->line);
@@ -1219,7 +1196,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
                                             ctx->host, l->linenum);
                         }
                         return 0;
-                } else if (find_host) {
+                } else if (ctx->find_host) {
                         ctx->found_key = 1;
                         if (!quiet) {
                                 printf("# Host %s found: line %lu %s\n",
@@ -1227,7 +1204,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
                                     l->linenum, l->marker == MRK_CA ? "CA" :
                                     (l->marker == MRK_REVOKE ? "REVOKED" : ""));
                         }
-                        if (hash_hosts)
+                        if (ctx->hash_hosts)
                                 known_hosts_hash(l, ctx);
                         else if (print_fingerprint) {
                                 fp = sshkey_fingerprint(l->key, fptype, rep);
@@ -1238,7 +1215,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
                                 fprintf(ctx->out, "%s\n", l->line);
                         return 0;
                 }
-        } else if (delete_host) {
+        } else if (ctx->delete_host) {
                 /* Retain non-matching hosts when deleting */
                 if (l->status == HKF_STATUS_INVALID) {
                         ctx->invalid = 1;
@@ -1250,7 +1227,8 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
 }
 
 static void
-do_known_hosts(struct passwd *pw, const char *name)
+do_known_hosts(struct passwd *pw, const char *name, int find_host,
+    int delete_host, int hash_hosts)
 {
         char *cp, tmp[PATH_MAX], old[PATH_MAX];
         int r, fd, oerrno, inplace = 0;
@@ -1269,6 +1247,9 @@ do_known_hosts(struct passwd *pw, const char *name)
         memset(&ctx, 0, sizeof(ctx));
         ctx.out = stdout;
         ctx.host = name;
+        ctx.hash_hosts = hash_hosts;
+        ctx.find_host = find_host;
+        ctx.delete_host = delete_host;
 
         /*
          * Find hosts goes to stdout, hash and deletions happen in-place
@@ -1433,7 +1414,8 @@ do_change_passphrase(struct passwd *pw)
  * Print the SSHFP RR.
  */
 static int
-do_print_resource_record(struct passwd *pw, char *fname, char *hname)
+do_print_resource_record(struct passwd *pw, char *fname, char *hname,
+    int print_generic)
 {
         struct sshkey *public;
         char *comment = NULL;
@@ -1460,7 +1442,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
  * Change the comment of a private key file.
  */
 static void
-do_change_comment(struct passwd *pw)
+do_change_comment(struct passwd *pw, const char *identity_comment)
 {
         char new_comment[1024], *comment, *passphrase;
         struct sshkey *private;
@@ -1672,7 +1654,9 @@ agent_signer(const struct sshkey *key, u_char **sigp, size_t *lenp,
 }
 
 static void
-do_ca_sign(struct passwd *pw, int argc, char **argv)
+do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
+    unsigned long long cert_serial, int cert_serial_autoinc,
+    int argc, char **argv)
 {
         int r, i, fd, found, agent_fd = -1;
         u_int n;
@@ -1812,6 +1796,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 
                 sshkey_free(public);
                 free(out);
+                if (cert_serial_autoinc)
+                        cert_serial++;
         }
 #ifdef ENABLE_PKCS11
         pkcs11_terminate();
@@ -2003,8 +1989,9 @@ print_cert(struct sshkey *key)
         printf("        Type: %s %s certificate\n", sshkey_ssh_name(key),
             sshkey_cert_type(key));
         printf("        Public key: %s %s\n", sshkey_type(key), key_fp);
-        printf("        Signing CA: %s %s\n",
-            sshkey_type(key->cert->signature_key), ca_fp);
+        printf("        Signing CA: %s %s (using %s)\n",
+            sshkey_type(key->cert->signature_key), ca_fp,
+            key->cert->signature_type);
         printf("        Key ID: \"%s\"\n", key->cert->key_id);
         printf("        Serial: %llu\n", (unsigned long long)key->cert->serial);
         printf("        Valid: %s\n", valid);
@@ -2297,7 +2284,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
 }
 
 static void
-do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
+do_gen_krl(struct passwd *pw, int updating, const char *ca_key_path,
+    unsigned long long krl_version, const char *krl_comment,
+    int argc, char **argv)
 {
         struct ssh_krl *krl;
         struct stat sb;
@@ -2332,10 +2321,10 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
         else if ((krl = ssh_krl_init()) == NULL)
                 fatal("couldn't create KRL");
 
-        if (cert_serial != 0)
-                ssh_krl_set_version(krl, cert_serial);
-        if (identity_comment != NULL)
-                ssh_krl_set_comment(krl, identity_comment);
+        if (krl_version != 0)
+                ssh_krl_set_version(krl, krl_version);
+        if (krl_comment != NULL)
+                ssh_krl_set_comment(krl, krl_comment);
 
         for (i = 0; i < argc; i++)
                 update_krl_from_file(pw, argv[i], wild_ca, ca, krl);
@@ -2387,9 +2376,10 @@ static void
 usage(void)
 {
         fprintf(stderr,
-            "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]\n"
+            "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] [-m format]\n"
             "                  [-N new_passphrase] [-C comment] [-f output_keyfile]\n"
-            "       ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n"
+            "       ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-m format]\n"
+            "                   [-f keyfile]\n"
             "       ssh-keygen -i [-m key_format] [-f input_keyfile]\n"
             "       ssh-keygen -e [-m key_format] [-f input_keyfile]\n"
             "       ssh-keygen -y [-f input_keyfile]\n"
@@ -2433,9 +2423,17 @@ main(int argc, char **argv)
         struct passwd *pw;
         struct stat st;
         int r, opt, type, fd;
+        int change_passphrase = 0, change_comment = 0, show_cert = 0;
+        int find_host = 0, delete_host = 0, hash_hosts = 0;
         int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0;
+        int prefer_agent = 0, convert_to = 0, convert_from = 0;
+        int print_public = 0, print_generic = 0, cert_serial_autoinc = 0;
+        unsigned long long cert_serial = 0;
+        char *identity_comment = NULL, *ca_key_path = NULL;
+        u_int bits = 0;
         FILE *f;
         const char *errstr;
+        int log_level = SYSLOG_LEVEL_INFO;
 #ifdef WITH_OPENSSL
         /* Moduli generation/screening */
         char out_file[PATH_MAX], *checkpoint = NULL;
@@ -2454,13 +2452,10 @@ main(int argc, char **argv)
 
         __progname = ssh_get_progname(argv[0]);
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-#endif
-        log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
-
         seed_rng();
 
+        log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
+
         msetlocale();
 
         /* we need this for the home * directory.  */
@@ -2628,6 +2623,10 @@ main(int argc, char **argv)
                         break;
                 case 'z':
                         errno = 0;
+                        if (*optarg == '+') {
+                                cert_serial_autoinc = 1;
+                                optarg++;
+                        }
                         cert_serial = strtoull(optarg, &ep, 10);
                         if (*optarg < '0' || *optarg > '9' || *ep != '\0' ||
                             (errno == ERANGE && cert_serial == ULLONG_MAX))
@@ -2707,7 +2706,8 @@ main(int argc, char **argv)
                 usage();
         }
         if (gen_krl) {
-                do_gen_krl(pw, update_krl, argc, argv);
+                do_gen_krl(pw, update_krl, ca_key_path,
+                    cert_serial, identity_comment, argc, argv);
                 return (0);
         }
         if (check_krl) {
@@ -2717,12 +2717,15 @@ main(int argc, char **argv)
         if (ca_key_path != NULL) {
                 if (cert_key_id == NULL)
                         fatal("Must specify key id (-I) when certifying");
-                do_ca_sign(pw, argc, argv);
+                do_ca_sign(pw, ca_key_path, prefer_agent,
+                    cert_serial, cert_serial_autoinc, argc, argv);
         }
         if (show_cert)
                 do_show_cert(pw);
-        if (delete_host || hash_hosts || find_host)
-                do_known_hosts(pw, rr_hostname);
+        if (delete_host || hash_hosts || find_host) {
+                do_known_hosts(pw, rr_hostname, find_host,
+                    delete_host, hash_hosts);
+        }
         if (pkcs11provider != NULL)
                 do_download(pw);
         if (print_fingerprint || print_bubblebabble)
@@ -2730,7 +2733,7 @@ main(int argc, char **argv)
         if (change_passphrase)
                 do_change_passphrase(pw);
         if (change_comment)
-                do_change_comment(pw);
+                do_change_comment(pw, identity_comment);
 #ifdef WITH_OPENSSL
         if (convert_to)
                 do_convert_to(pw);
@@ -2743,23 +2746,28 @@ main(int argc, char **argv)
                 unsigned int n = 0;
 
                 if (have_identity) {
-                        n = do_print_resource_record(pw,
-                            identity_file, rr_hostname);
+                        n = do_print_resource_record(pw, identity_file,
+                            rr_hostname, print_generic);
                         if (n == 0)
                                 fatal("%s: %s", identity_file, strerror(errno));
                         exit(0);
                 } else {
 
                         n += do_print_resource_record(pw,
-                            _PATH_HOST_RSA_KEY_FILE, rr_hostname);
+                            _PATH_HOST_RSA_KEY_FILE, rr_hostname,
+                            print_generic);
                         n += do_print_resource_record(pw,
-                            _PATH_HOST_DSA_KEY_FILE, rr_hostname);
+                            _PATH_HOST_DSA_KEY_FILE, rr_hostname,
+                            print_generic);
                         n += do_print_resource_record(pw,
-                            _PATH_HOST_ECDSA_KEY_FILE, rr_hostname);
+                            _PATH_HOST_ECDSA_KEY_FILE, rr_hostname,
+                            print_generic);
                         n += do_print_resource_record(pw,
-                            _PATH_HOST_ED25519_KEY_FILE, rr_hostname);
+                            _PATH_HOST_ED25519_KEY_FILE, rr_hostname,
+                            print_generic);
                         n += do_print_resource_record(pw,
-                            _PATH_HOST_XMSS_KEY_FILE, rr_hostname);
+                            _PATH_HOST_XMSS_KEY_FILE, rr_hostname,
+                            print_generic);
                         if (n == 0)
                                 fatal("no keys found.");
                         exit(0);
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index 497ac0d9e..d372f7c7a 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -93,4 +93,4 @@ AUTHORS
      Davison <wayned@users.sourceforge.net> added support for protocol version
      2.
 
-OpenBSD 6.4                      March 5, 2018                     OpenBSD 6.4
+OpenBSD 6.5                      March 5, 2018                     OpenBSD 6.5
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 38b1c548b..2ed041559 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.126 2019/01/26 22:35:01 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -70,6 +70,8 @@ int hash_hosts = 0;		/* Hash hostname on output */
 
 int print_sshfp = 0;            /* Print SSHFP records instead of known_hosts */
 
+int found_one = 0;              /* Successfully found a key */
+
 #define MAXMAXFD 256
 
 /* The number of seconds after which to give up on a TCP connection */
@@ -83,8 +85,6 @@ fd_set *read_wait;
 size_t read_wait_nfdset;
 int ncon;
 
-struct ssh *active_state = NULL; /* XXX needed for linking */
-
 /*
  * Keep a connection structure for each file descriptor.  The state
  * associated with file descriptor n is held in fdcon[n].
@@ -262,18 +262,19 @@ keygrab_ssh2(con *c)
                 exit(1);
         }
 #ifdef WITH_OPENSSL
-        c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
-        c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
-        c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
-        c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client;
-        c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client;
+        c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client;
+        c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client;
+        c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client;
+        c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client;
+        c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client;
         c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
         c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
 # ifdef OPENSSL_HAS_ECC
-        c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+        c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
 # endif
 #endif
-        c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
+        c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
+        c->c_ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client;
         ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);
         /*
          * do the key-exchange until an error occurs or until
@@ -288,6 +289,8 @@ keyprint_one(const char *host, struct sshkey *key)
         char *hostport;
         const char *known_host, *hashed;
 
+        found_one = 1;
+
         if (print_sshfp) {
                 export_dns_rr(host, key, stdout, 0);
                 return;
@@ -803,5 +806,5 @@ main(int argc, char **argv)
         while (ncon > 0)
                 conloop();
 
-        return (0);
+        return found_one ? 0 : 1;
 }
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index db4355d29..172739ebd 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -49,4 +49,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.4                    February 17, 2016                   OpenBSD 6.4
+OpenBSD 6.5                    February 17, 2016                   OpenBSD 6.5
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 744ecb4f9..601f6ca72 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.55 2018/07/27 05:34:42 dtucker Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.56 2018/11/23 05:08:07 djm Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -40,6 +40,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
+#include "openbsd-compat/openssl-compat.h"
 #endif
 
 #include "xmalloc.h"
@@ -58,8 +59,6 @@
 #include "sshkey.h"
 #include "ssherr.h"
 
-struct ssh *active_state = NULL; /* XXX needed for linking */
-
 extern char *__progname;
 
 static int
@@ -173,9 +172,6 @@ main(int argc, char **argv)
         u_char *signature, *data, rver;
         char *host, *fp;
         size_t slen, dlen;
-#ifdef WITH_OPENSSL
-        u_int32_t rnd[256];
-#endif
 
         ssh_malloc_init();      /* must be called before any mallocs */
         if (pledge("stdio rpath getpw dns id", NULL) != 0)
@@ -210,7 +206,8 @@ main(int argc, char **argv)
 
         /* verify that ssh-keysign is enabled by the admin */
         initialize_options(&options);
-        (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", &options, 0);
+        (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "",
+            &options, 0, NULL);
         fill_default_options(&options);
         if (options.enable_ssh_keysign != 1)
                 fatal("ssh-keysign not enabled in %s",
@@ -223,12 +220,6 @@ main(int argc, char **argv)
         if (found == 0)
                 fatal("could not open any host key");
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-        arc4random_buf(rnd, sizeof(rnd));
-        RAND_seed(rnd, sizeof(rnd));
-#endif
-
         found = 0;
         for (i = 0; i < NUM_KEYTYPES; i++) {
                 keys[i] = NULL;
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index d1241ce67..e7860de89 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,6 +1,7 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.10 2018/07/09 21:59:10 markus Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.15 2019/01/21 12:53:35 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -30,6 +31,7 @@
 #include <unistd.h>
 #include <errno.h>
 
+#include <openssl/ecdsa.h>
 #include <openssl/rsa.h>
 
 #include "openbsd-compat/openssl-compat.h"
@@ -47,8 +49,8 @@
 
 /* borrows code from sftp-server and ssh-agent */
 
-int fd = -1;
-pid_t pid = -1;
+static int fd = -1;
+static pid_t pid = -1;
 
 static void
 send_msg(struct sshbuf *m)
@@ -113,22 +115,27 @@ pkcs11_terminate(void)
 }
 
 static int
-pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
-    int padding)
+rsa_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, int padding)
 {
-        struct sshkey key;      /* XXX */
-        u_char *blob, *signature = NULL;
+        struct sshkey *key = NULL;
+        struct sshbuf *msg = NULL;
+        u_char *blob = NULL, *signature = NULL;
         size_t blen, slen = 0;
         int r, ret = -1;
-        struct sshbuf *msg;
 
         if (padding != RSA_PKCS1_PADDING)
-                return (-1);
-        key.type = KEY_RSA;
-        key.rsa = rsa;
-        if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) {
+                goto fail;
+        key = sshkey_new(KEY_UNSPEC);
+        if (key == NULL) {
+                error("%s: sshkey_new failed", __func__);
+                goto fail;
+        }
+        key->type = KEY_RSA;
+        RSA_up_ref(rsa);
+        key->rsa = rsa;
+        if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) {
                 error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
-                return -1;
+                goto fail;
         }
         if ((msg = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
@@ -137,7 +144,6 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
             (r = sshbuf_put_string(msg, from, flen)) != 0 ||
             (r = sshbuf_put_u32(msg, 0)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        free(blob);
         send_msg(msg);
         sshbuf_reset(msg);
 
@@ -150,22 +156,115 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
                 }
                 free(signature);
         }
+ fail:
+        free(blob);
+        sshkey_free(key);
+        sshbuf_free(msg);
+        return (ret);
+}
+
+#ifdef HAVE_EC_KEY_METHOD_NEW
+static ECDSA_SIG *
+ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
+    const BIGNUM *rp, EC_KEY *ec)
+{
+        struct sshkey *key = NULL;
+        struct sshbuf *msg = NULL;
+        ECDSA_SIG *ret = NULL;
+        const u_char *cp;
+        u_char *blob = NULL, *signature = NULL;
+        size_t blen, slen = 0;
+        int r, nid;
+
+        nid = sshkey_ecdsa_key_to_nid(ec);
+        if (nid < 0) {
+                error("%s: couldn't get curve nid", __func__);
+                goto fail;
+        }
+
+        key = sshkey_new(KEY_UNSPEC);
+        if (key == NULL) {
+                error("%s: sshkey_new failed", __func__);
+                goto fail;
+        }
+        key->ecdsa = ec;
+        key->ecdsa_nid = nid;
+        key->type = KEY_ECDSA;
+        EC_KEY_up_ref(ec);
+
+        if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) {
+                error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
+                goto fail;
+        }
+        if ((msg = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
+        if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
+            (r = sshbuf_put_string(msg, blob, blen)) != 0 ||
+            (r = sshbuf_put_string(msg, dgst, dgst_len)) != 0 ||
+            (r = sshbuf_put_u32(msg, 0)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        send_msg(msg);
+        sshbuf_reset(msg);
+
+        if (recv_msg(msg) == SSH2_AGENT_SIGN_RESPONSE) {
+                if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
+                cp = signature;
+                ret = d2i_ECDSA_SIG(NULL, &cp, slen);
+                free(signature);
+        }
+
+ fail:
+        free(blob);
+        sshkey_free(key);
         sshbuf_free(msg);
         return (ret);
 }
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+
+static RSA_METHOD       *helper_rsa;
+#ifdef HAVE_EC_KEY_METHOD_NEW
+static EC_KEY_METHOD    *helper_ecdsa;
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+
+/* redirect private key crypto operations to the ssh-pkcs11-helper */
+static void
+wrap_key(struct sshkey *k)
+{
+        if (k->type == KEY_RSA)
+                RSA_set_method(k->rsa, helper_rsa);
+#ifdef HAVE_EC_KEY_METHOD_NEW
+        else if (k->type == KEY_ECDSA)
+                EC_KEY_set_method(k->ecdsa, helper_ecdsa);
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+        else
+                fatal("%s: unknown key type", __func__);
+}
 
-/* redirect the private key encrypt operation to the ssh-pkcs11-helper */
 static int
-wrap_key(RSA *rsa)
+pkcs11_start_helper_methods(void)
 {
-        static RSA_METHOD *helper_rsa;
+        if (helper_rsa != NULL)
+                return (0);
+
+#ifdef HAVE_EC_KEY_METHOD_NEW
+        int (*orig_sign)(int, const unsigned char *, int, unsigned char *,
+            unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL;
+        if (helper_ecdsa != NULL)
+                return (0);
+        helper_ecdsa = EC_KEY_METHOD_new(EC_KEY_OpenSSL());
+        if (helper_ecdsa == NULL)
+                return (-1);
+        EC_KEY_METHOD_get_sign(helper_ecdsa, &orig_sign, NULL, NULL);
+        EC_KEY_METHOD_set_sign(helper_ecdsa, orig_sign, NULL, ecdsa_do_sign);
+#endif /* HAVE_EC_KEY_METHOD_NEW */
 
         if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL)
                 fatal("%s: RSA_meth_dup failed", __func__);
         if (!RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper") ||
-            !RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt))
+            !RSA_meth_set_priv_enc(helper_rsa, rsa_encrypt))
                 fatal("%s: failed to prepare method", __func__);
-        RSA_set_method(rsa, helper_rsa);
+
         return (0);
 }
 
@@ -173,6 +272,15 @@ static int
 pkcs11_start_helper(void)
 {
         int pair[2];
+        char *helper, *verbosity = NULL;
+
+        if (log_level_get() >= SYSLOG_LEVEL_DEBUG1)
+                verbosity = "-vvv";
+
+        if (pkcs11_start_helper_methods() == -1) {
+                error("pkcs11_start_helper_methods failed");
+                return (-1);
+        }
 
         if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) {
                 error("socketpair: %s", strerror(errno));
@@ -189,10 +297,13 @@ pkcs11_start_helper(void)
                 }
                 close(pair[0]);
                 close(pair[1]);
-                execlp(_PATH_SSH_PKCS11_HELPER, _PATH_SSH_PKCS11_HELPER,
-                    (char *)NULL);
-                fprintf(stderr, "exec: %s: %s\n", _PATH_SSH_PKCS11_HELPER,
-                    strerror(errno));
+                helper = getenv("SSH_PKCS11_HELPER");
+                if (helper == NULL || strlen(helper) == 0)
+                        helper = _PATH_SSH_PKCS11_HELPER;
+                debug("%s: starting %s %s", __func__, helper,
+                    verbosity == NULL ? "" : verbosity);
+                execlp(helper, helper, verbosity, (char *)NULL);
+                fprintf(stderr, "exec: %s: %s\n", helper, strerror(errno));
                 _exit(1);
         }
         close(pair[1]);
@@ -204,7 +315,7 @@ int
 pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
 {
         struct sshkey *k;
-        int r;
+        int r, type;
         u_char *blob;
         size_t blen;
         u_int nkeys, i;
@@ -222,7 +333,8 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
         send_msg(msg);
         sshbuf_reset(msg);
 
-        if (recv_msg(msg) == SSH2_AGENT_IDENTITIES_ANSWER) {
+        type = recv_msg(msg);
+        if (type == SSH2_AGENT_IDENTITIES_ANSWER) {
                 if ((r = sshbuf_get_u32(msg, &nkeys)) != 0)
                         fatal("%s: buffer error: %s", __func__, ssh_err(r));
                 *keysp = xcalloc(nkeys, sizeof(struct sshkey *));
@@ -234,10 +346,13 @@ pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
                                     __func__, ssh_err(r));
                         if ((r = sshkey_from_blob(blob, blen, &k)) != 0)
                                 fatal("%s: bad key: %s", __func__, ssh_err(r));
-                        wrap_key(k->rsa);
+                        wrap_key(k);
                         (*keysp)[i] = k;
                         free(blob);
                 }
+        } else if (type == SSH2_AGENT_FAILURE) {
+                if ((r = sshbuf_get_u32(msg, &nkeys)) != 0)
+                        nkeys = -1;
         } else {
                 nkeys = -1;
         }
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index 4d5c9843b..22f690717 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -4,7 +4,7 @@ NAME
      ssh-pkcs11-helper M-bM-^@M-^S ssh-agent helper program for PKCS#11 support
 
 SYNOPSIS
-     ssh-pkcs11-helper
+     ssh-pkcs11-helper [-v]
 
 DESCRIPTION
      ssh-pkcs11-helper is used by ssh-agent(1) to access keys provided by a
@@ -13,6 +13,16 @@ DESCRIPTION
      ssh-pkcs11-helper is not intended to be invoked by the user, but from
      ssh-agent(1).
 
+     A single option is supported:
+
+     -v      Verbose mode.  Causes ssh-pkcs11-helper to print debugging
+             messages about its progress.  This is helpful in debugging
+             problems.  Multiple -v options increase the verbosity.  The
+             maximum is 3.
+
+             Note that ssh-agent(1) will automatically pass the -v flag to
+             ssh-pkcs11-helper when it has itself been placed in debug mode.
+
 SEE ALSO
      ssh(1), ssh-add(1), ssh-agent(1)
 
@@ -22,4 +32,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 6.4                      July 16, 2013                     OpenBSD 6.4
+OpenBSD 6.5                    January 21, 2019                    OpenBSD 6.5
diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8
index 3728c4e4e..ba5c30fa0 100644
--- a/ssh-pkcs11-helper.8
+++ b/ssh-pkcs11-helper.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $
+.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.5 2019/01/21 12:53:35 djm Exp $
 .\"
 .\" Copyright (c) 2010 Markus Friedl.  All rights reserved.
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: July 16 2013 $
+.Dd $Mdocdate: January 21 2019 $
 .Dt SSH-PKCS11-HELPER 8
 .Os
 .Sh NAME
@@ -22,6 +22,7 @@
 .Nd ssh-agent helper program for PKCS#11 support
 .Sh SYNOPSIS
 .Nm
+.Op Fl v
 .Sh DESCRIPTION
 .Nm
 is used by
@@ -31,6 +32,28 @@ to access keys provided by a PKCS#11 token.
 .Nm
 is not intended to be invoked by the user, but from
 .Xr ssh-agent 1 .
+.Pp
+A single option is supported:
+.Bl -tag -width Ds
+.It Fl v
+Verbose mode.
+Causes
+.Nm
+to print debugging messages about its progress.
+This is helpful in debugging problems.
+Multiple
+.Fl v
+options increase the verbosity.
+The maximum is 3.
+.Pp
+Note that
+.Xr ssh-agent 1
+will automatically pass the
+.Fl v
+flag to
+.Nm
+when it has itself been placed in debug mode.
+.El
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index 6301033c5..97fb1212c 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.14 2018/01/08 15:18:46 markus Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.17 2019/01/23 02:01:10 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -24,10 +24,11 @@
 
 #include "openbsd-compat/sys-queue.h"
 
+#include <errno.h>
+#include <poll.h>
 #include <stdarg.h>
 #include <string.h>
 #include <unistd.h>
-#include <errno.h>
 
 #include "xmalloc.h"
 #include "sshbuf.h"
@@ -110,7 +111,7 @@ static void
 process_add(void)
 {
         char *name, *pin;
-        struct sshkey **keys;
+        struct sshkey **keys = NULL;
         int r, i, nkeys;
         u_char *blob;
         size_t blen;
@@ -139,11 +140,13 @@ process_add(void)
                         free(blob);
                         add_key(keys[i], name);
                 }
-                free(keys);
         } else {
                 if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
                         fatal("%s: buffer error: %s", __func__, ssh_err(r));
+                if ((r = sshbuf_put_u32(msg, -nkeys)) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
         }
+        free(keys);
         free(pin);
         free(name);
         send_msg(msg);
@@ -192,15 +195,33 @@ process_sign(void)
         else {
                 if ((found = lookup_key(key)) != NULL) {
 #ifdef WITH_OPENSSL
+                        u_int xslen;
                         int ret;
 
-                        slen = RSA_size(key->rsa);
-                        signature = xmalloc(slen);
-                        if ((ret = RSA_private_encrypt(dlen, data, signature,
-                            found->rsa, RSA_PKCS1_PADDING)) != -1) {
-                                slen = ret;
-                                ok = 0;
-                        }
+                        if (key->type == KEY_RSA) {
+                                slen = RSA_size(key->rsa);
+                                signature = xmalloc(slen);
+                                ret = RSA_private_encrypt(dlen, data, signature,
+                                    found->rsa, RSA_PKCS1_PADDING);
+                                if (ret != -1) {
+                                        slen = ret;
+                                        ok = 0;
+                                }
+                        } else if (key->type == KEY_ECDSA) {
+                                xslen = ECDSA_size(key->ecdsa);
+                                signature = xmalloc(xslen);
+                                /* "The parameter type is ignored." */
+                                ret = ECDSA_sign(-1, data, dlen, signature,
+                                    &xslen, found->ecdsa);
+                                if (ret != 0)
+                                        ok = 0;
+                                else
+                                        error("%s: ECDSA_sign"
+                                            " returns %d", __func__, ret);
+                                slen = xslen;
+                        } else
+                                error("%s: don't know how to sign with key "
+                                    "type %d", __func__, (int)key->type);
 #endif /* WITH_OPENSSL */
                 }
                 sshkey_free(key);
@@ -287,27 +308,44 @@ cleanup_exit(int i)
         _exit(i);
 }
 
+
 int
 main(int argc, char **argv)
 {
-        fd_set *rset, *wset;
-        int r, in, out, max, log_stderr = 0;
-        ssize_t len, olen, set_size;
+        int r, ch, in, out, max, log_stderr = 0;
+        ssize_t len;
         SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
         LogLevel log_level = SYSLOG_LEVEL_ERROR;
         char buf[4*4096];
-
         extern char *__progname;
+        struct pollfd pfd[2];
 
         ssh_malloc_init();      /* must be called before any mallocs */
+        __progname = ssh_get_progname(argv[0]);
+        seed_rng();
         TAILQ_INIT(&pkcs11_keylist);
-        pkcs11_init(0);
 
-        seed_rng();
-        __progname = ssh_get_progname(argv[0]);
+        log_init(__progname, log_level, log_facility, log_stderr);
+
+        while ((ch = getopt(argc, argv, "v")) != -1) {
+                switch (ch) {
+                case 'v':
+                        log_stderr = 1;
+                        if (log_level == SYSLOG_LEVEL_ERROR)
+                                log_level = SYSLOG_LEVEL_DEBUG1;
+                        else if (log_level < SYSLOG_LEVEL_DEBUG3)
+                                log_level++;
+                        break;
+                default:
+                        fprintf(stderr, "usage: %s [-v]\n", __progname);
+                        exit(1);
+                }
+        }
 
         log_init(__progname, log_level, log_facility, log_stderr);
 
+        pkcs11_init(0);
+
         in = STDIN_FILENO;
         out = STDOUT_FILENO;
 
@@ -322,13 +360,10 @@ main(int argc, char **argv)
         if ((oqueue = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
 
-        set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
-        rset = xmalloc(set_size);
-        wset = xmalloc(set_size);
-
-        for (;;) {
-                memset(rset, 0, set_size);
-                memset(wset, 0, set_size);
+        while (1) {
+                memset(pfd, 0, sizeof(pfd));
+                pfd[0].fd = in;
+                pfd[1].fd = out;
 
                 /*
                  * Ensure that we can read a full buffer and handle
@@ -337,23 +372,21 @@ main(int argc, char **argv)
                  */
                 if ((r = sshbuf_check_reserve(iqueue, sizeof(buf))) == 0 &&
                     (r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0)
-                        FD_SET(in, rset);
+                        pfd[0].events = POLLIN;
                 else if (r != SSH_ERR_NO_BUFFER_SPACE)
                         fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
-                olen = sshbuf_len(oqueue);
-                if (olen > 0)
-                        FD_SET(out, wset);
+                if (sshbuf_len(oqueue) > 0)
+                        pfd[1].events = POLLOUT;
 
-                if (select(max+1, rset, wset, NULL, NULL) < 0) {
-                        if (errno == EINTR)
+                if ((r = poll(pfd, 2, -1 /* INFTIM */)) <= 0) {
+                        if (r == 0 || errno == EINTR)
                                 continue;
-                        error("select: %s", strerror(errno));
-                        cleanup_exit(2);
+                        fatal("poll: %s", strerror(errno));
                 }
 
                 /* copy stdin to iqueue */
-                if (FD_ISSET(in, rset)) {
+                if ((pfd[0].revents & (POLLIN|POLLERR)) != 0) {
                         len = read(in, buf, sizeof buf);
                         if (len == 0) {
                                 debug("read eof");
@@ -367,8 +400,9 @@ main(int argc, char **argv)
                         }
                 }
                 /* send oqueue to stdout */
-                if (FD_ISSET(out, wset)) {
-                        len = write(out, sshbuf_ptr(oqueue), olen);
+                if ((pfd[1].revents & (POLLOUT|POLLHUP)) != 0) {
+                        len = write(out, sshbuf_ptr(oqueue),
+                            sshbuf_len(oqueue));
                         if (len < 0) {
                                 error("write: %s", strerror(errno));
                                 cleanup_exit(1);
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 775de9642..70f06bffe 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,6 +1,7 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.43 2019/03/08 17:24:43 markus Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -19,20 +20,24 @@
 
 #ifdef ENABLE_PKCS11
 
-#include <sys/types.h>
 #ifdef HAVE_SYS_TIME_H
 # include <sys/time.h>
 #endif
+
+#include <sys/types.h>
 #include <stdarg.h>
 #include <stdio.h>
 
+#include <ctype.h>
 #include <string.h>
 #include <dlfcn.h>
 
 #include "openbsd-compat/sys-queue.h"
 #include "openbsd-compat/openssl-compat.h"
 
+#include <openssl/ecdsa.h>
 #include <openssl/x509.h>
+#include <openssl/err.h>
 
 #define CRYPTOKI_COMPAT
 #include "pkcs11.h"
@@ -67,14 +72,25 @@ TAILQ_HEAD(, pkcs11_provider) pkcs11_providers;
 struct pkcs11_key {
         struct pkcs11_provider  *provider;
         CK_ULONG                slotidx;
-        int                     (*orig_finish)(RSA *rsa);
-        RSA_METHOD              *rsa_method;
         char                    *keyid;
         int                     keyid_len;
 };
 
 int pkcs11_interactive = 0;
 
+#ifdef HAVE_EC_KEY_METHOD_NEW
+static void
+ossl_error(const char *msg)
+{
+        unsigned long    e;
+
+        error("%s: %s", __func__, msg);
+        while ((e = ERR_get_error()) != 0)
+                error("%s: libcrypto error: %.100s", __func__,
+                    ERR_error_string(e, NULL));
+}
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+
 int
 pkcs11_init(int interactive)
 {
@@ -84,9 +100,9 @@ pkcs11_init(int interactive)
 }
 
 /*
- * finalize a provider shared libarary, it's no longer usable.
+ * finalize a provider shared library, it's no longer usable.
  * however, there might still be keys referencing this provider,
- * so the actuall freeing of memory is handled by pkcs11_provider_unref().
+ * so the actual freeing of memory is handled by pkcs11_provider_unref().
  * this is called when a provider gets unregistered.
  */
 static void
@@ -123,6 +139,7 @@ pkcs11_provider_unref(struct pkcs11_provider *p)
         if (--p->refcount <= 0) {
                 if (p->valid)
                         error("pkcs11_provider_unref: %p still valid", p);
+                free(p->name);
                 free(p->slotlist);
                 free(p->slotinfo);
                 free(p);
@@ -171,23 +188,27 @@ pkcs11_del_provider(char *provider_id)
         return (-1);
 }
 
-/* openssl callback for freeing an RSA key */
-static int
-pkcs11_rsa_finish(RSA *rsa)
+static RSA_METHOD *rsa_method;
+static int rsa_idx = 0;
+#ifdef HAVE_EC_KEY_METHOD_NEW
+static EC_KEY_METHOD *ec_key_method;
+static int ec_key_idx = 0;
+#endif
+
+/* release a wrapped object */
+static void
+pkcs11_k11_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
+    long argl, void *argp)
 {
-        struct pkcs11_key       *k11;
-        int rv = -1;
+        struct pkcs11_key       *k11 = ptr;
 
-        if ((k11 = RSA_get_app_data(rsa)) != NULL) {
-                if (k11->orig_finish)
-                        rv = k11->orig_finish(rsa);
-                if (k11->provider)
-                        pkcs11_provider_unref(k11->provider);
-                RSA_meth_free(k11->rsa_method);
-                free(k11->keyid);
-                free(k11);
-        }
-        return (rv);
+        debug("%s: parent %p ptr %p idx %d", __func__, parent, ptr, idx);
+        if (k11 == NULL)
+                return;
+        if (k11->provider)
+                pkcs11_provider_unref(k11->provider);
+        free(k11->keyid);
+        free(k11);
 }
 
 /* find a single 'obj' for given attributes */
@@ -218,88 +239,193 @@ pkcs11_find(struct pkcs11_provider *p, CK_ULONG slotidx, CK_ATTRIBUTE *attr,
         return (ret);
 }
 
-/* openssl callback doing the actual signing operation */
 static int
-pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
-    int padding)
+pkcs11_login(struct pkcs11_key *k11, CK_USER_TYPE type)
 {
-        struct pkcs11_key       *k11;
         struct pkcs11_slotinfo  *si;
         CK_FUNCTION_LIST        *f;
-        CK_OBJECT_HANDLE        obj;
-        CK_ULONG                tlen = 0;
-        CK_RV                   rv;
-        CK_OBJECT_CLASS private_key_class = CKO_PRIVATE_KEY;
-        CK_BBOOL                true_val = CK_TRUE;
-        CK_MECHANISM            mech = {
-                CKM_RSA_PKCS, NULL_PTR, 0
-        };
-        CK_ATTRIBUTE            key_filter[] = {
-                {CKA_CLASS, NULL, sizeof(private_key_class) },
-                {CKA_ID, NULL, 0},
-                {CKA_SIGN, NULL, sizeof(true_val) }
-        };
         char                    *pin = NULL, prompt[1024];
-        int                     rval = -1;
+        CK_RV                    rv;
 
-        key_filter[0].pValue = &private_key_class;
-        key_filter[2].pValue = &true_val;
+        if (!k11->provider || !k11->provider->valid) {
+                error("no pkcs11 (valid) provider found");
+                return (-1);
+        }
+
+        f = k11->provider->function_list;
+        si = &k11->provider->slotinfo[k11->slotidx];
+
+        if (!pkcs11_interactive) {
+                error("need pin entry%s",
+                    (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) ?
+                    " on reader keypad" : "");
+                return (-1);
+        }
+        if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
+                verbose("Deferring PIN entry to reader keypad.");
+        else {
+                snprintf(prompt, sizeof(prompt), "Enter PIN for '%s': ",
+                    si->token.label);
+                if ((pin = read_passphrase(prompt, RP_ALLOW_EOF)) == NULL) {
+                        debug("%s: no pin specified", __func__);
+                        return (-1);    /* bail out */
+                }
+        }
+        rv = f->C_Login(si->session, type, (u_char *)pin,
+            (pin != NULL) ? strlen(pin) : 0);
+        if (pin != NULL)
+                freezero(pin, strlen(pin));
+        if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) {
+                error("C_Login failed: %lu", rv);
+                return (-1);
+        }
+        si->logged_in = 1;
+        return (0);
+}
+
+static int
+pkcs11_check_obj_bool_attrib(struct pkcs11_key *k11, CK_OBJECT_HANDLE obj,
+    CK_ATTRIBUTE_TYPE type, int *val)
+{
+        struct pkcs11_slotinfo  *si;
+        CK_FUNCTION_LIST        *f;
+        CK_BBOOL                flag = 0;
+        CK_ATTRIBUTE            attr;
+        CK_RV                    rv;
+
+        *val = 0;
 
-        if ((k11 = RSA_get_app_data(rsa)) == NULL) {
-                error("RSA_get_app_data failed for rsa %p", rsa);
+        if (!k11->provider || !k11->provider->valid) {
+                error("no pkcs11 (valid) provider found");
                 return (-1);
         }
+
+        f = k11->provider->function_list;
+        si = &k11->provider->slotinfo[k11->slotidx];
+
+        attr.type = type;
+        attr.pValue = &flag;
+        attr.ulValueLen = sizeof(flag);
+
+        rv = f->C_GetAttributeValue(si->session, obj, &attr, 1);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                return (-1);
+        }
+        *val = flag != 0;
+        debug("%s: provider %p slot %lu object %lu: attrib %lu = %d",
+            __func__, k11->provider, k11->slotidx, obj, type, *val);
+        return (0);
+}
+
+static int
+pkcs11_get_key(struct pkcs11_key *k11, CK_MECHANISM_TYPE mech_type)
+{
+        struct pkcs11_slotinfo  *si;
+        CK_FUNCTION_LIST        *f;
+        CK_OBJECT_HANDLE         obj;
+        CK_RV                    rv;
+        CK_OBJECT_CLASS          private_key_class;
+        CK_BBOOL                 true_val;
+        CK_MECHANISM             mech;
+        CK_ATTRIBUTE             key_filter[3];
+        int                      always_auth = 0;
+        int                      did_login = 0;
+
         if (!k11->provider || !k11->provider->valid) {
-                error("no pkcs11 (valid) provider for rsa %p", rsa);
+                error("no pkcs11 (valid) provider found");
                 return (-1);
         }
+
         f = k11->provider->function_list;
         si = &k11->provider->slotinfo[k11->slotidx];
+
         if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) {
-                if (!pkcs11_interactive) {
-                        error("need pin entry%s", (si->token.flags &
-                            CKF_PROTECTED_AUTHENTICATION_PATH) ?
-                            " on reader keypad" : "");
-                        return (-1);
-                }
-                if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH)
-                        verbose("Deferring PIN entry to reader keypad.");
-                else {
-                        snprintf(prompt, sizeof(prompt),
-                            "Enter PIN for '%s': ", si->token.label);
-                        pin = read_passphrase(prompt, RP_ALLOW_EOF);
-                        if (pin == NULL)
-                                return (-1);    /* bail out */
-                }
-                rv = f->C_Login(si->session, CKU_USER, (u_char *)pin,
-                    (pin != NULL) ? strlen(pin) : 0);
-                if (pin != NULL) {
-                        explicit_bzero(pin, strlen(pin));
-                        free(pin);
-                }
-                if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) {
-                        error("C_Login failed: %lu", rv);
+                if (pkcs11_login(k11, CKU_USER) < 0) {
+                        error("login failed");
                         return (-1);
                 }
-                si->logged_in = 1;
+                did_login = 1;
         }
+
+        memset(&key_filter, 0, sizeof(key_filter));
+        private_key_class = CKO_PRIVATE_KEY;
+        key_filter[0].type = CKA_CLASS;
+        key_filter[0].pValue = &private_key_class;
+        key_filter[0].ulValueLen = sizeof(private_key_class);
+
+        key_filter[1].type = CKA_ID;
         key_filter[1].pValue = k11->keyid;
         key_filter[1].ulValueLen = k11->keyid_len;
+
+        true_val = CK_TRUE;
+        key_filter[2].type = CKA_SIGN;
+        key_filter[2].pValue = &true_val;
+        key_filter[2].ulValueLen = sizeof(true_val);
+
         /* try to find object w/CKA_SIGN first, retry w/o */
         if (pkcs11_find(k11->provider, k11->slotidx, key_filter, 3, &obj) < 0 &&
             pkcs11_find(k11->provider, k11->slotidx, key_filter, 2, &obj) < 0) {
                 error("cannot find private key");
-        } else if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) {
+                return (-1);
+        }
+
+        memset(&mech, 0, sizeof(mech));
+        mech.mechanism = mech_type;
+        mech.pParameter = NULL_PTR;
+        mech.ulParameterLen = 0;
+
+        if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) {
                 error("C_SignInit failed: %lu", rv);
-        } else {
-                /* XXX handle CKR_BUFFER_TOO_SMALL */
-                tlen = RSA_size(rsa);
-                rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen);
-                if (rv == CKR_OK) 
-                        rval = tlen;
-                else 
-                        error("C_Sign failed: %lu", rv);
+                return (-1);
         }
+
+        pkcs11_check_obj_bool_attrib(k11, obj, CKA_ALWAYS_AUTHENTICATE,
+            &always_auth); /* ignore errors here */
+        if (always_auth && !did_login) {
+                debug("%s: always-auth key", __func__);
+                if (pkcs11_login(k11, CKU_CONTEXT_SPECIFIC) < 0) {
+                        error("login failed for always-auth key");
+                        return (-1);
+                }
+        }
+
+        return (0);
+}
+
+/* openssl callback doing the actual signing operation */
+static int
+pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
+    int padding)
+{
+        struct pkcs11_key       *k11;
+        struct pkcs11_slotinfo  *si;
+        CK_FUNCTION_LIST        *f;
+        CK_ULONG                tlen = 0;
+        CK_RV                   rv;
+        int                     rval = -1;
+
+        if ((k11 = RSA_get_ex_data(rsa, rsa_idx)) == NULL) {
+                error("RSA_get_ex_data failed for rsa %p", rsa);
+                return (-1);
+        }
+
+        if (pkcs11_get_key(k11, CKM_RSA_PKCS) == -1) {
+                error("pkcs11_get_key failed");
+                return (-1);
+        }
+
+        f = k11->provider->function_list;
+        si = &k11->provider->slotinfo[k11->slotidx];
+        tlen = RSA_size(rsa);
+
+        /* XXX handle CKR_BUFFER_TOO_SMALL */
+        rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen);
+        if (rv == CKR_OK)
+                rval = tlen;
+        else
+                error("C_Sign failed: %lu", rv);
+
         return (rval);
 }
 
@@ -310,13 +436,36 @@ pkcs11_rsa_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
         return (-1);
 }
 
+static int
+pkcs11_rsa_start_wrapper(void)
+{
+        if (rsa_method != NULL)
+                return (0);
+        rsa_method = RSA_meth_dup(RSA_get_default_method());
+        if (rsa_method == NULL)
+                return (-1);
+        rsa_idx = RSA_get_ex_new_index(0, "ssh-pkcs11-rsa",
+            NULL, NULL, pkcs11_k11_free);
+        if (rsa_idx == -1)
+                return (-1);
+        if (!RSA_meth_set1_name(rsa_method, "pkcs11") ||
+            !RSA_meth_set_priv_enc(rsa_method, pkcs11_rsa_private_encrypt) ||
+            !RSA_meth_set_priv_dec(rsa_method, pkcs11_rsa_private_decrypt)) {
+                error("%s: setup pkcs11 method failed", __func__);
+                return (-1);
+        }
+        return (0);
+}
+
 /* redirect private key operations for rsa key to pkcs11 token */
 static int
 pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
     CK_ATTRIBUTE *keyid_attrib, RSA *rsa)
 {
         struct pkcs11_key       *k11;
-        const RSA_METHOD        *def = RSA_get_default_method();
+
+        if (pkcs11_rsa_start_wrapper() == -1)
+                return (-1);
 
         k11 = xcalloc(1, sizeof(*k11));
         k11->provider = provider;
@@ -328,22 +477,126 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
                 k11->keyid = xmalloc(k11->keyid_len);
                 memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
         }
-        k11->rsa_method = RSA_meth_dup(def);
-        if (k11->rsa_method == NULL)
-                fatal("%s: RSA_meth_dup failed", __func__);
-        k11->orig_finish = RSA_meth_get_finish(def);
-        if (!RSA_meth_set1_name(k11->rsa_method, "pkcs11") ||
-            !RSA_meth_set_priv_enc(k11->rsa_method,
-            pkcs11_rsa_private_encrypt) ||
-            !RSA_meth_set_priv_dec(k11->rsa_method,
-            pkcs11_rsa_private_decrypt) ||
-            !RSA_meth_set_finish(k11->rsa_method, pkcs11_rsa_finish))
-                fatal("%s: setup pkcs11 method failed", __func__);
-        RSA_set_method(rsa, k11->rsa_method);
-        RSA_set_app_data(rsa, k11);
+
+        RSA_set_method(rsa, rsa_method);
+        RSA_set_ex_data(rsa, rsa_idx, k11);
         return (0);
 }
 
+#ifdef HAVE_EC_KEY_METHOD_NEW
+/* openssl callback doing the actual signing operation */
+static ECDSA_SIG *
+ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
+    const BIGNUM *rp, EC_KEY *ec)
+{
+        struct pkcs11_key       *k11;
+        struct pkcs11_slotinfo  *si;
+        CK_FUNCTION_LIST        *f;
+        CK_ULONG                siglen = 0, bnlen;
+        CK_RV                   rv;
+        ECDSA_SIG               *ret = NULL;
+        u_char                  *sig;
+        BIGNUM                  *r = NULL, *s = NULL;
+
+        if ((k11 = EC_KEY_get_ex_data(ec, ec_key_idx)) == NULL) {
+                ossl_error("EC_KEY_get_key_method_data failed for ec");
+                return (NULL);
+        }
+
+        if (pkcs11_get_key(k11, CKM_ECDSA) == -1) {
+                error("pkcs11_get_key failed");
+                return (NULL);
+        }
+
+        f = k11->provider->function_list;
+        si = &k11->provider->slotinfo[k11->slotidx];
+
+        siglen = ECDSA_size(ec);
+        sig = xmalloc(siglen);
+
+        /* XXX handle CKR_BUFFER_TOO_SMALL */
+        rv = f->C_Sign(si->session, (CK_BYTE *)dgst, dgst_len, sig, &siglen);
+        if (rv != CKR_OK) {
+                error("C_Sign failed: %lu", rv);
+                goto done;
+        }
+        if (siglen < 64 || siglen > 132 || siglen % 2) {
+                ossl_error("d2i_ECDSA_SIG failed");
+                goto done;
+        }
+        bnlen = siglen/2;
+        if ((ret = ECDSA_SIG_new()) == NULL) {
+                error("ECDSA_SIG_new failed");
+                goto done;
+        }
+        if ((r = BN_bin2bn(sig, bnlen, NULL)) == NULL ||
+            (s = BN_bin2bn(sig+bnlen, bnlen, NULL)) == NULL) {
+                ossl_error("d2i_ECDSA_SIG failed");
+                ECDSA_SIG_free(ret);
+                ret = NULL;
+                goto done;
+        }
+        if (!ECDSA_SIG_set0(ret, r, s)) {
+                error("%s: ECDSA_SIG_set0 failed", __func__);
+                ECDSA_SIG_free(ret);
+                ret = NULL;
+                goto done;
+        }
+        r = s = NULL; /* now owned by ret */
+        /* success */
+ done:
+        BN_free(r);
+        BN_free(s);
+        free(sig);
+
+        return (ret);
+}
+
+static int
+pkcs11_ecdsa_start_wrapper(void)
+{
+        int (*orig_sign)(int, const unsigned char *, int, unsigned char *,
+            unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL;
+
+        if (ec_key_method != NULL)
+                return (0);
+        ec_key_idx = EC_KEY_get_ex_new_index(0, "ssh-pkcs11-ecdsa",
+            NULL, NULL, pkcs11_k11_free);
+        if (ec_key_idx == -1)
+                return (-1);
+        ec_key_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL());
+        if (ec_key_method == NULL)
+                return (-1);
+        EC_KEY_METHOD_get_sign(ec_key_method, &orig_sign, NULL, NULL);
+        EC_KEY_METHOD_set_sign(ec_key_method, orig_sign, NULL, ecdsa_do_sign);
+        return (0);
+}
+
+static int
+pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
+    CK_ATTRIBUTE *keyid_attrib, EC_KEY *ec)
+{
+        struct pkcs11_key       *k11;
+
+        if (pkcs11_ecdsa_start_wrapper() == -1)
+                return (-1);
+
+        k11 = xcalloc(1, sizeof(*k11));
+        k11->provider = provider;
+        provider->refcount++;   /* provider referenced by ECDSA key */
+        k11->slotidx = slotidx;
+        /* identify key object on smartcard */
+        k11->keyid_len = keyid_attrib->ulValueLen;
+        k11->keyid = xmalloc(k11->keyid_len);
+        memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
+
+        EC_KEY_set_method(ec, ec_key_method);
+        EC_KEY_set_ex_data(ec, ec_key_idx, k11);
+
+        return (0);
+}
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+
 /* remove trailing spaces */
 static void
 rmspace(u_char *buf, size_t len)
@@ -364,79 +617,66 @@ rmspace(u_char *buf, size_t len)
  * if pin == NULL we delay login until key use
  */
 static int
-pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin)
+pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin,
+    CK_ULONG user)
 {
-        CK_RV                   rv;
+        struct pkcs11_slotinfo  *si;
         CK_FUNCTION_LIST        *f;
+        CK_RV                   rv;
         CK_SESSION_HANDLE       session;
-        int                     login_required;
+        int                     login_required, have_pinpad, ret;
+        char                    prompt[1024], *xpin = NULL;
 
         f = p->function_list;
-        login_required = p->slotinfo[slotidx].token.flags & CKF_LOGIN_REQUIRED;
-        if (pin && login_required && !strlen(pin)) {
+        si = &p->slotinfo[slotidx];
+
+        have_pinpad = si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH;
+        login_required = si->token.flags & CKF_LOGIN_REQUIRED;
+
+        /* fail early before opening session */
+        if (login_required && !have_pinpad && !pkcs11_interactive &&
+            (pin == NULL || strlen(pin) == 0)) {
                 error("pin required");
-                return (-1);
+                return (-SSH_PKCS11_ERR_PIN_REQUIRED);
         }
         if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION|
-            CKF_SERIAL_SESSION, NULL, NULL, &session))
-            != CKR_OK) {
+            CKF_SERIAL_SESSION, NULL, NULL, &session)) != CKR_OK) {
                 error("C_OpenSession failed: %lu", rv);
                 return (-1);
         }
-        if (login_required && pin) {
-                rv = f->C_Login(session, CKU_USER,
-                    (u_char *)pin, strlen(pin));
+        if (login_required) {
+                if (have_pinpad && (pin == NULL || strlen(pin) == 0)) {
+                        /* defer PIN entry to the reader keypad */
+                        rv = f->C_Login(session, CKU_USER, NULL_PTR, 0);
+                } else {
+                        if (pkcs11_interactive) {
+                                snprintf(prompt, sizeof(prompt),
+                                    "Enter PIN for '%s': ", si->token.label);
+                                if ((xpin = read_passphrase(prompt,
+                                    RP_ALLOW_EOF)) == NULL) {
+                                        debug("%s: no pin specified",
+                                            __func__);
+                                        return (-SSH_PKCS11_ERR_PIN_REQUIRED);
+                                }
+                                pin = xpin;
+                        }
+                        rv = f->C_Login(session, CKU_USER,
+                            (u_char *)pin, strlen(pin));
+                        if (xpin != NULL)
+                                freezero(xpin, strlen(xpin));
+                }
                 if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) {
                         error("C_Login failed: %lu", rv);
+                        ret = (rv == CKR_PIN_LOCKED) ?
+                            -SSH_PKCS11_ERR_PIN_LOCKED :
+                            -SSH_PKCS11_ERR_LOGIN_FAIL;
                         if ((rv = f->C_CloseSession(session)) != CKR_OK)
                                 error("C_CloseSession failed: %lu", rv);
-                        return (-1);
+                        return (ret);
                 }
-                p->slotinfo[slotidx].logged_in = 1;
+                si->logged_in = 1;
         }
-        p->slotinfo[slotidx].session = session;
-        return (0);
-}
-
-/*
- * lookup public keys for token in slot identified by slotidx,
- * add 'wrapped' public keys to the 'keysp' array and increment nkeys.
- * keysp points to an (possibly empty) array with *nkeys keys.
- */
-static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG,
-    CK_ATTRIBUTE [], CK_ATTRIBUTE [3], struct sshkey ***, int *)
-        __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))));
-
-static int
-pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
-    struct sshkey ***keysp, int *nkeys)
-{
-        CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY;
-        CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
-        CK_ATTRIBUTE            pubkey_filter[] = {
-                { CKA_CLASS, NULL, sizeof(pubkey_class) }
-        };
-        CK_ATTRIBUTE            cert_filter[] = {
-                { CKA_CLASS, NULL, sizeof(cert_class) }
-        };
-        CK_ATTRIBUTE            pubkey_attribs[] = {
-                { CKA_ID, NULL, 0 },
-                { CKA_MODULUS, NULL, 0 },
-                { CKA_PUBLIC_EXPONENT, NULL, 0 }
-        };
-        CK_ATTRIBUTE            cert_attribs[] = {
-                { CKA_ID, NULL, 0 },
-                { CKA_SUBJECT, NULL, 0 },
-                { CKA_VALUE, NULL, 0 }
-        };
-        pubkey_filter[0].pValue = &pubkey_class;
-        cert_filter[0].pValue = &cert_class;
-
-        if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs,
-            keysp, nkeys) < 0 ||
-            pkcs11_fetch_keys_filter(p, slotidx, cert_filter, cert_attribs,
-            keysp, nkeys) < 0)
-                return (-1);
+        si->session = session;
         return (0);
 }
 
@@ -451,6 +691,364 @@ pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key)
         return (0);
 }
 
+#ifdef HAVE_EC_KEY_METHOD_NEW
+static struct sshkey *
+pkcs11_fetch_ecdsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
+    CK_OBJECT_HANDLE *obj)
+{
+        CK_ATTRIBUTE             key_attr[3];
+        CK_SESSION_HANDLE        session;
+        CK_FUNCTION_LIST        *f = NULL;
+        CK_RV                    rv;
+        ASN1_OCTET_STRING       *octet = NULL;
+        EC_KEY                  *ec = NULL;
+        EC_GROUP                *group = NULL;
+        struct sshkey           *key = NULL;
+        const unsigned char     *attrp = NULL;
+        int                      i;
+        int                      nid;
+
+        memset(&key_attr, 0, sizeof(key_attr));
+        key_attr[0].type = CKA_ID;
+        key_attr[1].type = CKA_EC_POINT;
+        key_attr[2].type = CKA_EC_PARAMS;
+
+        session = p->slotinfo[slotidx].session;
+        f = p->function_list;
+
+        /* figure out size of the attributes */
+        rv = f->C_GetAttributeValue(session, *obj, key_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                return (NULL);
+        }
+
+        /*
+         * Allow CKA_ID (always first attribute) to be empty, but
+         * ensure that none of the others are zero length.
+         * XXX assumes CKA_ID is always first.
+         */
+        if (key_attr[1].ulValueLen == 0 ||
+            key_attr[2].ulValueLen == 0) {
+                error("invalid attribute length");
+                return (NULL);
+        }
+
+        /* allocate buffers for attributes */
+        for (i = 0; i < 3; i++)
+                if (key_attr[i].ulValueLen > 0)
+                        key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen);
+
+        /* retrieve ID, public point and curve parameters of EC key */
+        rv = f->C_GetAttributeValue(session, *obj, key_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                goto fail;
+        }
+
+        ec = EC_KEY_new();
+        if (ec == NULL) {
+                error("EC_KEY_new failed");
+                goto fail;
+        }
+
+        attrp = key_attr[2].pValue;
+        group = d2i_ECPKParameters(NULL, &attrp, key_attr[2].ulValueLen);
+        if (group == NULL) {
+                ossl_error("d2i_ECPKParameters failed");
+                goto fail;
+        }
+
+        if (EC_KEY_set_group(ec, group) == 0) {
+                ossl_error("EC_KEY_set_group failed");
+                goto fail;
+        }
+
+        if (key_attr[1].ulValueLen <= 2) {
+                error("CKA_EC_POINT too small");
+                goto fail;
+        }
+
+        attrp = key_attr[1].pValue;
+        octet = d2i_ASN1_OCTET_STRING(NULL, &attrp, key_attr[1].ulValueLen);
+        if (octet == NULL) {
+                ossl_error("d2i_ASN1_OCTET_STRING failed");
+                goto fail;
+        }
+        attrp = octet->data;
+        if (o2i_ECPublicKey(&ec, &attrp, octet->length) == NULL) {
+                ossl_error("o2i_ECPublicKey failed");
+                goto fail;
+        }
+
+        nid = sshkey_ecdsa_key_to_nid(ec);
+        if (nid < 0) {
+                error("couldn't get curve nid");
+                goto fail;
+        }
+
+        if (pkcs11_ecdsa_wrap(p, slotidx, &key_attr[0], ec))
+                goto fail;
+
+        key = sshkey_new(KEY_UNSPEC);
+        if (key == NULL) {
+                error("sshkey_new failed");
+                goto fail;
+        }
+
+        key->ecdsa = ec;
+        key->ecdsa_nid = nid;
+        key->type = KEY_ECDSA;
+        key->flags |= SSHKEY_FLAG_EXT;
+        ec = NULL;      /* now owned by key */
+
+fail:
+        for (i = 0; i < 3; i++)
+                free(key_attr[i].pValue);
+        if (ec)
+                EC_KEY_free(ec);
+        if (group)
+                EC_GROUP_free(group);
+        if (octet)
+                ASN1_OCTET_STRING_free(octet);
+
+        return (key);
+}
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+
+static struct sshkey *
+pkcs11_fetch_rsa_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
+    CK_OBJECT_HANDLE *obj)
+{
+        CK_ATTRIBUTE             key_attr[3];
+        CK_SESSION_HANDLE        session;
+        CK_FUNCTION_LIST        *f = NULL;
+        CK_RV                    rv;
+        RSA                     *rsa = NULL;
+        BIGNUM                  *rsa_n, *rsa_e;
+        struct sshkey           *key = NULL;
+        int                      i;
+
+        memset(&key_attr, 0, sizeof(key_attr));
+        key_attr[0].type = CKA_ID;
+        key_attr[1].type = CKA_MODULUS;
+        key_attr[2].type = CKA_PUBLIC_EXPONENT;
+
+        session = p->slotinfo[slotidx].session;
+        f = p->function_list;
+
+        /* figure out size of the attributes */
+        rv = f->C_GetAttributeValue(session, *obj, key_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                return (NULL);
+        }
+
+        /*
+         * Allow CKA_ID (always first attribute) to be empty, but
+         * ensure that none of the others are zero length.
+         * XXX assumes CKA_ID is always first.
+         */
+        if (key_attr[1].ulValueLen == 0 ||
+            key_attr[2].ulValueLen == 0) {
+                error("invalid attribute length");
+                return (NULL);
+        }
+
+        /* allocate buffers for attributes */
+        for (i = 0; i < 3; i++)
+                if (key_attr[i].ulValueLen > 0)
+                        key_attr[i].pValue = xcalloc(1, key_attr[i].ulValueLen);
+
+        /* retrieve ID, modulus and public exponent of RSA key */
+        rv = f->C_GetAttributeValue(session, *obj, key_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                goto fail;
+        }
+
+        rsa = RSA_new();
+        if (rsa == NULL) {
+                error("RSA_new failed");
+                goto fail;
+        }
+
+        rsa_n = BN_bin2bn(key_attr[1].pValue, key_attr[1].ulValueLen, NULL);
+        rsa_e = BN_bin2bn(key_attr[2].pValue, key_attr[2].ulValueLen, NULL);
+        if (rsa_n == NULL || rsa_e == NULL) {
+                error("BN_bin2bn failed");
+                goto fail;
+        }
+        if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL))
+                fatal("%s: set key", __func__);
+        rsa_n = rsa_e = NULL; /* transferred */
+
+        if (pkcs11_rsa_wrap(p, slotidx, &key_attr[0], rsa))
+                goto fail;
+
+        key = sshkey_new(KEY_UNSPEC);
+        if (key == NULL) {
+                error("sshkey_new failed");
+                goto fail;
+        }
+
+        key->rsa = rsa;
+        key->type = KEY_RSA;
+        key->flags |= SSHKEY_FLAG_EXT;
+        rsa = NULL;     /* now owned by key */
+
+fail:
+        for (i = 0; i < 3; i++)
+                free(key_attr[i].pValue);
+        RSA_free(rsa);
+
+        return (key);
+}
+
+static struct sshkey *
+pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
+    CK_OBJECT_HANDLE *obj)
+{
+        CK_ATTRIBUTE             cert_attr[3];
+        CK_SESSION_HANDLE        session;
+        CK_FUNCTION_LIST        *f = NULL;
+        CK_RV                    rv;
+        X509                    *x509 = NULL;
+        EVP_PKEY                *evp;
+        RSA                     *rsa = NULL;
+        EC_KEY                  *ec = NULL;
+        struct sshkey           *key = NULL;
+        int                      i;
+#ifdef HAVE_EC_KEY_METHOD_NEW
+        int                      nid;
+#endif
+        const u_char             *cp;
+
+        memset(&cert_attr, 0, sizeof(cert_attr));
+        cert_attr[0].type = CKA_ID;
+        cert_attr[1].type = CKA_SUBJECT;
+        cert_attr[2].type = CKA_VALUE;
+
+        session = p->slotinfo[slotidx].session;
+        f = p->function_list;
+
+        /* figure out size of the attributes */
+        rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                return (NULL);
+        }
+
+        /*
+         * Allow CKA_ID (always first attribute) to be empty, but
+         * ensure that none of the others are zero length.
+         * XXX assumes CKA_ID is always first.
+         */
+        if (cert_attr[1].ulValueLen == 0 ||
+            cert_attr[2].ulValueLen == 0) {
+                error("invalid attribute length");
+                return (NULL);
+        }
+
+        /* allocate buffers for attributes */
+        for (i = 0; i < 3; i++)
+                if (cert_attr[i].ulValueLen > 0)
+                        cert_attr[i].pValue = xcalloc(1, cert_attr[i].ulValueLen);
+
+        /* retrieve ID, subject and value of certificate */
+        rv = f->C_GetAttributeValue(session, *obj, cert_attr, 3);
+        if (rv != CKR_OK) {
+                error("C_GetAttributeValue failed: %lu", rv);
+                goto fail;
+        }
+
+        x509 = X509_new();
+        if (x509 == NULL) {
+                error("x509_new failed");
+                goto fail;
+        }
+
+        cp = cert_attr[2].pValue;
+        if (d2i_X509(&x509, &cp, cert_attr[2].ulValueLen) == NULL) {
+                error("d2i_x509 failed");
+                goto fail;
+        }
+
+        evp = X509_get_pubkey(x509);
+        if (evp == NULL) {
+                error("X509_get_pubkey failed");
+                goto fail;
+        }
+
+        if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) {
+                if (EVP_PKEY_get0_RSA(evp) == NULL) {
+                        error("invalid x509; no rsa key");
+                        goto fail;
+                }
+                if ((rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(evp))) == NULL) {
+                        error("RSAPublicKey_dup failed");
+                        goto fail;
+                }
+
+                if (pkcs11_rsa_wrap(p, slotidx, &cert_attr[0], rsa))
+                        goto fail;
+
+                key = sshkey_new(KEY_UNSPEC);
+                if (key == NULL) {
+                        error("sshkey_new failed");
+                        goto fail;
+                }
+
+                key->rsa = rsa;
+                key->type = KEY_RSA;
+                key->flags |= SSHKEY_FLAG_EXT;
+                rsa = NULL;     /* now owned by key */
+#ifdef HAVE_EC_KEY_METHOD_NEW
+        } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
+                if (EVP_PKEY_get0_EC_KEY(evp) == NULL) {
+                        error("invalid x509; no ec key");
+                        goto fail;
+                }
+                if ((ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(evp))) == NULL) {
+                        error("EC_KEY_dup failed");
+                        goto fail;
+                }
+
+                nid = sshkey_ecdsa_key_to_nid(ec);
+                if (nid < 0) {
+                        error("couldn't get curve nid");
+                        goto fail;
+                }
+
+                if (pkcs11_ecdsa_wrap(p, slotidx, &cert_attr[0], ec))
+                        goto fail;
+
+                key = sshkey_new(KEY_UNSPEC);
+                if (key == NULL) {
+                        error("sshkey_new failed");
+                        goto fail;
+                }
+
+                key->ecdsa = ec;
+                key->ecdsa_nid = nid;
+                key->type = KEY_ECDSA;
+                key->flags |= SSHKEY_FLAG_EXT;
+                ec = NULL;      /* now owned by key */
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+        } else
+                error("unknown certificate key type");
+
+fail:
+        for (i = 0; i < 3; i++)
+                free(cert_attr[i].pValue);
+        X509_free(x509);
+        RSA_free(rsa);
+        EC_KEY_free(ec);
+
+        return (key);
+}
+
+#if 0
 static int
 have_rsa_key(const RSA *rsa)
 {
@@ -459,140 +1057,402 @@ have_rsa_key(const RSA *rsa)
         RSA_get0_key(rsa, &rsa_n, &rsa_e, NULL);
         return rsa_n != NULL && rsa_e != NULL;
 }
+#endif
 
+/*
+ * lookup certificates for token in slot identified by slotidx,
+ * add 'wrapped' public keys to the 'keysp' array and increment nkeys.
+ * keysp points to an (possibly empty) array with *nkeys keys.
+ */
 static int
-pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
-    CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3],
+pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx,
     struct sshkey ***keysp, int *nkeys)
 {
-        struct sshkey           *key;
-        RSA                     *rsa;
-        X509                    *x509;
-        EVP_PKEY                *evp;
-        int                     i;
-        const u_char            *cp;
-        CK_RV                   rv;
-        CK_OBJECT_HANDLE        obj;
-        CK_ULONG                nfound;
-        CK_SESSION_HANDLE       session;
-        CK_FUNCTION_LIST        *f;
+        struct sshkey           *key = NULL;
+        CK_OBJECT_CLASS          key_class;
+        CK_ATTRIBUTE             key_attr[1];
+        CK_SESSION_HANDLE        session;
+        CK_FUNCTION_LIST        *f = NULL;
+        CK_RV                    rv;
+        CK_OBJECT_HANDLE         obj;
+        CK_ULONG                 n = 0;
+        int                      ret = -1;
+
+        memset(&key_attr, 0, sizeof(key_attr));
+        memset(&obj, 0, sizeof(obj));
+
+        key_class = CKO_CERTIFICATE;
+        key_attr[0].type = CKA_CLASS;
+        key_attr[0].pValue = &key_class;
+        key_attr[0].ulValueLen = sizeof(key_class);
 
-        f = p->function_list;
         session = p->slotinfo[slotidx].session;
-        /* setup a filter the looks for public keys */
-        if ((rv = f->C_FindObjectsInit(session, filter, 1)) != CKR_OK) {
+        f = p->function_list;
+
+        rv = f->C_FindObjectsInit(session, key_attr, 1);
+        if (rv != CKR_OK) {
                 error("C_FindObjectsInit failed: %lu", rv);
-                return (-1);
+                goto fail;
         }
+
         while (1) {
-                /* XXX 3 attributes in attribs[] */
-                for (i = 0; i < 3; i++) {
-                        attribs[i].pValue = NULL;
-                        attribs[i].ulValueLen = 0;
+                CK_CERTIFICATE_TYPE     ck_cert_type;
+
+                rv = f->C_FindObjects(session, &obj, 1, &n);
+                if (rv != CKR_OK) {
+                        error("C_FindObjects failed: %lu", rv);
+                        goto fail;
                 }
-                if ((rv = f->C_FindObjects(session, &obj, 1, &nfound)) != CKR_OK
-                    || nfound == 0)
+                if (n == 0)
                         break;
-                /* found a key, so figure out size of the attributes */
-                if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3))
-                    != CKR_OK) {
+
+                memset(&ck_cert_type, 0, sizeof(ck_cert_type));
+                memset(&key_attr, 0, sizeof(key_attr));
+                key_attr[0].type = CKA_CERTIFICATE_TYPE;
+                key_attr[0].pValue = &ck_cert_type;
+                key_attr[0].ulValueLen = sizeof(ck_cert_type);
+
+                rv = f->C_GetAttributeValue(session, obj, key_attr, 1);
+                if (rv != CKR_OK) {
                         error("C_GetAttributeValue failed: %lu", rv);
-                        continue;
+                        goto fail;
                 }
-                /*
-                 * Allow CKA_ID (always first attribute) to be empty, but
-                 * ensure that none of the others are zero length.
-                 * XXX assumes CKA_ID is always first.
-                 */
-                if (attribs[1].ulValueLen == 0 ||
-                    attribs[2].ulValueLen == 0) {
+
+                switch (ck_cert_type) {
+                case CKC_X_509:
+                        key = pkcs11_fetch_x509_pubkey(p, slotidx, &obj);
+                        break;
+                default:
+                        /* XXX print key type? */
+                        key = NULL;
+                        error("skipping unsupported certificate type");
+                }
+
+                if (key == NULL) {
+                        error("failed to fetch key");
                         continue;
                 }
-                /* allocate buffers for attributes */
-                for (i = 0; i < 3; i++) {
-                        if (attribs[i].ulValueLen > 0) {
-                                attribs[i].pValue = xmalloc(
-                                    attribs[i].ulValueLen);
-                        }
+
+                if (pkcs11_key_included(keysp, nkeys, key)) {
+                        sshkey_free(key);
+                } else {
+                        /* expand key array and add key */
+                        *keysp = xrecallocarray(*keysp, *nkeys,
+                            *nkeys + 1, sizeof(struct sshkey *));
+                        (*keysp)[*nkeys] = key;
+                        *nkeys = *nkeys + 1;
+                        debug("have %d keys", *nkeys);
                 }
+        }
 
-                /*
-                 * retrieve ID, modulus and public exponent of RSA key,
-                 * or ID, subject and value for certificates.
-                 */
-                rsa = NULL;
-                if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3))
-                    != CKR_OK) {
+        ret = 0;
+fail:
+        rv = f->C_FindObjectsFinal(session);
+        if (rv != CKR_OK) {
+                error("C_FindObjectsFinal failed: %lu", rv);
+                ret = -1;
+        }
+
+        return (ret);
+}
+
+/*
+ * lookup public keys for token in slot identified by slotidx,
+ * add 'wrapped' public keys to the 'keysp' array and increment nkeys.
+ * keysp points to an (possibly empty) array with *nkeys keys.
+ */
+static int
+pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
+    struct sshkey ***keysp, int *nkeys)
+{
+        struct sshkey           *key = NULL;
+        CK_OBJECT_CLASS          key_class;
+        CK_ATTRIBUTE             key_attr[1];
+        CK_SESSION_HANDLE        session;
+        CK_FUNCTION_LIST        *f = NULL;
+        CK_RV                    rv;
+        CK_OBJECT_HANDLE         obj;
+        CK_ULONG                 n = 0;
+        int                      ret = -1;
+
+        memset(&key_attr, 0, sizeof(key_attr));
+        memset(&obj, 0, sizeof(obj));
+
+        key_class = CKO_PUBLIC_KEY;
+        key_attr[0].type = CKA_CLASS;
+        key_attr[0].pValue = &key_class;
+        key_attr[0].ulValueLen = sizeof(key_class);
+
+        session = p->slotinfo[slotidx].session;
+        f = p->function_list;
+
+        rv = f->C_FindObjectsInit(session, key_attr, 1);
+        if (rv != CKR_OK) {
+                error("C_FindObjectsInit failed: %lu", rv);
+                goto fail;
+        }
+
+        while (1) {
+                CK_KEY_TYPE     ck_key_type;
+
+                rv = f->C_FindObjects(session, &obj, 1, &n);
+                if (rv != CKR_OK) {
+                        error("C_FindObjects failed: %lu", rv);
+                        goto fail;
+                }
+                if (n == 0)
+                        break;
+
+                memset(&ck_key_type, 0, sizeof(ck_key_type));
+                memset(&key_attr, 0, sizeof(key_attr));
+                key_attr[0].type = CKA_KEY_TYPE;
+                key_attr[0].pValue = &ck_key_type;
+                key_attr[0].ulValueLen = sizeof(ck_key_type);
+
+                rv = f->C_GetAttributeValue(session, obj, key_attr, 1);
+                if (rv != CKR_OK) {
                         error("C_GetAttributeValue failed: %lu", rv);
-                } else if (attribs[1].type == CKA_MODULUS ) {
-                        if ((rsa = RSA_new()) == NULL) {
-                                error("RSA_new failed");
-                        } else {
-                                BIGNUM *rsa_n, *rsa_e;
-
-                                rsa_n = BN_bin2bn(attribs[1].pValue,
-                                    attribs[1].ulValueLen, NULL);
-                                rsa_e = BN_bin2bn(attribs[2].pValue,
-                                    attribs[2].ulValueLen, NULL);
-                                if (rsa_n != NULL && rsa_e != NULL) {
-                                        if (!RSA_set0_key(rsa,
-                                            rsa_n, rsa_e, NULL))
-                                                fatal("%s: set key", __func__);
-                                        rsa_n = rsa_e = NULL; /* transferred */
-                                }
-                                BN_free(rsa_n);
-                                BN_free(rsa_e);
-                        }
-                } else {
-                        cp = attribs[2].pValue;
-                        if ((x509 = X509_new()) == NULL) {
-                                error("X509_new failed");
-                        } else if (d2i_X509(&x509, &cp, attribs[2].ulValueLen)
-                            == NULL) {
-                                error("d2i_X509 failed");
-                        } else if ((evp = X509_get_pubkey(x509)) == NULL ||
-                            EVP_PKEY_base_id(evp) != EVP_PKEY_RSA ||
-                            EVP_PKEY_get0_RSA(evp) == NULL) {
-                                debug("X509_get_pubkey failed or no rsa");
-                        } else if ((rsa = RSAPublicKey_dup(
-                            EVP_PKEY_get0_RSA(evp))) == NULL) {
-                                error("RSAPublicKey_dup");
-                        }
-                        X509_free(x509);
+                        goto fail;
                 }
-                if (rsa && have_rsa_key(rsa) &&
-                    pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) {
-                        if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
-                                fatal("sshkey_new failed");
-                        key->rsa = rsa;
-                        key->type = KEY_RSA;
-                        key->flags |= SSHKEY_FLAG_EXT;
-                        if (pkcs11_key_included(keysp, nkeys, key)) {
-                                sshkey_free(key);
-                        } else {
-                                /* expand key array and add key */
-                                *keysp = xrecallocarray(*keysp, *nkeys,
-                                    *nkeys + 1, sizeof(struct sshkey *));
-                                (*keysp)[*nkeys] = key;
-                                *nkeys = *nkeys + 1;
-                                debug("have %d keys", *nkeys);
-                        }
-                } else if (rsa) {
-                        RSA_free(rsa);
+
+                switch (ck_key_type) {
+                case CKK_RSA:
+                        key = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj);
+                        break;
+#ifdef HAVE_EC_KEY_METHOD_NEW
+                case CKK_ECDSA:
+                        key = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj);
+                        break;
+#endif /* HAVE_EC_KEY_METHOD_NEW */
+                default:
+                        /* XXX print key type? */
+                        key = NULL;
+                        error("skipping unsupported key type");
+                }
+
+                if (key == NULL) {
+                        error("failed to fetch key");
+                        continue;
+                }
+
+                if (pkcs11_key_included(keysp, nkeys, key)) {
+                        sshkey_free(key);
+                } else {
+                        /* expand key array and add key */
+                        *keysp = xrecallocarray(*keysp, *nkeys,
+                            *nkeys + 1, sizeof(struct sshkey *));
+                        (*keysp)[*nkeys] = key;
+                        *nkeys = *nkeys + 1;
+                        debug("have %d keys", *nkeys);
                 }
-                for (i = 0; i < 3; i++)
-                        free(attribs[i].pValue);
         }
-        if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK)
+
+        ret = 0;
+fail:
+        rv = f->C_FindObjectsFinal(session);
+        if (rv != CKR_OK) {
                 error("C_FindObjectsFinal failed: %lu", rv);
-        return (0);
+                ret = -1;
+        }
+
+        return (ret);
 }
 
-/* register a new provider, fails if provider already exists */
-int
-pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
+#ifdef WITH_PKCS11_KEYGEN
+#define FILL_ATTR(attr, idx, typ, val, len) \
+        { (attr[idx]).type=(typ); (attr[idx]).pValue=(val); (attr[idx]).ulValueLen=len; idx++; }
+
+static struct sshkey *
+pkcs11_rsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx,
+    char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err)
+{
+        struct pkcs11_slotinfo  *si;
+        char                    *plabel = label ? label : "";
+        int                      npub = 0, npriv = 0;
+        CK_RV                    rv;
+        CK_FUNCTION_LIST        *f;
+        CK_SESSION_HANDLE        session;
+        CK_BBOOL                 true_val = CK_TRUE, false_val = CK_FALSE;
+        CK_OBJECT_HANDLE         pubKey, privKey;
+        CK_ATTRIBUTE             tpub[16], tpriv[16];
+        CK_MECHANISM             mech = {
+            CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0
+        };
+        CK_BYTE                  pubExponent[] = {
+            0x01, 0x00, 0x01 /* RSA_F4 in bytes */
+        };
+        pubkey_filter[0].pValue = &pubkey_class;
+        cert_filter[0].pValue = &cert_class;
+
+        *err = 0;
+
+        FILL_ATTR(tpub, npub, CKA_TOKEN, &true_val, sizeof(true_val));
+        FILL_ATTR(tpub, npub, CKA_LABEL, plabel, strlen(plabel));
+        FILL_ATTR(tpub, npub, CKA_ENCRYPT, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_VERIFY, &true_val, sizeof(true_val));
+        FILL_ATTR(tpub, npub, CKA_VERIFY_RECOVER, &false_val,
+            sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_WRAP, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_DERIVE, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_MODULUS_BITS, &bits, sizeof(bits));
+        FILL_ATTR(tpub, npub, CKA_PUBLIC_EXPONENT, pubExponent,
+            sizeof(pubExponent));
+        FILL_ATTR(tpub, npub, CKA_ID, &keyid, sizeof(keyid));
+
+        FILL_ATTR(tpriv, npriv, CKA_TOKEN,  &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_LABEL,  plabel, strlen(plabel));
+        FILL_ATTR(tpriv, npriv, CKA_PRIVATE,  &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_SENSITIVE,  &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_DECRYPT,  &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_SIGN,  &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_SIGN_RECOVER,  &false_val,
+            sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_UNWRAP,  &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_DERIVE,  &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_ID, &keyid, sizeof(keyid));
+
+        f = p->function_list;
+        si = &p->slotinfo[slotidx];
+        session = si->session;
+
+        if ((rv = f->C_GenerateKeyPair(session, &mech, tpub, npub, tpriv, npriv,
+            &pubKey, &privKey)) != CKR_OK) {
+                error("%s: key generation failed: error 0x%lx", __func__, rv);
+                *err = rv;
+                return NULL;
+        }
+
+        return pkcs11_fetch_rsa_pubkey(p, slotidx, &pubKey);
+}
+
+static int
+pkcs11_decode_hex(const char *hex, unsigned char **dest, size_t *rlen)
+{
+        size_t  i, len;
+        char    ptr[3];
+
+        if (dest)
+                *dest = NULL;
+        if (rlen)
+                *rlen = 0;
+
+        if ((len = strlen(hex)) % 2)
+                return -1;
+        len /= 2;
+
+        *dest = xmalloc(len);
+
+        ptr[2] = '\0';
+        for (i = 0; i < len; i++) {
+                ptr[0] = hex[2 * i];
+                ptr[1] = hex[(2 * i) + 1];
+                if (!isxdigit(ptr[0]) || !isxdigit(ptr[1]))
+                        return -1;
+                (*dest)[i] = (unsigned char)strtoul(ptr, NULL, 16);
+        }
+
+        if (rlen)
+                *rlen = len;
+
+        return 0;
+}
+
+static struct ec_curve_info {
+        const char      *name;
+        const char      *oid;
+        const char      *oid_encoded;
+        size_t           size;
+} ec_curve_infos[] = {
+        {"prime256v1",  "1.2.840.10045.3.1.7",  "06082A8648CE3D030107", 256},
+        {"secp384r1",   "1.3.132.0.34",         "06052B81040022",       384},
+        {"secp521r1",   "1.3.132.0.35",         "06052B81040023",       521},
+        {NULL,          NULL,                   NULL,                   0},
+};
+
+static struct sshkey *
+pkcs11_ecdsa_generate_private_key(struct pkcs11_provider *p, CK_ULONG slotidx,
+    char *label, CK_ULONG bits, CK_BYTE keyid, u_int32_t *err)
+{
+        struct pkcs11_slotinfo  *si;
+        char                    *plabel = label ? label : "";
+        int                      i;
+        size_t                   ecparams_size;
+        unsigned char           *ecparams = NULL;
+        int                      npub = 0, npriv = 0;
+        CK_RV                    rv;
+        CK_FUNCTION_LIST        *f;
+        CK_SESSION_HANDLE        session;
+        CK_BBOOL                 true_val = CK_TRUE, false_val = CK_FALSE;
+        CK_OBJECT_HANDLE         pubKey, privKey;
+        CK_MECHANISM             mech = {
+            CKM_EC_KEY_PAIR_GEN, NULL_PTR, 0
+        };
+        CK_ATTRIBUTE             tpub[16], tpriv[16];
+
+        *err = 0;
+
+        for (i = 0; ec_curve_infos[i].name; i++) {
+                if (ec_curve_infos[i].size == bits)
+                        break;
+        }
+        if (!ec_curve_infos[i].name) {
+                error("%s: invalid key size %lu", __func__, bits);
+                return NULL;
+        }
+        if (pkcs11_decode_hex(ec_curve_infos[i].oid_encoded, &ecparams,
+            &ecparams_size) == -1) {
+                error("%s: invalid oid", __func__);
+                return NULL;
+        }
+
+        FILL_ATTR(tpub, npub, CKA_TOKEN, &true_val, sizeof(true_val));
+        FILL_ATTR(tpub, npub, CKA_LABEL, plabel, strlen(plabel));
+        FILL_ATTR(tpub, npub, CKA_ENCRYPT, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_VERIFY, &true_val, sizeof(true_val));
+        FILL_ATTR(tpub, npub, CKA_VERIFY_RECOVER, &false_val,
+            sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_WRAP, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_DERIVE, &false_val, sizeof(false_val));
+        FILL_ATTR(tpub, npub, CKA_EC_PARAMS, ecparams, ecparams_size);
+        FILL_ATTR(tpub, npub, CKA_ID, &keyid, sizeof(keyid));
+
+        FILL_ATTR(tpriv, npriv, CKA_TOKEN, &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_LABEL, plabel, strlen(plabel));
+        FILL_ATTR(tpriv, npriv, CKA_PRIVATE, &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_SENSITIVE, &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_DECRYPT, &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_SIGN, &true_val, sizeof(true_val));
+        FILL_ATTR(tpriv, npriv, CKA_SIGN_RECOVER, &false_val,
+            sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_UNWRAP, &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_DERIVE, &false_val, sizeof(false_val));
+        FILL_ATTR(tpriv, npriv, CKA_ID, &keyid, sizeof(keyid));
+
+        f = p->function_list;
+        si = &p->slotinfo[slotidx];
+        session = si->session;
+
+        if ((rv = f->C_GenerateKeyPair(session, &mech, tpub, npub, tpriv, npriv,
+            &pubKey, &privKey)) != CKR_OK) {
+                error("%s: key generation failed: error 0x%lx", __func__, rv);
+                *err = rv;
+                return NULL;
+        }
+
+        return pkcs11_fetch_ecdsa_pubkey(p, slotidx, &pubKey);
+}
+#endif /* WITH_PKCS11_KEYGEN */
+
+/*
+ * register a new provider, fails if provider already exists. if
+ * keyp is provided, fetch keys.
+ */
+static int
+pkcs11_register_provider(char *provider_id, char *pin, struct sshkey ***keyp,
+    struct pkcs11_provider **providerp, CK_ULONG user)
 {
         int nkeys, need_finalize = 0;
+        int ret = -1;
         struct pkcs11_provider *p = NULL;
         void *handle = NULL;
         CK_RV (*getfunctionlist)(CK_FUNCTION_LIST **);
@@ -601,13 +1461,19 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
         CK_TOKEN_INFO *token;
         CK_ULONG i;
 
-        *keyp = NULL;
+        if (providerp == NULL)
+                goto fail;
+        *providerp = NULL;
+
+        if (keyp != NULL)
+                *keyp = NULL;
+
         if (pkcs11_provider_lookup(provider_id) != NULL) {
                 debug("%s: provider already registered: %s",
                     __func__, provider_id);
                 goto fail;
         }
-        /* open shared pkcs11-libarary */
+        /* open shared pkcs11-library */
         if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) {
                 error("dlopen %s failed: %s", provider_id, dlerror());
                 goto fail;
@@ -653,8 +1519,9 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
                 goto fail;
         }
         if (p->nslots == 0) {
-                debug("%s: provider %s returned no slots", __func__,
+                error("%s: provider %s returned no slots", __func__,
                     provider_id);
+                ret = -SSH_PKCS11_ERR_NO_SLOTS;
                 goto fail;
         }
         p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID));
@@ -690,43 +1557,251 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
                     provider_id, (unsigned long)i,
                     token->label, token->manufacturerID, token->model,
                     token->serialNumber, token->flags);
-                /* open session, login with pin and retrieve public keys */
-                if (pkcs11_open_session(p, i, pin) == 0)
+                /*
+                 * open session, login with pin and retrieve public
+                 * keys (if keyp is provided)
+                 */
+                if ((ret = pkcs11_open_session(p, i, pin, user)) == 0) {
+                        if (keyp == NULL)
+                                continue;
                         pkcs11_fetch_keys(p, i, keyp, &nkeys);
+                        pkcs11_fetch_certs(p, i, keyp, &nkeys);
+                }
         }
-        if (nkeys > 0) {
-                TAILQ_INSERT_TAIL(&pkcs11_providers, p, next);
-                p->refcount++;  /* add to provider list */
-                return (nkeys);
-        }
-        debug("%s: provider %s returned no keys", __func__, provider_id);
-        /* don't add the provider, since it does not have any keys */
+
+        /* now owned by caller */
+        *providerp = p;
+
+        TAILQ_INSERT_TAIL(&pkcs11_providers, p, next);
+        p->refcount++;  /* add to provider list */
+
+        return (nkeys);
 fail:
         if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK)
                 error("C_Finalize for provider %s failed: %lu",
                     provider_id, rv);
         if (p) {
+                free(p->name);
                 free(p->slotlist);
                 free(p->slotinfo);
                 free(p);
         }
         if (handle)
                 dlclose(handle);
-        return (-1);
+        return (ret);
+}
+
+/*
+ * register a new provider and get number of keys hold by the token,
+ * fails if provider already exists
+ */
+int
+pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
+{
+        struct pkcs11_provider *p = NULL;
+        int nkeys;
+
+        nkeys = pkcs11_register_provider(provider_id, pin, keyp, &p, CKU_USER);
+
+        /* no keys found or some other error, de-register provider */
+        if (nkeys <= 0 && p != NULL) {
+                TAILQ_REMOVE(&pkcs11_providers, p, next);
+                pkcs11_provider_finalize(p);
+                pkcs11_provider_unref(p);
+        }
+        if (nkeys == 0)
+                debug("%s: provider %s returned no keys", __func__,
+                    provider_id);
+
+        return (nkeys);
 }
 
-#else
+#ifdef WITH_PKCS11_KEYGEN
+struct sshkey *
+pkcs11_gakp(char *provider_id, char *pin, unsigned int slotidx, char *label,
+    unsigned int type, unsigned int bits, unsigned char keyid, u_int32_t *err)
+{
+        struct pkcs11_provider  *p = NULL;
+        struct pkcs11_slotinfo  *si;
+        CK_FUNCTION_LIST        *f;
+        CK_SESSION_HANDLE        session;
+        struct sshkey           *k = NULL;
+        int                      ret = -1, reset_pin = 0, reset_provider = 0;
+        CK_RV                    rv;
+
+        *err = 0;
 
+        if ((p = pkcs11_provider_lookup(provider_id)) != NULL)
+                debug("%s: provider \"%s\" available", __func__, provider_id);
+        else if ((ret = pkcs11_register_provider(provider_id, pin, NULL, &p,
+            CKU_SO)) < 0) {
+                debug("%s: could not register provider %s", __func__,
+                    provider_id);
+                goto out;
+        } else
+                reset_provider = 1;
+
+        f = p->function_list;
+        si = &p->slotinfo[slotidx];
+        session = si->session;
+
+        if ((rv = f->C_SetOperationState(session , pin, strlen(pin),
+            CK_INVALID_HANDLE, CK_INVALID_HANDLE)) != CKR_OK) {
+                debug("%s: could not supply SO pin: %lu", __func__, rv);
+                reset_pin = 0;
+        } else
+                reset_pin = 1;
+
+        switch (type) {
+        case KEY_RSA:
+                if ((k = pkcs11_rsa_generate_private_key(p, slotidx, label,
+                    bits, keyid, err)) == NULL) {
+                        debug("%s: failed to generate RSA key", __func__);
+                        goto out;
+                }
+                break;
+        case KEY_ECDSA:
+                if ((k = pkcs11_ecdsa_generate_private_key(p, slotidx, label,
+                    bits, keyid, err)) == NULL) {
+                        debug("%s: failed to generate ECDSA key", __func__);
+                        goto out;
+                }
+                break;
+        default:
+                *err = SSH_PKCS11_ERR_GENERIC;
+                debug("%s: unknown type %d", __func__, type);
+                goto out;
+        }
+
+out:
+        if (reset_pin)
+                f->C_SetOperationState(session , NULL, 0, CK_INVALID_HANDLE,
+                    CK_INVALID_HANDLE);
+
+        if (reset_provider)
+                pkcs11_del_provider(provider_id);
+
+        return (k);
+}
+
+struct sshkey *
+pkcs11_destroy_keypair(char *provider_id, char *pin, unsigned long slotidx,
+    unsigned char keyid, u_int32_t *err)
+{
+        struct pkcs11_provider  *p = NULL;
+        struct pkcs11_slotinfo  *si;
+        struct sshkey           *k = NULL;
+        int                      reset_pin = 0, reset_provider = 0;
+        CK_ULONG                 nattrs;
+        CK_FUNCTION_LIST        *f;
+        CK_SESSION_HANDLE        session;
+        CK_ATTRIBUTE             attrs[16];
+        CK_OBJECT_CLASS          key_class;
+        CK_KEY_TYPE              key_type;
+        CK_OBJECT_HANDLE         obj = CK_INVALID_HANDLE;
+        CK_RV                    rv;
+
+        *err = 0;
+
+        if ((p = pkcs11_provider_lookup(provider_id)) != NULL) {
+                debug("%s: using provider \"%s\"", __func__, provider_id);
+        } else if (pkcs11_register_provider(provider_id, pin, NULL, &p,
+            CKU_SO) < 0) {
+                debug("%s: could not register provider %s", __func__,
+                    provider_id);
+                goto out;
+        } else
+                reset_provider = 1;
+
+        f = p->function_list;
+        si = &p->slotinfo[slotidx];
+        session = si->session;
+
+        if ((rv = f->C_SetOperationState(session , pin, strlen(pin),
+            CK_INVALID_HANDLE, CK_INVALID_HANDLE)) != CKR_OK) {
+                debug("%s: could not supply SO pin: %lu", __func__, rv);
+                reset_pin = 0;
+        } else
+                reset_pin = 1;
+
+        /* private key */
+        nattrs = 0;
+        key_class = CKO_PRIVATE_KEY;
+        FILL_ATTR(attrs, nattrs, CKA_CLASS, &key_class, sizeof(key_class));
+        FILL_ATTR(attrs, nattrs, CKA_ID, &keyid, sizeof(keyid));
+
+        if (pkcs11_find(p, slotidx, attrs, nattrs, &obj) == 0 &&
+            obj != CK_INVALID_HANDLE) {
+                if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) {
+                        debug("%s: could not destroy private key 0x%hhx",
+                            __func__, keyid);
+                        *err = rv;
+                        goto out;
+                }
+        }
+
+        /* public key */
+        nattrs = 0;
+        key_class = CKO_PUBLIC_KEY;
+        FILL_ATTR(attrs, nattrs, CKA_CLASS, &key_class, sizeof(key_class));
+        FILL_ATTR(attrs, nattrs, CKA_ID, &keyid, sizeof(keyid));
+
+        if (pkcs11_find(p, slotidx, attrs, nattrs, &obj) == 0 &&
+            obj != CK_INVALID_HANDLE) {
+
+                /* get key type */
+                nattrs = 0;
+                FILL_ATTR(attrs, nattrs, CKA_KEY_TYPE, &key_type,
+                    sizeof(key_type));
+                rv = f->C_GetAttributeValue(session, obj, attrs, nattrs);
+                if (rv != CKR_OK) {
+                        debug("%s: could not get key type of public key 0x%hhx",
+                            __func__, keyid);
+                        *err = rv;
+                        key_type = -1;
+                }
+                if (key_type == CKK_RSA)
+                        k = pkcs11_fetch_rsa_pubkey(p, slotidx, &obj);
+                else if (key_type == CKK_ECDSA)
+                        k = pkcs11_fetch_ecdsa_pubkey(p, slotidx, &obj);
+
+                if ((rv = f->C_DestroyObject(session, obj)) != CKR_OK) {
+                        debug("%s: could not destroy public key 0x%hhx",
+                            __func__, keyid);
+                        *err = rv;
+                        goto out;
+                }
+        }
+
+out:
+        if (reset_pin)
+                f->C_SetOperationState(session , NULL, 0, CK_INVALID_HANDLE,
+                    CK_INVALID_HANDLE);
+
+        if (reset_provider)
+                pkcs11_del_provider(provider_id);
+
+        return (k);
+}
+#endif /* WITH_PKCS11_KEYGEN */
+#else /* ENABLE_PKCS11 */
 int
 pkcs11_init(int interactive)
 {
-        return (0);
+        error("%s: dlopen() not supported", __func__);
+        return (-1);
+}
+
+int
+pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
+{
+        error("%s: dlopen() not supported", __func__);
+        return (-1);
 }
 
 void
 pkcs11_terminate(void)
 {
-        return;
+        error("%s: dlopen() not supported", __func__);
 }
-
 #endif /* ENABLE_PKCS11 */
diff --git a/ssh-pkcs11.h b/ssh-pkcs11.h
index 0ced74f29..b9038450d 100644
--- a/ssh-pkcs11.h
+++ b/ssh-pkcs11.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.h,v 1.4 2015/01/15 09:40:00 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.h,v 1.5 2019/01/20 22:51:37 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -14,10 +14,26 @@
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
+
+/* Errors for pkcs11_add_provider() */
+#define SSH_PKCS11_ERR_GENERIC                  1
+#define SSH_PKCS11_ERR_LOGIN_FAIL               2
+#define SSH_PKCS11_ERR_NO_SLOTS                 3
+#define SSH_PKCS11_ERR_PIN_REQUIRED             4
+#define SSH_PKCS11_ERR_PIN_LOCKED               5
+
 int     pkcs11_init(int);
 void    pkcs11_terminate(void);
 int     pkcs11_add_provider(char *, char *, struct sshkey ***);
 int     pkcs11_del_provider(char *);
+#ifdef WITH_PKCS11_KEYGEN
+struct sshkey *
+        pkcs11_gakp(char *, char *, unsigned int, char *, unsigned int,
+            unsigned int, unsigned char, u_int32_t *);
+struct sshkey *
+        pkcs11_destroy_keypair(char *, char *, unsigned long, unsigned char,
+            u_int32_t *);
+#endif
 
 #if !defined(WITH_OPENSSL) && defined(ENABLE_PKCS11)
 #undef ENABLE_PKCS11
diff --git a/ssh.0 b/ssh.0
index 2d8994ffc..f53bda666 100644
--- a/ssh.0
+++ b/ssh.0
@@ -130,7 +130,7 @@ DESCRIPTION
 
      -I pkcs11
              Specify the PKCS#11 shared library ssh should use to communicate
-             with a PKCS#11 token providing the user's private RSA key.
+             with a PKCS#11 token providing keys for user authentication.
 
      -i identity_file
              Selects a file from which the identity (private key) for public
@@ -150,6 +150,10 @@ DESCRIPTION
              TCP forwarding to the ultimate destination from there.  Multiple
              jump hops may be specified separated by comma characters.  This
              is a shortcut to specify a ProxyJump configuration directive.
+             Note that configuration directives supplied on the command-line
+             generally apply to the destination host and not any specified
+             jump hosts.  Use ~/.ssh/config to specify configuration for jump
+             hosts.
 
      -K      Enables GSSAPI-based authentication and forwarding (delegation)
              of GSSAPI credentials to the server.
@@ -594,36 +598,30 @@ ESCAPE CHARACTERS
              to stderr.
 
 TCP FORWARDING
-     Forwarding of arbitrary TCP connections over the secure channel can be
+     Forwarding of arbitrary TCP connections over a secure channel can be
      specified either on the command line or in a configuration file.  One
      possible application of TCP forwarding is a secure connection to a mail
      server; another is going through firewalls.
 
-     In the example below, we look at encrypting communication between an IRC
-     client and server, even though the IRC server does not directly support
-     encrypted communications.  This works as follows: the user connects to
-     the remote host using ssh, specifying a port to be used to forward
-     connections to the remote server.  After that it is possible to start the
-     service which is to be encrypted on the client machine, connecting to the
-     same local port, and ssh will encrypt and forward the connection.
+     In the example below, we look at encrypting communication for an IRC
+     client, even though the IRC server it connects to does not directly
+     support encrypted communication.  This works as follows: the user
+     connects to the remote host using ssh, specifying the ports to be used to
+     forward the connection.  After that it is possible to start the program
+     locally, and ssh will encrypt and forward the connection to the remote
+     server.
 
-     The following example tunnels an IRC session from client machine
-     M-bM-^@M-^\127.0.0.1M-bM-^@M-^] (localhost) to remote server M-bM-^@M-^\server.example.comM-bM-^@M-^]:
+     The following example tunnels an IRC session from the client to an IRC
+     server at M-bM-^@M-^\server.example.comM-bM-^@M-^], joining channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname
+     M-bM-^@M-^\pinkyM-bM-^@M-^], using the standard IRC port, 6667:
 
-         $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
-         $ irc -c '#users' -p 1234 pinky 127.0.0.1
-
-     This tunnels a connection to IRC server M-bM-^@M-^\server.example.comM-bM-^@M-^], joining
-     channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname M-bM-^@M-^\pinkyM-bM-^@M-^], using port 1234.  It doesn't matter
-     which port is used, as long as it's greater than 1023 (remember, only
-     root can open sockets on privileged ports) and doesn't conflict with any
-     ports already in use.  The connection is forwarded to port 6667 on the
-     remote server, since that's the standard port for IRC services.
+         $ ssh -f -L 6667:localhost:6667 server.example.com sleep 10
+         $ irc -c '#users' pinky IRC/127.0.0.1
 
      The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is
      specified to allow an amount of time (10 seconds, in the example) to
-     start the service which is to be tunnelled.  If no connections are made
-     within the time specified, ssh will exit.
+     start the program which is going to use the tunnel.  If no connections
+     are made within the time specified, ssh will exit.
 
 X11 FORWARDING
      If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the
@@ -979,4 +977,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.4                   September 20, 2018                   OpenBSD 6.4
+OpenBSD 6.5                     March 16, 2019                     OpenBSD 6.5
diff --git a/ssh.1 b/ssh.1
index 1bcc8edab..4e298cb56 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.399 2018/09/20 06:58:48 jmc Exp $
-.Dd $Mdocdate: September 20 2018 $
+.\" $OpenBSD: ssh.1,v 1.402 2019/03/16 19:14:21 jmc Exp $
+.Dd $Mdocdate: March 16 2019 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -270,8 +270,8 @@ on the master process.
 .It Fl I Ar pkcs11
 Specify the PKCS#11 shared library
 .Nm
-should use to communicate with a PKCS#11 token providing the user's
-private RSA key.
+should use to communicate with a PKCS#11 token providing keys for user
+authentication.
 .Pp
 .It Fl i Ar identity_file
 Selects a file from which the identity (private key) for
@@ -308,6 +308,11 @@ Multiple jump hops may be specified separated by comma characters.
 This is a shortcut to specify a
 .Cm ProxyJump
 configuration directive.
+Note that configuration directives supplied on the command-line generally
+apply to the destination host and not any specified jump hosts.
+Use
+.Pa ~/.ssh/config
+to specify configuration for jump hosts.
 .Pp
 .It Fl K
 Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI
@@ -492,7 +497,13 @@ For full details of the options listed below, and their possible values, see
 .It GatewayPorts
 .It GlobalKnownHostsFile
 .It GSSAPIAuthentication
+.It GSSAPIKeyExchange
+.It GSSAPIClientIdentity
 .It GSSAPIDelegateCredentials
+.It GSSAPIKexAlgorithms
+.It GSSAPIRenewalForcesRekey
+.It GSSAPIServerIdentity
+.It GSSAPITrustDns
 .It HashKnownHosts
 .It Host
 .It HostbasedAuthentication
@@ -568,6 +579,8 @@ flag),
 (supported message integrity codes),
 .Ar kex
 (key exchange algorithms),
+.Ar kex-gss
+(GSSAPI key exchange algorithms),
 .Ar key
 (key types),
 .Ar key-cert
@@ -1110,49 +1123,35 @@ Increase the verbosity
 when errors are being written to stderr.
 .El
 .Sh TCP FORWARDING
-Forwarding of arbitrary TCP connections over the secure channel can
-be specified either on the command line or in a configuration file.
+Forwarding of arbitrary TCP connections over a secure channel
+can be specified either on the command line or in a configuration file.
 One possible application of TCP forwarding is a secure connection to a
 mail server; another is going through firewalls.
 .Pp
-In the example below, we look at encrypting communication between
-an IRC client and server, even though the IRC server does not directly
-support encrypted communications.
+In the example below, we look at encrypting communication for an IRC client,
+even though the IRC server it connects to does not directly
+support encrypted communication.
 This works as follows:
 the user connects to the remote host using
 .Nm ,
-specifying a port to be used to forward connections
-to the remote server.
-After that it is possible to start the service which is to be encrypted
-on the client machine,
-connecting to the same local port,
+specifying the ports to be used to forward the connection.
+After that it is possible to start the program locally,
 and
 .Nm
-will encrypt and forward the connection.
+will encrypt and forward the connection to the remote server.
 .Pp
-The following example tunnels an IRC session from client machine
-.Dq 127.0.0.1
-(localhost)
-to remote server
-.Dq server.example.com :
-.Bd -literal -offset 4n
-$ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
-$ irc -c '#users' -p 1234 pinky 127.0.0.1
-.Ed
-.Pp
-This tunnels a connection to IRC server
+The following example tunnels an IRC session from the client
+to an IRC server at
 .Dq server.example.com ,
 joining channel
 .Dq #users ,
 nickname
 .Dq pinky ,
-using port 1234.
-It doesn't matter which port is used,
-as long as it's greater than 1023
-(remember, only root can open sockets on privileged ports)
-and doesn't conflict with any ports already in use.
-The connection is forwarded to port 6667 on the remote server,
-since that's the standard port for IRC services.
+using the standard IRC port, 6667:
+.Bd -literal -offset 4n
+$ ssh -f -L 6667:localhost:6667 server.example.com sleep 10
+$ irc -c '#users' pinky IRC/127.0.0.1
+.Ed
 .Pp
 The
 .Fl f
@@ -1162,7 +1161,7 @@ and the remote command
 .Dq sleep 10
 is specified to allow an amount of time
 (10 seconds, in the example)
-to start the service which is to be tunnelled.
+to start the program which is going to use the tunnel.
 If no connections are made within the time specified,
 .Nm
 will exit.
diff --git a/ssh.c b/ssh.c
index 3140fed4c..86f143341 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.494 2018/10/03 06:38:35 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.500 2019/01/19 21:43:56 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -527,7 +527,8 @@ check_load(int r, const char *path, const char *message)
  * file if the user specifies a config file on the command line.
  */
 static void
-process_config_files(const char *host_name, struct passwd *pw, int post_canon)
+process_config_files(const char *host_name, struct passwd *pw, int final_pass,
+    int *want_final_pass)
 {
         char buf[PATH_MAX];
         int r;
@@ -535,7 +536,8 @@ process_config_files(const char *host_name, struct passwd *pw, int post_canon)
         if (config != NULL) {
                 if (strcasecmp(config, "none") != 0 &&
                     !read_config_file(config, pw, host, host_name, &options,
-                    SSHCONF_USERCONF | (post_canon ? SSHCONF_POSTCANON : 0)))
+                    SSHCONF_USERCONF | (final_pass ? SSHCONF_FINAL : 0),
+                    want_final_pass))
                         fatal("Can't open user config file %.100s: "
                             "%.100s", config, strerror(errno));
         } else {
@@ -544,12 +546,12 @@ process_config_files(const char *host_name, struct passwd *pw, int post_canon)
                 if (r > 0 && (size_t)r < sizeof(buf))
                         (void)read_config_file(buf, pw, host, host_name,
                             &options, SSHCONF_CHECKPERM | SSHCONF_USERCONF |
-                            (post_canon ? SSHCONF_POSTCANON : 0));
+                            (final_pass ? SSHCONF_FINAL : 0), want_final_pass);
 
                 /* Read systemwide configuration file after user config. */
                 (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw,
                     host, host_name, &options,
-                    post_canon ? SSHCONF_POSTCANON : 0);
+                    final_pass ? SSHCONF_FINAL : 0, want_final_pass);
         }
 }
 
@@ -581,7 +583,7 @@ main(int ac, char **av)
 {
         struct ssh *ssh = NULL;
         int i, r, opt, exit_status, use_syslog, direct, timeout_ms;
-        int was_addr, config_test = 0, opt_terminated = 0;
+        int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0;
         char *p, *cp, *line, *argv0, buf[PATH_MAX], *logfile;
         char cname[NI_MAXHOST];
         struct stat st;
@@ -610,6 +612,8 @@ main(int ac, char **av)
         av = saved_av;
 #endif
 
+        seed_rng();
+
         /*
          * Discard other fds that are hanging around. These can cause problem
          * with backgrounded ssh processes started by ControlPersist.
@@ -647,7 +651,6 @@ main(int ac, char **av)
         if ((ssh = ssh_alloc_session_state()) == NULL)
                 fatal("Couldn't allocate session state");
         channel_init_channels(ssh);
-        active_state = ssh; /* XXX legacy API compat */
 
         /* Parse command-line arguments. */
         host = NULL;
@@ -733,6 +736,8 @@ main(int ac, char **av)
                                 cp = mac_alg_list('\n');
                         else if (strcmp(optarg, "kex") == 0)
                                 cp = kex_alg_list('\n');
+                        else if (strcmp(optarg, "kex-gss") == 0)
+                                cp = kex_gss_alg_list('\n');
                         else if (strcmp(optarg, "key") == 0)
                                 cp = sshkey_alg_list(0, 0, 0, '\n');
                         else if (strcmp(optarg, "key-cert") == 0)
@@ -745,7 +750,7 @@ main(int ac, char **av)
                                 cp = xstrdup("2");
                         else if (strcmp(optarg, "help") == 0) {
                                 cp = xstrdup(
-                                    "cipher\ncipher-auth\nkex\nkey\n"
+                                    "cipher\ncipher-auth\nkex\nkex-gss\nkey\n"
                                     "key-cert\nkey-plain\nmac\n"
                                     "protocol-version\nsig");
                         }
@@ -816,7 +821,7 @@ main(int ac, char **av)
                         fprintf(stderr, "%s, %s\n",
                             SSH_RELEASE,
 #ifdef WITH_OPENSSL
-                            SSLeay_version(SSLEAY_VERSION)
+                            OpenSSL_version(OPENSSL_VERSION)
 #else
                             "without OpenSSL"
 #endif
@@ -1036,11 +1041,6 @@ main(int ac, char **av)
 
         host_arg = xstrdup(host);
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-        ERR_load_crypto_strings();
-#endif
-
         /* Initialize the command to execute on remote host. */
         if ((command = sshbuf_new()) == NULL)
                 fatal("sshbuf_new failed");
@@ -1085,14 +1085,16 @@ main(int ac, char **av)
         if (debug_flag)
                 logit("%s, %s", SSH_RELEASE,
 #ifdef WITH_OPENSSL
-                    SSLeay_version(SSLEAY_VERSION)
+                    OpenSSL_version(OPENSSL_VERSION)
 #else
                     "without OpenSSL"
 #endif
                 );
 
         /* Parse the configuration files */
-        process_config_files(host_arg, pw, 0);
+        process_config_files(host_arg, pw, 0, &want_final_pass);
+        if (want_final_pass)
+                debug("configuration requests final Match pass");
 
         /* Hostname canonicalisation needs a few options filled. */
         fill_default_options_for_canonicalization(&options);
@@ -1149,12 +1151,17 @@ main(int ac, char **av)
          * If canonicalisation is enabled then re-parse the configuration
          * files as new stanzas may match.
          */
-        if (options.canonicalize_hostname != 0) {
-                debug("Re-reading configuration after hostname "
-                    "canonicalisation");
+        if (options.canonicalize_hostname != 0 && !want_final_pass) {
+                debug("hostname canonicalisation enabled, "
+                    "will re-parse configuration");
+                want_final_pass = 1;
+        }
+
+        if (want_final_pass) {
+                debug("re-parsing configuration");
                 free(options.hostname);
                 options.hostname = xstrdup(host);
-                process_config_files(host_arg, pw, 1);
+                process_config_files(host_arg, pw, 1, NULL);
                 /*
                  * Address resolution happens early with canonicalisation
                  * enabled and the port number may have changed since, so
@@ -1264,8 +1271,6 @@ main(int ac, char **av)
                 tty_flag = 0;
         }
 
-        seed_rng();
-
         if (options.user == NULL)
                 options.user = xstrdup(pw->pw_name);
 
@@ -1344,7 +1349,7 @@ main(int ac, char **av)
                 int sock;
                 if ((sock = muxclient(options.control_path)) >= 0) {
                         ssh_packet_set_connection(ssh, sock, sock);
-                        packet_set_mux();
+                        ssh_packet_set_mux(ssh);
                         goto skip_connect;
                 }
         }
@@ -1371,11 +1376,9 @@ main(int ac, char **av)
         if (addrs != NULL)
                 freeaddrinfo(addrs);
 
-        packet_set_timeout(options.server_alive_interval,
+        ssh_packet_set_timeout(ssh, options.server_alive_interval,
             options.server_alive_count_max);
 
-        ssh = active_state; /* XXX */
-
         if (timeout_ms > 0)
                 debug3("timeout: %d ms remain after connect", timeout_ms);
 
@@ -1486,10 +1489,10 @@ main(int ac, char **av)
         signal(SIGCHLD, main_sigchld_handler);
 
         /* Log into the remote system.  Never returns if the login fails. */
-        ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
+        ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr,
             options.port, pw, timeout_ms);
 
-        if (packet_connection_is_on_socket()) {
+        if (ssh_packet_connection_is_on_socket(ssh)) {
                 verbose("Authenticated to %s ([%s]:%d).", host,
                     ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
         } else {
@@ -1523,7 +1526,7 @@ main(int ac, char **av)
 
  skip_connect:
         exit_status = ssh_session2(ssh, pw);
-        packet_close();
+        ssh_packet_close(ssh);
 
         if (options.control_path != NULL && muxserver_sock != -1)
                 unlink(options.control_path);
@@ -1598,6 +1601,8 @@ static void
 ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
 {
         struct Forward *rfwd = (struct Forward *)ctxt;
+        u_int port;
+        int r;
 
         /* XXX verbose() on failure? */
         debug("remote forward %s for: listen %s%s%d, connect %s:%d",
@@ -1609,12 +1614,25 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
             rfwd->connect_host, rfwd->connect_port);
         if (rfwd->listen_path == NULL && rfwd->listen_port == 0) {
                 if (type == SSH2_MSG_REQUEST_SUCCESS) {
-                        rfwd->allocated_port = packet_get_int();
-                        logit("Allocated port %u for remote forward to %s:%d",
-                            rfwd->allocated_port,
-                            rfwd->connect_host, rfwd->connect_port);
-                        channel_update_permission(ssh,
-                            rfwd->handle, rfwd->allocated_port);
+                        if ((r = sshpkt_get_u32(ssh, &port)) != 0)
+                                fatal("%s: %s", __func__, ssh_err(r));
+                        if (port > 65535) {
+                                error("Invalid allocated port %u for remote "
+                                    "forward to %s:%d", port,
+                                    rfwd->connect_host, rfwd->connect_port);
+                                /* Ensure failure processing runs below */
+                                type = SSH2_MSG_REQUEST_FAILURE;
+                                channel_update_permission(ssh,
+                                    rfwd->handle, -1);
+                        } else {
+                                rfwd->allocated_port = (int)port;
+                                logit("Allocated port %u for remote "
+                                    "forward to %s:%d",
+                                    rfwd->allocated_port, rfwd->connect_host,
+                                    rfwd->connect_port);
+                                channel_update_permission(ssh,
+                                    rfwd->handle, rfwd->allocated_port);
+                        }
                 } else {
                         channel_update_permission(ssh, rfwd->handle, -1);
                 }
@@ -1771,7 +1789,7 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg)
 {
         extern char **environ;
         const char *display;
-        int interactive = tty_flag;
+        int r, interactive = tty_flag;
         char *proto = NULL, *data = NULL;
 
         if (!success)
@@ -1797,11 +1815,12 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg)
         if (options.forward_agent) {
                 debug("Requesting authentication agent forwarding.");
                 channel_request_start(ssh, id, "auth-agent-req@openssh.com", 0);
-                packet_send();
+                if ((r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: %s", __func__, ssh_err(r));
         }
 
         /* Tell the packet module whether this is an interactive session. */
-        packet_set_interactive(interactive,
+        ssh_packet_set_interactive(ssh, interactive,
             options.ip_qos_interactive, options.ip_qos_bulk);
 
         client_session2_setup(ssh, id, tty_flag, subsystem_flag, getenv("TERM"),
@@ -1858,7 +1877,7 @@ ssh_session2_open(struct ssh *ssh)
 static int
 ssh_session2(struct ssh *ssh, struct passwd *pw)
 {
-        int devnull, id = -1;
+        int r, devnull, id = -1;
         char *cp, *tun_fwd_ifname = NULL;
 
         /* XXX should be pre-session */
@@ -1888,7 +1907,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
         }
 
         /* Start listening for multiplex clients */
-        if (!packet_get_mux())
+        if (!ssh_packet_get_mux(ssh))
                 muxserver_listen(ssh);
 
         /*
@@ -1922,7 +1941,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
         if (!no_shell_flag)
                 id = ssh_session2_open(ssh);
         else {
-                packet_set_interactive(
+                ssh_packet_set_interactive(ssh,
                     options.control_master == SSHCTL_MASTER_NO,
                     options.ip_qos_interactive, options.ip_qos_bulk);
         }
@@ -1931,10 +1950,12 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
         if (options.control_master == SSHCTL_MASTER_NO &&
             (datafellows & SSH_NEW_OPENSSH)) {
                 debug("Requesting no-more-sessions@openssh.com");
-                packet_start(SSH2_MSG_GLOBAL_REQUEST);
-                packet_put_cstring("no-more-sessions@openssh.com");
-                packet_put_char(0);
-                packet_send();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
+                    (r = sshpkt_put_cstring(ssh,
+                    "no-more-sessions@openssh.com")) != 0 ||
+                    (r = sshpkt_put_u8(ssh, 0)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: %s", __func__, ssh_err(r));
         }
 
         /* Execute a local command */
diff --git a/ssh.h b/ssh.h
index 5abfd7a68..dda6f617e 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.h,v 1.88 2018/06/06 18:29:18 markus Exp $ */
+/* $OpenBSD: ssh.h,v 1.89 2018/12/27 03:25:25 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -93,3 +93,7 @@
 
 /* Listen backlog for sshd, ssh-agent and forwarding sockets */
 #define SSH_LISTEN_BACKLOG              128
+
+/* Limits for banner exchange */
+#define SSH_MAX_BANNER_LEN              8192
+#define SSH_MAX_PRE_BANNER_LINES        1024
diff --git a/ssh_api.c b/ssh_api.c
index c84b4e713..57509973b 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh_api.c,v 1.8 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: ssh_api.c,v 1.15 2019/01/21 10:38:54 djm Exp $ */
 /*
  * Copyright (c) 2012 Markus Friedl.  All rights reserved.
  *
@@ -29,17 +29,19 @@
 #include "ssherr.h"
 #include "sshbuf.h"
 
+#include "openbsd-compat/openssl-compat.h"
+
 #include <string.h>
 
 int     _ssh_exchange_banner(struct ssh *);
-int     _ssh_send_banner(struct ssh *, char **);
-int     _ssh_read_banner(struct ssh *, char **);
+int     _ssh_send_banner(struct ssh *, struct sshbuf *);
+int     _ssh_read_banner(struct ssh *, struct sshbuf *);
 int     _ssh_order_hostkeyalgs(struct ssh *);
 int     _ssh_verify_host_key(struct sshkey *, struct ssh *);
 struct sshkey *_ssh_host_public_key(int, int, struct ssh *);
 struct sshkey *_ssh_host_private_key(int, int, struct ssh *);
-int     _ssh_host_key_sign(struct sshkey *, struct sshkey *,
-    u_char **, size_t *, const u_char *, size_t, const char *, u_int);
+int     _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *,
+    u_char **, size_t *, const u_char *, size_t, const char *);
 
 /*
  * stubs for the server side implementation of kex.
@@ -79,9 +81,7 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
         int r;
 
         if (!called) {
-#ifdef WITH_OPENSSL
-                OpenSSL_add_all_algorithms();
-#endif /* WITH_OPENSSL */
+                seed_rng();
                 called = 1;
         }
 
@@ -92,42 +92,44 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 
         /* Initialize key exchange */
         proposal = kex_params ? kex_params->proposal : myproposal;
-        if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0) {
+        if ((r = kex_ready(ssh, proposal)) != 0) {
                 ssh_free(ssh);
                 return r;
         }
         ssh->kex->server = is_server;
         if (is_server) {
 #ifdef WITH_OPENSSL
-                ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-                ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
-                ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
-                ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
-                ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
+                ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+                ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
+                ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
+                ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
+                ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
                 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
                 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 # ifdef OPENSSL_HAS_ECC
-                ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+                ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
 #endif /* WITH_OPENSSL */
-                ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+                ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
+                ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
                 ssh->kex->load_host_public_key=&_ssh_host_public_key;
                 ssh->kex->load_host_private_key=&_ssh_host_private_key;
                 ssh->kex->sign=&_ssh_host_key_sign;
         } else {
 #ifdef WITH_OPENSSL
-                ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
-                ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
-                ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
-                ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client;
-                ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client;
+                ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client;
+                ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client;
+                ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client;
+                ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client;
+                ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client;
                 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
                 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
 # ifdef OPENSSL_HAS_ECC
-                ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+                ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
 # endif
 #endif /* WITH_OPENSSL */
-                ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
+                ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
+                ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client;
                 ssh->kex->verify_host_key =&_ssh_verify_host_key;
         }
         *sshp = ssh;
@@ -236,8 +238,8 @@ ssh_packet_next(struct ssh *ssh, u_char *typep)
          * enough data.
          */
         *typep = SSH_MSG_NONE;
-        if (ssh->kex->client_version_string == NULL ||
-            ssh->kex->server_version_string == NULL)
+        if (sshbuf_len(ssh->kex->client_version) == 0 ||
+            sshbuf_len(ssh->kex->server_version) == 0)
                 return _ssh_exchange_banner(ssh);
         /*
          * If we enough data and a dispatch function then
@@ -312,39 +314,46 @@ ssh_input_space(struct ssh *ssh, size_t len)
 
 /* Read other side's version identification. */
 int
-_ssh_read_banner(struct ssh *ssh, char **bannerp)
+_ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
 {
-        struct sshbuf *input;
-        const char *s;
-        char buf[256], remote_version[256];     /* must be same size! */
+        struct sshbuf *input = ssh_packet_get_input(ssh);
         const char *mismatch = "Protocol mismatch.\r\n";
-        int r, remote_major, remote_minor;
-        size_t i, n, j, len;
+        const u_char *s = sshbuf_ptr(input);
+        u_char c;
+        char *cp, *remote_version;
+        int r, remote_major, remote_minor, expect_nl;
+        size_t n, j;
 
-        *bannerp = NULL;
-        input = ssh_packet_get_input(ssh);
-        len = sshbuf_len(input);
-        s = (const char *)sshbuf_ptr(input);
         for (j = n = 0;;) {
-                for (i = 0; i < sizeof(buf) - 1; i++) {
-                        if (j >= len)
-                                return (0);
-                        buf[i] = s[j++];
-                        if (buf[i] == '\r') {
-                                buf[i] = '\n';
-                                buf[i + 1] = 0;
-                                continue;               /**XXX wait for \n */
+                sshbuf_reset(banner);
+                expect_nl = 0;
+                for (;;) {
+                        if (j >= sshbuf_len(input))
+                                return 0; /* insufficient data in input buf */
+                        c = s[j++];
+                        if (c == '\r') {
+                                expect_nl = 1;
+                                continue;
                         }
-                        if (buf[i] == '\n') {
-                                buf[i + 1] = 0;
+                        if (c == '\n')
                                 break;
-                        }
+                        if (expect_nl)
+                                goto bad;
+                        if ((r = sshbuf_put_u8(banner, c)) != 0)
+                                return r;
+                        if (sshbuf_len(banner) > SSH_MAX_BANNER_LEN)
+                                goto bad;
                 }
-                buf[sizeof(buf) - 1] = 0;
-                if (strncmp(buf, "SSH-", 4) == 0)
+                if (sshbuf_len(banner) >= 4 &&
+                    memcmp(sshbuf_ptr(banner), "SSH-", 4) == 0)
                         break;
-                debug("ssh_exchange_identification: %s", buf);
-                if (ssh->kex->server || ++n > 65536) {
+                if ((cp = sshbuf_dup_string(banner)) == NULL)
+                        return SSH_ERR_ALLOC_FAIL;
+                debug("%s: %s", __func__, cp);
+                free(cp);
+                /* Accept lines before banner only on client */
+                if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) {
+  bad:
                         if ((r = sshbuf_put(ssh_packet_get_output(ssh),
                            mismatch, strlen(mismatch))) != 0)
                                 return r;
@@ -354,11 +363,17 @@ _ssh_read_banner(struct ssh *ssh, char **bannerp)
         if ((r = sshbuf_consume(input, j)) != 0)
                 return r;
 
+        if ((cp = sshbuf_dup_string(banner)) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        /* XXX remote version must be the same size as banner for sscanf */
+        if ((remote_version = calloc(1, sshbuf_len(banner))) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+
         /*
          * Check that the versions match.  In future this might accept
          * several versions and set appropriate flags to handle them.
          */
-        if (sscanf(buf, "SSH-%d.%d-%[^\n]\n",
+        if (sscanf(cp, "SSH-%d.%d-%[^\n]\n",
             &remote_major, &remote_minor, remote_version) != 3)
                 return SSH_ERR_INVALID_FORMAT;
         debug("Remote protocol version %d.%d, remote software version %.100s",
@@ -371,27 +386,29 @@ _ssh_read_banner(struct ssh *ssh, char **bannerp)
         }
         if (remote_major != 2)
                 return SSH_ERR_PROTOCOL_MISMATCH;
-        chop(buf);
-        debug("Remote version string %.100s", buf);
-        if ((*bannerp = strdup(buf)) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
+        debug("Remote version string %.100s", cp);
+        free(cp);
         return 0;
 }
 
 /* Send our own protocol version identification. */
 int
-_ssh_send_banner(struct ssh *ssh, char **bannerp)
+_ssh_send_banner(struct ssh *ssh, struct sshbuf *banner)
 {
-        char buf[256];
+        char *cp;
         int r;
 
-        snprintf(buf, sizeof buf, "SSH-2.0-%.100s\r\n", SSH_VERSION);
-        if ((r = sshbuf_put(ssh_packet_get_output(ssh), buf, strlen(buf))) != 0)
+        if ((r = sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_VERSION)) != 0)
+                return r;
+        if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0)
+                return r;
+        /* Remove trailing \r\n */
+        if ((r = sshbuf_consume_end(banner, 2)) != 0)
                 return r;
-        chop(buf);
-        debug("Local version string %.100s", buf);
-        if ((*bannerp = strdup(buf)) == NULL)
+        if ((cp = sshbuf_dup_string(banner)) == NULL)
                 return SSH_ERR_ALLOC_FAIL;
+        debug("Local version string %.100s", cp);
+        free(cp);
         return 0;
 }
 
@@ -408,25 +425,25 @@ _ssh_exchange_banner(struct ssh *ssh)
 
         r = 0;
         if (kex->server) {
-                if (kex->server_version_string == NULL)
-                        r = _ssh_send_banner(ssh, &kex->server_version_string);
+                if (sshbuf_len(ssh->kex->server_version) == 0)
+                        r = _ssh_send_banner(ssh, ssh->kex->server_version);
                 if (r == 0 &&
-                    kex->server_version_string != NULL &&
-                    kex->client_version_string == NULL)
-                        r = _ssh_read_banner(ssh, &kex->client_version_string);
+                    sshbuf_len(ssh->kex->server_version) != 0 &&
+                    sshbuf_len(ssh->kex->client_version) == 0)
+                        r = _ssh_read_banner(ssh, ssh->kex->client_version);
         } else {
-                if (kex->server_version_string == NULL)
-                        r = _ssh_read_banner(ssh, &kex->server_version_string);
+                if (sshbuf_len(ssh->kex->server_version) == 0)
+                        r = _ssh_read_banner(ssh, ssh->kex->server_version);
                 if (r == 0 &&
-                    kex->server_version_string != NULL &&
-                    kex->client_version_string == NULL)
-                        r = _ssh_send_banner(ssh, &kex->client_version_string);
+                    sshbuf_len(ssh->kex->server_version) != 0 &&
+                    sshbuf_len(ssh->kex->client_version) == 0)
+                        r = _ssh_send_banner(ssh, ssh->kex->client_version);
         }
         if (r != 0)
                 return r;
         /* start initial kex as soon as we have exchanged the banners */
-        if (kex->server_version_string != NULL &&
-            kex->client_version_string != NULL) {
+        if (sshbuf_len(ssh->kex->server_version) != 0 &&
+            sshbuf_len(ssh->kex->client_version) != 0) {
                 if ((r = _ssh_order_hostkeyalgs(ssh)) != 0 ||
                     (r = kex_send_kexinit(ssh)) != 0)
                         return r;
@@ -532,9 +549,10 @@ _ssh_order_hostkeyalgs(struct ssh *ssh)
 }
 
 int
-_ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey,
-    u_char **signature, size_t *slen, const u_char *data, size_t dlen,
-    const char *alg, u_int compat)
+_ssh_host_key_sign(struct ssh *ssh, struct sshkey *privkey,
+    struct sshkey *pubkey, u_char **signature, size_t *slen,
+    const u_char *data, size_t dlen, const char *alg)
 {
-        return sshkey_sign(privkey, signature, slen, data, dlen, alg, compat);
+        return sshkey_sign(privkey, signature, slen, data, dlen,
+            alg, ssh->compat);
 }
diff --git a/ssh_config b/ssh_config
index 1b676fb2c..6dd6ecf87 100644
--- a/ssh_config
+++ b/ssh_config
@@ -1,4 +1,4 @@
-#       $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $
+#       $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $
 
 # This is the ssh client system-wide configuration file.  See
 # ssh_config(5) for more information.  This file provides defaults for
@@ -37,7 +37,6 @@ Host *
 #   IdentityFile ~/.ssh/id_ecdsa
 #   IdentityFile ~/.ssh/id_ed25519
 #   Port 22
-#   Protocol 2
 #   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
 #   MACs hmac-md5,hmac-sha1,umac-64@openssh.com
 #   EscapeChar ~
diff --git a/ssh_config.0 b/ssh_config.0
index eb7f929e6..10f1c2e9d 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -54,22 +54,28 @@ DESCRIPTION
              Match keyword) to be used only when the conditions following the
              Match keyword are satisfied.  Match conditions are specified
              using one or more criteria or the single token all which always
-             matches.  The available criteria keywords are: canonical, exec,
-             host, originalhost, user, and localuser.  The all criteria must
-             appear alone or immediately after canonical.  Other criteria may
-             be combined arbitrarily.  All criteria but all and canonical
-             require an argument.  Criteria may be negated by prepending an
-             exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y).
+             matches.  The available criteria keywords are: canonical, final,
+             exec, host, originalhost, user, and localuser.  The all criteria
+             must appear alone or immediately after canonical or final.  Other
+             criteria may be combined arbitrarily.  All criteria but all,
+             canonical, and final require an argument.  Criteria may be
+             negated by prepending an exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y).
 
              The canonical keyword matches only when the configuration file is
              being re-parsed after hostname canonicalization (see the
-             CanonicalizeHostname option.)  This may be useful to specify
-             conditions that work with canonical host names only.  The exec
-             keyword executes the specified command under the user's shell.
-             If the command returns a zero exit status then the condition is
-             considered true.  Commands containing whitespace characters must
-             be quoted.  Arguments to exec accept the tokens described in the
-             TOKENS section.
+             CanonicalizeHostname option).  This may be useful to specify
+             conditions that work with canonical host names only.
+
+             The final keyword requests that the configuration be re-parsed
+             (regardless of whether CanonicalizeHostname is enabled), and
+             matches only during this final pass.  If CanonicalizeHostname is
+             enabled, then canonical and final match during the same pass.
+
+             The exec keyword executes the specified command under the user's
+             shell.  If the command returns a zero exit status then the
+             condition is considered true.  Commands containing whitespace
+             characters must be quoted.  Arguments to exec accept the tokens
+             described in the TOKENS section.
 
              The other keywords' criteria must be single entries or comma-
              separated lists and may use the wildcard and negation operators
@@ -603,7 +609,6 @@ DESCRIPTION
                    diffie-hellman-group-exchange-sha256,
                    diffie-hellman-group16-sha512,
                    diffie-hellman-group18-sha512,
-                   diffie-hellman-group-exchange-sha1,
                    diffie-hellman-group14-sha256,
                    diffie-hellman-group14-sha1
 
@@ -690,10 +695,11 @@ DESCRIPTION
              be yes or no (the default).
 
      PKCS11Provider
-             Specifies which PKCS#11 provider to use.  The argument to this
-             keyword is the PKCS#11 shared library ssh(1) should use to
-             communicate with a PKCS#11 token providing the user's private RSA
-             key.
+             Specifies which PKCS#11 provider to use or none to indicate that
+             no provider should be used (the default).  The argument to this
+             keyword is a path to the PKCS#11 shared library ssh(1) should use
+             to communicate with a PKCS#11 token providing keys for user
+             authentication.
 
      Port    Specifies the port number to connect on the remote host.  The
              default is 22.
@@ -741,6 +747,11 @@ DESCRIPTION
              whichever is specified first will prevent later instances of the
              other from taking effect.
 
+             Note also that the configuration for the destination host (either
+             supplied via the command-line or the configuration file) is not
+             generally applied to jump hosts.  ~/.ssh/config should be used if
+             specific configuration is required for jump hosts.
+
      ProxyUseFdpass
              Specifies that ProxyCommand will pass a connected file descriptor
              back to ssh(1) instead of continuing to execute and pass data.
@@ -1087,8 +1098,7 @@ FILES
              This is the per-user configuration file.  The format of this file
              is described above.  This file is used by the SSH client.
              Because of the potential for abuse, this file must have strict
-             permissions: read/write for the user, and not accessible by
-             others.
+             permissions: read/write for the user, and not writable by others.
 
      /etc/ssh/ssh_config
              Systemwide configuration file.  This file provides defaults for
@@ -1106,4 +1116,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 6.4                     October 3, 2018                    OpenBSD 6.4
+OpenBSD 6.5                      March 1, 2019                     OpenBSD 6.5
diff --git a/ssh_config.5 b/ssh_config.5
index f6c1b3b33..a9f6d906f 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.286 2018/10/03 06:38:35 djm Exp $
-.Dd $Mdocdate: October 3 2018 $
+.\" $OpenBSD: ssh_config.5,v 1.292 2019/03/01 02:16:47 djm Exp $
+.Dd $Mdocdate: March 1 2019 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -155,6 +155,7 @@ or the single token
 which always matches.
 The available criteria keywords are:
 .Cm canonical ,
+.Cm final ,
 .Cm exec ,
 .Cm host ,
 .Cm originalhost ,
@@ -164,12 +165,15 @@ and
 The
 .Cm all
 criteria must appear alone or immediately after
-.Cm canonical .
+.Cm canonical
+or
+.Cm final .
 Other criteria may be combined arbitrarily.
 All criteria but
-.Cm all
+.Cm all ,
+.Cm canonical ,
 and
-.Cm canonical
+.Cm final
 require an argument.
 Criteria may be negated by prepending an exclamation mark
 .Pq Sq !\& .
@@ -179,9 +183,23 @@ The
 keyword matches only when the configuration file is being re-parsed
 after hostname canonicalization (see the
 .Cm CanonicalizeHostname
-option.)
+option).
 This may be useful to specify conditions that work with canonical host
 names only.
+.Pp
+The
+.Cm final
+keyword requests that the configuration be re-parsed (regardless of whether
+.Cm CanonicalizeHostname
+is enabled), and matches only during this final pass.
+If
+.Cm CanonicalizeHostname
+is enabled, then
+.Cm canonical
+and
+.Cm final
+match during the same pass.
+.Pp
 The
 .Cm exec
 keyword executes the specified command under the user's shell.
@@ -757,42 +775,67 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Cm no .
-.It Cm GSSAPIKeyExchange
-Specifies whether key exchange based on GSSAPI may be used. When using
-GSSAPI key exchange the server need not have a host key.
-The default is
-.Cm no .
 .It Cm GSSAPIClientIdentity
-If set, specifies the GSSAPI client identity that ssh should use when 
-connecting to the server. The default is unset, which means that the default 
+If set, specifies the GSSAPI client identity that ssh should use when
+connecting to the server. The default is unset, which means that the default
 identity will be used.
-.It Cm GSSAPIServerIdentity
-If set, specifies the GSSAPI server identity that ssh should expect when 
-connecting to the server. The default is unset, which means that the
-expected GSSAPI server identity will be determined from the target
-hostname.
 .It Cm GSSAPIDelegateCredentials
 Forward (delegate) credentials to the server.
 The default is
 .Cm no .
+.It Cm GSSAPIKeyExchange
+Specifies whether key exchange based on GSSAPI may be used. When using
+GSSAPI key exchange the server need not have a host key.
+The default is
+.Dq no .
 .It Cm GSSAPIRenewalForcesRekey
-If set to 
-.Cm yes
+If set to
+.Dq yes
 then renewal of the client's GSSAPI credentials will force the rekeying of the
-ssh connection. With a compatible server, this can delegate the renewed 
+ssh connection. With a compatible server, this will delegate the renewed
 credentials to a session on the server.
+.Pp
+Checks are made to ensure that credentials are only propagated when the new
+credentials match the old ones on the originating client and where the
+receiving server still has the old set in its cache.
+.Pp
 The default is
-.Cm no .
+.Dq no .
+.Pp
+For this to work
+.Cm GSSAPIKeyExchange
+needs to be enabled in the server and also used by the client.
+.It Cm GSSAPIServerIdentity
+If set, specifies the GSSAPI server identity that ssh should expect when
+connecting to the server. The default is unset, which means that the
+expected GSSAPI server identity will be determined from the target
+hostname.
 .It Cm GSSAPITrustDns
-Set to 
-.Cm yes
+Set to
+.Dq yes
 to indicate that the DNS is trusted to securely canonicalize
-the name of the host being connected to. If 
-.Cm no ,
+the name of the host being connected to. If
+.Dq no ,
 the hostname entered on the
 command line will be passed untouched to the GSSAPI library.
 The default is
-.Cm no .
+.Dq no .
+.It Cm GSSAPIKexAlgorithms
+The list of key exchange algorithms that are offered for GSSAPI
+key exchange. Possible values are
+.Bd -literal -offset 3n
+gss-gex-sha1-,
+gss-group1-sha1-,
+gss-group14-sha1-,
+gss-group14-sha256-,
+gss-group16-sha512-,
+gss-nistp256-sha256-,
+gss-curve25519-sha256-
+.Ed
+.Pp
+The default is
+.Dq gss-gex-sha1-,gss-group14-sha1- .
+This option only applies to protocol version 2 connections using GSSAPI.
 .It Cm HashKnownHosts
 Indicates that
 .Xr ssh 1
@@ -1094,7 +1137,6 @@ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,
 diffie-hellman-group16-sha512,
 diffie-hellman-group18-sha512,
-diffie-hellman-group-exchange-sha1,
 diffie-hellman-group14-sha256,
 diffie-hellman-group14-sha1
 .Ed
@@ -1217,11 +1259,13 @@ or
 .Cm no
 (the default).
 .It Cm PKCS11Provider
-Specifies which PKCS#11 provider to use.
-The argument to this keyword is the PKCS#11 shared library
+Specifies which PKCS#11 provider to use or
+.Cm none
+to indicate that no provider should be used (the default).
+The argument to this keyword is a path to the PKCS#11 shared library
 .Xr ssh 1
-should use to communicate with a PKCS#11 token providing the user's
-private RSA key.
+should use to communicate with a PKCS#11 token providing keys for user
+authentication.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 The default is 22.
@@ -1299,6 +1343,12 @@ Note that this option will compete with the
 .Cm ProxyCommand
 option - whichever is specified first will prevent later instances of the
 other from taking effect.
+.Pp
+Note also that the configuration for the destination host (either supplied
+via the command-line or the configuration file) is not generally applied
+to jump hosts.
+.Pa ~/.ssh/config
+should be used if specific configuration is required for jump hosts.
 .It Cm ProxyUseFdpass
 Specifies that
 .Cm ProxyCommand
@@ -1852,7 +1902,7 @@ This is the per-user configuration file.
 The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
-read/write for the user, and not accessible by others.
+read/write for the user, and not writable by others.
 It may be group-writable provided that the group in question contains only
 the user.
 .It Pa /etc/ssh/ssh_config
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c
index d0d791b50..3dd1e1446 100644
--- a/sshbuf-getput-crypto.c
+++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $    */
+/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.7 2019/01/21 09:54:11 djm Exp $    */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -32,41 +32,24 @@
 #include "sshbuf.h"
 
 int
-sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v)
+sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp)
 {
+        BIGNUM *v;
         const u_char *d;
         size_t len;
         int r;
 
+        if (valp != NULL)
+                *valp = NULL;
         if ((r = sshbuf_get_bignum2_bytes_direct(buf, &d, &len)) != 0)
                 return r;
-        if (v != NULL && BN_bin2bn(d, len, v) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        return 0;
-}
-
-int
-sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v)
-{
-        const u_char *d = sshbuf_ptr(buf);
-        u_int16_t len_bits;
-        size_t len_bytes;
-
-        /* Length in bits */
-        if (sshbuf_len(buf) < 2)
-                return SSH_ERR_MESSAGE_INCOMPLETE;
-        len_bits = PEEK_U16(d);
-        len_bytes = (len_bits + 7) >> 3;
-        if (len_bytes > SSHBUF_MAX_BIGNUM)
-                return SSH_ERR_BIGNUM_TOO_LARGE;
-        if (sshbuf_len(buf) < 2 + len_bytes)
-                return SSH_ERR_MESSAGE_INCOMPLETE;
-        if (v != NULL && BN_bin2bn(d + 2, len_bytes, v) == NULL)
-                return SSH_ERR_ALLOC_FAIL;
-        if (sshbuf_consume(buf, 2 + len_bytes) != 0) {
-                SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
-                SSHBUF_ABORT();
-                return SSH_ERR_INTERNAL_ERROR;
+        if (valp != NULL) {
+                if ((v = BN_new()) == NULL ||
+                    BN_bin2bn(d, len, v) == NULL) {
+                        BN_clear_free(v);
+                        return SSH_ERR_ALLOC_FAIL;
+                }
+                *valp = v;
         }
         return 0;
 }
@@ -165,28 +148,6 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
         return 0;
 }
 
-int
-sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
-{
-        int r, len_bits = BN_num_bits(v);
-        size_t len_bytes = (len_bits + 7) / 8;
-        u_char d[SSHBUF_MAX_BIGNUM], *dp;
-
-        if (len_bits < 0 || len_bytes > SSHBUF_MAX_BIGNUM)
-                return SSH_ERR_INVALID_ARGUMENT;
-        if (BN_bn2bin(v, d) != (int)len_bytes)
-                return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
-        if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
-                explicit_bzero(d, sizeof(d));
-                return r;
-        }
-        POKE_U16(dp, len_bits);
-        if (len_bytes != 0)
-                memcpy(dp + 2, d, len_bytes);
-        explicit_bzero(d, sizeof(d));
-        return 0;
-}
-
 #ifdef OPENSSL_HAS_ECC
 int
 sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
diff --git a/sshbuf.c b/sshbuf.c
index 20ddf9eb6..adfddf775 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf.c,v 1.12 2018/07/09 21:56:06 markus Exp $      */
+/*      $OpenBSD: sshbuf.c,v 1.13 2018/11/16 06:10:29 djm Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -143,12 +143,7 @@ sshbuf_free(struct sshbuf *buf)
          */
         if (sshbuf_check_sanity(buf) != 0)
                 return;
-        /*
-         * If we are a child, the free our parent to decrement its reference
-         * count and possibly free it.
-         */
-        sshbuf_free(buf->parent);
-        buf->parent = NULL;
+
         /*
          * If we are a parent with still-extant children, then don't free just
          * yet. The last child's call to sshbuf_free should decrement our
@@ -157,6 +152,14 @@ sshbuf_free(struct sshbuf *buf)
         buf->refcount--;
         if (buf->refcount > 0)
                 return;
+
+        /*
+         * If we are a child, the free our parent to decrement its reference
+         * count and possibly free it.
+         */
+        sshbuf_free(buf->parent);
+        buf->parent = NULL;
+
         if (!buf->readonly) {
                 explicit_bzero(buf->d, buf->alloc);
                 free(buf->d);
diff --git a/sshbuf.h b/sshbuf.h
index a43598cac..7900b82ba 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf.h,v 1.11 2018/07/09 21:56:06 markus Exp $      */
+/*      $OpenBSD: sshbuf.h,v 1.13 2019/01/21 09:54:11 djm Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -212,10 +212,8 @@ int	sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len);
 int     sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
             const u_char **valp, size_t *lenp);
 #ifdef WITH_OPENSSL
-int     sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v);
-int     sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v);
+int     sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM **valp);
 int     sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v);
-int     sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v);
 # ifdef OPENSSL_HAS_ECC
 int     sshbuf_get_ec(struct sshbuf *buf, EC_POINT *v, const EC_GROUP *g);
 int     sshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v);
diff --git a/sshconnect.c b/sshconnect.c
index b9418e277..1183ffe0e 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.305 2018/09/20 03:30:44 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.314 2019/02/27 19:37:01 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -68,9 +68,8 @@
 #include "authfile.h"
 #include "ssherr.h"
 #include "authfd.h"
+#include "kex.h"
 
-char *client_version_string = NULL;
-char *server_version_string = NULL;
 struct sshkey *previous_host_key = NULL;
 
 static int matching_host_key_dns = 0;
@@ -78,6 +77,7 @@ static int matching_host_key_dns = 0;
 static pid_t proxy_command_pid = 0;
 
 /* import */
+extern int debug_flag;
 extern Options options;
 extern char *__progname;
 
@@ -99,6 +99,24 @@ expand_proxy_command(const char *proxy_command, const char *user,
         return ret;
 }
 
+static void
+stderr_null(void)
+{
+        int devnull;
+
+        if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) {
+                error("Can't open %s for stderr redirection: %s",
+                    _PATH_DEVNULL, strerror(errno));
+                return;
+        }
+        if (devnull == STDERR_FILENO)
+                return;
+        if (dup2(devnull, STDERR_FILENO) == -1)
+                error("Cannot redirect stderr to %s", _PATH_DEVNULL);
+        if (devnull > STDERR_FILENO)
+                close(devnull);
+}
+
 /*
  * Connect to the given ssh server using a proxy command that passes a
  * a connected fd back to us.
@@ -141,9 +159,13 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
                         close(sp[0]);
 
                 /*
-                 * Stderr is left as it is so that error messages get
-                 * printed on the user's terminal.
+                 * Stderr is left for non-ControlPersist connections is so
+                 * error messages may be printed on the user's terminal.
                  */
+                if (!debug_flag && options.control_path != NULL &&
+                    options.control_persist)
+                        stderr_null();
+
                 argv[0] = shell;
                 argv[1] = "-c";
                 argv[2] = command_string;
@@ -219,8 +241,14 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
                 /* Cannot be 1 because pin allocated two descriptors. */
                 close(pout[1]);
 
-                /* Stderr is left as it is so that error messages get
-                   printed on the user's terminal. */
+                /*
+                 * Stderr is left for non-ControlPersist connections is so
+                 * error messages may be printed on the user's terminal.
+                 */
+                if (!debug_flag && options.control_path != NULL &&
+                    options.control_persist)
+                        stderr_null();
+
                 argv[0] = shell;
                 argv[1] = "-c";
                 argv[2] = command_string;
@@ -369,10 +397,6 @@ ssh_create_socket(struct addrinfo *ai)
                         error("getaddrinfo: no addrs");
                         goto fail;
                 }
-                if (res->ai_addrlen > sizeof(bindaddr)) {
-                        error("%s: addr doesn't fit", __func__);
-                        goto fail;
-                }
                 memcpy(&bindaddr, res->ai_addr, res->ai_addrlen);
                 bindaddrlen = res->ai_addrlen;
         } else if (options.bind_interface != NULL) {
@@ -420,73 +444,6 @@ fail:
 }
 
 /*
- * Wait up to *timeoutp milliseconds for fd to be readable. Updates
- * *timeoutp with time remaining.
- * Returns 0 if fd ready or -1 on timeout or error (see errno).
- */
-static int
-waitrfd(int fd, int *timeoutp)
-{
-        struct pollfd pfd;
-        struct timeval t_start;
-        int oerrno, r;
-
-        monotime_tv(&t_start);
-        pfd.fd = fd;
-        pfd.events = POLLIN;
-        for (; *timeoutp >= 0;) {
-                r = poll(&pfd, 1, *timeoutp);
-                oerrno = errno;
-                ms_subtract_diff(&t_start, timeoutp);
-                errno = oerrno;
-                if (r > 0)
-                        return 0;
-                else if (r == -1 && errno != EAGAIN)
-                        return -1;
-                else if (r == 0)
-                        break;
-        }
-        /* timeout */
-        errno = ETIMEDOUT;
-        return -1;
-}
-
-static int
-timeout_connect(int sockfd, const struct sockaddr *serv_addr,
-    socklen_t addrlen, int *timeoutp)
-{
-        int optval = 0;
-        socklen_t optlen = sizeof(optval);
-
-        /* No timeout: just do a blocking connect() */
-        if (*timeoutp <= 0)
-                return connect(sockfd, serv_addr, addrlen);
-
-        set_nonblock(sockfd);
-        if (connect(sockfd, serv_addr, addrlen) == 0) {
-                /* Succeeded already? */
-                unset_nonblock(sockfd);
-                return 0;
-        } else if (errno != EINPROGRESS)
-                return -1;
-
-        if (waitrfd(sockfd, timeoutp) == -1)
-                return -1;
-
-        /* Completed or failed */
-        if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) {
-                debug("getsockopt: %s", strerror(errno));
-                return -1;
-        }
-        if (optval != 0) {
-                errno = optval;
-                return -1;
-        }
-        unset_nonblock(sockfd);
-        return 0;
-}
-
-/*
  * Opens a TCP/IP connection to the remote server on the given host.
  * The address of the remote host will be returned in hostaddr.
  * If port is 0, the default port will be used.
@@ -500,7 +457,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
     struct sockaddr_storage *hostaddr, u_short port, int family,
     int connection_attempts, int *timeout_ms, int want_keepalive)
 {
-        int on = 1;
+        int on = 1, saved_timeout_ms = *timeout_ms;
         int oerrno, sock = -1, attempt;
         char ntop[NI_MAXHOST], strport[NI_MAXSERV];
         struct addrinfo *ai;
@@ -544,6 +501,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
                                 continue;
                         }
 
+                        *timeout_ms = saved_timeout_ms;
                         if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
                             timeout_ms) >= 0) {
                                 /* Successful connection. */
@@ -589,12 +547,20 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
     struct sockaddr_storage *hostaddr, u_short port, int family,
     int connection_attempts, int *timeout_ms, int want_keepalive)
 {
+        int in, out;
+
         if (options.proxy_command == NULL) {
                 return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
                     family, connection_attempts, timeout_ms, want_keepalive);
         } else if (strcmp(options.proxy_command, "-") == 0) {
-                if ((ssh_packet_set_connection(ssh,
-                    STDIN_FILENO, STDOUT_FILENO)) == NULL)
+                if ((in = dup(STDIN_FILENO)) < 0 ||
+                    (out = dup(STDOUT_FILENO)) < 0) {
+                        if (in >= 0)
+                                close(in);
+                        error("%s: dup() in/out failed", __func__);
+                        return -1; /* ssh_packet_set_connection logs error */
+                }
+                if ((ssh_packet_set_connection(ssh, in, out)) == NULL)
                         return -1; /* ssh_packet_set_connection logs error */
                 return 0;
         } else if (options.proxy_use_fdpass) {
@@ -604,128 +570,26 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
         return ssh_proxy_connect(ssh, host, port, options.proxy_command);
 }
 
-static void
-send_client_banner(int connection_out, int minor1)
-{
-        /* Send our own protocol version identification. */
-        xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-            PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
-        if (atomicio(vwrite, connection_out, client_version_string,
-            strlen(client_version_string)) != strlen(client_version_string))
-                fatal("write: %.100s", strerror(errno));
-        chop(client_version_string);
-        debug("Local version string %.100s", client_version_string);
-}
-
-/*
- * Waits for the server identification string, and sends our own
- * identification string.
- */
-void
-ssh_exchange_identification(int timeout_ms)
-{
-        char buf[256], remote_version[256];     /* must be same size! */
-        int remote_major, remote_minor, mismatch;
-        int connection_in = packet_get_connection_in();
-        int connection_out = packet_get_connection_out();
-        u_int i, n;
-        size_t len;
-        int rc;
-
-        send_client_banner(connection_out, 0);
-
-        /* Read other side's version identification. */
-        for (n = 0;;) {
-                for (i = 0; i < sizeof(buf) - 1; i++) {
-                        if (timeout_ms > 0) {
-                                rc = waitrfd(connection_in, &timeout_ms);
-                                if (rc == -1 && errno == ETIMEDOUT) {
-                                        fatal("Connection timed out during "
-                                            "banner exchange");
-                                } else if (rc == -1) {
-                                        fatal("%s: %s",
-                                            __func__, strerror(errno));
-                                }
-                        }
-
-                        len = atomicio(read, connection_in, &buf[i], 1);
-                        if (len != 1 && errno == EPIPE)
-                                fatal("ssh_exchange_identification: "
-                                    "Connection closed by remote host");
-                        else if (len != 1)
-                                fatal("ssh_exchange_identification: "
-                                    "read: %.100s", strerror(errno));
-                        if (buf[i] == '\r') {
-                                buf[i] = '\n';
-                                buf[i + 1] = 0;
-                                continue;               /**XXX wait for \n */
-                        }
-                        if (buf[i] == '\n') {
-                                buf[i + 1] = 0;
-                                break;
-                        }
-                        if (++n > 65536)
-                                fatal("ssh_exchange_identification: "
-                                    "No banner received");
-                }
-                buf[sizeof(buf) - 1] = 0;
-                if (strncmp(buf, "SSH-", 4) == 0)
-                        break;
-                debug("ssh_exchange_identification: %s", buf);
-        }
-        server_version_string = xstrdup(buf);
-
-        /*
-         * Check that the versions match.  In future this might accept
-         * several versions and set appropriate flags to handle them.
-         */
-        if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n",
-            &remote_major, &remote_minor, remote_version) != 3)
-                fatal("Bad remote protocol version identification: '%.100s'", buf);
-        debug("Remote protocol version %d.%d, remote software version %.100s",
-            remote_major, remote_minor, remote_version);
-
-        active_state->compat = compat_datafellows(remote_version);
-        mismatch = 0;
-
-        switch (remote_major) {
-        case 2:
-                break;
-        case 1:
-                if (remote_minor != 99)
-                        mismatch = 1;
-                break;
-        default:
-                mismatch = 1;
-                break;
-        }
-        if (mismatch)
-                fatal("Protocol major versions differ: %d vs. %d",
-                    PROTOCOL_MAJOR_2, remote_major);
-        if ((datafellows & SSH_BUG_RSASIGMD5) != 0)
-                logit("Server version \"%.100s\" uses unsafe RSA signature "
-                    "scheme; disabling use of RSA keys", remote_version);
-        chop(server_version_string);
-}
-
 /* defaults to 'no' */
 static int
-confirm(const char *prompt)
+confirm(const char *prompt, const char *fingerprint)
 {
         const char *msg, *again = "Please type 'yes' or 'no': ";
+        const char *again_fp = "Please type 'yes', 'no' or the fingerprint: ";
         char *p;
         int ret = -1;
 
         if (options.batch_mode)
                 return 0;
-        for (msg = prompt;;msg = again) {
+        for (msg = prompt;;msg = fingerprint ? again_fp : again) {
                 p = read_passphrase(msg, RP_ECHO);
                 if (p == NULL)
                         return 0;
                 p[strcspn(p, "\n")] = '\0';
                 if (p[0] == '\0' || strcasecmp(p, "no") == 0)
                         ret = 0;
-                else if (strcasecmp(p, "yes") == 0)
+                else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL &&
+                    strcasecmp(p, fingerprint) == 0))
                         ret = 1;
                 free(p);
                 if (ret != -1)
@@ -853,7 +717,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
         char msg[1024];
         const char *type;
         const struct hostkey_entry *host_found, *ip_found;
-        int len, cancelled_forwarding = 0;
+        int len, cancelled_forwarding = 0, confirmed;
         int local = sockaddr_is_local(hostaddr);
         int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0;
         int hostkey_trusted = 0; /* Known or explicitly accepted by user */
@@ -1028,14 +892,15 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                             "established%s\n"
                             "%s key fingerprint is %s.%s%s\n%s"
                             "Are you sure you want to continue connecting "
-                            "(yes/no)? ",
+                            "(yes/no/[fingerprint])? ",
                             host, ip, msg1, type, fp,
                             options.visual_host_key ? "\n" : "",
                             options.visual_host_key ? ra : "",
                             msg2);
                         free(ra);
+                        confirmed = confirm(msg, fp);
                         free(fp);
-                        if (!confirm(msg))
+                        if (!confirmed)
                                 goto fail;
                         hostkey_trusted = 1; /* user explicitly confirmed */
                 }
@@ -1236,7 +1101,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                     SSH_STRICT_HOSTKEY_ASK) {
                         strlcat(msg, "\nAre you sure you want "
                             "to continue connecting (yes/no)? ", sizeof(msg));
-                        if (!confirm(msg))
+                        if (!confirm(msg, NULL))
                                 goto fail;
                 } else if (options.strict_host_key_checking !=
                     SSH_STRICT_HOSTKEY_OFF) {
@@ -1408,7 +1273,7 @@ out:
  * This function does not require super-user privileges.
  */
 void
-ssh_login(Sensitive *sensitive, const char *orighost,
+ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost,
     struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms)
 {
         char *host;
@@ -1422,37 +1287,20 @@ ssh_login(Sensitive *sensitive, const char *orighost,
         lowercase(host);
 
         /* Exchange protocol version identification strings with the server. */
-        ssh_exchange_identification(timeout_ms);
+        if (kex_exchange_identification(ssh, timeout_ms, 1, NULL) != 0)
+                cleanup_exit(255); /* error already logged */
 
         /* Put the connection into non-blocking mode. */
-        packet_set_nonblocking();
+        ssh_packet_set_nonblocking(ssh);
 
         /* key exchange */
         /* authenticate user */
         debug("Authenticating to %s:%d as '%s'", host, port, server_user);
-        ssh_kex2(host, hostaddr, port);
-        ssh_userauth2(local_user, server_user, host, sensitive);
+        ssh_kex2(ssh, host, hostaddr, port);
+        ssh_userauth2(ssh, local_user, server_user, host, sensitive);
         free(local_user);
 }
 
-void
-ssh_put_password(char *password)
-{
-        int size;
-        char *padded;
-
-        if (datafellows & SSH_BUG_PASSWORDPAD) {
-                packet_put_cstring(password);
-                return;
-        }
-        size = ROUNDUP(strlen(password) + 1, 32);
-        padded = xcalloc(1, size);
-        strlcpy(padded, password, size);
-        packet_put_string(padded, size);
-        explicit_bzero(padded, size);
-        free(padded);
-}
-
 /* print all known host keys for a given host, but skip keys of given type */
 static int
 show_other_keys(struct hostkeys *hostkeys, struct sshkey *key)
diff --git a/sshconnect.h b/sshconnect.h
index 890d85733..6e8989b27 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.35 2018/07/19 10:28:47 dtucker Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.37 2019/01/19 21:36:38 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -37,23 +37,19 @@ int	 ssh_connect(struct ssh *, const char *, struct addrinfo *,
             struct sockaddr_storage *, u_short, int, int, int *, int);
 void     ssh_kill_proxy_command(void);
 
-void     ssh_login(Sensitive *, const char *, struct sockaddr *, u_short,
-    struct passwd *, int);
-
-void     ssh_exchange_identification(int);
+void     ssh_login(struct ssh *, Sensitive *, const char *,
+    struct sockaddr *, u_short, struct passwd *, int);
 
 int      verify_host_key(char *, struct sockaddr *, struct sshkey *);
 
 void     get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short,
     char **, char **);
 
-void     ssh_kex(char *, struct sockaddr *);
-void     ssh_kex2(char *, struct sockaddr *, u_short);
+void     ssh_kex2(struct ssh *ssh, char *, struct sockaddr *, u_short);
 
-void     ssh_userauth1(const char *, const char *, char *, Sensitive *);
-void     ssh_userauth2(const char *, const char *, char *, Sensitive *);
+void     ssh_userauth2(struct ssh *ssh, const char *, const char *,
+    char *, Sensitive *);
 
-void     ssh_put_password(char *);
 int      ssh_local_cmd(const char *);
 
 void     maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *);
diff --git a/sshconnect2.c b/sshconnect2.c
index 8c872a4fb..4020371ae 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.288 2018/10/11 03:48:04 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.303 2019/02/12 23:53:10 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -78,8 +78,6 @@
 #endif
 
 /* import */
-extern char *client_version_string;
-extern char *server_version_string;
 extern Options options;
 
 /*
@@ -155,14 +153,13 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
 }
 
 void
-ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
+ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
 {
         char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
         char *s, *all_key;
-        struct kex *kex;
         int r;
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
         char *orig = NULL, *gss = NULL;
         char *gss_host = NULL;
 #endif
@@ -199,7 +196,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                     order_hostkeyalgs(host, hostaddr, port));
         }
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
         if (options.gss_keyex) {
                 /* Add the GSSAPI mechanisms currently supported on this
                  * client to the key exchange algorithm proposal */
@@ -208,19 +205,19 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                 if (options.gss_server_identity)
                         gss_host = xstrdup(options.gss_server_identity);
                 else if (options.gss_trust_dns)
-                        gss_host = remote_hostname(active_state);
+                        gss_host = remote_hostname(ssh);
                 else
                         gss_host = xstrdup(host);
 
                 gss = ssh_gssapi_client_mechanisms(gss_host,
-                    options.gss_client_identity);
+                    options.gss_client_identity, options.gss_kex_algorithms);
                 if (gss) {
                         debug("Offering GSSAPI proposal: %s", gss);
                         xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
                             "%s,%s", gss, orig);
 
-                        /* If we've got GSSAPI algorithms, then we also
-                         * support the 'null' hostkey, as a last resort */
+                        /* If we've got GSSAPI algorithms, then we also support the
+                         * 'null' hostkey, as a last resort */
                         orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
                         xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
                             "%s,null", orig);
@@ -229,52 +226,54 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 #endif
 
         if (options.rekey_limit || options.rekey_interval)
-                packet_set_rekey_limits(options.rekey_limit,
+                ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
                     options.rekey_interval);
 
         /* start key exchange */
-        if ((r = kex_setup(active_state, myproposal)) != 0)
+        if ((r = kex_setup(ssh, myproposal)) != 0)
                 fatal("kex_setup: %s", ssh_err(r));
-        kex = active_state->kex;
 #ifdef WITH_OPENSSL
-        kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
-        kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
-        kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client;
-        kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client;
-        kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client;
-        kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
-        kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+        ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client;
+        ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client;
+        ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client;
+        ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client;
+        ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client;
+        ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
+        ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
 # ifdef OPENSSL_HAS_ECC
-        kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+        ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
 # endif
-#endif
-        kex->kex[KEX_C25519_SHA256] = kexc25519_client;
-#ifdef GSSAPI
+# ifdef GSSAPI
         if (options.gss_keyex) {
-                kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
-                kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
-                kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_client;
+                ssh->kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_client;
+                ssh->kex->kex[KEX_GSS_C25519_SHA256] = kexgss_client;
         }
+# endif
 #endif
-        kex->client_version_string=client_version_string;
-        kex->server_version_string=server_version_string;
-        kex->verify_host_key=&verify_host_key_callback;
+        ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
+        ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client;
+        ssh->kex->verify_host_key=&verify_host_key_callback;
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
         if (options.gss_keyex) {
-                kex->gss_deleg_creds = options.gss_deleg_creds;
-                kex->gss_trust_dns = options.gss_trust_dns;
-                kex->gss_client = options.gss_client_identity;
-                kex->gss_host = gss_host;
+                ssh->kex->gss_deleg_creds = options.gss_deleg_creds;
+                ssh->kex->gss_trust_dns = options.gss_trust_dns;
+                ssh->kex->gss_client = options.gss_client_identity;
+                ssh->kex->gss_host = gss_host;
         }
 #endif
 
-        ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done);
+        ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done);
 
         /* remove ext-info from the KEX proposals for rekeying */
         myproposal[PROPOSAL_KEX_ALGS] =
             compat_kex_proposal(options.kex_algorithms);
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
         /* repair myproposal after it was crumpled by the */
         /* ext-info removal above */
         if (gss) {
@@ -284,11 +283,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                 free(gss);
         }
 #endif
-        if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
+        if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0)
                 fatal("kex_prop2buf: %s", ssh_err(r));
 
-        session_id2 = kex->session_id;
-        session_id2_len = kex->session_id_len;
+        session_id2 = ssh->kex->session_id;
+        session_id2_len = ssh->kex->session_id_len;
 
 #ifdef DEBUG_KEXDH
         /* send 1st encrypted/maced/compressed message */
@@ -328,7 +327,11 @@ struct cauthctxt {
         struct cauthmethod *method;
         sig_atomic_t success;
         char *authlist;
-        int attempt;
+#ifdef GSSAPI
+        /* gssapi */
+        gss_OID_set gss_supported_mechs;
+        u_int mech_tried;
+#endif
         /* pubkey */
         struct idlist keys;
         int agent_fd;
@@ -338,50 +341,52 @@ struct cauthctxt {
         const char *active_ktype;
         /* kbd-interactive */
         int info_req_seen;
+        int attempt_kbdint;
+        /* password */
+        int attempt_passwd;
         /* generic */
         void *methoddata;
 };
 
 struct cauthmethod {
         char    *name;          /* string to compare against server's list */
-        int     (*userauth)(Authctxt *authctxt);
-        void    (*cleanup)(Authctxt *authctxt);
+        int     (*userauth)(struct ssh *ssh);
+        void    (*cleanup)(struct ssh *ssh);
         int     *enabled;       /* flag in option struct that enables method */
         int     *batch_flag;    /* flag in option struct that disables method */
 };
 
-int     input_userauth_service_accept(int, u_int32_t, struct ssh *);
-int     input_userauth_ext_info(int, u_int32_t, struct ssh *);
-int     input_userauth_success(int, u_int32_t, struct ssh *);
-int     input_userauth_success_unexpected(int, u_int32_t, struct ssh *);
-int     input_userauth_failure(int, u_int32_t, struct ssh *);
-int     input_userauth_banner(int, u_int32_t, struct ssh *);
-int     input_userauth_error(int, u_int32_t, struct ssh *);
-int     input_userauth_info_req(int, u_int32_t, struct ssh *);
-int     input_userauth_pk_ok(int, u_int32_t, struct ssh *);
-int     input_userauth_passwd_changereq(int, u_int32_t, struct ssh *);
-
-int     userauth_none(Authctxt *);
-int     userauth_pubkey(Authctxt *);
-int     userauth_passwd(Authctxt *);
-int     userauth_kbdint(Authctxt *);
-int     userauth_hostbased(Authctxt *);
+static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
+static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
+static int input_userauth_success(int, u_int32_t, struct ssh *);
+static int input_userauth_failure(int, u_int32_t, struct ssh *);
+static int input_userauth_banner(int, u_int32_t, struct ssh *);
+static int input_userauth_error(int, u_int32_t, struct ssh *);
+static int input_userauth_info_req(int, u_int32_t, struct ssh *);
+static int input_userauth_pk_ok(int, u_int32_t, struct ssh *);
+static int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *);
+
+static int userauth_none(struct ssh *);
+static int userauth_pubkey(struct ssh *);
+static int userauth_passwd(struct ssh *);
+static int userauth_kbdint(struct ssh *);
+static int userauth_hostbased(struct ssh *);
 
 #ifdef GSSAPI
-int     userauth_gssapi(Authctxt *authctxt);
-int     input_gssapi_response(int type, u_int32_t, struct ssh *);
-int     input_gssapi_token(int type, u_int32_t, struct ssh *);
-int     input_gssapi_hash(int type, u_int32_t, struct ssh *);
-int     input_gssapi_error(int, u_int32_t, struct ssh *);
-int     input_gssapi_errtok(int, u_int32_t, struct ssh *);
-int     userauth_gsskeyex(Authctxt *authctxt);
+static int userauth_gssapi(struct ssh *);
+static void userauth_gssapi_cleanup(struct ssh *);
+static int input_gssapi_response(int type, u_int32_t, struct ssh *);
+static int input_gssapi_token(int type, u_int32_t, struct ssh *);
+static int input_gssapi_error(int, u_int32_t, struct ssh *);
+static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
+static int userauth_gsskeyex(struct ssh *);
 #endif
 
-void    userauth(Authctxt *, char *);
+void    userauth(struct ssh *, char *);
 
-static int sign_and_send_pubkey(struct ssh *ssh, Authctxt *, Identity *);
+static void pubkey_cleanup(struct ssh *);
+static int sign_and_send_pubkey(struct ssh *ssh, Identity *);
 static void pubkey_prepare(Authctxt *);
-static void pubkey_cleanup(Authctxt *);
 static void pubkey_reset(Authctxt *);
 static struct sshkey *load_identity_file(Identity *);
 
@@ -394,11 +399,11 @@ Authmethod authmethods[] = {
         {"gssapi-keyex",
                 userauth_gsskeyex,
                 NULL,
-                &options.gss_authentication,
+                &options.gss_keyex,
                 NULL},
         {"gssapi-with-mic",
                 userauth_gssapi,
-                NULL,
+                userauth_gssapi_cleanup,
                 &options.gss_authentication,
                 NULL},
 #endif
@@ -431,10 +436,9 @@ Authmethod authmethods[] = {
 };
 
 void
-ssh_userauth2(const char *local_user, const char *server_user, char *host,
-    Sensitive *sensitive)
+ssh_userauth2(struct ssh *ssh, const char *local_user,
+    const char *server_user, char *host, Sensitive *sensitive)
 {
-        struct ssh *ssh = active_state;
         Authctxt authctxt;
         int r;
 
@@ -445,7 +449,6 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
 
         /* setup authentication context */
         memset(&authctxt, 0, sizeof(authctxt));
-        pubkey_prepare(&authctxt);
         authctxt.server_user = server_user;
         authctxt.local_user = local_user;
         authctxt.host = host;
@@ -457,9 +460,18 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
         authctxt.sensitive = sensitive;
         authctxt.active_ktype = authctxt.oktypes = authctxt.ktypes = NULL;
         authctxt.info_req_seen = 0;
+        authctxt.attempt_kbdint = 0;
+        authctxt.attempt_passwd = 0;
+#if GSSAPI
+        authctxt.gss_supported_mechs = NULL;
+        authctxt.mech_tried = 0;
+#endif
         authctxt.agent_fd = -1;
-        if (authctxt.method == NULL)
-                fatal("ssh_userauth2: internal error: cannot send userauth none request");
+        pubkey_prepare(&authctxt);
+        if (authctxt.method == NULL) {
+                fatal("%s: internal error: cannot send userauth none request",
+                    __func__);
+        }
 
         if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 ||
             (r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 ||
@@ -471,9 +483,9 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
         ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
         ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
         ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */
+        pubkey_cleanup(ssh);
         ssh->authctxt = NULL;
 
-        pubkey_cleanup(&authctxt);
         ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
 
         if (!authctxt.success)
@@ -482,10 +494,9 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 {
-        Authctxt *authctxt = ssh->authctxt;
         int r;
 
         if (ssh_packet_remaining(ssh) > 0) {
@@ -503,7 +514,7 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
         debug("SSH2_MSG_SERVICE_ACCEPT received");
 
         /* initial userauth request */
-        userauth_none(authctxt);
+        userauth_none(ssh);
 
         ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error);
         ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
@@ -515,19 +526,19 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
 {
         return kex_input_ext_info(type, seqnr, ssh);
 }
 
 void
-userauth(Authctxt *authctxt, char *authlist)
+userauth(struct ssh *ssh, char *authlist)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
 
         if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
-                authctxt->method->cleanup(authctxt);
+                authctxt->method->cleanup(ssh);
 
         free(authctxt->methoddata);
         authctxt->methoddata = NULL;
@@ -549,7 +560,7 @@ userauth(Authctxt *authctxt, char *authlist)
                     SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL);
 
                 /* and try new method */
-                if (method->userauth(authctxt) != 0) {
+                if (method->userauth(ssh) != 0) {
                         debug2("we sent a %s packet, wait for reply", method->name);
                         break;
                 } else {
@@ -560,50 +571,53 @@ userauth(Authctxt *authctxt, char *authlist)
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_error(int type, u_int32_t seq, struct ssh *ssh)
 {
-        fatal("input_userauth_error: bad message during authentication: "
-            "type %d", type);
+        fatal("%s: bad message during authentication: type %d", __func__, type);
         return 0;
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_banner(int type, u_int32_t seq, struct ssh *ssh)
 {
-        char *msg, *lang;
-        u_int len;
+        char *msg = NULL;
+        size_t len;
+        int r;
 
         debug3("%s", __func__);
-        msg = packet_get_string(&len);
-        lang = packet_get_string(NULL);
+        if ((r = sshpkt_get_cstring(ssh, &msg, &len)) != 0 ||
+            (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0)
+                goto out;
         if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO)
                 fmprintf(stderr, "%s", msg);
+        r = 0;
+ out:
         free(msg);
-        free(lang);
-        return 0;
+        return r;
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
 
         if (authctxt == NULL)
-                fatal("input_userauth_success: no authentication context");
+                fatal("%s: no authentication context", __func__);
         free(authctxt->authlist);
         authctxt->authlist = NULL;
         if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
-                authctxt->method->cleanup(authctxt);
+                authctxt->method->cleanup(ssh);
         free(authctxt->methoddata);
         authctxt->methoddata = NULL;
         authctxt->success = 1;                  /* break out */
         return 0;
 }
 
-int
+#if 0
+static int
 input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -615,9 +629,10 @@ input_userauth_success_unexpected(int type, u_int32_t seq, struct ssh *ssh)
             authctxt->method->name);
         return 0;
 }
+#endif
 
 /* ARGSUSED */
-int
+static int
 input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -640,7 +655,7 @@ input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh)
         }
         debug("Authentications that can continue: %s", authlist);
 
-        userauth(authctxt, authlist);
+        userauth(ssh, authlist);
         authlist = NULL;
  out:
         free(authlist);
@@ -672,7 +687,7 @@ format_identity(Identity *id)
 }
 
 /* ARGSUSED */
-int
+static int
 input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -727,7 +742,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
         }
         ident = format_identity(id);
         debug("Server accepts key: %s", ident);
-        sent = sign_and_send_pubkey(ssh, authctxt, id);
+        sent = sign_and_send_pubkey(ssh, id);
         r = 0;
  done:
         sshkey_free(key);
@@ -738,55 +753,56 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
 
         /* try another method if we did not send a packet */
         if (r == 0 && sent == 0)
-                userauth(authctxt, NULL);
+                userauth(ssh, NULL);
         return r;
 }
 
 #ifdef GSSAPI
-int
-userauth_gssapi(Authctxt *authctxt)
+static int
+userauth_gssapi(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         Gssctxt *gssctxt = NULL;
-        static gss_OID_set gss_supported = NULL;
-        static u_int mech = 0;
         OM_uint32 min;
         int r, ok = 0;
+        gss_OID mech = NULL;
         char *gss_host;
 
         if (options.gss_server_identity)
                 gss_host = xstrdup(options.gss_server_identity);
         else if (options.gss_trust_dns)
-                gss_host = remote_hostname(active_state);
+                gss_host = remote_hostname(ssh);
         else
                 gss_host = xstrdup(authctxt->host);
 
         /* Try one GSSAPI method at a time, rather than sending them all at
          * once. */
 
-        if (gss_supported == NULL)
-                if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) {
-                        gss_supported = NULL;
+        if (authctxt->gss_supported_mechs == NULL)
+                if (GSS_ERROR(gss_indicate_mechs(&min,
+                    &authctxt->gss_supported_mechs))) {
+                        authctxt->gss_supported_mechs = NULL;
                         free(gss_host);
                         return 0;
                 }
 
-        /* Check to see if the mechanism is usable before we offer it */
-        while (mech < gss_supported->count && !ok) {
+        /* Check to see whether the mechanism is usable before we offer it */
+        while (authctxt->mech_tried < authctxt->gss_supported_mechs->count &&
+            !ok) {
+                mech = &authctxt->gss_supported_mechs->
+                    elements[authctxt->mech_tried];
                 /* My DER encoding requires length<128 */
-                if (gss_supported->elements[mech].length < 128 &&
-                    ssh_gssapi_check_mechanism(&gssctxt,
-                    &gss_supported->elements[mech], gss_host,
-                    options.gss_client_identity)) {
+                if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
+                    mech, gss_host, options.gss_client_identity)) {
                         ok = 1; /* Mechanism works */
                 } else {
-                        mech++;
+                        authctxt->mech_tried++;
                 }
         }
 
         free(gss_host);
 
-        if (!ok)
+        if (!ok || mech == NULL)
                 return 0;
 
         authctxt->methoddata=(void *)gssctxt;
@@ -796,14 +812,10 @@ userauth_gssapi(Authctxt *authctxt)
             (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
             (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
             (r = sshpkt_put_u32(ssh, 1)) != 0 ||
-            (r = sshpkt_put_u32(ssh,
-            (gss_supported->elements[mech].length) + 2)) != 0 ||
+            (r = sshpkt_put_u32(ssh, (mech->length) + 2)) != 0 ||
             (r = sshpkt_put_u8(ssh, SSH_GSS_OIDTYPE)) != 0 ||
-            (r = sshpkt_put_u8(ssh,
-            gss_supported->elements[mech].length)) != 0 ||
-            (r = sshpkt_put(ssh,
-            gss_supported->elements[mech].elements,
-            gss_supported->elements[mech].length)) != 0 ||
+            (r = sshpkt_put_u8(ssh, mech->length)) != 0 ||
+            (r = sshpkt_put(ssh, mech->elements, mech->length)) != 0 ||
             (r = sshpkt_send(ssh)) != 0)
                 fatal("%s: %s", __func__, ssh_err(r));
 
@@ -812,11 +824,24 @@ userauth_gssapi(Authctxt *authctxt)
         ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error);
         ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok);
 
-        mech++; /* Move along to next candidate */
+        authctxt->mech_tried++; /* Move along to next candidate */
 
         return 1;
 }
 
+static void
+userauth_gssapi_cleanup(struct ssh *ssh)
+{
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+        Gssctxt *gssctxt = (Gssctxt *)authctxt->methoddata;
+
+        ssh_gssapi_delete_ctx(&gssctxt);
+        authctxt->methoddata = NULL;
+
+        free(authctxt->gss_supported_mechs);
+        authctxt->gss_supported_mechs = NULL;
+}
+
 static OM_uint32
 process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok)
 {
@@ -884,7 +909,7 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok)
 }
 
 /* ARGSUSED */
-int
+static int
 input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -905,7 +930,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
             oidv[0] != SSH_GSS_OIDTYPE ||
             oidv[1] != oidlen - 2) {
                 debug("Badly encoded mechanism OID received");
-                userauth(authctxt, NULL);
+                userauth(ssh, NULL);
                 goto ok;
         }
 
@@ -918,7 +943,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
         if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) {
                 /* Start again with next method on list */
                 debug("Trying to start again");
-                userauth(authctxt, NULL);
+                userauth(ssh, NULL);
                 goto ok;
         }
  ok:
@@ -929,7 +954,7 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
 }
 
 /* ARGSUSED */
-int
+static int
 input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -952,7 +977,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
 
         /* Start again with the next method in the list */
         if (GSS_ERROR(status)) {
-                userauth(authctxt, NULL);
+                userauth(ssh, NULL);
                 /* ok */
         }
         r = 0;
@@ -962,7 +987,7 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
 }
 
 /* ARGSUSED */
-int
+static int
 input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -997,7 +1022,7 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
 }
 
 /* ARGSUSED */
-int
+static int
 input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
 {
         char *msg = NULL;
@@ -1018,10 +1043,10 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
 }
 
 int
-userauth_gsskeyex(Authctxt *authctxt)
+userauth_gsskeyex(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
-        struct sshbuf *b;
+        struct sshbuf *b = NULL;
+        Authctxt *authctxt = ssh->authctxt;
         gss_buffer_desc gssbuf;
         gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
         OM_uint32 ms;
@@ -1032,12 +1057,13 @@ userauth_gsskeyex(Authctxt *authctxt)
                 return (0);
 
         if (gss_kex_context == NULL) {
-                debug("No valid Key exchange context"); 
+                debug("No valid Key exchange context");
                 return (0);
         }
 
         if ((b = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
+
         ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
             "gssapi-keyex");
 
@@ -1066,10 +1092,10 @@ userauth_gsskeyex(Authctxt *authctxt)
 
 #endif /* GSSAPI */
 
-int
-userauth_none(Authctxt *authctxt)
+static int
+userauth_none(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         int r;
 
         /* initial userauth request */
@@ -1082,25 +1108,22 @@ userauth_none(Authctxt *authctxt)
         return 1;
 }
 
-int
-userauth_passwd(Authctxt *authctxt)
+static int
+userauth_passwd(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
-        static int attempt = 0;
-        char prompt[256];
-        char *password;
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+        char *password, *prompt = NULL;
         const char *host = options.host_key_alias ?  options.host_key_alias :
             authctxt->host;
         int r;
 
-        if (attempt++ >= options.number_of_password_prompts)
+        if (authctxt->attempt_passwd++ >= options.number_of_password_prompts)
                 return 0;
 
-        if (attempt != 1)
+        if (authctxt->attempt_passwd != 1)
                 error("Permission denied, please try again.");
 
-        snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
-            authctxt->server_user, host);
+        xasprintf(&prompt, "%s@%s's password: ", authctxt->server_user, host);
         password = read_passphrase(prompt, 0);
         if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
             (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
@@ -1112,7 +1135,8 @@ userauth_passwd(Authctxt *authctxt)
             (r = sshpkt_send(ssh)) != 0)
                 fatal("%s: %s", __func__, ssh_err(r));
 
-        if (password)
+        free(prompt);
+        if (password != NULL)
                 freezero(password, strlen(password));
 
         ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
@@ -1125,7 +1149,7 @@ userauth_passwd(Authctxt *authctxt)
  * parse PASSWD_CHANGEREQ, prompt user and send SSH2_MSG_USERAUTH_REQUEST
  */
 /* ARGSUSED */
-int
+static int
 input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -1309,8 +1333,9 @@ id_filename_matches(Identity *id, Identity *private_id)
 }
 
 static int
-sign_and_send_pubkey(struct ssh *ssh, Authctxt *authctxt, Identity *id)
+sign_and_send_pubkey(struct ssh *ssh, Identity *id)
 {
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         struct sshbuf *b = NULL;
         Identity *private_id, *sign_id = NULL;
         u_char *signature = NULL;
@@ -1468,8 +1493,9 @@ sign_and_send_pubkey(struct ssh *ssh, Authctxt *authctxt, Identity *id)
 }
 
 static int
-send_pubkey_test(struct ssh *ssh, Authctxt *authctxt, Identity *id)
+send_pubkey_test(struct ssh *ssh, Identity *id)
 {
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         u_char *blob = NULL;
         char *alg = NULL;
         size_t bloblen;
@@ -1745,12 +1771,15 @@ pubkey_prepare(Authctxt *authctxt)
 }
 
 static void
-pubkey_cleanup(Authctxt *authctxt)
+pubkey_cleanup(struct ssh *ssh)
 {
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         Identity *id;
 
-        if (authctxt->agent_fd != -1)
+        if (authctxt->agent_fd != -1) {
                 ssh_close_authentication_socket(authctxt->agent_fd);
+                authctxt->agent_fd = -1;
+        }
         for (id = TAILQ_FIRST(&authctxt->keys); id;
             id = TAILQ_FIRST(&authctxt->keys)) {
                 TAILQ_REMOVE(&authctxt->keys, id, next);
@@ -1783,10 +1812,10 @@ try_identity(Identity *id)
         return 1;
 }
 
-int
-userauth_pubkey(Authctxt *authctxt)
+static int
+userauth_pubkey(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         Identity *id;
         int sent = 0;
         char *ident;
@@ -1807,7 +1836,7 @@ userauth_pubkey(Authctxt *authctxt)
                                 ident = format_identity(id);
                                 debug("Offering public key: %s", ident);
                                 free(ident);
-                                sent = send_pubkey_test(ssh, authctxt, id);
+                                sent = send_pubkey_test(ssh, id);
                         }
                 } else {
                         debug("Trying private key: %s", id->filename);
@@ -1815,8 +1844,7 @@ userauth_pubkey(Authctxt *authctxt)
                         if (id->key != NULL) {
                                 if (try_identity(id)) {
                                         id->isprivate = 1;
-                                        sent = sign_and_send_pubkey(ssh,
-                                            authctxt, id);
+                                        sent = sign_and_send_pubkey(ssh, id);
                                 }
                                 sshkey_free(id->key);
                                 id->key = NULL;
@@ -1832,17 +1860,16 @@ userauth_pubkey(Authctxt *authctxt)
 /*
  * Send userauth request message specifying keyboard-interactive method.
  */
-int
-userauth_kbdint(Authctxt *authctxt)
+static int
+userauth_kbdint(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
-        static int attempt = 0;
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         int r;
 
-        if (attempt++ >= options.number_of_password_prompts)
+        if (authctxt->attempt_kbdint++ >= options.number_of_password_prompts)
                 return 0;
         /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */
-        if (attempt > 1 && !authctxt->info_req_seen) {
+        if (authctxt->attempt_kbdint > 1 && !authctxt->info_req_seen) {
                 debug3("userauth_kbdint: disable: no info_req_seen");
                 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST, NULL);
                 return 0;
@@ -1866,7 +1893,7 @@ userauth_kbdint(Authctxt *authctxt)
 /*
  * parse INFO_REQUEST, prompt user and send INFO_RESPONSE
  */
-int
+static int
 input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
 {
         Authctxt *authctxt = ssh->authctxt;
@@ -1932,13 +1959,14 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
 }
 
 static int
-ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
+ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
     const u_char *data, size_t datalen)
 {
         struct sshbuf *b;
         struct stat st;
         pid_t pid;
-        int i, r, to[2], from[2], status, sock = packet_get_connection_in();
+        int i, r, to[2], from[2], status;
+        int sock = ssh_packet_get_connection_in(ssh);
         u_char rversion = 0, version = 2;
         void (*osigchld)(int);
 
@@ -2045,10 +2073,10 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
         return 0;
 }
 
-int
-userauth_hostbased(Authctxt *authctxt)
+static int
+userauth_hostbased(struct ssh *ssh)
 {
-        struct ssh *ssh = active_state; /* XXX */
+        Authctxt *authctxt = (Authctxt *)ssh->authctxt;
         struct sshkey *private = NULL;
         struct sshbuf *b = NULL;
         u_char *sig = NULL, *keyblob = NULL;
@@ -2112,7 +2140,8 @@ userauth_hostbased(Authctxt *authctxt)
             __func__, sshkey_ssh_name(private), fp);
 
         /* figure out a name for the client host */
-        if ((lname = get_local_name(packet_get_connection_in())) == NULL) {
+        lname = get_local_name(ssh_packet_get_connection_in(ssh));
+        if (lname == NULL) {
                 error("%s: cannot get local ipaddr/name", __func__);
                 goto out;
         }
@@ -2146,9 +2175,8 @@ userauth_hostbased(Authctxt *authctxt)
 #ifdef DEBUG_PK
         sshbuf_dump(b, stderr);
 #endif
-        r = ssh_keysign(private, &sig, &siglen,
-            sshbuf_ptr(b), sshbuf_len(b));
-        if (r != 0) {
+        if ((r = ssh_keysign(ssh, private, &sig, &siglen,
+            sshbuf_ptr(b), sshbuf_len(b))) != 0) {
                 error("sign using hostkey %s %s failed",
                     sshkey_ssh_name(private), fp);
                 goto out;
diff --git a/sshd.0 b/sshd.0
index ac7e70707..da8539aef 100644
--- a/sshd.0
+++ b/sshd.0
@@ -650,4 +650,4 @@ AUTHORS
      versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
      for privilege separation.
 
-OpenBSD 6.4                      July 22, 2018                     OpenBSD 6.4
+OpenBSD 6.5                      July 22, 2018                     OpenBSD 6.5
diff --git a/sshd.c b/sshd.c
index a1c3970b3..48162b629 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.516 2018/09/21 12:23:17 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.533 2019/03/01 02:32:39 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -166,45 +166,38 @@ int debug_flag = 0;
  * configuration, optionally using connection information provided by the
  * "-C" flag.
  */
-int test_flag = 0;
+static int test_flag = 0;
 
 /* Flag indicating that the daemon is being started from inetd. */
-int inetd_flag = 0;
+static int inetd_flag = 0;
 
 /* Flag indicating that sshd should not detach and become a daemon. */
-int no_daemon_flag = 0;
+static int no_daemon_flag = 0;
 
 /* debug goes to stderr unless inetd_flag is set */
-int log_stderr = 0;
+static int log_stderr = 0;
 
 /* Saved arguments to main(). */
-char **saved_argv;
-int saved_argc;
+static char **saved_argv;
+static int saved_argc;
 
 /* re-exec */
-int rexeced_flag = 0;
-int rexec_flag = 1;
-int rexec_argc = 0;
-char **rexec_argv;
+static int rexeced_flag = 0;
+static int rexec_flag = 1;
+static int rexec_argc = 0;
+static char **rexec_argv;
 
 /*
  * The sockets that the server is listening; this is used in the SIGHUP
  * signal handler.
  */
 #define MAX_LISTEN_SOCKS        16
-int listen_socks[MAX_LISTEN_SOCKS];
-int num_listen_socks = 0;
-
-/*
- * the client's version string, passed by sshd2 in compat mode. if != NULL,
- * sshd will skip the version-number exchange
- */
-char *client_version_string = NULL;
-char *server_version_string = NULL;
+static int listen_socks[MAX_LISTEN_SOCKS];
+static int num_listen_socks = 0;
 
 /* Daemon's agent connection */
 int auth_sock = -1;
-int have_agent = 0;
+static int have_agent = 0;
 
 /*
  * Any really sensitive data in the application is contained in this
@@ -235,9 +228,26 @@ u_int session_id2_len = 0;
 /* record remote hostname or ip */
 u_int utmp_len = HOST_NAME_MAX+1;
 
-/* options.max_startup sized array of fd ints */
-int *startup_pipes = NULL;
-int startup_pipe;               /* in child */
+/*
+ * startup_pipes/flags are used for tracking children of the listening sshd
+ * process early in their lifespans. This tracking is needed for three things:
+ *
+ * 1) Implementing the MaxStartups limit of concurrent unauthenticated
+ *    connections.
+ * 2) Avoiding a race condition for SIGHUP processing, where child processes
+ *    may have listen_socks open that could collide with main listener process
+ *    after it restarts.
+ * 3) Ensuring that rexec'd sshd processes have received their initial state
+ *    from the parent listen process before handling SIGHUP.
+ *
+ * Child processes signal that they have completed closure of the listen_socks
+ * and (if applicable) received their rexec state by sending a char over their
+ * sock. Child processes signal that authentication has completed by closing
+ * the sock (or by exiting).
+ */
+static int *startup_pipes = NULL;
+static int *startup_flags = NULL;       /* Indicates child closed listener */
+static int startup_pipe = -1;           /* in child */
 
 /* variables used for privilege separation */
 int use_privsep = -1;
@@ -245,8 +255,9 @@ struct monitor *pmonitor = NULL;
 int privsep_is_preauth = 1;
 static int privsep_chroot = 1;
 
-/* global authentication context */
+/* global connection state and authentication contexts */
 Authctxt *the_authctxt = NULL;
+struct ssh *the_active_state;
 
 /* global key/cert auth options. XXX move to permanent ssh->authctxt? */
 struct sshauthopt *auth_opts = NULL;
@@ -263,7 +274,7 @@ struct passwd *privsep_pw = NULL;
 /* Prototypes for various functions defined later in this file. */
 void destroy_sensitive_data(void);
 void demote_sensitive_data(void);
-static void do_ssh2_kex(void);
+static void do_ssh2_kex(struct ssh *);
 
 /*
  * Close all listening sockets
@@ -373,112 +384,11 @@ grace_alarm_handler(int sig)
                 kill(0, SIGTERM);
         }
 
+        /* XXX pre-format ipaddr/port so we don't need to access active_state */
         /* Log error and exit. */
         sigdie("Timeout before authentication for %s port %d",
-            ssh_remote_ipaddr(active_state), ssh_remote_port(active_state));
-}
-
-static void
-sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
-{
-        u_int i;
-        int remote_major, remote_minor;
-        char *s;
-        char buf[256];                  /* Must not be larger than remote_version. */
-        char remote_version[256];       /* Must be at least as big as buf. */
-
-        xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n",
-            PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
-            options.debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM,
-            *options.version_addendum == '\0' ? "" : " ",
-            options.version_addendum);
-
-        /* Send our protocol version identification. */
-        if (atomicio(vwrite, sock_out, server_version_string,
-            strlen(server_version_string))
-            != strlen(server_version_string)) {
-                logit("Could not write ident string to %s port %d",
-                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
-                cleanup_exit(255);
-        }
-
-        /* Read other sides version identification. */
-        memset(buf, 0, sizeof(buf));
-        for (i = 0; i < sizeof(buf) - 1; i++) {
-                if (atomicio(read, sock_in, &buf[i], 1) != 1) {
-                        logit("Did not receive identification string "
-                            "from %s port %d",
-                            ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
-                        cleanup_exit(255);
-                }
-                if (buf[i] == '\r') {
-                        buf[i] = 0;
-                        /* Kludge for F-Secure Macintosh < 1.0.2 */
-                        if (i == 12 &&
-                            strncmp(buf, "SSH-1.5-W1.0", 12) == 0)
-                                break;
-                        continue;
-                }
-                if (buf[i] == '\n') {
-                        buf[i] = 0;
-                        break;
-                }
-        }
-        buf[sizeof(buf) - 1] = 0;
-        client_version_string = xstrdup(buf);
-
-        /*
-         * Check that the versions match.  In future this might accept
-         * several versions and set appropriate flags to handle them.
-         */
-        if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
-            &remote_major, &remote_minor, remote_version) != 3) {
-                s = "Protocol mismatch.\n";
-                (void) atomicio(vwrite, sock_out, s, strlen(s));
-                logit("Bad protocol version identification '%.100s' "
-                    "from %s port %d", client_version_string,
-                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
-                close(sock_in);
-                close(sock_out);
-                cleanup_exit(255);
-        }
-        debug("Client protocol version %d.%d; client software version %.100s",
-            remote_major, remote_minor, remote_version);
-
-        ssh->compat = compat_datafellows(remote_version);
-
-        if ((ssh->compat & SSH_BUG_PROBE) != 0) {
-                logit("probed from %s port %d with %s.  Don't panic.",
-                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
-                    client_version_string);
-                cleanup_exit(255);
-        }
-        if ((ssh->compat & SSH_BUG_SCANNER) != 0) {
-                logit("scanned from %s port %d with %s.  Don't panic.",
-                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
-                    client_version_string);
-                cleanup_exit(255);
-        }
-        if ((ssh->compat & SSH_BUG_RSASIGMD5) != 0) {
-                logit("Client version \"%.100s\" uses unsafe RSA signature "
-                    "scheme; disabling use of RSA keys", remote_version);
-        }
-
-        chop(server_version_string);
-        debug("Local version string %.200s", server_version_string);
-
-        if (remote_major != 2 &&
-            !(remote_major == 1 && remote_minor == 99)) {
-                s = "Protocol major versions differ.\n";
-                (void) atomicio(vwrite, sock_out, s, strlen(s));
-                close(sock_in);
-                close(sock_out);
-                logit("Protocol major versions differ for %s port %d: "
-                    "%.200s vs. %.200s",
-                    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
-                    server_version_string, client_version_string);
-                cleanup_exit(255);
-        }
+            ssh_remote_ipaddr(the_active_state),
+            ssh_remote_port(the_active_state));
 }
 
 /* Destroy the host and server keys.  They will no longer be needed. */
@@ -580,7 +490,7 @@ privsep_preauth_child(void)
 }
 
 static int
-privsep_preauth(Authctxt *authctxt)
+privsep_preauth(struct ssh *ssh)
 {
         int status, r;
         pid_t pid;
@@ -589,7 +499,7 @@ privsep_preauth(Authctxt *authctxt)
         /* Set up unprivileged child process to deal with network data */
         pmonitor = monitor_init();
         /* Store a pointer to the kex for later rekeying */
-        pmonitor->m_pkex = &active_state->kex;
+        pmonitor->m_pkex = &ssh->kex;
 
         if (use_privsep == PRIVSEP_ON)
                 box = ssh_sandbox_init(pmonitor);
@@ -610,7 +520,7 @@ privsep_preauth(Authctxt *authctxt)
                 }
                 if (box != NULL)
                         ssh_sandbox_parent_preauth(box, pid);
-                monitor_child_preauth(authctxt, pmonitor);
+                monitor_child_preauth(ssh, pmonitor);
 
                 /* Wait for the child's exit status */
                 while (waitpid(pid, &status, 0) < 0) {
@@ -649,7 +559,7 @@ privsep_preauth(Authctxt *authctxt)
 }
 
 static void
-privsep_postauth(Authctxt *authctxt)
+privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
 {
 #ifdef DISABLE_FD_PASSING
         if (1) {
@@ -670,8 +580,8 @@ privsep_postauth(Authctxt *authctxt)
         else if (pmonitor->m_pid != 0) {
                 verbose("User child is on pid %ld", (long)pmonitor->m_pid);
                 sshbuf_reset(loginmsg);
-                monitor_clear_keystate(pmonitor);
-                monitor_child_postauth(pmonitor);
+                monitor_clear_keystate(ssh, pmonitor);
+                monitor_child_postauth(ssh, pmonitor);
 
                 /* NEVERREACHED */
                 exit(0);
@@ -692,13 +602,13 @@ privsep_postauth(Authctxt *authctxt)
 
  skip:
         /* It is safe now to apply the key state */
-        monitor_apply_keystate(pmonitor);
+        monitor_apply_keystate(ssh, pmonitor);
 
         /*
          * Tell the packet layer that authentication was successful, since
          * this information is not part of the key state.
          */
-        packet_set_authenticated();
+        ssh_packet_set_authenticated(ssh);
 }
 
 static void
@@ -865,7 +775,7 @@ notify_hostkeys(struct ssh *ssh)
         char *fp;
 
         /* Some clients cannot cope with the hostkeys message, skip those. */
-        if (datafellows & SSH_BUG_HOSTKEYS)
+        if (ssh->compat & SSH_BUG_HOSTKEYS)
                 return;
 
         if ((buf = sshbuf_new()) == NULL)
@@ -881,21 +791,29 @@ notify_hostkeys(struct ssh *ssh)
                     sshkey_ssh_name(key), fp);
                 free(fp);
                 if (nkeys == 0) {
-                        packet_start(SSH2_MSG_GLOBAL_REQUEST);
-                        packet_put_cstring("hostkeys-00@openssh.com");
-                        packet_put_char(0); /* want-reply */
+                        /*
+                         * Start building the request when we find the
+                         * first usable key.
+                         */
+                        if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
+                            (r = sshpkt_put_cstring(ssh, "hostkeys-00@openssh.com")) != 0 ||
+                            (r = sshpkt_put_u8(ssh, 0)) != 0) /* want reply */
+                                sshpkt_fatal(ssh, r, "%s: start request", __func__);
                 }
+                /* Append the key to the request */
                 sshbuf_reset(buf);
                 if ((r = sshkey_putb(key, buf)) != 0)
                         fatal("%s: couldn't put hostkey %d: %s",
                             __func__, i, ssh_err(r));
-                packet_put_string(sshbuf_ptr(buf), sshbuf_len(buf));
+                if ((r = sshpkt_put_stringb(ssh, buf)) != 0)
+                        sshpkt_fatal(ssh, r, "%s: append key", __func__);
                 nkeys++;
         }
         debug3("%s: sent %u hostkeys", __func__, nkeys);
         if (nkeys == 0)
-                fatal("%s: no hostkeys", __func__);
-        packet_send();
+                debug3("%s: no hostkeys", __func__);
+        else if ((r = sshpkt_send(ssh)) != 0)
+                sshpkt_fatal(ssh, r, "%s: send", __func__);
         sshbuf_free(buf);
 }
 
@@ -933,7 +851,7 @@ usage(void)
         fprintf(stderr, "%s, %s\n",
             SSH_RELEASE,
 #ifdef WITH_OPENSSL
-            SSLeay_version(SSLEAY_VERSION)
+            OpenSSL_version(OPENSSL_VERSION)
 #else
             "without OpenSSL"
 #endif
@@ -1015,14 +933,9 @@ server_accept_inetd(int *sock_in, int *sock_out)
 {
         int fd;
 
-        startup_pipe = -1;
         if (rexeced_flag) {
                 close(REEXEC_CONFIG_PASS_FD);
                 *sock_in = *sock_out = dup(STDIN_FILENO);
-                if (!debug_flag) {
-                        startup_pipe = dup(REEXEC_STARTUP_PIPE_FD);
-                        close(REEXEC_STARTUP_PIPE_FD);
-                }
         } else {
                 *sock_in = dup(STDIN_FILENO);
                 *sock_out = dup(STDOUT_FILENO);
@@ -1147,8 +1060,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 {
         fd_set *fdset;
         int i, j, ret, maxfd;
-        int startups = 0;
+        int startups = 0, listening = 0, lameduck = 0;
         int startup_p[2] = { -1 , -1 };
+        char c = 0;
         struct sockaddr_storage from;
         socklen_t fromlen;
         pid_t pid;
@@ -1162,6 +1076,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                         maxfd = listen_socks[i];
         /* pipes connected to unauthenticated childs */
         startup_pipes = xcalloc(options.max_startups, sizeof(int));
+        startup_flags = xcalloc(options.max_startups, sizeof(int));
         for (i = 0; i < options.max_startups; i++)
                 startup_pipes[i] = -1;
 
@@ -1170,8 +1085,15 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
          * the daemon is killed with a signal.
          */
         for (;;) {
-                if (received_sighup)
-                        sighup_restart();
+                if (received_sighup) {
+                        if (!lameduck) {
+                                debug("Received SIGHUP; waiting for children");
+                                close_listen_socks();
+                                lameduck = 1;
+                        }
+                        if (listening <= 0)
+                                sighup_restart();
+                }
                 free(fdset);
                 fdset = xcalloc(howmany(maxfd + 1, NFDBITS),
                     sizeof(fd_mask));
@@ -1197,19 +1119,37 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                 if (ret < 0)
                         continue;
 
-                for (i = 0; i < options.max_startups; i++)
-                        if (startup_pipes[i] != -1 &&
-                            FD_ISSET(startup_pipes[i], fdset)) {
-                                /*
-                                 * the read end of the pipe is ready
-                                 * if the child has closed the pipe
-                                 * after successful authentication
-                                 * or if the child has died
-                                 */
+                for (i = 0; i < options.max_startups; i++) {
+                        if (startup_pipes[i] == -1 ||
+                            !FD_ISSET(startup_pipes[i], fdset))
+                                continue;
+                        switch (read(startup_pipes[i], &c, sizeof(c))) {
+                        case -1:
+                                if (errno == EINTR || errno == EAGAIN)
+                                        continue;
+                                if (errno != EPIPE) {
+                                        error("%s: startup pipe %d (fd=%d): "
+                                            "read %s", __func__, i,
+                                            startup_pipes[i], strerror(errno));
+                                }
+                                /* FALLTHROUGH */
+                        case 0:
+                                /* child exited or completed auth */
                                 close(startup_pipes[i]);
                                 startup_pipes[i] = -1;
                                 startups--;
+                                if (startup_flags[i])
+                                        listening--;
+                                break;
+                        case 1:
+                                /* child has finished preliminaries */
+                                if (startup_flags[i]) {
+                                        listening--;
+                                        startup_flags[i] = 0;
+                                }
+                                break;
                         }
+                }
                 for (i = 0; i < num_listen_socks; i++) {
                         if (!FD_ISSET(listen_socks[i], fdset))
                                 continue;
@@ -1263,6 +1203,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                                         if (maxfd < startup_p[0])
                                                 maxfd = startup_p[0];
                                         startups++;
+                                        startup_flags[j] = 1;
                                         break;
                                 }
 
@@ -1288,7 +1229,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                                         send_rexec_state(config_s[0], cfg);
                                         close(config_s[0]);
                                 }
-                                break;
+                                return;
                         }
 
                         /*
@@ -1297,13 +1238,14 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                          * parent continues listening.
                          */
                         platform_pre_fork();
+                        listening++;
                         if ((pid = fork()) == 0) {
                                 /*
                                  * Child.  Close the listening and
                                  * max_startup sockets.  Start using
                                  * the accepted socket. Reinitialize
                                  * logging (since our pid has changed).
-                                 * We break out of the loop to handle
+                                 * We return from this function to handle
                                  * the connection.
                                  */
                                 platform_post_fork_child();
@@ -1318,7 +1260,18 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                                     log_stderr);
                                 if (rexec_flag)
                                         close(config_s[0]);
-                                break;
+                                else {
+                                        /*
+                                         * Signal parent that the preliminaries
+                                         * for this child are complete. For the
+                                         * re-exec case, this happens after the
+                                         * child has received the rexec state
+                                         * from the server.
+                                         */
+                                        (void)atomicio(vwrite, startup_pipe,
+                                            "\0", 1);
+                                }
+                                return;
                         }
 
                         /* Parent.  Stay in the loop. */
@@ -1350,10 +1303,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 #endif
                         explicit_bzero(rnd, sizeof(rnd));
                 }
-
-                /* child process check (or debug mode) */
-                if (num_listen_socks < 0)
-                        break;
         }
 }
 
@@ -1526,6 +1475,8 @@ main(int ac, char **av)
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
 
+        seed_rng();
+
         /* Initialize configuration options to their default values. */
         initialize_server_options(&options);
 
@@ -1604,7 +1555,7 @@ main(int ac, char **av)
                         break;
                 case 'h':
                         servconf_add_hostkey("[command-line]", 0,
-                            &options, optarg);
+                            &options, optarg, 1);
                         break;
                 case 't':
                         test_flag = 1;
@@ -1613,7 +1564,7 @@ main(int ac, char **av)
                         test_flag = 2;
                         break;
                 case 'C':
-                        connection_info = get_connection_info(0, 0);
+                        connection_info = get_connection_info(ssh, 0, 0);
                         if (parse_server_match_testspec(connection_info,
                             optarg) == -1)
                                 exit(1);
@@ -1640,17 +1591,13 @@ main(int ac, char **av)
         }
         if (rexeced_flag || inetd_flag)
                 rexec_flag = 0;
-        if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
+        if (!test_flag && rexec_flag && !path_absolute(av[0]))
                 fatal("sshd re-exec requires execution with an absolute path");
         if (rexeced_flag)
                 closefrom(REEXEC_MIN_FREE_FD);
         else
                 closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
 
-#ifdef WITH_OPENSSL
-        OpenSSL_add_all_algorithms();
-#endif
-
         /* If requested, redirect the logs to the specified logfile. */
         if (logfile != NULL)
                 log_redirect_stderr_to(logfile);
@@ -1685,16 +1632,24 @@ main(int ac, char **av)
         /* Fetch our configuration */
         if ((cfg = sshbuf_new()) == NULL)
                 fatal("%s: sshbuf_new failed", __func__);
-        if (rexeced_flag)
+        if (rexeced_flag) {
                 recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg);
+                if (!debug_flag) {
+                        startup_pipe = dup(REEXEC_STARTUP_PIPE_FD);
+                        close(REEXEC_STARTUP_PIPE_FD);
+                        /*
+                         * Signal parent that this child is at a point where
+                         * they can go away if they have a SIGHUP pending.
+                         */
+                        (void)atomicio(vwrite, startup_pipe, "\0", 1);
+                }
+        }
         else if (strcasecmp(config_file_name, "none") != 0)
                 load_server_config(config_file_name, cfg);
 
         parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
             cfg, NULL);
 
-        seed_rng();
-
         /* Fill in default values for those options not explicitly set. */
         fill_default_server_options(&options);
 
@@ -1739,7 +1694,7 @@ main(int ac, char **av)
 
         debug("sshd version %s, %s", SSH_VERSION,
 #ifdef WITH_OPENSSL
-            SSLeay_version(SSLEAY_VERSION)
+            OpenSSL_version(OPENSSL_VERSION)
 #else
             "without OpenSSL"
 #endif
@@ -1776,15 +1731,18 @@ main(int ac, char **av)
         }
 
         for (i = 0; i < options.num_host_key_files; i++) {
+                int ll = options.host_key_file_userprovided[i] ?
+                    SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_DEBUG1;
+
                 if (options.host_key_files[i] == NULL)
                         continue;
                 if ((r = sshkey_load_private(options.host_key_files[i], "",
                     &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
-                        error("Error loading host key \"%s\": %s",
+                        do_log2(ll, "Unable to load host key \"%s\": %s",
                             options.host_key_files[i], ssh_err(r));
                 if ((r = sshkey_load_public(options.host_key_files[i],
                     &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
-                        error("Error loading host key \"%s\": %s",
+                        do_log2(ll, "Unable to load host key \"%s\": %s",
                             options.host_key_files[i], ssh_err(r));
                 if (pubkey == NULL && key != NULL)
                         if ((r = sshkey_from_private(key, &pubkey)) != 0)
@@ -1801,7 +1759,7 @@ main(int ac, char **av)
                         keytype = key->type;
                         accumulate_host_timing_secret(cfg, key);
                 } else {
-                        error("Could not load host key: %s",
+                        do_log2(ll, "Unable to load host key: %s",
                             options.host_key_files[i]);
                         sensitive_data.host_keys[i] = NULL;
                         sensitive_data.host_pubkeys[i] = NULL;
@@ -1826,13 +1784,11 @@ main(int ac, char **av)
                 free(fp);
         }
         accumulate_host_timing_secret(cfg, NULL);
-#ifndef GSSAPI
         /* The GSSAPI key exchange can run without a host key */
-        if (!sensitive_data.have_ssh2_key) {
+        if (!sensitive_data.have_ssh2_key && !options.gss_keyex) {
                 logit("sshd: no hostkeys available -- exiting.");
                 exit(1);
         }
-#endif
 
         /*
          * Load certificates. They are stored in an array at identical
@@ -1902,7 +1858,7 @@ main(int ac, char **av)
                  * use a blank one that will cause no predicate to match.
                  */
                 if (connection_info == NULL)
-                        connection_info = get_connection_info(0, 0);
+                        connection_info = get_connection_info(ssh, 0, 0);
                 parse_server_match_config(&options, connection_info);
                 dump_config(&options);
         }
@@ -2082,9 +2038,10 @@ main(int ac, char **av)
          * Register our connection.  This turns encryption off because we do
          * not have a key.
          */
-        packet_set_connection(sock_in, sock_out);
-        packet_set_server();
-        ssh = active_state; /* XXX */
+        if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL)
+                fatal("Unable to create connection");
+        the_active_state = ssh;
+        ssh_packet_set_server(ssh);
 
         check_ip_options(ssh);
 
@@ -2094,7 +2051,7 @@ main(int ac, char **av)
         process_permitopen(ssh, &options);
 
         /* Set SO_KEEPALIVE if requested. */
-        if (options.tcp_keep_alive && packet_connection_is_on_socket() &&
+        if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) &&
             setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0)
                 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
 
@@ -2120,7 +2077,7 @@ main(int ac, char **av)
         allow_severity = options.log_facility|LOG_INFO;
         deny_severity = options.log_facility|LOG_WARNING;
         /* Check whether logins are denied from this host. */
-        if (packet_connection_is_on_socket()) {
+        if (ssh_packet_connection_is_on_socket(ssh)) {
                 struct request_info req;
 
                 request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0);
@@ -2212,11 +2169,15 @@ main(int ac, char **av)
         if (!debug_flag)
                 alarm(options.login_grace_time);
 
-        sshd_exchange_identification(ssh, sock_in, sock_out);
-        packet_set_nonblocking();
+        if (kex_exchange_identification(ssh, -1, options.debian_banner,
+            options.version_addendum) != 0)
+                cleanup_exit(255); /* error already logged */
+
+        ssh_packet_set_nonblocking(ssh);
 
         /* allocate authentication context */
         authctxt = xcalloc(1, sizeof(*authctxt));
+        ssh->authctxt = authctxt;
 
         authctxt->loginmsg = loginmsg;
 
@@ -2233,7 +2194,7 @@ main(int ac, char **av)
         auth_debug_reset();
 
         if (use_privsep) {
-                if (privsep_preauth(authctxt) == 1)
+                if (privsep_preauth(ssh) == 1)
                         goto authenticated;
         } else if (have_agent) {
                 if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) {
@@ -2244,16 +2205,16 @@ main(int ac, char **av)
 
         /* perform the key exchange */
         /* authenticate user and start session */
-        do_ssh2_kex();
-        do_authentication2(authctxt);
+        do_ssh2_kex(ssh);
+        do_authentication2(ssh);
 
         /*
          * If we use privilege separation, the unprivileged child transfers
          * the current keystate and exits
          */
         if (use_privsep) {
-                mm_send_keystate(pmonitor);
-                packet_clear_keys();
+                mm_send_keystate(ssh, pmonitor);
+                ssh_packet_clear_keys(ssh);
                 exit(0);
         }
 
@@ -2271,7 +2232,7 @@ main(int ac, char **av)
         }
 
 #ifdef SSH_AUDIT_EVENTS
-        audit_event(SSH_AUTH_SUCCESS);
+        audit_event(ssh, SSH_AUTH_SUCCESS);
 #endif
 
 #ifdef GSSAPI
@@ -2293,11 +2254,11 @@ main(int ac, char **av)
          * file descriptor passing.
          */
         if (use_privsep) {
-                privsep_postauth(authctxt);
+                privsep_postauth(ssh, authctxt);
                 /* the monitor process [priv] will not return */
         }
 
-        packet_set_timeout(options.client_alive_interval,
+        ssh_packet_set_timeout(ssh, options.client_alive_interval,
             options.client_alive_count_max);
 
         /* Try to send all our hostkeys to the client */
@@ -2307,7 +2268,7 @@ main(int ac, char **av)
         do_authenticated(ssh, authctxt);
 
         /* The connection has been terminated. */
-        packet_get_bytes(&ibytes, &obytes);
+        ssh_packet_get_bytes(ssh, &ibytes, &obytes);
         verbose("Transferred: sent %llu, received %llu bytes",
             (unsigned long long)obytes, (unsigned long long)ibytes);
 
@@ -2319,10 +2280,10 @@ main(int ac, char **av)
 #endif /* USE_PAM */
 
 #ifdef SSH_AUDIT_EVENTS
-        PRIVSEP(audit_event(SSH_CONNECTION_CLOSE));
+        PRIVSEP(audit_event(ssh, SSH_CONNECTION_CLOSE));
 #endif
 
-        packet_close();
+        ssh_packet_close(ssh);
 
         if (use_privsep)
                 mm_terminate();
@@ -2331,32 +2292,42 @@ main(int ac, char **av)
 }
 
 int
-sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey,
-    u_char **signature, size_t *slenp, const u_char *data, size_t dlen,
-    const char *alg, u_int flag)
+sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey,
+    struct sshkey *pubkey, u_char **signature, size_t *slenp,
+    const u_char *data, size_t dlen, const char *alg)
 {
         int r;
 
-        if (privkey) {
-                if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen,
-                    alg, datafellows)) < 0)
-                        fatal("%s: key_sign failed", __func__);
-        } else if (use_privsep) {
-                if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen,
-                    alg, datafellows) < 0)
-                        fatal("%s: pubkey_sign failed", __func__);
+        if (use_privsep) {
+                if (privkey) {
+                        if (mm_sshkey_sign(ssh, privkey, signature, slenp,
+                            data, dlen, alg, ssh->compat) < 0)
+                                fatal("%s: privkey sign failed", __func__);
+                } else {
+                        if (mm_sshkey_sign(ssh, pubkey, signature, slenp,
+                            data, dlen, alg, ssh->compat) < 0)
+                                fatal("%s: pubkey sign failed", __func__);
+                }
         } else {
-                if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp,
-                    data, dlen, alg, datafellows)) != 0)
-                        fatal("%s: ssh_agent_sign failed: %s",
-                            __func__, ssh_err(r));
+                if (privkey) {
+                        if (sshkey_sign(privkey, signature, slenp, data, dlen,
+                            alg, ssh->compat) < 0)
+                                fatal("%s: privkey sign failed", __func__);
+                } else {
+                        if ((r = ssh_agent_sign(auth_sock, pubkey,
+                            signature, slenp, data, dlen, alg,
+                            ssh->compat)) != 0) {
+                                fatal("%s: agent sign failed: %s",
+                                    __func__, ssh_err(r));
+                        }
+                }
         }
         return 0;
 }
 
 /* SSH2 key exchange */
 static void
-do_ssh2_kex(void)
+do_ssh2_kex(struct ssh *ssh)
 {
         char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
         struct kex *kex;
@@ -2377,20 +2348,20 @@ do_ssh2_kex(void)
         }
 
         if (options.rekey_limit || options.rekey_interval)
-                packet_set_rekey_limits(options.rekey_limit,
+                ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
                     options.rekey_interval);
 
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
             list_hostkey_types());
 
-#ifdef GSSAPI
+#if defined(GSSAPI) && defined(WITH_OPENSSL)
         {
         char *orig;
         char *gss = NULL;
         char *newstr = NULL;
         orig = myproposal[PROPOSAL_KEX_ALGS];
 
-        /* 
+        /*
          * If we don't have a host key, then there's no point advertising
          * the other key exchange algorithms
          */
@@ -2410,10 +2381,10 @@ do_ssh2_kex(void)
         else if (orig)
                 newstr = orig;
 
-        /* 
+        /*
          * If we've got GSSAPI mechanisms, then we've got the 'null' host
          * key alg, but we can't tell people about it unless its the only
-         * host key algorithm we support
+         * host key algorithm we support
          */
         if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0)
                 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null";
@@ -2426,38 +2397,40 @@ do_ssh2_kex(void)
 #endif
 
         /* start key exchange */
-        if ((r = kex_setup(active_state, myproposal)) != 0)
+        if ((r = kex_setup(ssh, myproposal)) != 0)
                 fatal("kex_setup: %s", ssh_err(r));
-        kex = active_state->kex;
+        kex = ssh->kex;
 #ifdef WITH_OPENSSL
-        kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-        kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
-        kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server;
-        kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server;
-        kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server;
+        kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
+        kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
+        kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
+        kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
+        kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 # ifdef OPENSSL_HAS_ECC
-        kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+        kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
-#endif
-        kex->kex[KEX_C25519_SHA256] = kexc25519_server;
-#ifdef GSSAPI
+# ifdef GSSAPI
         if (options.gss_keyex) {
                 kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
                 kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
-                kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
+                kex->kex[KEX_GSS_GRP14_SHA256] = kexgss_server;
+                kex->kex[KEX_GSS_GRP16_SHA512] = kexgss_server;
+                kex->kex[KEX_GSS_GEX_SHA1] = kexgssgex_server;
+                kex->kex[KEX_GSS_NISTP256_SHA256] = kexgss_server;
+                kex->kex[KEX_GSS_C25519_SHA256] = kexgss_server;
         }
-#endif
-        kex->server = 1;
-        kex->client_version_string=client_version_string;
-        kex->server_version_string=server_version_string;
+# endif
+#endif /* WITH_OPENSSL */
+        kex->kex[KEX_C25519_SHA256] = kex_gen_server;
+        kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
         kex->load_host_public_key=&get_hostkey_public_by_type;
         kex->load_host_private_key=&get_hostkey_private_by_type;
         kex->host_key_index=&get_hostkey_index;
         kex->sign = sshd_hostkey_sign;
 
-        ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done);
+        ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &kex->done);
 
         session_id2 = kex->session_id;
         session_id2_len = kex->session_id_len;
@@ -2476,10 +2449,8 @@ do_ssh2_kex(void)
 void
 cleanup_exit(int i)
 {
-        struct ssh *ssh = active_state; /* XXX */
-
-        if (the_authctxt) {
-                do_cleanup(ssh, the_authctxt);
+        if (the_active_state != NULL && the_authctxt != NULL) {
+                do_cleanup(the_active_state, the_authctxt);
                 if (use_privsep && privsep_is_preauth &&
                     pmonitor != NULL && pmonitor->m_pid > 1) {
                         debug("Killing privsep child %d", pmonitor->m_pid);
@@ -2491,8 +2462,8 @@ cleanup_exit(int i)
         }
 #ifdef SSH_AUDIT_EVENTS
         /* done after do_cleanup so it can cancel the PAM auth 'thread' */
-        if (!use_privsep || mm_is_monitor())
-                audit_event(SSH_CONNECTION_ABANDON);
+        if (the_active_state != NULL && (!use_privsep || mm_is_monitor()))
+                audit_event(the_active_state, SSH_CONNECTION_ABANDON);
 #endif
         _exit(i);
 }
diff --git a/sshd_config.0 b/sshd_config.0
index af54da6b2..545b9a89c 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -637,7 +637,7 @@ DESCRIPTION
              the single token All which matches all criteria.  The available
              criteria are User, Group, Host, LocalAddress, LocalPort, RDomain,
              and Address (with RDomain representing the rdomain(4) on which
-             the connection was received.)
+             the connection was received).
 
              The match patterns may consist of single entries or comma-
              separated lists and may use the wildcard and negation operators
@@ -725,9 +725,9 @@ DESCRIPTION
              listen requests are permitted.  Note that the GatewayPorts option
              may further restrict which addresses may be listened on.  Note
              also that ssh(1) will request a listen host of M-bM-^@M-^\localhostM-bM-^@M-^] if no
-             listen host was specifically requested, and this this name is
-             treated differently to explicit localhost addresses of
-             M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^].
+             listen host was specifically requested, and this name is treated
+             differently to explicit localhost addresses of M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and
+             M-bM-^@M-^\::1M-bM-^@M-^].
 
      PermitOpen
              Specifies the destinations to which TCP port forwarding is
@@ -1089,4 +1089,4 @@ AUTHORS
      versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
      for privilege separation.
 
-OpenBSD 6.4                   September 20, 2018                   OpenBSD 6.4
+OpenBSD 6.5                     March 22, 2019                     OpenBSD 6.5
diff --git a/sshd_config.5 b/sshd_config.5
index 03f813e72..e5380f5dc 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.282 2018/09/20 03:28:06 djm Exp $
-.Dd $Mdocdate: September 20 2018 $
+.\" $OpenBSD: sshd_config.5,v 1.284 2019/03/22 20:58:34 jmc Exp $
+.Dd $Mdocdate: March 22 2019 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -674,16 +674,16 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Cm no .
-.It Cm GSSAPIKeyExchange
-Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange
-doesn't rely on ssh keys to verify host identity.
-The default is
-.Cm no .
 .It Cm GSSAPICleanupCredentials
 Specifies whether to automatically destroy the user's credentials cache
 on logout.
 The default is
 .Cm yes .
+.It Cm GSSAPIKeyExchange
+Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange
+doesn't rely on ssh keys to verify host identity.
+The default is
+.Cm no .
 .It Cm GSSAPIStrictAcceptorCheck
 Determines whether to be strict about the identity of the GSSAPI acceptor
 a client authenticates against.
@@ -699,10 +699,30 @@ This facility is provided to assist with operation on multi homed machines.
 The default is
 .Cm yes .
 .It Cm GSSAPIStoreCredentialsOnRekey
-Controls whether the user's GSSAPI credentials should be updated following a 
-successful connection rekeying. This option can be used to accepted renewed 
+Controls whether the user's GSSAPI credentials should be updated following a
+successful connection rekeying. This option can be used to accepted renewed
 or updated credentials from a compatible client. The default is
-.Cm no .
+.Dq no .
+.Pp
+For this to work
+.Cm GSSAPIKeyExchange
+needs to be enabled in the server and also used by the client.
+.It Cm GSSAPIKexAlgorithms
+The list of key exchange algorithms that are accepted by GSSAPI
+key exchange. Possible values are
+.Bd -literal -offset 3n
+gss-gex-sha1-,
+gss-group1-sha1-,
+gss-group14-sha1-,
+gss-group14-sha256-,
+gss-group16-sha512-,
+gss-nistp256-sha256-,
+gss-curve25519-sha256-
+.Ed
+.Pp
+The default is
+.Dq gss-gex-sha1-,gss-group14-sha1- .
+This option only applies to protocol version 2 connections using GSSAPI.
 .It Cm HostbasedAcceptedKeyTypes
 Specifies the key types that will be accepted for hostbased authentication
 as a list of comma-separated patterns.
@@ -1118,7 +1138,7 @@ and
 .Cm RDomain
 representing the
 .Xr rdomain 4
-on which the connection was received.)
+on which the connection was received).
 .Pp
 The match patterns may consist of single entries or comma-separated
 lists and may use the wildcard and negation operators described in the
@@ -1271,7 +1291,7 @@ Note also that
 .Xr ssh 1
 will request a listen host of
 .Dq localhost
-if no listen host was specifically requested, and this this name is
+if no listen host was specifically requested, and this name is
 treated differently to explicit localhost addresses of
 .Dq 127.0.0.1
 and
diff --git a/sshkey.c b/sshkey.c
index a85c185fc..789cd61ef 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.72 2018/10/11 00:52:46 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.73 2019/01/21 09:54:11 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2057,13 +2057,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
                         ret = SSH_ERR_ALLOC_FAIL;
                         goto out;
                 }
-                if ((rsa_e = BN_new()) == NULL ||
-                    (rsa_n = BN_new()) == NULL) {
-                        ret = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                if (sshbuf_get_bignum2(b, rsa_e) != 0 ||
-                    sshbuf_get_bignum2(b, rsa_n) != 0) {
+                if (sshbuf_get_bignum2(b, &rsa_e) != 0 ||
+                    sshbuf_get_bignum2(b, &rsa_n) != 0) {
                         ret = SSH_ERR_INVALID_FORMAT;
                         goto out;
                 }
@@ -2090,17 +2085,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
                         ret = SSH_ERR_ALLOC_FAIL;
                         goto out;
                 }
-                if ((dsa_p = BN_new()) == NULL ||
-                    (dsa_q = BN_new()) == NULL ||
-                    (dsa_g = BN_new()) == NULL ||
-                    (dsa_pub_key = BN_new()) == NULL) {
-                        ret = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                if (sshbuf_get_bignum2(b, dsa_p) != 0 ||
-                    sshbuf_get_bignum2(b, dsa_q) != 0 ||
-                    sshbuf_get_bignum2(b, dsa_g) != 0 ||
-                    sshbuf_get_bignum2(b, dsa_pub_key) != 0) {
+                if (sshbuf_get_bignum2(b, &dsa_p) != 0 ||
+                    sshbuf_get_bignum2(b, &dsa_q) != 0 ||
+                    sshbuf_get_bignum2(b, &dsa_g) != 0 ||
+                    sshbuf_get_bignum2(b, &dsa_pub_key) != 0) {
                         ret = SSH_ERR_INVALID_FORMAT;
                         goto out;
                 }
@@ -2942,19 +2930,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                         r = SSH_ERR_ALLOC_FAIL;
                         goto out;
                 }
-                if ((dsa_p = BN_new()) == NULL ||
-                    (dsa_q = BN_new()) == NULL ||
-                    (dsa_g = BN_new()) == NULL ||
-                    (dsa_pub_key = BN_new()) == NULL ||
-                    (dsa_priv_key = BN_new()) == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                if ((r = sshbuf_get_bignum2(buf, dsa_p)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, dsa_q)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, dsa_g)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, dsa_pub_key)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0)
+                if ((r = sshbuf_get_bignum2(buf, &dsa_p)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &dsa_q)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &dsa_g)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &dsa_pub_key)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
                         goto out;
                 if (!DSA_set0_pqg(k->dsa, dsa_p, dsa_q, dsa_g)) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2968,12 +2948,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                 dsa_pub_key = dsa_priv_key = NULL; /* transferred */
                 break;
         case KEY_DSA_CERT:
-                if ((dsa_priv_key = BN_new()) == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
                 if ((r = sshkey_froms(buf, &k)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, dsa_priv_key)) != 0)
+                    (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0)
                         goto out;
                 if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -2998,12 +2974,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                         goto out;
                 }
                 k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
-                if (k->ecdsa  == NULL || (exponent = BN_new()) == NULL) {
+                if (k->ecdsa  == NULL) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
                         goto out;
                 }
                 if ((r = sshbuf_get_eckey(buf, k->ecdsa)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, exponent)))
+                    (r = sshbuf_get_bignum2(buf, &exponent)))
                         goto out;
                 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3015,12 +2991,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                         goto out;
                 break;
         case KEY_ECDSA_CERT:
-                if ((exponent = BN_new()) == NULL) {
-                        r = SSH_ERR_LIBCRYPTO_ERROR;
-                        goto out;
-                }
                 if ((r = sshkey_froms(buf, &k)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, exponent)) != 0)
+                    (r = sshbuf_get_bignum2(buf, &exponent)) != 0)
                         goto out;
                 if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3037,21 +3009,12 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                         r = SSH_ERR_ALLOC_FAIL;
                         goto out;
                 }
-                if ((rsa_n = BN_new()) == NULL ||
-                    (rsa_e = BN_new()) == NULL ||
-                    (rsa_d = BN_new()) == NULL ||
-                    (rsa_iqmp = BN_new()) == NULL ||
-                    (rsa_p = BN_new()) == NULL ||
-                    (rsa_q = BN_new()) == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
-                if ((r = sshbuf_get_bignum2(buf, rsa_n)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_e)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_q)) != 0)
+                if ((r = sshbuf_get_bignum2(buf, &rsa_n)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_e)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
                         goto out;
                 if (!RSA_set0_key(k->rsa, rsa_n, rsa_e, rsa_d)) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
@@ -3069,18 +3032,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
                         goto out;
                 break;
         case KEY_RSA_CERT:
-                if ((rsa_d = BN_new()) == NULL ||
-                    (rsa_iqmp = BN_new()) == NULL ||
-                    (rsa_p = BN_new()) == NULL ||
-                    (rsa_q = BN_new()) == NULL) {
-                        r = SSH_ERR_ALLOC_FAIL;
-                        goto out;
-                }
                 if ((r = sshkey_froms(buf, &k)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_d)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_iqmp)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_p)) != 0 ||
-                    (r = sshbuf_get_bignum2(buf, rsa_q)) != 0)
+                    (r = sshbuf_get_bignum2(buf, &rsa_d)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_iqmp)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 ||
+                    (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0)
                         goto out;
                 if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) {
                         r = SSH_ERR_LIBCRYPTO_ERROR;
diff --git a/sshkey.h b/sshkey.h
index f54deb0c0..c11106c93 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.30 2018/09/14 04:17:44 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.31 2019/01/20 22:51:37 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -33,6 +33,7 @@
 #include <openssl/dsa.h>
 # ifdef OPENSSL_HAS_ECC
 #  include <openssl/ec.h>
+#  include <openssl/ecdsa.h>
 # else /* OPENSSL_HAS_ECC */
 #  define EC_KEY        void
 #  define EC_GROUP      void
diff --git a/version.h b/version.h
index 5e1ce0426..599c859e6 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
-/* $OpenBSD: version.h,v 1.83 2018/10/10 16:43:49 deraadt Exp $ */
+/* $OpenBSD: version.h,v 1.84 2019/04/03 15:48:45 djm Exp $ */
 
-#define SSH_VERSION     "OpenSSH_7.9"
+#define SSH_VERSION     "OpenSSH_8.0"
 
 #define SSH_PORTABLE    "p1"
 #define SSH_RELEASE_MINIMUM     SSH_VERSION SSH_PORTABLE